* tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
@ 2005-06-16 12:45 Lars Roland
2005-06-16 21:57 ` Christian Kujau
0 siblings, 1 reply; 24+ messages in thread
From: Lars Roland @ 2005-06-16 12:45 UTC (permalink / raw)
To: Linux-Kernel
Hi
I am testing kernel 2.6.12-rc6 on a 6 IBM 335 servers. The NICs are
gigabit broadcom. If I use the tg3 driver then each of the servers are
unable to communicate with a Cisco PIX using SMTP fixup, the
connection simply get cut:
-------------
telnet xx.x.xx.xx 25
Trying xx.x.xxx.xx...
Connected to xx.x.xxx.xx.
Escape character is '^]'.
mail to: <test@test.com>
Connection closed by foreign host.
-------------
Using tcpdump does not give me any clue as to what goes wrong, the
connection is simply lost so I am suspecting some kind of TX/RX mess
up. If I instead use the tg3 driver in kernel 2.6.8.1 (or the official
broadcom bcm5700 driver (version 8.1.55) with kernel 2.6.12-rc6) then
I get:
-------------
telnet xx.x.xxx.xx 25
Trying xx.x.xxx.xx...
Connected to xx.x.xxx.xx.
Escape character is '^]'.
220 ***************
mail to: <test@test.com>
250 ok
quit
221 test.com
Connection closed by foreign host.
-------------
So are there any differences in the tg3 driver between 2.6.8.1 and
2.6.12-rc6 that would cause this kind of behaviour ?.
I know that SMTP fixup is mostly a poorly implemented Sendmail
security fix left over from the pre ESMTP era that cripples SMTP
connectivity without offering any real
security advantages. So the best thing would be to turn it off, but
given that I do not control the firewall and the admin refuses to
change it because he believes it to be a security risk then I am
looking for another solution (still hoping that it is not shifting
NICs in all my servers).
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 12:45 tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup Lars Roland
@ 2005-06-16 21:57 ` Christian Kujau
2005-06-16 21:59 ` David S. Miller
2005-06-16 22:14 ` Lars Roland
0 siblings, 2 replies; 24+ messages in thread
From: Christian Kujau @ 2005-06-16 21:57 UTC (permalink / raw)
To: Lars Roland; +Cc: Linux-Kernel
Lars Roland schrieb:
> So are there any differences in the tg3 driver between 2.6.8.1 and
> 2.6.12-rc6 that would cause this kind of behaviour ?.
i'd say: "certainly", but best you find out by diff'ing the versions
and/or eventually put 2.6.8.1's tg3 driver in a 2.6.12-rc6 tree, compile,
hope it builds, then try again to connect.
> I know that SMTP fixup is mostly a poorly implemented Sendmail
i don't know what a "smtp fixup" would be, but does the disconnect happen
to other applications too?
if it really turns out to be a tg3 problem, maybe netdev@oss.sgi.com
should be Cc'ed.
--
BOFH excuse #67:
descramble code needed from software company
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 21:57 ` Christian Kujau
@ 2005-06-16 21:59 ` David S. Miller
2005-06-16 22:41 ` Jesper Juhl
2005-06-16 22:14 ` Lars Roland
1 sibling, 1 reply; 24+ messages in thread
From: David S. Miller @ 2005-06-16 21:59 UTC (permalink / raw)
To: evil; +Cc: lroland, linux-kernel
From: Christian Kujau <evil@g-house.de>
Date: Thu, 16 Jun 2005 23:57:31 +0200
> if it really turns out to be a tg3 problem, maybe netdev@oss.sgi.com
> should be Cc'ed.
Make that netdev@vger.kernel.org
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 21:57 ` Christian Kujau
2005-06-16 21:59 ` David S. Miller
@ 2005-06-16 22:14 ` Lars Roland
2005-06-16 23:54 ` Christian Kujau
1 sibling, 1 reply; 24+ messages in thread
From: Lars Roland @ 2005-06-16 22:14 UTC (permalink / raw)
To: Christian Kujau; +Cc: Linux-Kernel
On 6/16/05, Christian Kujau <evil@g-house.de> wrote:
> Lars Roland schrieb:
> > So are there any differences in the tg3 driver between 2.6.8.1 and
> > 2.6.12-rc6 that would cause this kind of behaviour ?.
>
> i'd say: "certainly", but best you find out by diff'ing the versions
> and/or eventually put 2.6.8.1's tg3 driver in a 2.6.12-rc6 tree, compile,
> hope it builds, then try again to connect.
It does not seams to be limited to braodcom cards. 3com and Intel e100
cards does the exact same stunt on kernels never than 2.6.8.1. Intel
e1000 and realtek 8139 cards do however work.
>
> > I know that SMTP fixup is mostly a poorly implemented Sendmail
>
> i don't know what a "smtp fixup" would be, but does the disconnect happen
> to other applications too?
SMTP fixup is a dirty hack where the firewall limits the amount of
SMTP commands that can be used in the session to only the core rfc 821
commands. Most people do however use it just to hide the actual
receiving mail server from the sender - my guess is that the Cisco PIX
changes the frames/packages and then the connection gets dropped. I
got the admin to turn it off temporally and then the tg3 works just
fine.
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 21:59 ` David S. Miller
@ 2005-06-16 22:41 ` Jesper Juhl
2005-06-16 22:46 ` David S. Miller
0 siblings, 1 reply; 24+ messages in thread
From: Jesper Juhl @ 2005-06-16 22:41 UTC (permalink / raw)
To: David S. Miller; +Cc: evil, lroland, linux-kernel
On Thu, 16 Jun 2005, David S. Miller wrote:
> From: Christian Kujau <evil@g-house.de>
> Date: Thu, 16 Jun 2005 23:57:31 +0200
>
> > if it really turns out to be a tg3 problem, maybe netdev@oss.sgi.com
> > should be Cc'ed.
>
> Make that netdev@vger.kernel.org
Is that a permanent change of address? And is the old address dead?
If so, then the patch beneath should probably be applied.
Update the netdev mailing list address in MAINTAINERS.
Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk>
---
MAINTAINERS | 48 ++++++++++++++++++++++++------------------------
1 files changed, 24 insertions(+), 24 deletions(-)
--- linux-2.6.12-rc6-mm1-orig/MAINTAINERS 2005-06-12 15:58:58.000000000 +0200
+++ linux-2.6.12-rc6-mm1/MAINTAINERS 2005-06-17 00:38:40.000000000 +0200
@@ -73,7 +73,7 @@
3C359 NETWORK DRIVER
P: Mike Phillips
M: mikep@linuxtr.net
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
L: linux-tr@linuxtr.net
W: http://www.linuxtr.net
S: Maintained
@@ -81,13 +81,13 @@
3C505 NETWORK DRIVER
P: Philip Blundell
M: philb@gnu.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
3CR990 NETWORK DRIVER
P: David Dillow
M: dave@thedillows.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
3W-XXXX ATA-RAID CONTROLLER DRIVER
@@ -130,7 +130,7 @@
8169 10/100/1000 GIGABIT ETHERNET DRIVER
P: Francois Romieu
M: romieu@fr.zoreil.com
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
8250/16?50 (AND CLONE UARTS) SERIAL DRIVER
@@ -143,7 +143,7 @@
8390 NETWORK DRIVERS [WD80x3/SMC-ELITE, SMC-ULTRA, NE2000, 3C503, etc.]
P: Paul Gortmaker
M: p_gortmaker@yahoo.com
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
A2232 SERIAL BOARD DRIVER
@@ -337,7 +337,7 @@
ARPD SUPPORT
P: Jonathan Layes
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
ASUS ACPI EXTRAS DRIVER
@@ -710,7 +710,7 @@
DIGI RIGHTSWITCH NETWORK DRIVER
P: Rick Richardson
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
W: http://www.digi.com
S: Orphaned
@@ -821,7 +821,7 @@
ETHEREXPRESS-16 NETWORK DRIVER
P: Philip Blundell
M: philb@gnu.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
ETHERNET BRIDGE
@@ -884,7 +884,7 @@
FRAME RELAY DLCI/FRAD (Sangoma drivers too)
P: Mike McLagan
M: mike.mclagan@linux.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
FREEVXFS FILESYSTEM
@@ -1238,7 +1238,7 @@
IPX NETWORK LAYER
P: Arnaldo Carvalho de Melo
M: acme@conectiva.com.br
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
IRDA SUBSYSTEM
@@ -1521,7 +1521,7 @@
P: Manish Lachwani
M: Manish_Lachwani@pmc-sierra.com
L: linux-mips@linux-mips.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Supported
MATROX FRAMEBUFFER DRIVER
@@ -1631,13 +1631,13 @@
M: akpm@osdl.org
P: Jeff Garzik
M: jgarzik@pobox.com
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
NETWORKING [GENERAL]
P: Networking Team
-M: netdev@oss.sgi.com
-L: netdev@oss.sgi.com
+M: netdev@vger.kernel.org
+L: netdev@vger.kernel.org
S: Maintained
NETWORKING [IPv4/IPv6]
@@ -1653,7 +1653,7 @@
M: yoshfuji@linux-ipv6.org
P: Patrick McHardy
M: kaber@coreworks.de
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
IPVS
@@ -1673,7 +1673,7 @@
P: Jan-Pascal van Best and Andreas Mohr
M: Jan-Pascal van Best <jvbest@qv3pluto.leidenuniv.nl>
M: Andreas Mohr <100.30936@germany.net>
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
NINJA SCSI-3 / NINJA SCSI-32Bi (16bit/CardBus) PCMCIA SCSI HOST ADAPTER DRIVER
@@ -1715,7 +1715,7 @@
M: p2@ace.ulyssis.student.kuleuven.ac.be
P: Mike Phillips
M: mikep@linuxtr.net
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
L: linux-tr@linuxtr.net
W: http://www.linuxtr.net
S: Maintained
@@ -1822,7 +1822,7 @@
PCNET32 NETWORK DRIVER
P: Thomas Bogendörfer
M: tsbogend@alpha.franken.de
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
PHRAM MTD DRIVER
@@ -1834,7 +1834,7 @@
POSIX CLOCKS and TIMERS
P: George Anzinger
M: george@mvista.com
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Supported
PERFORMANCE-MONITORING COUNTERS DRIVER
@@ -1875,7 +1875,7 @@
PRISM54 WIRELESS DRIVER
P: Prism54 Development Team
M: prism54-private@prism54.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
W: http://prism54.org
S: Maintained
@@ -2092,7 +2092,7 @@
P: Daniele Venzano
M: venza@brownhat.org
W: http://www.brownhat.org/sis900.html
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
SIS FRAMEBUFFER DRIVER
@@ -2149,7 +2149,7 @@
SONIC NETWORK DRIVER
P: Thomas Bogendoerfer
M: tsbogend@alpha.franken.de
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Maintained
SONY VAIO CONTROL DEVICE DRIVER
@@ -2211,7 +2211,7 @@
SPX NETWORK LAYER
P: Jay Schulist
M: jschlst@samba.org
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
S: Supported
SRM (Alpha) environment access
@@ -2290,7 +2290,7 @@
TOKEN-RING NETWORK DRIVER
P: Mike Phillips
M: mikep@linuxtr.net
-L: netdev@oss.sgi.com
+L: netdev@vger.kernel.org
L: linux-tr@linuxtr.net
W: http://www.linuxtr.net
S: Maintained
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 22:41 ` Jesper Juhl
@ 2005-06-16 22:46 ` David S. Miller
0 siblings, 0 replies; 24+ messages in thread
From: David S. Miller @ 2005-06-16 22:46 UTC (permalink / raw)
To: juhl-lkml; +Cc: evil, lroland, linux-kernel
From: Jesper Juhl <juhl-lkml@dif.dk>
Date: Fri, 17 Jun 2005 00:41:28 +0200 (CEST)
> Is that a permanent change of address? And is the old address dead?
> If so, then the patch beneath should probably be applied.
This has been fixed in Linus's tree already for a few
days now.
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 22:14 ` Lars Roland
@ 2005-06-16 23:54 ` Christian Kujau
2005-06-17 0:05 ` Lars Roland
0 siblings, 1 reply; 24+ messages in thread
From: Christian Kujau @ 2005-06-16 23:54 UTC (permalink / raw)
To: Lars Roland; +Cc: Linux-Kernel
Lars Roland schrieb:
> It does not seams to be limited to braodcom cards. 3com and Intel e100
> cards does the exact same stunt on kernels never than 2.6.8.1. Intel
> e1000 and realtek 8139 cards do however work.
hm - tricky, i think. because no kernel oopses, nothing to look at in the
syslog (yes?), various nic drivers affected, others not...in cases like
these only Documentation/BUG-HUNTING comes to my mind: if 2.6.8.1 works,
and 2.6.12-rc6 does not, we'll need to find out the kernelversion which
introduced this behaviour.
sorry,
Christian.
--
BOFH excuse #318:
Your EMAIL is now being delivered by the USPS.
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-16 23:54 ` Christian Kujau
@ 2005-06-17 0:05 ` Lars Roland
2005-06-17 0:26 ` Alejandro Bonilla
2005-06-17 4:46 ` Willy Tarreau
0 siblings, 2 replies; 24+ messages in thread
From: Lars Roland @ 2005-06-17 0:05 UTC (permalink / raw)
To: Christian Kujau; +Cc: Linux-Kernel
On 6/17/05, Christian Kujau <evil@g-house.de> wrote:
> Lars Roland schrieb:
> > It does not seams to be limited to braodcom cards. 3com and Intel e100
> > cards does the exact same stunt on kernels never than 2.6.8.1. Intel
> > e1000 and realtek 8139 cards do however work.
>
> hm - tricky, i think. because no kernel oopses, nothing to look at in the
> syslog (yes?),
Nothing anywhere, even tcpdump just seams to get cut off - I have not
been debugging ethernet drivers for years, getting a little rusty at
that, so nothing there yet.
> various nic drivers affected, others not...in cases like
> these only Documentation/BUG-HUNTING comes to my mind: if 2.6.8.1 works,
> and 2.6.12-rc6 does not, we'll need to find out the kernelversion which
> introduced this behaviour.
That I can give you, kernel 2.6.8.1 works but 2.6.9 does not (at least
not with tg3 and tulip cards).
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 0:05 ` Lars Roland
@ 2005-06-17 0:26 ` Alejandro Bonilla
2005-06-17 1:47 ` Lars Roland
2005-06-17 4:46 ` Willy Tarreau
1 sibling, 1 reply; 24+ messages in thread
From: Alejandro Bonilla @ 2005-06-17 0:26 UTC (permalink / raw)
To: Lars Roland; +Cc: Christian Kujau, Linux-Kernel
Lars Roland wrote:
>On 6/17/05, Christian Kujau <evil@g-house.de> wrote:
>
>
>>Lars Roland schrieb:
>>
>>
>>>It does not seams to be limited to braodcom cards. 3com and Intel e100
>>>cards does the exact same stunt on kernels never than 2.6.8.1. Intel
>>>e1000 and realtek 8139 cards do however work.
>>>
>>>
>>hm - tricky, i think. because no kernel oopses, nothing to look at in the
>>syslog (yes?),
>>
>>
>
>Nothing anywhere, even tcpdump just seams to get cut off - I have not
>been debugging ethernet drivers for years, getting a little rusty at
>that, so nothing there yet.
>
>
>
>>various nic drivers affected, others not...in cases like
>>these only Documentation/BUG-HUNTING comes to my mind: if 2.6.8.1 works,
>>and 2.6.12-rc6 does not, we'll need to find out the kernelversion which
>>introduced this behaviour.
>>
>>
>
>That I can give you, kernel 2.6.8.1 works but 2.6.9 does not (at least
>not with tg3 and tulip cards).
>
>
>Regards.
>
>Lars Roland
>
>
>
one question,
Can I know what is the problem? I have 2 tg3 adapters, lots of
e100's and some Cisco PIX and devices.
I can try to reproduce it and see if anyone has something to say about it.
Let me know,
.Alejandro
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 1:47 ` Lars Roland
@ 2005-06-17 1:22 ` Alejandro Bonilla
2005-06-17 13:06 ` Valdis.Kletnieks
1 sibling, 0 replies; 24+ messages in thread
From: Alejandro Bonilla @ 2005-06-17 1:22 UTC (permalink / raw)
To: Lars Roland; +Cc: Christian Kujau, Linux-Kernel, Alejandro Bonilla
Lars Roland wrote:
>On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
>
>
>>one question,
>>
>> Can I know what is the problem?
>>:I have 2 tg3 adapters, lots e100's and some Cisco PIX and devices.
>>
>>I can try to reproduce it and see if anyone has something to say about it.
>>
>>
>
>Yes please. As I see it. Enable smtp fixup protocol on your cisco pix
>(you will need to have a smtp server to point it to), then on some
>linux system running with a kernel greater than 2.6.8.1 do a telnet to
>the smtp server that is firewalled and try to issue a smtp command.
>
>Note that cisco has a bug report on smtp fixup banner hiding issues in
>cisco os 6.3.4 but it should not result in the connection getting
>dropped, it also does not explain why this problem does not seam to
>exists on kernels prior to 2.6.9.
>
>
>Regards.
>
>Lars Roland
>
>
Lars,
I might be able to try this tomorrow. Just need to setup the PIX.
If you have that bug ID, let me know. ;-)
.Alejandro
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 0:26 ` Alejandro Bonilla
@ 2005-06-17 1:47 ` Lars Roland
2005-06-17 1:22 ` Alejandro Bonilla
2005-06-17 13:06 ` Valdis.Kletnieks
0 siblings, 2 replies; 24+ messages in thread
From: Lars Roland @ 2005-06-17 1:47 UTC (permalink / raw)
To: Alejandro Bonilla; +Cc: Christian Kujau, Linux-Kernel
On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> one question,
>
> Can I know what is the problem?
>:I have 2 tg3 adapters, lots e100's and some Cisco PIX and devices.
>
> I can try to reproduce it and see if anyone has something to say about it.
Yes please. As I see it. Enable smtp fixup protocol on your cisco pix
(you will need to have a smtp server to point it to), then on some
linux system running with a kernel greater than 2.6.8.1 do a telnet to
the smtp server that is firewalled and try to issue a smtp command.
Note that cisco has a bug report on smtp fixup banner hiding issues in
cisco os 6.3.4 but it should not result in the connection getting
dropped, it also does not explain why this problem does not seam to
exists on kernels prior to 2.6.9.
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 0:05 ` Lars Roland
2005-06-17 0:26 ` Alejandro Bonilla
@ 2005-06-17 4:46 ` Willy Tarreau
2005-06-17 12:45 ` Lars Roland
1 sibling, 1 reply; 24+ messages in thread
From: Willy Tarreau @ 2005-06-17 4:46 UTC (permalink / raw)
To: Lars Roland; +Cc: Christian Kujau, Linux-Kernel
On Fri, Jun 17, 2005 at 02:05:28AM +0200, Lars Roland wrote:
> On 6/17/05, Christian Kujau <evil@g-house.de> wrote:
> > Lars Roland schrieb:
> > > It does not seams to be limited to braodcom cards. 3com and Intel e100
> > > cards does the exact same stunt on kernels never than 2.6.8.1. Intel
> > > e1000 and realtek 8139 cards do however work.
> >
> > hm - tricky, i think. because no kernel oopses, nothing to look at in the
> > syslog (yes?),
>
> Nothing anywhere, even tcpdump just seams to get cut off - I have not
> been debugging ethernet drivers for years, getting a little rusty at
> that, so nothing there yet.
>
> > various nic drivers affected, others not...in cases like
> > these only Documentation/BUG-HUNTING comes to my mind: if 2.6.8.1 works,
> > and 2.6.12-rc6 does not, we'll need to find out the kernelversion which
> > introduced this behaviour.
>
> That I can give you, kernel 2.6.8.1 works but 2.6.9 does not (at least
> not with tg3 and tulip cards).
Maybe some checksumming code has changed, and some of the packets which
are checksummed by the hardware get wrong on the wire ?
Willy
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 4:46 ` Willy Tarreau
@ 2005-06-17 12:45 ` Lars Roland
0 siblings, 0 replies; 24+ messages in thread
From: Lars Roland @ 2005-06-17 12:45 UTC (permalink / raw)
To: Willy Tarreau; +Cc: Christian Kujau, Linux-Kernel
On 6/17/05, Willy Tarreau <willy@w.ods.org> wrote:
> Maybe some checksumming code has changed, and some of the packets which
> are checksummed by the hardware get wrong on the wire ?
Yes my exact thought, it is fine by me if it is a cisco problem that
needs to be fixed in the firewall but it would be nice knowing what
exactly changed from 2.6.8.1 -> 2.6.9 so it stopped working.
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 1:47 ` Lars Roland
2005-06-17 1:22 ` Alejandro Bonilla
@ 2005-06-17 13:06 ` Valdis.Kletnieks
2005-06-17 13:18 ` Lars Roland
1 sibling, 1 reply; 24+ messages in thread
From: Valdis.Kletnieks @ 2005-06-17 13:06 UTC (permalink / raw)
To: Lars Roland; +Cc: Alejandro Bonilla, Christian Kujau, Linux-Kernel
[-- Attachment #1: Type: text/plain, Size: 1176 bytes --]
On Fri, 17 Jun 2005 03:47:00 +0200, Lars Roland said:
> \b
>
> On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> > one question,
> >
> > Can I know what is the problem?
> >:I have 2 tg3 adapters, lots e100's and some Cisco PIX and devices.
> >
> > I can try to reproduce it and see if anyone has something to say about it.
>
> Yes please. As I see it. Enable smtp fixup protocol on your cisco pix
> (you will need to have a smtp server to point it to), then on some
> linux system running with a kernel greater than 2.6.8.1 do a telnet to
> the smtp server that is firewalled and try to issue a smtp command.
>
> Note that cisco has a bug report on smtp fixup banner hiding issues in
> cisco os 6.3.4 but it should not result in the connection getting
> dropped, it also does not explain why this problem does not seam to
> exists on kernels prior to 2.6.9.
2.6.9? This rings a bell.. ;)
Does disabling TCP window scaling fix it?
echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
A number of firewalls just stomp on the scaling bits - the end result is
that the perceived window size is too small to make any progress and the
connection wedges up.
[-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:06 ` Valdis.Kletnieks
@ 2005-06-17 13:18 ` Lars Roland
2005-06-17 13:33 ` Alejandro Bonilla
0 siblings, 1 reply; 24+ messages in thread
From: Lars Roland @ 2005-06-17 13:18 UTC (permalink / raw)
To: Valdis.Kletnieks; +Cc: Alejandro Bonilla, Christian Kujau, Linux-Kernel
On 6/17/05, Valdis.Kletnieks@vt.edu <Valdis.Kletnieks@vt.edu> wrote:
> On Fri, 17 Jun 2005 03:47:00 +0200, Lars Roland said:
> > \b
> >
> > On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> > > one question,
> > >
> > > Can I know what is the problem?
> > >:I have 2 tg3 adapters, lots e100's and some Cisco PIX and devices.
> > >
> > > I can try to reproduce it and see if anyone has something to say about it.
> >
> > Yes please. As I see it. Enable smtp fixup protocol on your cisco pix
> > (you will need to have a smtp server to point it to), then on some
> > linux system running with a kernel greater than 2.6.8.1 do a telnet to
> > the smtp server that is firewalled and try to issue a smtp command.
> >
> > Note that cisco has a bug report on smtp fixup banner hiding issues in
> > cisco os 6.3.4 but it should not result in the connection getting
> > dropped, it also does not explain why this problem does not seam to
> > exists on kernels prior to 2.6.9.
>
> 2.6.9? This rings a bell.. ;)
>
> Does disabling TCP window scaling fix it?
>
> echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
Yes it does solve it.
Thanks so much - this will be much easier than getting the largest ISP
in Denmark to update there Cisco to a new version.
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* RE: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:18 ` Lars Roland
@ 2005-06-17 13:33 ` Alejandro Bonilla
2005-06-17 13:40 ` Lars Roland
` (2 more replies)
0 siblings, 3 replies; 24+ messages in thread
From: Alejandro Bonilla @ 2005-06-17 13:33 UTC (permalink / raw)
To: 'Lars Roland', Valdis.Kletnieks
Cc: 'Alejandro Bonilla', 'Christian Kujau',
'Linux-Kernel'
> > >
> > > On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> > > > one question,
> > > >
> > > > Can I know what is the problem?
> > > >:I have 2 tg3 adapters, lots e100's and some Cisco PIX
> and devices.
> > > >
> > > > I can try to reproduce it and see if anyone has
> something to say about it.
> > >
> > > Yes please. As I see it. Enable smtp fixup protocol on
> your cisco pix
> > > (you will need to have a smtp server to point it to), then on some
> > > linux system running with a kernel greater than 2.6.8.1
> do a telnet to
> > > the smtp server that is firewalled and try to issue a
> smtp command.
> > >
> > > Note that cisco has a bug report on smtp fixup banner
> hiding issues in
> > > cisco os 6.3.4 but it should not result in the connection getting
> > > dropped, it also does not explain why this problem does
> not seam to
> > > exists on kernels prior to 2.6.9.
> >
> > 2.6.9? This rings a bell.. ;)
> >
> > Does disabling TCP window scaling fix it?
> >
> > echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
>
> Yes it does solve it.
>
> Thanks so much - this will be much easier than getting the largest ISP
> in Denmark to update there Cisco to a new version.
>
>
> Regards.
>
> Lars Roland
Lars, Valdis,
So what do we really have here? Problem with Cisco or a problem in the
driver? Both?
.Alejandro
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:33 ` Alejandro Bonilla
@ 2005-06-17 13:40 ` Lars Roland
2005-06-17 14:03 ` Alejandro Bonilla
2005-06-17 13:52 ` Valdis.Kletnieks
2005-06-17 13:55 ` Valdis.Kletnieks
2 siblings, 1 reply; 24+ messages in thread
From: Lars Roland @ 2005-06-17 13:40 UTC (permalink / raw)
To: abonilla; +Cc: Valdis.Kletnieks, Christian Kujau, Linux-Kernel
On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> So what do we really have here? Problem with Cisco or a problem in the
> driver? Both?
My bet is that this is a Cisco bug. The only fix for this that I have
found on cisco is turning smtp fixup off, even upgrading to the latest
cisco does not fix it completely.
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:33 ` Alejandro Bonilla
2005-06-17 13:40 ` Lars Roland
@ 2005-06-17 13:52 ` Valdis.Kletnieks
2005-06-17 22:50 ` Lincoln Dale
2005-06-17 13:55 ` Valdis.Kletnieks
2 siblings, 1 reply; 24+ messages in thread
From: Valdis.Kletnieks @ 2005-06-17 13:52 UTC (permalink / raw)
To: abonilla
Cc: 'Lars Roland', 'Christian Kujau', 'Linux-Kernel'
[-- Attachment #1: Type: text/plain, Size: 566 bytes --]
On Fri, 17 Jun 2005 07:33:05 MDT, Alejandro Bonilla said:
> So what do we really have here? Problem with Cisco or a problem in the
> driver? Both?
The Cisco PIX is gratuitously clearing the TCP window scaling bits. So if you
have tcp_adv_win_scale set to (for example) 6, you'll send a window advertisement
of (say) 4096, represented as 64 and a "shift left 6 bits". The PIX whacks the
"6 bits" part, and the other end thinks the window is 64 bytes and wedges when
a response is over 64 bytes long.
There was quite a discussion of this on lkml back last July.
[-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:33 ` Alejandro Bonilla
2005-06-17 13:40 ` Lars Roland
2005-06-17 13:52 ` Valdis.Kletnieks
@ 2005-06-17 13:55 ` Valdis.Kletnieks
2 siblings, 0 replies; 24+ messages in thread
From: Valdis.Kletnieks @ 2005-06-17 13:55 UTC (permalink / raw)
To: abonilla
Cc: 'Lars Roland', 'Christian Kujau', 'Linux-Kernel'
[-- Attachment #1: Type: text/plain, Size: 431 bytes --]
On Fri, 17 Jun 2005 07:33:05 MDT, Alejandro Bonilla said:
> So what do we really have here? Problem with Cisco or a problem in the
> driver? Both?
Oh - the TCP scaling bits are sent in a TCP Option header - which is what the PIX
is gratuitously throwing out (presumably because they're "optional", given the
sorts of dain bramage we've seen from PIX boxen before. For the longest time,
their 'SMTP Fixup' was anything but....)
[-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* RE: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:40 ` Lars Roland
@ 2005-06-17 14:03 ` Alejandro Bonilla
0 siblings, 0 replies; 24+ messages in thread
From: Alejandro Bonilla @ 2005-06-17 14:03 UTC (permalink / raw)
To: 'Lars Roland', abonilla
Cc: Valdis.Kletnieks, 'Christian Kujau', 'Linux-Kernel'
> On 6/17/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> > So what do we really have here? Problem with Cisco
> or a problem in the
> > driver? Both?
>
> My bet is that this is a Cisco bug. The only fix for this that I have
> found on cisco is turning smtp fixup off, even upgrading to the latest
> cisco does not fix it completely.
>
>
>
> Regards.
>
> Lars Roland
>
Lars,
Issue is supoused to be fixed with 6.3.4.115 or later.
Please let me know if that is not the case with you, or if you would like to
get the Image.
.Alejandro
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 13:52 ` Valdis.Kletnieks
@ 2005-06-17 22:50 ` Lincoln Dale
2005-06-18 5:29 ` Lars Roland
0 siblings, 1 reply; 24+ messages in thread
From: Lincoln Dale @ 2005-06-17 22:50 UTC (permalink / raw)
To: Valdis.Kletnieks
Cc: abonilla, 'Lars Roland', 'Christian Kujau',
'Linux-Kernel'
Valdis.Kletnieks@vt.edu wrote:
>On Fri, 17 Jun 2005 07:33:05 MDT, Alejandro Bonilla said:
>
>
>
>> So what do we really have here? Problem with Cisco or a problem in the
>>driver? Both?
>>
>>
>
>The Cisco PIX is gratuitously clearing the TCP window scaling bits. So if you
>have tcp_adv_win_scale set to (for example) 6, you'll send a window advertisement
>of (say) 4096, represented as 64 and a "shift left 6 bits". The PIX whacks the
>"6 bits" part, and the other end thinks the window is 64 bytes and wedges when
>a response is over 64 bytes long.
>
>
>
there _was_ a bug in the Cisco PIX whereby it cleared TCP window-scaling
bits.
this can be tracked through cisco bug-id CSCdy29514.
this was fixed back in August 2002 with the fix incorporated into PIX
software releases 6.1.5 and 6.2.3 and later.
any 'recent' (i.e. last 2.5 years) releases don't have this problem.
(or, at least, we don't think so..).
cheers,
lincoln.
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-17 22:50 ` Lincoln Dale
@ 2005-06-18 5:29 ` Lars Roland
2005-06-18 23:22 ` Alejandro Bonilla
0 siblings, 1 reply; 24+ messages in thread
From: Lars Roland @ 2005-06-18 5:29 UTC (permalink / raw)
To: Lincoln Dale; +Cc: Valdis.Kletnieks, abonilla, Christian Kujau, Linux-Kernel
On 6/18/05, Lincoln Dale <ltd@cisco.com> wrote:
> there _was_ a bug in the Cisco PIX whereby it cleared TCP window-scaling
> bits.
> this can be tracked through cisco bug-id CSCdy29514.
>
> this was fixed back in August 2002 with the fix incorporated into PIX
> software releases 6.1.5 and 6.2.3 and later.
> any 'recent' (i.e. last 2.5 years) releases don't have this problem.
> (or, at least, we don't think so..).
I have identified two firewalls with this problem and both of then are
running PIX software version 6.3.4 - I have not yet managed to
persuade there respective admins to update to 7.0.1 (or 6.3.4.115) -
so until then I am just turning window-scaling off.
Regards.
Lars Roland
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-18 5:29 ` Lars Roland
@ 2005-06-18 23:22 ` Alejandro Bonilla
2005-06-19 13:16 ` Lars Roland
0 siblings, 1 reply; 24+ messages in thread
From: Alejandro Bonilla @ 2005-06-18 23:22 UTC (permalink / raw)
To: Lars Roland; +Cc: Lincoln Dale, Valdis.Kletnieks, Christian Kujau, Linux-Kernel
Lars Roland wrote:
>On 6/18/05, Lincoln Dale <ltd@cisco.com> wrote:
>
>
>>there _was_ a bug in the Cisco PIX whereby it cleared TCP window-scaling
>>bits.
>>this can be tracked through cisco bug-id CSCdy29514.
>>
>>this was fixed back in August 2002 with the fix incorporated into PIX
>>software releases 6.1.5 and 6.2.3 and later.
>>any 'recent' (i.e. last 2.5 years) releases don't have this problem.
>>(or, at least, we don't think so..).
>>
>>
>
>I have identified two firewalls with this problem and both of then are
>running PIX software version 6.3.4 - I have not yet managed to
>persuade there respective admins to update to 7.0.1 (or 6.3.4.115) -
>so until then I am just turning window-scaling off.
>
>
If you have a Cisco contract, you need to make sure that your account
manager will allow the upgrades.
But as I said before, this was fixed long time ago.
I hope you can upgrade soon.
.Alejandro
>
>
>Regards.
>
>Lars Roland
>
>
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup
2005-06-18 23:22 ` Alejandro Bonilla
@ 2005-06-19 13:16 ` Lars Roland
0 siblings, 0 replies; 24+ messages in thread
From: Lars Roland @ 2005-06-19 13:16 UTC (permalink / raw)
To: Alejandro Bonilla
Cc: Lincoln Dale, Valdis.Kletnieks, Christian Kujau, Linux-Kernel
On 6/19/05, Alejandro Bonilla <abonilla@linuxwireless.org> wrote:
> If you have a Cisco contract, you need to make sure that your account
> manager will allow the upgrades.
>
> But as I said before, this was fixed long time ago.
It was not fixed completly in PIX 6.1.5, at this point I now have 3
pixes that all have this problem and all of them are running 6.3.4 I
have asked them to upgrade to 6.3.4.115 and will report back as soon I
have any results.
^ permalink raw reply [flat|nested] 24+ messages in thread
end of thread, other threads:[~2005-06-19 13:16 UTC | newest]
Thread overview: 24+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-06-16 12:45 tg3 in 2.6.12-rc6 and Cisco PIX SMTP fixup Lars Roland
2005-06-16 21:57 ` Christian Kujau
2005-06-16 21:59 ` David S. Miller
2005-06-16 22:41 ` Jesper Juhl
2005-06-16 22:46 ` David S. Miller
2005-06-16 22:14 ` Lars Roland
2005-06-16 23:54 ` Christian Kujau
2005-06-17 0:05 ` Lars Roland
2005-06-17 0:26 ` Alejandro Bonilla
2005-06-17 1:47 ` Lars Roland
2005-06-17 1:22 ` Alejandro Bonilla
2005-06-17 13:06 ` Valdis.Kletnieks
2005-06-17 13:18 ` Lars Roland
2005-06-17 13:33 ` Alejandro Bonilla
2005-06-17 13:40 ` Lars Roland
2005-06-17 14:03 ` Alejandro Bonilla
2005-06-17 13:52 ` Valdis.Kletnieks
2005-06-17 22:50 ` Lincoln Dale
2005-06-18 5:29 ` Lars Roland
2005-06-18 23:22 ` Alejandro Bonilla
2005-06-19 13:16 ` Lars Roland
2005-06-17 13:55 ` Valdis.Kletnieks
2005-06-17 4:46 ` Willy Tarreau
2005-06-17 12:45 ` Lars Roland
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).