Some clients fail to connect using TCP applications to Solaris server after loading patch 144488-06 (Doc ID 1376666.1)

Last updated on JULY 29, 2016

Applies to:

Solaris Operating System - Version 10 8/11 U10 to 11 11/11 [Release 10.0 to 11.0]
Information in this document applies to any platform.

Symptoms

Incoming connection are failing and not completing the TCP 3-way handshake and the TCP session is reset.
Some non-Solaris clients establising TCP connections ( such as ftp or ssh ) are incorrectly sending window size that is less than MSS size value.
These are usually older Operating systems that have problem in there TCP/IP stack.
An enhancement was made in Solaris to protect TCP against attacker using a small window.
The idea is to stop clients connecting to Solaris asking for large chunks of data but when in fact can only handle small window sizes.
This is a security check.

Changes

Problem occurs after updating to Solaris 10 kernel patch 144488-06 or above and with Solaris 11

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Some clients fail to connect using TCP applications to Solaris server after loading patch 144488-06 (Doc ID 1376666.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!