Bug 87762

Summary: tcp hangs when session masqueraded
Product: [Retired] Red Hat Linux Reporter: Ted Kaczmarek <tedkaz>
Component: cipeAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED WONTFIX QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-07-18 12:36:01 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Ted Kaczmarek 2003-04-02 03:58:59 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.9 (X11; Linux i686; U;) Gecko/20030314

Description of problem:
If you route through a pair of Redhat 8 boxes that have a cipe tunnel between
them, and use iptables to masquerade the SA(source address) on the remote router
tcp sessions will hang.

Version-Release number of selected component (if applicable):
cipe-1.4.5-11

How reproducible:
Always

Steps to Reproduce:
1. Establish cipe tunnel between two gateways
2. Masquerade SA on remote routes
3. Do any high packet rate tcp session
    

Actual Results:  TCP session hangs

Expected Results:  TCP session does not hang

Additional info:

http://sites.inka.de/bigred/archive/cipe-l/2002-02/msg00026.html

This is seriously broken, should be enough justification to go to 1.5.4.
The backwards compatability issues are not an issue according to posts I have
seen from Olaf on the upgrade cipe bug.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=68066

Comment 1 Ted Kaczmarek 2004-07-18 12:36:01 UTC
Since you guys don't include cipe in any newer releases this is
fruitless.