TCP Zero Window with no corresponding Window Update

Posted by Gandalf on Server Fault See other posts from Server Fault or by Gandalf
Published on 2010-05-19T13:47:48Z Indexed on 2010/05/19 13:50 UTC
Read the original article Hit count: 514

Filed under:
|
|
|

I am trying to debug a network issue and am using Wireshark and tcpdump to grab packets from my server. I have one client application that is grabbing all my available connections and then holding them, trying to send A LOT of data and essentially causing an unintentional DOS attack. While debugging I notice that I see my server sending "Window Closed" and "Zero Window" TCP packets - but never sending any "Window Update" packets. I am guessing this is why the client never lets go of the connections (it still has more data to send and is waiting). Has anyone ever seen this type of behavior before? Let's not get into the reasons why I haven't set up an iptables rule to limit concurrent connections (yeah I know). I also recently changed the MTU from 1500 to 9000 - could this have such a negative effect? (Linux) Thanks.

© Server Fault or respective owner

Related posts about linux

Related posts about networking