You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Don Rude <do...@steem.com> on 1999/04/15 09:26:46 UTC

protocol/4251: Clients (incorrectly?) receive TCP reset packets.

>Number:         4251
>Category:       protocol
>Synopsis:       Clients (incorrectly?) receive TCP reset packets.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Apr 15 00:30:01 PDT 1999
>Last-Modified:
>Originator:     don@steem.com
>Organization:
apache
>Release:        1.3.6
>Environment:
Linux 2.2.5 (SMP)  --  RedHat 5.2 -- gcc 2.7.2.3
Also using mod_ssl 2.2.7-1.3.6 (rsaref 2.0 and openssl 0.9.2b) and mod_php 3.0.7.
Both are compiled in, not dynamically loaded.
>Description:
All services on the box run with no TCP problems.
HTTPS (mod_ssl) works with no problems.
For text/html content that is small enough to fit in the same TCP packet
as the HTTP response header (in other words the request is served with
only one DATA packet needed) the server ends the connection with TCP packets
flagged with RST (reset connection). This causes Netscape, Internet Explorer,
and Lynx to all warn of the unexpected reset. For larger responses (and it seems
even small text/plain responses) the TCP session ends as expected with packets
flagged with FIN (no more data, close connection).

The problem was noticed when a remote server was setup (node1.steem.com).
A box with the same software and different hardware appears to be exhibiting
the same problem when remote connections are established. But, it being a
dev/testing box it is on a local LAN and the browser doesn't warn of the reset.
BUT, observing the raw data with a packet sniffer it does appear to be sending
RST packets. A packet sniffer (NetXray) was used to verify all these TCP
sessions in question.
>How-To-Repeat:
The default 404 error is small enough to exhibit the behavior:
http://node1.steem.com/blah
The dev box that may or may not exhibit the problem:
http://masq.steem.com/blah
>Fix:
My only remaining theory is that it is related to the connection, hardware,
or operating system. But, I have had other people load these from various
locations and have received the browser warnings. The network cards are both
100Mb/s but they are different brands (both supported natively by Linux).
I have gotten this error with a different Linux version (2.2.3 I think I tried)
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request ]
[from a developer.                                      ]
[Reply only with text; DO NOT SEND ATTACHMENTS!         ]