lost and found ( for me ? )

Linux Mint 13 : can’t connect to only secure sites ( https )


mint-13 ~ # uname -a
Linux mint-13 3.2.0-31-generic #50-Ubuntu SMP Fri Sep 7 16:16:45 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
mint-13 ~ # tail -1 /etc/lsb-release
DISTRIB_DESCRIPTION="Linux Mint 13 Maya"

When I access to secure sites (https) , the load time of secure sites is very slow , I’ve faced timed out.
the load time of non secure sites are Okay , I can access to http site without stress.

why ??

Here’s a capture data when accessing to a secure site.
scaling factor is ..-1 ??? and window size is small..
mint-13 ~ # tshark -i eth0 port 443 -V | grep -i window
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 942
   [Calculated window size: 942]
   [Window size scaling factor: -1 (unknown)]
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 306
   [Calculated window size: 306]
   [Window size scaling factor: -1 (unknown)]
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 331
   [Calculated window size: 331]
   [Window size scaling factor: -1 (unknown)]
       .... 0... .... = Congestion Window Reduced (CWR): Not set

window scaling is enabled by default
mint-13 ~ # cat /proc/sys/net/ipv4/tcp_window_scaling
1

disable window scale to try.
mint-13 ~ # echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
mint-13 ~ # cat /proc/sys/net/ipv4/tcp_window_scaling
0

access to the secure site again.
I could access to the secure site without stress.

Here’s capture data.
scaling factor is still -1 , however window size seems to become normal.
mint-13 ~ # tshark -i eth0 port 443 -V | grep -i window
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 41850
   [Calculated window size: 41850]
   [Window size scaling factor: -1 (unknown)]
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 41850
   [Calculated window size: 41850]
   [Window size scaling factor: -1 (unknown)]
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 62851
   [Calculated window size: 62851]
   [Window size scaling factor: -1 (unknown)]
       .... 0... .... = Congestion Window Reduced (CWR): Not set
   Window size value: 41850
   [Calculated window size: 41850]

wired behavior.

tshark version
mint-13 ~ # tshark -v | head -1
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
TShark 1.6.7

turn off window scaling permanently
mint-13 ~ # tail -1 /etc/sysctl.conf
net.ipv4.tcp_window_scaling = 0


the value of scaling factor "-1" seems to be tshark’s issue..

when enabling window scale.
mint-13 ~ # tshark -i eth0 port 443 | grep -i syn
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
 4.818885 192.168.11.100 -> 74.125.235.111 TCP 74 49827 > https [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=552473 TSecr=0 WS=128
 4.823766 74.125.235.111 -> 192.168.11.100 TCP 74 https > 49827 [SYN, ACK] Seq=0 Ack=1 Win=14180 Len=0 MSS=1430 SACK_PERM=1 TSval=21743779 TSecr=552473 WS=64

when disabling window scale. there’s no scaling option in the TCP header.
mint-13 ~ # tshark -i eth0 port 443 | grep -i syn
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
 1.545670 192.168.11.100 -> 74.125.235.113 TCP 70 59065 > https [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=543894 TSecr=0
 1.555951 74.125.235.113 -> 192.168.11.100 TCP 70 https > 59065 [SYN, ACK] Seq=0 Ack=1 Win=14180 Len=0 MSS=1430 SACK_PERM=1 TSval=21139320 TSecr=543894

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.