tcp has MSS=1460, but a segment with PUSH flag is overshooting maximum segment size
Bug #2049993 reported by
Bernhard Riegler
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux-hwe-6.5 (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
a wireshark trace will follow.
filter for "ip.len>1500" in the wireshark trace
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: linux-modules-
ProcVersionSign
Uname: Linux 6.5.0-14-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: ubuntu:GNOME
Date: Sun Jan 21 08:41:18 2024
Dependencies:
InstallationDate: Installed on 2022-05-31 (599 days ago)
InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 (20220419)
SourcePackage: linux-hwe-6.5
UpgradeStatus: No upgrade log present (probably fresh install)
Revision history for this message
| Bernhard Riegler (riegler-b) wrote | #1 |
Revision history for this message
| Bernhard Riegler (riegler-b) wrote | #2 |
Revision history for this message
| Bernhard Riegler (riegler-b) wrote | #3 |
Revision history for this message
| Bernhard Riegler (riegler-b) wrote | #4 |
| summary: |
- tcp has MSS=1460, but TLSv1.3 payload is overshooting maximum segment - size + tcp has MSS=1460, but a segment with PUSH flag is overshooting maximum + segment size |
Revision history for this message
| Bernhard Riegler (riegler-b) wrote | #5 |
To post a comment you must log in.
I have a stateless firewall (nft) which drops ip.len>1500 input ethernet frames.
therefore you see TCP flow control with resend data.
filter the wireshark trace with "ip.len>1500"
all the input ethernet frames (destination ipv4 10.0.0.2) seen in wireshark trace
are dropped in nft filter hook ingress.
filter the tcp connection.