summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorYuchung Cheng <ycheng@google.com>2012-07-19 08:43:10 +0200
committerDavid S. Miller <davem@davemloft.net>2012-07-19 20:02:03 +0200
commitaab4874355679c70f93993cf3b3fd74643b9ac33 (patch)
tree677d3faf161e39f9de18b5956e24cd746e73d996 /security
parentnet-tcp: Fast Open client - sendmsg(MSG_FASTOPEN) (diff)
downloadlinux-aab4874355679c70f93993cf3b3fd74643b9ac33.tar.xz
linux-aab4874355679c70f93993cf3b3fd74643b9ac33.zip
net-tcp: Fast Open client - detecting SYN-data drops
On paths with firewalls dropping SYN with data or experimental TCP options, Fast Open connections will have experience SYN timeout and bad performance. The solution is to track such incidents in the cookie cache and disables Fast Open temporarily. Since only the original SYN includes data and/or Fast Open option, the SYN-ACK has some tell-tale sign (tcp_rcv_fastopen_synack()) to detect such drops. If a path has recurring Fast Open SYN drops, Fast Open is disabled for 2^(recurring_losses) minutes starting from four minutes up to roughly one and half day. sendmsg with MSG_FASTOPEN flag will succeed but it behaves as connect() then write(). Signed-off-by: Yuchung Cheng <ycheng@google.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions