freebsd/vsftpd: размер файла больше 64 КБ, загрузка не завершена
У очень немногих клиентов возникает проблема с загрузкой любого файла размером более 64 КБ. Операционная система сервера - FreeBSD, выполняющая vsftpd поверх ssl. Когда мы перемещаем этих клиентов на сервер ftps, размещенный в Windows, у них не возникает никаких проблем. Клиентская система работает под управлением ОС Windows.
Мы проанализировали трассировку wireshark / tcpdump на клиенте и сервере, и наш анализ:
Как только клиент заканчивает загрузку файла, он отправляет FIN, но серверу требуется время, чтобы отправить обратно ACK/FIN, после чего клиент перезапускает рукопожатие tcp и снова начинает загрузку файла. Мы попытались отключить tcp delayed ack, контрольную сумму tcp, изменили recvBuf на сервере. Ни один из этих параметров не имеет значения.
Дополнительные детали: релиз FreeBSD 9.0 vsFtpd 3.0.0
vsFtpd.log
Fri Jun 15 12:22:16 2012 [pid 1092] CONNECT: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:16 2012 [pid 1092] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, not reused, no cert"
Fri Jun 15 12:22:16 2012 [pid 1092] FTP response: Client "xx.xxx.xx.xx", "220 (vsFTPd 3.0.0)"
Fri Jun 15 12:22:16 2012 [pid 1092] FTP command: Client "xx.xxx.xx.xx", "USER ftpuser"
Fri Jun 15 12:22:16 2012 [pid 1092] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "331 Please specify the password."
Fri Jun 15 12:22:16 2012 [pid 1092] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASS <password>"
Fri Jun 15 12:22:16 2012 [pid 1091] [ftpuser] OK LOGIN: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "230 Login successful."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "OPTS UTF8 ON"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Always in UTF8 mode."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PBSZ 0"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PBSZ set to 0."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PROT P"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PROT now Private."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "CWD /usr/home/ftpuser"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "250 Directory successfully changed."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "TYPE I"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Switching to Binary mode."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASV"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xx)."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "STOR testfile.TIF"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "150 Ok to send data."
Fri Jun 15 12:22:16 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, reused, no cert"
Fri Jun 15 12:22:17 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: SSL_RECEIVED_SHUTDOWN"
Fri Jun 15 12:22:17 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: 3"
Fri Jun 15 12:22:37 2012 [pid 1096] CONNECT: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:37 2012 [pid 1096] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, not reused, no cert"
Fri Jun 15 12:22:37 2012 [pid 1096] FTP response: Client "xx.xxx.xx.xx", "220 (vsFTPd 3.0.0)"
Fri Jun 15 12:22:37 2012 [pid 1096] FTP command: Client "xx.xxx.xx.xx", "USER ftpuser"
Fri Jun 15 12:22:37 2012 [pid 1096] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "331 Please specify the password."
Fri Jun 15 12:22:37 2012 [pid 1096] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASS <password>"
Fri Jun 15 12:22:37 2012 [pid 1095] [ftpuser] OK LOGIN: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "230 Login successful."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "OPTS UTF8 ON"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Always in UTF8 mode."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PBSZ 0"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PBSZ set to 0."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PROT P"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PROT now Private."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "CWD /usr/home/ftpuser"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "250 Directory successfully changed."
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "TYPE I"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Switching to Binary mode."
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASV"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xxx)."
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "LIST"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "150 Here comes the directory listing."
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, reused, no cert"
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: NONE"
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: 3"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "226 Directory send OK."
Fri Jun 15 12:24:22 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 15 12:27:04 2012 [pid 1089] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 15 12:27:04 2012 [pid 1090] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "421 Timeout."
Fri Jun 15 12:27:17 2012 [pid 1093] [ftpuser] OK UPLOAD: Client "xx.xxx.xx.xx", "/usr/home/ftpuser/testfile.TIF", 109322 bytes, 0.35Kbyte/sec
Fri Jun 15 12:27:17 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "226 Transfer complete."
Fri Jun 15 12:27:17 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "Connection terminated without SSL shutdown - buggy client?"
Спасибо, Бхарат