>In particular it'd be good to know what the bugs are, in case they
>haven't been fixed yet.
To resolve this issue, I asked Holger Kruse what he thinks is wrong
with the Linux TCP/IP stack. I quoted his response below.
I'll provide some background information first, so you can understand
him being angry about all this. He is the creator of Miami and Miami
Deluxe, a closed-source commercial (with free (as in beer) demo
available) BSD-based TCP/IP stack. You know Amiga 'advocacy', right?
Well, we[1] don't only annoy the outside world to make ourselves[1]
look stupid, but we do it to each other too. :-( Miami is a victim of
being accused of having backdoors, 'proof' was a password list that
was spreaded over the 31337 W4R3Z D00DZ BBS/sited. It obviously was a
fake (there were Windows-only users in that list, for example). Later
a Trojan was found that replaced an AmigaOS library, that specifically
targeted Miami and MiamiDX, sending data to some machine on the
Internet. There also exists a Trojanned telnet client.
Holger was (and to be seen on Slashdot, *is*, regrettably) under
constant attack by these people, which, I imagine gets annoying, to
say the least. Substantial claims have never been made, and nobody has
seen *any* 'strange' activity concerning Miami on his/her network.
ObDisclaimer: maybe this totally isn't the reason why he's angry. Then
it's just some nice background info. :-)
[1] I still have and use an A1200, but I'm not such a rabid fanatic as
the typical 'Amiga-fan'.
Enough about all that, here the article:
[------ start -------]
In article <199907122100.RAA01105@h1.nordicglobal.com>, Jurjen Oskam
<jurjen@stupendous.org> wrote:
> Hi all, and Holger,
>
> With all the recent commotion about Amiga dumping QNX in favour of Linux,
> discussions started to emerge everywhere.
>
> The story on slashdot.org spawned an overheated discussion, and an article
> appeared on the linux-kernel mailinglist, where (some of) the complaints made
> by Holger about the Linux TCP/IP stack were included.
Frankly I am extremely annoyed and angry at this turn of events. This
is the sixth mail today about this issue, and I really have other
things to do then continuously explain and comment on bugs and
limitations in Linux.
My comments were in the context of the AmigaOS Linux kernel decision
and nothing else. Taking them out of context and forwarding them to
other mailing lists or other people without asking me is not only
impolite, but downright illegal. All messages sent to mailing lists or
newsgroups are copyrighted by default. If I feel it is necessary to
forward information to other people, outside of the context a message
was originally sent in, then I can and will do so myself, and in the
appropriate way, without letting such a matter escalate into a public
flamewar.
The main thrust of my comments was that I consider it unwise for a
company like Amiga Inc. to use a TCP/IP implementation that is not
based on one of the very widely used, well documented and well
peer-reviewed implementations, but an independent one that is only
used in a single operating system and is relatively new. I also
believe that both the Microsoft TCP/IP stack and BSD-derived stacks
are much more likely to quickly get stable, compliant and usable
implementations for new Internet protocols, simply because of the
stronger financial backing and wider use in the academic community,
and that current versions of MS-TCP/IP and BSD-TCP/IP are currently
much further along in the development and testing process of such new
protocols. This is my own personal opinion from watching the market --
feel free to disagree.
I have been using Linux for years as a router, Internet server,
firewall, programming environment and a testbed in a production
environment and generally like the operating system Linux. However as
the result of two years of compatibility and performance testing
against three different BSD implementations I have reservations
against its TCP/IP implementation. These are not "rumors" I am
forwarding, and I am not quoting any third-party studies. All of that
is my personal experience from my own tests, extensive tcpdump
analysis and examination of the source code. I do believe that I have
both the necessary expertise and experience to make an assessment
about the quality of the Linux TCP/IP stack and its shortcomings.
All the problems I mentioned in the Team-Amiga email were forwarded to
Linux developers years ago, and last time I checked they had not been
resolved or even acknowledged. The bug in Linux that requires
workarounds in Miami is that Linux sends bogus RST packets in response
to ACK packets after a while if a connection was created with a packet
that has the SYN+FIN flags set and contains data. The workaround
involves cloning routes and caching previous connection information
from responses to T/TCP stype CC and CCecho TCP options, so
SYN+FIN+data packets are only sent to machines which support T/TCP
(and are therefore known to not have any bugs in their processing of
SYN+FIN+data packets). The response I received from the Linux group at
the time was that SYN+FIN+data packets are illegal anyway, because
T/TCP is "experimental". Of course that argument is false, because
SYN+FIN+data packets by themselves have nothing to do with T/TCP and
are not forbidden by RFC 793, i.e. Linux is supposed to handle this
case, but does not. The fact that most TCP implementations
traditionally never send SYN+FIN+data packets (for socket API reasons)
is irrelevant in this context, and so are opinions on the benefit (or
lack therefore) of T/TCP. See Stevens' "TCP/IP Illustrated Volume 3"
for more information on this issue.
The above bug is the only one that required explicit workarounds in my
software, and therefore the only one I can easily document at this
time, just from looking at my code. The other ones I mentioned are
from earlier tests and notes. I can probably provide more details in
time if necessary, but will not do so on a public forum, but rather in
direct communication with Linux developers, if there is any interest.
I am afraid I cannot test Linux beta versions because my Linux box is
used in a production environment with Internet commerce software, so I
cannot afford to make any experiments. All my comments refer to full
release versions, not beta versions.
I would appreciate if whoever started this mess could forward this
message to anyone who has received my earlier comments, and we could
put an end to this public discussion.
[------ end (.sig snipped) ------]
I hope this clears things up. Networking people, if you feel the need
please contact the guy himself at kruse@nordicglobal.com. The worst
you could do is lose 3 minutes to write an email.
Let's put this issue to rest now, before all the Amiga zealots
discover us. :-(
--
Jurjen Oskam * ICQ 11573303 * http://www.stupendous.org/ for PGP key
"Zeg wat ga jij vanavond doen bijdeweg?"
-"Als een zombie voor diverse beeldschermen hangen waarschijnlijk."
- Robert Bos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/