we experienced problems when stress-testing a ftp-upload application between machines with 2.4-grsec kernels that have the "Randomized TCP source ports" (RANDSRC) option enabled.
It seems like the randomization is not aware if the random-port which it assigns is in TIME_WAIT state.
With active ftp, the client application regularly throwed "Address already in use" and the server got stuck in SYN_SENT. With passive ftp, it's vice versa.
Neither lowering "tcp_fin_timeout" nor setting "tcp_tw_reuse" or "tcp_tw_recycle" helped reliably. The problem doesn't occur with RANDSRC disabled.
Is this expected behaviour of the TCP source port randomization?
RANDSRC option, TIME_WAIT and FTP
1 post
• Page 1 of 1
RANDSRC option, TIME_WAIT and FTP
by mtg » Tue Aug 15, 2006 11:50 am
- mtg
- Posts: 5
- Joined: Tue May 09, 2006 2:41 pm
1 post
• Page 1 of 1