Bug#283107: telnet-connections to some hosts fail
Hi,
After some further investigation I can now pretty confidently state that the
culprit for this problem is the ipsec patch, introduced into 2.4.27 kernel
by the previous kernel maintainer Herbert Xu. I have built two kernels, a
pristine 2.4.27 from www.kernel.org, and another one, with the ipsec patch
[0] applied. With the pristine kernel everything works fine, with the
ipsec one I see bad tcp checksums in tcpdump log when connecting both to
m-nas1 and esslingen (even though in the latter case the connection does
not hang). And since the ipsec patch got accepted upstream somewhere in
2.5.x, it is not surprising that the failures persist with all later
kernels, including 2.6.x.
The ipsec patch is not the only condition for this failure though. In
particular, I have completely failed to reproduce the problem on my own
Ultra1, which is very similar (it is not SMP though). So, it might be that
it is caused by a combination of ipsec and SMP (not likely, because tested
kernels are all UP), or some other unidentified factors.
In summary, I do not have a clear idea of how we could fix this. Ripping
out ipsec out of 2.6 kernels by now is out of the question. It you want a
"quick and dirty" solution, you can build a 2.4.27 kernel without applying
ipsec patch. I'll send a summary of this problem to debian-sparc and see
if someone else can reproduce that using the kernels I've built.
[0] http://gondor.apana.org.au/~herbert/ipsec-2.4/files/ipsec-2.4.27-20040812-1.bz2
Thanks and best regards,
Jurij Smakov jurij@wooyd.org
Key: http://www.wooyd.org/pgpkey/ KeyID: C99E03CC
Reply to: