Some clients fail to connect using TCP applications to Solaris server after loading patch 144488-06
(Doc ID 1376666.1)
Last updated on APRIL 24, 2020
Applies to:
Solaris Operating System - Version 10 8/11 U10 to 11 11/11 [Release 10.0 to 11.0]Information in this document applies to any platform.
Symptoms
Incoming connection are failing and not completing the TCP 3-way handshake and the TCP session is reset.
Some non-Solaris clients establising TCP connections ( such as ftp or ssh ) are incorrectly sending window size that is less than MSS size value.
These are usually older Operating systems that have problem in there TCP/IP stack.
An enhancement was made in Solaris to protect TCP against attacker using a small window.
The idea is to stop clients connecting to Solaris asking for large chunks of data but when in fact can only handle small window sizes.
This is a security check.
Changes
Problem occurs after updating to Solaris 10 kernel patch 144488-06 or above and with Solaris 11
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |