[stunnel-users] Connection problems and TCP frame checksum errors

Tommi Nieminen ttn at mbnet.fi
Wed Oct 11 14:55:38 CEST 2006


> What does the tcpdump indicate?  Are the failed connections getting
> dropped or
> reset  on the computer that's forwarding or are they actually arriving at
> the
> stunnel server?  If they make it to the stunnel server what does tcpdump
> indicate at that connection point.

The connections are actually forwarded by a router, not a computer.

The connections arrive at the stunnel server. The following is the
tcpdump from the stunnel server. All the traffic of a failed connection
is there. After about 20 seconds Seamonkey gives up saying "Network Error".

I've added empty lines to make the text a bit more legible.

----------------------------------------------------------------
14:57:07.990693 IP (tos 0x20, ttl 116, id 62395, offset 0, flags [DF],
proto: TCP (6), length: 48) 131.177.254.92.3792 > 192.168.20.18.https: S,
cksum 0x5509 (correct), 1333491727:1333491727(0) win 65535 <mss
1260,nop,nop,sackOK>

14:57:10.906554 IP (tos 0x20, ttl 116, id 62429, offset 0, flags [DF],
proto: TCP (6), length: 48) 131.177.254.92.3792 > 192.168.20.18.https: S,
cksum 0x5509 (correct), 1333491727:1333491727(0) win 65535 <mss
1260,nop,nop,sackOK>

14:57:16.916385 IP (tos 0x20, ttl 116, id 62499, offset 0, flags [DF],
proto: TCP (6), length: 48) 131.177.254.92.3792 > 192.168.20.18.https: S,
cksum 0x5509 (correct), 1333491727:1333491727(0) win 65535 <mss
1260,nop,nop,sackOK>
----------------------------------------------------------------

As you can see, there is nothing coming back from the server. And
since tcpdump saw the incoming call, stunnel should see it too. They
are on the same machine.

It's so strange: at one time I connect the server, and it
forwards the traffic just the way it should. Then quite inexplicably,
it just won't do it...and then it forwards it again. I have no clue what
makes it to not work and then to work again. I don't need to restart
the server, I'm not changing anything. It's like there would be some
kind of an internal timer, but that doesn't make any sense. And there
has been only one connection attempt at a time, so it can't be the
excess of traffic either.

Tommi




More information about the stunnel-users mailing list