When switching to kernel 2.6.27, something very odd is happening: I'm unable to connect to *any* TCP port at *any* adress beyond my router. ping/traceroute works all right (e.g. traceroute www.google.com), but when trying to connect to (e.g) www.google.com:80 (or any website/port) fails - just hangs. Telnetting to my router (to the internal address 192.168.0.1) works alright. Reproducible: Always Steps to Reproduce: 1. switch to kernel 2.6.27 2. try to connect to any TCP port (e.g. telnet bugs.gentoo.org 80) 3. Actual Results: Connection hangs.. and fails Portage 2.2_rc12 (default/linux/amd64/2008.0, gcc-4.3.2, glibc-2.8_p20080602-r0, 2.6.26-gentoo-r2 x86_64) ================================================================= System uname: Linux-2.6.26-gentoo-r2-x86_64-AMD_Athlon-tm-_64_Processor_3000+-with-glibc2.2.5 Timestamp of tree: Sat, 18 Oct 2008 17:45:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6-r1 dev-lang/python: 2.5.2-r8 dev-util/ccache: 2.4-r8 dev-util/cmake: 2.6.2 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.3.0-r1 sys-apps/sandbox: 1.2.18.1-r3 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.26 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.tu-clausthal.de/pub/linux/gentoo/ http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo " LANG="de_DE.UTF-8" LC_ALL="de_DE.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="de" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="3dnow X a52 aac acl acli acpi ada aim alsa amd64 apm audiofile bash-completion berkdb bluetooth branding bzip2 cairo calendar cdb cddb cdparanoia cdr clamav cli cracklib crypt css ctype cups dbus dri dv dvb dvd dvdr dvdread emacs encode exif expat fam ffmpeg flac fontconfig fortran ftp gdbm gif gimp glut gnuplot gphoto2 gpm gps graphviz hal htmlhandbook iconv icq imagemagick innodb ipv6 irc isdnlog jabber java java6 joystick jpeg jpeg2k kde lame latex lcms libnotify libwww lm_sensors logitech-mouse loop-aes maildir man mhash midi mime mmap mmx mng mp3 mpeg mplay msn mudflap multilib musepack musicbrainz mysql ncurses nls nntp nptl nptlonly nsplugin ntpl offensive ogg openexr opengl openmp pam pcre pda pdfperl png pppd python qt3 qt3support qt4 readline reflection rss scanner sdl session sox spl sqlite sse sse2 ssl startup-notification subversion suid svg sysfs syslog taglib tcpd themes theora threads tiff timidity truetype unicode usb v4l v4l2 vcd vnc vorbis wavpack webkit wmf x264 xattr xine xml xorg xosd xpn xscreensaver xulrunner xv xvid yahoo zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfileauthz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" USERLAND="GNU" VIDEO_CARDS="fglrx" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
same here, solved by adding following lines to my /etc/sysctl.conf ----- # broken linksys-router net.ipv4.tcp_sack = 0 net.ipv4.tcp_dsack = 0 ----- Marcus
(In reply to comment #1) > same here, solved by adding following lines to my /etc/sysctl.conf > > ----- > # broken linksys-router > net.ipv4.tcp_sack = 0 > net.ipv4.tcp_dsack = 0 > ----- > > Marcus > should be: ----- # broken router net.ipv4.tcp_sack = 0 net.ipv4.tcp_dsack = 0 -----
Thanks reporting your fix Marcus. Does this solve your problem as well, Mark?
(In reply to comment #3) > Thanks reporting your fix Marcus. Does this solve your problem as well, Mark? Yes :-) But It's hardly surprising since Marcus and I are using a similar model from the same vendor (Netgear with Zyxel firmware) :-) I suggest printing out a message after emerging 2.6.27 (something like "If you experience TCP problems, try ....") since this problem could potentially affect lots of users.
Here is the kernel bugzilla entry with reports from other people from broken routers: http://bugzilla.kernel.org/show_bug.cgi?id=11721 It seems that the fix to restore compatibility will be coming out in a 2.6.27.x stable release, and the recommended workaround in the meantime involves disabling tcp options (possibly timestamps in addition to sack/dsack mentioned below). I agree that an einfo pointing out how to deal with broken routers seems like a good idea!
*** Bug 243254 has been marked as a duplicate of this bug. ***
Wormo, good find and thanks for that! We'll keep an eye on the patch and if it makes it too mainline, we can try to pull it into gentoo-sources until it exists in an office 2.6.27.X patch
Created attachment 170050 [details, diff] Patch to reorder TCP options Can someone test this patch against gentoo-sources-2.6.27-r1 and report the results?
This bug was not present in 2.6.26, right?
Yeah, similar issue here. Without net.ipv4.tcp_timestamps = 0 my (crummy) Westell router is toast. Best, Markus
Markus, and this worked OK in 2.6.26 without any workaround? Just trying to fathom whether this is a 2.6.27 regression or not.
(In reply to comment #11) > Markus, and this worked OK in 2.6.26 without any workaround? Just trying to > fathom whether this is a 2.6.27 regression or not. > Yes, 2.6.26 works out of the box without any problems so this definitely looks like a regression in 2.6.27. Best, Markus
(In reply to comment #8) > Created an attachment (id=170050) [edit] > Patch to reorder TCP options > > Can someone test this patch against gentoo-sources-2.6.27-r1 and report the > results? That patch fixes CONNECT(2) to an embedded device successfully for me, without the workaround to disable TCP timestamps. TCP timestamps are enabled and it now works again together with them.
Fixed in genpatches-2.6.27-4 / gentoo-sources-2.6.27-r2, thanks for reporting & testing