I'm having issues with stale TCP connections after the upgrade from 12.2 to 13.0-BETA1.
Symptoms: Outgoing TCP connections no longer receive data after being idle. I can do more testing later, but I think these ipfw rules trigger the problem: - check-state - allow tcp from me to any setup keep-state - deny ip from any to any After establishing an outgoing connection (e.g, via netcat), I see a new dynamic rule and the 300s counter running down via # ipfw -Da list net.inet.ip.fw.dyn_keepalive is set to 1, so the timer should be refreshed via keep-alive on idle connections. Don't know if it's deterministic, but from what I've seen so far: - When counter gets low the first time, it is reset to 300 as expected. - When the counter nears zero for the second time, the dynamic rule is deleted and I get ipfw denies. _______________________________________________ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"