none
Stream layer on Windows 8 RRS feed

  • Question

  • I have a problem with Windows 8 and filtering and asynchronously reinjecting data on stream layer.

    It seems that since version 8250, TCP stack started to acknowledge sequence numbers which were never sent from the other side. As both sides got desynchronized, no further traffic is possible and transmission ends. The appreance seems to be quite random, on 1Gbps network is often possible to transmit tens of MB before breaking it.

    There doesn't seem to be any difference whether I try to reinject data inside or outside of the ClassifyFn nor if I copy the data to flat buffer and create new net buffer list for reinjection or clone the net buffer list and use it directly for reinjection.

    I wonder whether anyone ran into same issue or can provide some tips & trick on debugging this issue as I've ran out of ideas and I don't think that callout on stream layer should be able to affect seq/ack numbers in any way.

    Thanks

    Friday, April 20, 2012 10:32 AM

All replies

  • I tried to reproduce it with WFPSampler sample, which I executed with parameters -s BASIC_STREAM_INJECTION -l FWPM_LAYER_STREAM_V4 -v. Unfortunately, aside from data corruption, it seems to have same problem with desynchronizing TCP endpoints.

    I really wonder whether I'm the only one with such problems and have something wrong with my test environment, or it is a bug in WFP/TCP stack.

    Below is packet capture from wireshark around the place when stream got desynchronized, 10.6.135.48 is client with Windows 8 build 8319 and WFPSampler running with parameters above. Desynchronization seems to start with packet 5175 which acknowledged lower number than in previous acks.

    No.     Time        Source                Destination           Protocol Length Info
       5161 17.251091   10.6.135.50           10.6.135.48           TCP      29254  ddi-tcp-1 > 49846 [ACK] Seq=6488781 Ack=38 Win=65536 Len=29200
       5162 17.251356   10.6.135.48           10.6.135.50           TCP      60     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6488781 Win=65536 Len=0
       5163 17.251367   10.6.135.50           10.6.135.48           TCP      35094  ddi-tcp-1 > 49846 [ACK] Seq=6517981 Ack=38 Win=65536 Len=35040
       5164 17.251400   10.6.135.50           10.6.135.48           TCP      1350   [TCP Window Full] ddi-tcp-1 > 49846 [PSH, ACK] Seq=6553021 Ack=38 Win=65536 Len=1296
       5165 17.251580   10.6.135.48           10.6.135.50           TCP      60     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6515061 Win=65536 Len=0
       5166 17.251598   10.6.135.50           10.6.135.48           TCP      26334  [TCP Window Full] ddi-tcp-1 > 49846 [ACK] Seq=6554317 Ack=38 Win=65536 Len=26280
       5167 17.251700   10.6.135.48           10.6.135.50           TCP      60     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6534041 Win=62720 Len=0
       5168 17.251715   10.6.135.50           10.6.135.48           TCP      16114  ddi-tcp-1 > 49846 [ACK] Seq=6580597 Ack=38 Win=65536 Len=16060
       5169 17.251792   10.6.135.48           10.6.135.50           TCP      60     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6547181 Win=61184 Len=0
       5170 17.251799   10.6.135.50           10.6.135.48           TCP      11734  ddi-tcp-1 > 49846 [ACK] Seq=6596657 Ack=38 Win=65536 Len=11680
       5171 17.251886   10.6.135.48           10.6.135.50           TCP      60     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6558697 Win=58368 Len=0
       5172 17.251900   10.6.135.50           10.6.135.48           TCP      7354   ddi-tcp-1 > 49846 [ACK] Seq=6608337 Ack=38 Win=65536 Len=7300
       5173 17.251967   10.6.135.48           10.6.135.50           TCP      60     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6568917 Win=55296 Len=0
       5174 17.251984   10.6.135.50           10.6.135.48           TCP      7354   ddi-tcp-1 > 49846 [PSH, ACK] Seq=6615637 Ack=38 Win=65536 Len=7300
       5175 17.252029   10.6.135.48           10.6.135.50           TCP      66     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6542637 Win=81664 Len=0 SLE=6568917 SRE=6570377
       5176 17.252137   10.6.135.48           10.6.135.50           TCP      66     49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6555777 Win=68608 Len=0 SLE=6586437 SRE=6587897
       5177 17.252137   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5176#1] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6555777 Win=68608 Len=0 SLE=6587897 SRE=6589357
       5178 17.252293   10.6.135.48           10.6.135.50           TCP      66     [TCP ACKed lost segment] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6589357 SRE=6590817
       5179 17.252294   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#1] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6590817 SRE=6592277
       5180 17.252294   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#2] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6592277 SRE=6593737
       5181 17.252342   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#3] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6593737 SRE=6595197
       5182 17.252349   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#4] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6595197 SRE=6596657
       5183 17.252349   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#5] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6596657 SRE=6598117
       5184 17.252356   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#6] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6598117 SRE=6599577
       5185 17.252368   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#7] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6599577 SRE=6601037
       5186 17.252374   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#8] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6601037 SRE=6602497
       5187 17.252386   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#9] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6602497 SRE=6603957
       5188 17.252391   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#10] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6603957 SRE=6605417
       5189 17.252402   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#11] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6605417 SRE=6606877
       5190 17.252432   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#12] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6606877 SRE=6608337
       5191 17.252439   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#13] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6608337 SRE=6609797
       5192 17.252450   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#14] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6609797 SRE=6611257
       5193 17.252462   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#15] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6611257 SRE=6612717
       5194 17.252474   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#16] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6612717 SRE=6614177
       5195 17.252482   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#17] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6614177 SRE=6615637
       5196 17.252517   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#18] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6615637 SRE=6617097
       5197 17.252557   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#19] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6617097 SRE=6618557
       5198 17.252557   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#20] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6618557 SRE=6620017
       5199 17.252565   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#21] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6620017 SRE=6621477
       5200 17.252598   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5178#22] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=16776960 Len=0 SLE=6621477 SRE=6622937
       5201 17.254948   10.6.135.48           10.6.135.50           TCP      60     [TCP Window Update] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=33536 Len=0
       5203 17.256989   10.6.135.48           10.6.135.50           TCP      60     [TCP Window Update] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=43776 Len=0
       5204 17.258501   10.6.135.48           10.6.135.50           TCP      60     [TCP Window Update] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=65536 Len=0
       5207 17.555428   10.6.135.50           10.6.135.48           TCP      1514   [TCP Retransmission] ddi-tcp-1 > 49846 [ACK] Seq=6568917 Ack=38 Win=65536 Len=1460
       5208 17.555694   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5204#1] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=65536 Len=0 SLE=6568917 SRE=6570377
       5210 18.155489   10.6.135.50           10.6.135.48           TCP      1514   [TCP Retransmission] ddi-tcp-1 > 49846 [ACK] Seq=6568917 Ack=38 Win=65536 Len=1460
       5211 18.155735   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5204#2] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=65536 Len=0 SLE=6568917 SRE=6570377
       5219 19.355397   10.6.135.50           10.6.135.48           TCP      1514   [TCP Retransmission] ddi-tcp-1 > 49846 [ACK] Seq=6568917 Ack=38 Win=65536 Len=1460
       5220 19.355602   10.6.135.48           10.6.135.50           TCP      66     [TCP Dup ACK 5204#3] 49846 > ddi-tcp-1 [ACK] Seq=38 Ack=6636077 Win=65536 Len=0 SLE=6568917 SRE=6570377

    Thursday, April 26, 2012 10:50 AM