... > > My guess is that hardware checksum'ing is involved > here. > > To test this theory, add the following line to > /etc/system and reboot:
Thanks for the tip, but unfortunately the problem persists. Here's output: # grep ip /etc/system set ip:dohwcksum=0 machine rebooted ... # ipfstat -hio 0 pass out quick on iprb0 proto tcp from any to any flags R/FSRPU 0 pass out quick on iprb0 proto tcp from any to any flags S/SA keep state 41 block in log quick on iprb0 all head 200 1 block return-rst in quick proto tcp from any to 10.0.0.119/32 flags S/SA keep state head 201 group 200 1 pass in quick proto tcp from 10.0.0.0/24 to 10.0.0.119/32 port = ssh flags S/SA keep state group 201 tcpdump on the connecting machine still shows checksum errors: 15:39:24.134340 IP (tos 0x10, ttl 64, id 452, offset 0, flags [DF], length: 60) 10.0.0.104.57572 > 10.0.0.119.222: S [tcp sum ok] 1845095534:1845095534(0) win 5840 <mss 1460,sackOK,timestamp 1121578410 0,nop,wscale 2> 15:39:24.134737 IP (tos 0x10, ttl 255, id 768, offset 0, flags [DF], length: 40, bad cksum 7bc9 (->63e1)!) 10.0.0.119.222 > 10.0.0.104.57572: R [bad tcp cksum 2eca (->5ec6)!] 0:0(0) ack 1845095535 win 0 but allowed incoming ssh connection works fine. This message posted from opensolaris.org _______________________________________________ networking-discuss mailing list [email protected]
