[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#283107: telnet-connections to some hosts fail


After some further investigation I can now pretty confidently state that the culprit for this problem is the ipsec patch, introduced into 2.4.27 kernel by the previous kernel maintainer Herbert Xu. I have built two kernels, a pristine 2.4.27 from www.kernel.org, and another one, with the ipsec patch [0] applied. With the pristine kernel everything works fine, with the ipsec one I see bad tcp checksums in tcpdump log when connecting both to m-nas1 and esslingen (even though in the latter case the connection does not hang). And since the ipsec patch got accepted upstream somewhere in 2.5.x, it is not surprising that the failures persist with all later kernels, including 2.6.x.

The ipsec patch is not the only condition for this failure though. In particular, I have completely failed to reproduce the problem on my own Ultra1, which is very similar (it is not SMP though). So, it might be that it is caused by a combination of ipsec and SMP (not likely, because tested kernels are all UP), or some other unidentified factors.

In summary, I do not have a clear idea of how we could fix this. Ripping out ipsec out of 2.6 kernels by now is out of the question. It you want a "quick and dirty" solution, you can build a 2.4.27 kernel without applying ipsec patch. I'll send a summary of this problem to debian-sparc and see if someone else can reproduce that using the kernels I've built.

[0] http://gondor.apana.org.au/~herbert/ipsec-2.4/files/ipsec-2.4.27-20040812-1.bz2

Thanks and best regards,

Jurij Smakov                                        jurij@wooyd.org
Key: http://www.wooyd.org/pgpkey/                   KeyID: C99E03CC

Reply to: