RE: Very strange ftp mget problem

["Greg Scott" <GregScott@xxxxxxxxxxxxxxxx>]

Interesting - checking some of the other places I tested from that did not fail - one used 2.6.27, the other used 2.6.35.  Well, hang on a second - I just went back through my notes from last week and it looks like I also saw one hang with the 2.6.35 site as a destination.  I'll do some more testing with this site.  

Curious - the problem only seems to happen when copying from one particular source.  Copying the same material from different sources seemed to work properly.  

Other than bulk testing, is there a footprint to this problem I can look for to compare a before/after scenario?

Thanks

- Greg


-----Original Message-----
From: Jan Engelhardt [mailto:jengelh@xxxxxxxxxx] 
Sent: Wednesday, April 13, 2011 7:27 AM
To: Greg Scott
Cc: netfilter@xxxxxxxxxxxxxxx
Subject: Re: Very strange ftp mget problem

On Wednesday 2011-04-13 14:06, Greg Scott wrote:

>I'm posting here because maybe ip_conntrack_ftp might have a problem. Or it
>could be hardware...
>
>An AS/400 behind the firewall starts up a batch job running a script that does
>an ftp mget of several dozen or more files from an ftp site. The mget hangs
>at random times, sometimes almost immediately, other times after copying Âas
>many as a few hundred files.
>[...]
>Both fw1 and fw2 are HP minitowers, about 4 years old by now. I forget the
>exact hardware models. Fw1 is running kernel 2.6.18 and fw2 uses kernel 2.6.25
>or so.

Your posting of "2.6.18" and "2.6.25" and "random times" and "almost
immediately" (but not _totally immediately_ which is important) hints
towards this being old kernels having a problem with all the *ACK
features of TCP. Been there, seen it, and it was resolved by 2.6.25's
timeframe even here.
ÿô.nlj·Ÿ®‰­†+%ŠË±é¥Šwÿº{.nlj·§z×–×þ)íèjg¬±¨¶‰šŽŠÝjÿ¾«þG«é¸¢·¦j:+v‰¨Šwèm¶Ÿÿþø®w¥þŠà£¢·hšâÿ†Ù