Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel Gigabit NIC Packet of Death

Posted by Soulskill on from the how-to-break-things dept.

An anonymous reader sends this quote from a blog post about a very odd technical issue and some clever debugging: "Packets of death. I started calling them that because that’s exactly what they are. ... This customer location, for some reason or another, could predictably bring down the ethernet controller with voice traffic on their network. Let me elaborate on that for a second. When I say “bring down” an ethernet controller I mean BRING DOWN an ethernet controller. The system and ethernet interfaces would appear fine and then after a random amount of traffic the interface would report a hardware error (lost communication with PHY) and lose link. Literally the link lights on the switch and interface would go out. It was dead. Nothing but a power cycle would bring it back. ... While debugging with this very patient reseller I started stopping the packet captures as soon as the interface dropped. Eventually I caught on to a pattern: the last packet out of the interface was always a 100 Trying provisional response, and it was always a specific length. Not only that, I ended up tracing this (Asterisk) response to a specific phone manufacturer’s INVITE. ... With a modified HTTP server configured to generate the data at byte value (based on headers, host, etc) you could easily configure an HTTP 200 response to contain the packet of death — and kill client machines behind firewalls!"

8 of 137 comments (clear)

  1. Ouch by Anonymous Coward · · Score: 5, Insightful

    I think an actual summary would have been a vast improvement over TFS.

    1. Re:Ouch by whois · · Score: 5, Insightful

      It's pretty bad even by slashdot standards:

      'Let me elaborate on that for a second. When I say “bring down” an ethernet controller I mean BRING DOWN an ethernet controller.'

      This statement is worse than useless, it's a waste of space and a waste of your time to read it (I'm sorry I quoted it). The next sentence is okay but then they go back to 'Literally the link lights on the switch and interface would go out. It was dead.'

      Literally, this is a waste of the word literally. And it being dead was implied by everything stated above. The rest is informative but still in a conversational style that makes it hard to read, and it's lacking in details such as:

      What model of Ethernet controller was tested. What Firmware version are they using? Has the problem been reported to Intel?

    2. Re:Ouch by WarJolt · · Score: 5, Funny

      Less /. bashing more Intel bashing please.

    3. Re:Ouch by Xtifr · · Score: 5, Funny

      Then GP's on the wrong site. Here at slashdot, we're proud of our editors' inability and unwillingness to do anything that could actually be described as editing. Cuz writin' good isn't sumpin' real nurdz car about. U shld just B glad it ain't all writ in 1337-5p34|<, and STFU, n00b!

      At least, that's the impression I've always had of what the so-called "editors" seem to believe. :)

  2. Re:Online Income by Anonymous Coward · · Score: 5, Funny

    http://www.cloud65.com/ just as Marcus answered I didnt know that a mother can profit $8765 in four weeks on the computer. did you read this webpage

    I think the NIC packet of death might be just what you need.

  3. Re:This is why the equipment should be heterogeneo by LordLimecat · · Score: 5, Interesting

    One kind of thing makes it a zillion times easier to recognize a problem when it crops up, and makes it so you only ever have to troubleshoot an issue once.

    How much more awful would it be if something similar happened next week on more computers, and he had to troubleshoot it all over again-- not even knowing whether the machines had NICs in common?

    "Everything blew up" is a problem. "Everything blew up, I dont know why, and it will take 3 weeks to find a solution" is a huge problem. "Everything blew up AGAIN, and I it will take another 3 weeks because our environment is heterogenous" means you are out of a job.

  4. Re:Three Strikes... I'll Pass by v1 · · Score: 5, Informative

    oh I think this is at least slightly interesting. I remember the "ping of death" (and pissing off a few windows heads in my sights) back in 'th day.

    This is basically a DoS attack on hardware. The fact that it can get through someone's firewall makes it a bit more effective. Having your ethernet port check out every five minutes (requiring a reboot to fix) just because someone down the hall (or in Bulgaria) wants to be an ass is definitely annoying and something I'd like to know is a possibility when troubleshooting screwy network problems.

    I just got done swapping out a gigabit switch that was being wonky and slow for no obvious reason. I don't mind so much when hardware keels over and dies, but when it throws symptoms that don't immediately suggest where the problem is, those are the real time wasters. And we've come to rely on hardware generally being more reliable than software. So if my ethernet was going out when I VOIP'ed, I might have spent (wasted) a lot of my time troubleshooting the VOIP software.

    --
    I work for the Department of Redundancy Department.
  5. Re:QOTD by ACluk90 · · Score: 5, Funny

    Maybe that was what the guys at Intel thought.