diff options
author | Yuchung Cheng <ycheng@google.com> | 2012-07-19 08:43:10 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-07-19 20:02:03 +0200 |
commit | aab4874355679c70f93993cf3b3fd74643b9ac33 (patch) | |
tree | 677d3faf161e39f9de18b5956e24cd746e73d996 /security | |
parent | net-tcp: Fast Open client - sendmsg(MSG_FASTOPEN) (diff) | |
download | linux-aab4874355679c70f93993cf3b3fd74643b9ac33.tar.xz linux-aab4874355679c70f93993cf3b3fd74643b9ac33.zip |
net-tcp: Fast Open client - detecting SYN-data drops
On paths with firewalls dropping SYN with data or experimental TCP options,
Fast Open connections will have experience SYN timeout and bad performance.
The solution is to track such incidents in the cookie cache and disables
Fast Open temporarily.
Since only the original SYN includes data and/or Fast Open option, the
SYN-ACK has some tell-tale sign (tcp_rcv_fastopen_synack()) to detect
such drops. If a path has recurring Fast Open SYN drops, Fast Open is
disabled for 2^(recurring_losses) minutes starting from four minutes up to
roughly one and half day. sendmsg with MSG_FASTOPEN flag will succeed but
it behaves as connect() then write().
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions