# TCP: tcp_retransmit_timer: jiffies=12345678, rto=300, 重传次数=3, 因对端未收到时间戳选项导致数据包丢失

- **ID:** `networking/tcp-timestamps-retransmit`
- **领域:** networking
- **类别:** network_error
- **验证级别:** ai_generated
- **修复率:** 82%

## 根因

远程对端因防火墙或内核模块错误配置，丢弃带有TCP时间戳选项（RFC 1323）的报文，导致发送端无限重传直至连接超时。

## 版本兼容性

| 版本 | 状态 | 引入 | 弃用 |
|------|------|------|------|
| Linux kernel 5.15.0-91-generic | active | — | — |
| Linux kernel 6.2.0-26-generic | active | — | — |
| iptables 1.8.7 | active | — | — |

## 解决方案

1. ```
   Disable TCP timestamps only on the affected interface using iptables: iptables -A OUTPUT -o eth0 -p tcp --tcp-flags SYN SYN -j TCPMSS --clamp-mss-to-pmtu && iptables -A OUTPUT -o eth0 -p tcp -j DROP --tcp-option 8
   ```
2. ```
   Configure the firewall to allow TCP option 8 (timestamps) through: iptables -A FORWARD -p tcp -m tcp --tcp-option 8 -j ACCEPT
   ```
3. ```
   In cloud environments, add a network ACL rule to permit TCP flags with timestamps: e.g., AWS NACL inbound rule: TCP, source 0.0.0.0/0, allow, TCP flags: SYN, ACK, FIN, RST.
   ```

## 无效尝试

- **** — Disabling timestamps can cause performance degradation in high-latency networks and may not address the root cause if the firewall is stripping them at a different layer. (65% 失败率)
- **** — This only masks the symptom by allowing more retransmissions; the connection will still eventually time out and the underlying packet drop persists. (85% 失败率)
- **** — The issue is not driver-specific; it is caused by firewall or middlebox behavior. Downgrading introduces regression risks and rarely solves the problem. (90% 失败率)