diff options
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/tcp_syncache.c | 23 | ||||
-rw-r--r-- | sys/netinet/tcp_usrreq.c | 3 |
2 files changed, 18 insertions, 8 deletions
diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index d5cfddf..aaee985 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -1139,17 +1139,28 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, int wscale = 0; /* - * Compute proper scaling value from buffer space. - * Leave enough room for the socket buffer to grow - * with auto sizing. This allows us to scale the - * receive buffer over a wide range while not losing - * any efficiency or fine granularity. + * Pick the smallest possible scaling factor that + * will still allow us to scale up to sb_max, aka + * kern.ipc.maxsockbuf. + * + * We do this because there are broken firewalls that + * will corrupt the window scale option, leading to + * the other endpoint believing that our advertised + * window is unscaled. At scale factors larger than + * 5 the unscaled window will drop below 1500 bytes, + * leading to serious problems when traversing these + * broken firewalls. + * + * With the default maxsockbuf of 256K, a scale factor + * of 3 will be chosen by this algorithm. Those who + * choose a larger maxsockbuf should watch out + * for the compatiblity problems mentioned above. * * RFC1323: The Window field in a SYN (i.e., a <SYN> * or <SYN,ACK>) segment itself is never scaled. */ while (wscale < TCP_MAX_WINSHIFT && - (0x1 << wscale) < tcp_minmss) + (TCP_MAXWIN << wscale) < sb_max) wscale++; sc->sc_requested_r_scale = wscale; sc->sc_requested_s_scale = to->to_wscale; diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 438bcf8..77413cb 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1110,10 +1110,9 @@ tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td) * Compute window scaling to request: * Scale to fit into sweet spot. See tcp_syncache.c. * XXX: This should move to tcp_output(). - * XXX: This should be based on the actual MSS. */ while (tp->request_r_scale < TCP_MAX_WINSHIFT && - (0x1 << tp->request_r_scale) < tcp_minmss) + (TCP_MAXWIN << tp->request_r_scale) < sb_max) tp->request_r_scale++; soisconnecting(so); |