>Number: 4251 >Category: protocol >Synopsis: Clients (incorrectly?) receive TCP reset packets. >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Thu Apr 15 00:30:01 PDT 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.6 >Environment: Linux 2.2.5 (SMP) -- RedHat 5.2 -- gcc 2.7.2.3 Also using mod_ssl 2.2.7-1.3.6 (rsaref 2.0 and openssl 0.9.2b) and mod_php 3.0.7. Both are compiled in, not dynamically loaded. >Description: All services on the box run with no TCP problems. HTTPS (mod_ssl) works with no problems. For text/html content that is small enough to fit in the same TCP packet as the HTTP response header (in other words the request is served with only one DATA packet needed) the server ends the connection with TCP packets flagged with RST (reset connection). This causes Netscape, Internet Explorer, and Lynx to all warn of the unexpected reset. For larger responses (and it seems even small text/plain responses) the TCP session ends as expected with packets flagged with FIN (no more data, close connection).
The problem was noticed when a remote server was setup (node1.steem.com). A box with the same software and different hardware appears to be exhibiting the same problem when remote connections are established. But, it being a dev/testing box it is on a local LAN and the browser doesn't warn of the reset. BUT, observing the raw data with a packet sniffer it does appear to be sending RST packets. A packet sniffer (NetXray) was used to verify all these TCP sessions in question. >How-To-Repeat: The default 404 error is small enough to exhibit the behavior: http://node1.steem.com/blah The dev box that may or may not exhibit the problem: http://masq.steem.com/blah >Fix: My only remaining theory is that it is related to the connection, hardware, or operating system. But, I have had other people load these from various locations and have received the browser warnings. The network cards are both 100Mb/s but they are different brands (both supported natively by Linux). I have gotten this error with a different Linux version (2.2.3 I think I tried) >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
