Bug 688989 - [5.6] sysctl tcp_syn_retries is not honored
Summary: [5.6] sysctl tcp_syn_retries is not honored
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel
Version: 5.6
Hardware: All
OS: Linux
medium
high
Target Milestone: rc
: ---
Assignee: Flavio Leitner
QA Contact: Boris Ranto
URL:
Whiteboard:
: 691550 (view as bug list)
Depends On:
Blocks: 769073
TreeView+ depends on / blocked
 
Reported: 2011-03-18 18:11 UTC by Flavio Leitner
Modified: 2018-12-06 14:38 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 769073 (view as bug list)
Environment:
Last Closed: 2011-07-21 10:18:53 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1065 0 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 5.7 kernel security and bug fix update 2011-07-21 09:21:37 UTC

Description Flavio Leitner 2011-03-18 18:11:59 UTC
Created attachment 486296 [details]
backported patch based on 2.6.18-249.el5 (git latest)

Description of problem:
The sysctl tcp_syn_retries is not honored

Kernel version: 2.6.18-249.el5

$ telnet 192.168.1.1 7799
Trying 192.168.1.1...
telnet: connect to address 192.168.1.1: Connection timed out
telnet: Unable to connect to remote host: Connection timed out

# tcpdump -i host0 port 7799                                     
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode      
listening on host0, link-type EN10MB (Ethernet), capture size 96 bytes          
14:22:48.056276 IP r5dell.rh.59127 > 192.168.1.1.7799: S 126881366:126881366(0)>
14:22:51.056254 IP r5dell.rh.59127 > 192.168.1.1.7799: S 126881366:126881366(0)>
14:22:57.056244 IP r5dell.rh.59127 > 192.168.1.1.7799: S 126881366:126881366(0)>

$ cat /proc/sys/net/ipv4/tcp_syn_retries 
5

This happens because there is a calculation problem fixed by the upstream commit:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=4d22f7d372f5769c6c0149e427ed6353e2dcfe61
commit 4d22f7d372f5769c6c0149e427ed6353e2dcfe61
Author: Damian Lukowski <damian@tvk.rwth-aachen.de>
Date:   Tue Sep 28 13:08:32 2010 -0700

    net-2.6: SYN retransmits: Add new parameter to retransmits_timed_out()
    
    Fixes kernel Bugzilla Bug 18952
    
    This patch adds a syn_set parameter to the retransmits_timed_out()
    routine and updates its callers. If not set, TCP_RTO_MIN is taken
    as the calculation basis as before. If set, TCP_TIMEOUT_INIT is
    used instead, so that sysctl_syn_retries represents the actual
    amount of SYN retransmissions in case no SYNACKs are received when
    establishing a new connection.
    
    Signed-off-by: Damian Lukowski <damian@tvk.rwth-aachen.de>
    Signed-off-by: David S. Miller <davem@davemloft.net>


After applying the patch, the sysctl works properly:
# cat /proc/sys/net/ipv4/tcp_syn_retries 
5
# tcpdump -i host0 port 7799                                     
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode      
listening on host0, link-type EN10MB (Ethernet), capture size 96 bytes          
14:27:31.117344 IP r5dell.rh.36989 > 192.168.1.1.7799: S 414032993:414032993(0)>
14:27:34.117716 IP r5dell.rh.36989 > 192.168.1.1.7799: S 414032993:414032993(0)>
14:27:40.117707 IP r5dell.rh.36989 > 192.168.1.1.7799: S 414032993:414032993(0)>
14:27:52.117693 IP r5dell.rh.36989 > 192.168.1.1.7799: S 414032993:414032993(0)>
14:28:16.117655 IP r5dell.rh.36989 > 192.168.1.1.7799: S 414032993:414032993(0)>
14:29:04.117586 IP r5dell.rh.36989 > 192.168.1.1.7799: S 414032993:414032993(0)>


How reproducible:
Always

Steps to Reproduce:
1. open a connection to a unreachable host 
2. check the traffic dump the amount of SYN retries attempts

Comment 11 RHEL Program Management 2011-04-01 17:19:38 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 13 Jarod Wilson 2011-04-08 16:26:50 UTC
Patch(es) available in kernel-2.6.18-256.el5
You can download this test kernel (or newer) from http://people.redhat.com/jwilson/el5
Detailed testing feedback is always welcomed.

Comment 16 Jiri Pirko 2011-06-07 21:23:05 UTC
*** Bug 691550 has been marked as a duplicate of this bug. ***

Comment 17 errata-xmlrpc 2011-07-21 10:18:53 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-1065.html


Note You need to log in before you can comment on or make changes to this bug.