From nobody@FreeBSD.org  Wed May 21 23:19:44 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 360E3106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 21 May 2008 23:19:44 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 279B78FC19
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 21 May 2008 23:19:44 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m4LNIJA8045653
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 21 May 2008 23:18:19 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m4LNIJVn045652;
	Wed, 21 May 2008 23:18:19 GMT
	(envelope-from nobody)
Message-Id: <200805212318.m4LNIJVn045652@www.freebsd.org>
Date: Wed, 21 May 2008 23:18:19 GMT
From: Tom Karpik <tom@tomkarpik.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Turning on TCP blackholing causes slow localhost connections
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         123881
>Category:       kern
>Synopsis:       [tcp] Turning on TCP blackholing causes slow localhost connections
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    vwe
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 21 23:20:01 UTC 2008
>Closed-Date:    Fri Jan 30 19:48:56 UTC 2009
>Last-Modified:  Fri Jan 30 19:48:56 UTC 2009
>Originator:     Tom Karpik
>Release:        7.0-RELEASE
>Organization:
>Environment:
FreeBSD OsirisBSD 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008     root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
Turning on TCP blackholing (sysctl net.inet.tcp.blackhole=2) seems to make connecting to some local services very slow.

Example: telnet localhost 25 (default local Sendmail daemon after fresh installation of FreeBSD)

Sendmail responds with its greeting string right away if blackholing is off. If it's turned on, it takes about 8-12 seconds for the greeting to show up.
>How-To-Repeat:
sysctl net.inet.tcp.blackhole=2 (or 1)
telnet localhost 25
>Fix:
sysctl net.inet.tcp.blackhole=0

>Release-Note:
>Audit-Trail:

From: Maxim Konovalov <maxim@macomnet.ru>
To: Tom Karpik <tom@tomkarpik.com>
Cc: bug-followup@freebsd.org
Subject: Re: kern/123881: Turning on TCP blackholing causes slow localhost
 connections
Date: Thu, 22 May 2008 17:40:35 +0400 (MSD)

 > Turning on TCP blackholing (sysctl net.inet.tcp.blackhole=2) seems
 > to make connecting to some local services very slow.
 >
 > Example: telnet localhost 25 (default local Sendmail daemon after
 > fresh installation of FreeBSD)
 >
 > Sendmail responds with its greeting string right away if blackholing
 > is off. If it's turned on, it takes about 8-12 seconds for the
 > greeting to show up.
 
 Just an idea -- sendmail tries to use ident service and just timeouts
 on it due to tcp blackholing.  To check this idea try to run e.g.
 inetd(8) auth service.
 
 -- 
 Maxim Konovalov
Responsible-Changed-From-To: freebsd-bugs->freebsd-net 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat May 24 02:09:06 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123881 

From: Oliver <oliver@hotracer.de>
To: bug-followup@FreeBSD.org, tom@tomkarpik.com
Cc:  
Subject: Re: kern/123881: [tcp] Turning on TCP blackholing causes slow localhost
 connections
Date: Fri, 01 Aug 2008 17:05:10 +0200

 I tried to reproduce this. You can log this issue when you also set
 net.inet.tcp.log_in_vain=2
 the dmesg output shows for each connection attempt to sendmail
 TCP: [127.0.0.1]:58148 to [127.0.0.1]:113 tcpflags 0x2<SYN>; tcp_input: 
 Connection attempt on closed port
 
 if you start inetd/auth (113) the sendmail deamon answers the same speed 
 it does with net.inet.tcp.blackhole=0
 
 If you don't want to use auth, sendmail can be configured to set the 
 timeout for ident to 0s which results in ident checking disabled or
 you can reduce the default value of 5 seconds.
 O Timeout.ident=0s
 
 so tcp.blackhole works as expected and perhaps this can be closed.
 
 Greetings, Oliver
 
State-Changed-From-To: open->closed 
State-Changed-By: vwe 
State-Changed-When: Fri Jan 30 19:45:46 UTC 2009 
State-Changed-Why:  
Tom, 
we think this issue either is not related to the tcp stack or not directly 
related to blackholing connections. It might be an application issue. 
As we do not think there's something we can work on, we're going to close 
this PR. 
If you think there should be something fixed, please put more information 
into the PR so we can check that. Thank you for reporting this problem. 


Responsible-Changed-From-To: freebsd-net->vwe 
Responsible-Changed-By: vwe 
Responsible-Changed-When: Fri Jan 30 19:45:46 UTC 2009 
Responsible-Changed-Why:  
track 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123881 
>Unformatted:
