Chrome sent too many [SYN] packets when connecting to HTTPS on local network
Reported by
dharja...@gmail.com,
Sep 15 2016
|
||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 Example URL: URL is hosted on internal (local) network Steps to reproduce the problem: 1. Open Chrome 2. Visit https://subdomain.domain.com/service/api/health/ping The URL is REST API, not a web page. What is the expected behavior? Connected to host (uses TLSv1.2) and got response back. What went wrong? Connected to host (but uses TLSv1.1) and got response back. Due to multiple [SYN] packets were sent out, Chrome also sent out multiple Client Hello packets (TLSv1.2 handshake) as if it was attempting to spawn multiple connections to the same host. In the end, due to receiving many ClientHello, the server failed (exception) and sent multiple Alert (Level: Fatal, Description: Internal Error) back to Chrome. Because of that Chrome (fallback) attempted TLSv1.1 handshake and was successfully connected to the host and got the response back. Did this work before? N/A Chrome version: 49.0.2623.112 Channel: n/a OS Version: 6.0 (Windows Vista, Windows Server 2008) Flash Version: Shockwave Flash 22.0 r0 However, when the host is located on (public) internet, ie. AWS, this behavior was not observed. Why Chrome sent out multiple [SYN] packets out when the host is on local network, but not the case when the host is on (public) internet? Attachments: - tlsv1.1.jpg: screenshot showing the connection uses TLSv1.1 (when host is on local network) - tlsv1.2.jpg: screenshot showing the connection uses TLSv1.2 (when host is on the internet) - staging.pcap: Wireshark capture (filter for 10.0.168.132 IP address) - production.pcap: Wireshark capture (filter for 54.201.232.159 IP address) - screenshot-4.png: screenshot for production.pcap - screenshot-5.png: screenshot for staging.pcap
,
Sep 16 2016
Also please attach a net-internals dump per these instructions when you try the latest version. Thanks! https://dev.chromium.org/for-testers/providing-network-details
,
Oct 1 2016
dharjanto@: ping! Could you repro the issue and provide us with the net internals help us investigate the issue? Thanks a lot. We'll close this issue if no feedback is received for more than 2 weeks.
,
Oct 11 2016
Closing for lack of response; if this is still occurring please post on this bug or open a new bug. |
||
►
Sign in to add a comment |
||
Comment 1 by asanka@chromium.org
, Sep 16 2016Components: -Internals>Network Internals>Network>SSL
Labels: Needs-Feedback