Hi, I have a strange case where sometimes a client responds to a SYN+ACK packet with a RST. This only seems to happen though after a retransmission of the SYN packet. My question is why would that matter given that sequence numbers and other parameters all are correct? I would expect the client to properly acknowledge the SYN+ACK packet instead of sending a RST. Are there any other reasons besides sequence number or TSval/TSecr issues that could cause the client side to repond with a RST to a SYN+ACK? Here is a wireshark summary of such a failed handshake: 2139 73.154288 10.0.0.10 10.1.0.13 TCP 74 33298→80 [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=3660943802 TSecr=0 WS=128 2140 74.153741 10.0.0.10 10.1.0.13 TCP 74 [TCP Retransmission] 33298→80 [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=3660944802 TSecr=0 WS=128 2141 74.166255 10.1.0.13 10.0.0.10 TCP 74 80→33298 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=3342367258 TSecr=3660943802 WS=128 2142 74.166266 10.0.0.10 10.1.0.13 TCP 54 33298→80 [RST] Seq=1 Win=0 Len=0 Regards, Dennis -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
