summaryrefslogtreecommitdiffstats
path: root/sys/netinet/tcp_var.h
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove in_pcbnotify and use in_pcblookup_hash to find the cb directly.jlemon2001-02-261-1/+0
| | | | | | | | For TCP, verify that the sequence number in the ICMP packet falls within the tcp receive window before performing any actions indicated by the icmp packet. Clean up some layering violations (access to tcp internals from in_pcb)
* Remove tcp_drop_all_states, which is unneeded after jlemon removed itjesper2001-02-251-1/+0
| | | | from tcp_subr.c in rev 1.92
* Remove unneeded loop increment in src/sys/netinet/in_pcb.c:in_pcbnotifyphk2001-02-181-0/+1
| | | | | | | | | | | | | | | | | | | | Add new PRC_UNREACH_ADMIN_PROHIB in sys/sys/protosw.h Remove condition on TCP in src/sys/netinet/ip_icmp.c:icmp_input In src/sys/netinet/ip_icmp.c:icmp_input set code = PRC_UNREACH_ADMIN_PROHIB or PRC_UNREACH_HOST for all unreachables except ICMP_UNREACH_NEEDFRAG Rename sysctl icmp_admin_prohib_like_rst to icmp_unreach_like_rst to reflect the fact that we also react on ICMP unreachables that are not administrative prohibited. Also update the comments to reflect this. In sys/netinet/tcp_subr.c:tcp_ctlinput add code to treat PRC_UNREACH_ADMIN_PROHIB and PRC_UNREACH_HOST different. PR: 23986 Submitted by: Jesper Skriver <jesper@skriver.dk>
* Update the "icmp_admin_prohib_like_rst" code to check the tcp-window andphk2000-12-241-0/+1
| | | | | | | to be configurable with respect to acting only in SYN or in all TCP states. PR: 23665 Submitted by: Jesper Skriver <jesper@skriver.dk>
* We currently does not react to ICMP administratively prohibitedphk2000-12-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | messages send by routers when they deny our traffic, this causes a timeout when trying to connect to TCP ports/services on a remote host, which is blocked by routers or firewalls. rfc1122 (Requirements for Internet Hosts) section 3.2.2.1 actually requi re that we treat such a message for a TCP session, that we treat it like if we had recieved a RST. quote begin. A Destination Unreachable message that is received MUST be reported to the transport layer. The transport layer SHOULD use the information appropriately; for example, see Sections 4.1.3.3, 4.2.3.9, and 4.2.4 below. A transport protocol that has its own mechanism for notifying the sender that a port is unreachable (e.g., TCP, which sends RST segments) MUST nevertheless accept an ICMP Port Unreachable for the same purpose. quote end. I've written a small extension that implement this, it also create a sysctl "net.inet.tcp.icmp_admin_prohib_like_rst" to control if this new behaviour is activated. When it's activated (set to 1) we'll treat a ICMP administratively prohibited message (icmp type 3 code 9, 10 and 13) for a TCP sessions, as if we recived a TCP RST, but only if the TCP session is in SYN_SENT state. The reason for only reacting when in SYN_SENT state, is that this will solve the problem, and at the same time minimize the risk of this being abused. I suggest that we enable this new behaviour by default, but it would be a change of current behaviour, so if people prefer to leave it disabled by default, at least for now, this would be ok for me, the attached diff actually have the sysctl set to 0 by default. PR: 23086 Submitted by: Jesper Skriver <jesper@skriver.dk>
* When a connection is being dropped due to a listen queue overflow,jayanth2000-07-211-0/+1
| | | | | | | | | delete the cloned route that is associated with the connection. This does not exhaust the routing table memory when the system is under a SYN flood attack. The route entry is not deleted if there is any prior information cached in it. Reviewed by: Peter Wemm,asmodai
* Fix a comment which was broken in rev 1.36.sheldonh2000-07-181-1/+1
| | | | | PR: 19947 Submitted by: Tetsuya Isaki <isaki@net.ipc.hiroshima-u.ac.jp>
* Back out the previous change to the queue(3) interface.jake2000-05-261-2/+2
| | | | | | It was not discussed and should probably not happen. Requested by: msmith and others
* Change the way that the queue(3) structures are declared; don't assume thatjake2000-05-231-2/+2
| | | | | | | | the type argument to *_HEAD and *_ENTRY is a struct. Suggested by: phk Reviewed by: phk Approved by: mdodd
* Implement TCP NewReno, as documented in RFC 2582. This allowsjlemon2000-05-061-0/+3
| | | | | | | | better recovery for multiple packet losses in a single window. The algorithm can be toggled via the sysctl net.inet.tcp.newreno, which defaults to "on". Submitted by: Jayanth Vijayaraghavan <jayanth@yahoo-inc.com>
* tcp updates to support IPv6.shin2000-01-091-6/+26
| | | | | | | also a small patch to sys/nfs/nfs_socket.c, as max_hdr size change. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"peter1999-12-291-2/+2
| | | | | | is an application space macro and the applications are supposed to be free to use it as they please (but cannot). This is consistant with the other BSD's who made this change quite some time ago. More commits to come.
* IPSEC support in the kernel.shin1999-12-221-1/+1
| | | | | | | | pr_input() routines prototype is also changed to support IPSEC and IPV6 chained protocol headers. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* KAME related header files additions and merges.shin1999-11-051-1/+4
| | | | | | | (only those which don't affect c source files so much) Reviewed by: cvs-committers Obtained from: KAME project
* Restructure TCP timeout handling:jlemon1999-08-301-7/+18
| | | | | | | | | | - eliminate the fast/slow timeout lists for TCP and instead use a callout entry for each timer. - increase the TCP timer granularity to HZ - implement "bad retransmit" recovery, as presented in "On Estimating End-to-End Network Path Properties", by Allman and Paxson. Submitted by: jlemon, wollmann
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* * Change sysctl from using linker_set to construct its tree using SLISTs.dfr1999-02-161-1/+6
| | | | | | | | | | This makes it possible to change the sysctl tree at runtime. * Change KLD to find and register any sysctl nodes contained in the loaded file and to unregister them when the file is unloaded. Reviewed by: Archie Cobbs <archie@whistle.com>, Peter Wemm <peter@netplex.com.au> (well they looked at it anyway)
* Add a flag, passed to pru_send routines, PRUS_MORETOCOME. Thisfenner1999-01-201-17/+18
| | | | | | | | | flag means that there is more data to be put into the socket buffer. Use it in TCP to reduce the interaction between mbuf sizes and the Nagle algorithm. Based on: "Justin C. Walker" <justin@apple.com>'s description of Apple's fix for this problem.
* Re-implement tcp and ip fragment reassembly to not store pointers in thedfr1998-08-241-13/+2
| | | | | | ip header which can't work on alpha since pointers are too big. Reviewed by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
* Yow! Completely change the way socket options are handled, eliminatingwollman1998-08-231-3/+2
| | | | | | another specialized mbuf type in the process. Also clean up some of the cruft surrounding IPFW, multicast routing, RSVP, and other ill-explored corners.
* Declare tcp_seq and tcp_cc as fixed-size types. Half fixed typebde1998-07-131-2/+2
| | | | | | mismatches exposed by this (the prototype for tcp_respond() didn't match the function definition lexically, and still depends on a gcc feature to match if ints have more than 32 bits).
* Only make struct xtcpcb visable if _NETINET_IN_PCB_H_ and _SYS_SOCKETVAR_H_jhay1998-06-271-4/+4
| | | | | are defined. Reviewed by: bde
* Convert socket structures to be type-stable and add a version number.wollman1998-05-151-2/+19
| | | | | | | | | | | | | | | | | | | Define a parameter which indicates the maximum number of sockets in a system, and use this to size the zone allocators used for sockets and for certain PCBs. Convert PF_LOCAL PCB structures to be type-stable and add a version number. Define an external format for infomation about socket structures and use it in several places. Define a mechanism to get all PF_LOCAL and PF_INET PCB lists through sysctl(3) without blocking network interrupts for an unreasonable length of time. This probably still has some bugs and/or race conditions, but it seems to work well enough on my machines. It is now possible for `netstat' to get almost all of its information via the sysctl(3) interface rather than reading kmem (changes to follow).
* Ensure that TCP_REXMTVAL doesn't return a value less than t_rttmin. Thisdg1998-04-241-2/+2
| | | | | | | | | | | is believed to have been broken with the Brakmo/Peterson srtt calculation changes. The result of this bug is that TCP connections could time out extremely quickly (in 12 seconds). Also backed out jdp's partial fix for this problem in rev 1.17 of tcp_timer.c as it is obsoleted by this commit. Bug was pointed out by Kevin Lehey <kml@roller.nas.nasa.gov>. PR: 6068
* Remove the last traces of TUBA.phk1998-04-061-4/+1
| | | | Inspired by: PR kern/3317
* Changes to support the addition of a new sysctl variable:dg1998-02-261-1/+2
| | | | | | net.inet.tcp.delack_enabled Which defaults to 1 and can be set to 0 to disable TCP delayed-ack processing (i.e. all acks are immediate).
* Improved connection establishment performance by doing local port lookups viadg1998-01-271-38/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a hashed port list. In the new scheme, in_pcblookup() goes away and is replaced by a new routine, in_pcblookup_local() for doing the local port check. Note that this implementation is space inefficient in that the PCB struct is now too large to fit into 128 bytes. I might deal with this in the future by using the new zone allocator, but I wanted these changes to be extensively tested in their current form first. Also: 1) Fixed off-by-one errors in the port lookup loops in in_pcbbind(). 2) Got rid of some unneeded rehashing. Adding a new routine, in_pcbinshash() to do the initialial hash insertion. 3) Renamed in_pcblookuphash() to in_pcblookup_hash() for easier readability. 4) Added a new routine, in_pcbremlists() to remove the PCB from the various hash lists. 5) Added/deleted comments where appropriate. 6) Removed unnecessary splnet() locking. In general, the PCB functions should be called at splnet()...there are unfortunately a few exceptions, however. 7) Reorganized a few structs for better cache line behavior. 8) Killed my TCP_ACK_HACK kludge. It may come back in a different form in the future, however. These changes have been tested on wcarchive for more than a month. In tests done here, connection establishment overhead is reduced by more than 50 times, thus getting rid of one of the major networking scalability problems. Still to do: make tcp_fastimo/tcp_slowtimo scale well for systems with a large number of connections. tcp_fastimo is easy; tcp_slowtimo is difficult. WARNING: Anything that knows about inpcb and tcpcb structs will have to be recompiled; at the very least, this includes netstat(1).
* The long-awaited mega-massive-network-code- cleanup. Part I.wollman1997-04-271-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | This commit includes the following changes: 1) Old-style (pr_usrreq()) protocols are no longer supported, the compatibility glue for them is deleted, and the kernel will panic on boot if any are compiled in. 2) Certain protocol entry points are modified to take a process structure, so they they can easily tell whether or not it is possible to sleep, and also to access credentials. 3) SS_PRIV is no more, and with it goes the SO_PRIVSTATE setsockopt() call. Protocols should use the process pointer they are now passed. 4) The PF_LOCAL and PF_ROUTE families have been updated to use the new style, as has the `raw' skeleton family. 5) PF_LOCAL sockets now obey the process's umask when creating a socket in the filesystem. As a result, LINT is now broken. I'm hoping that some enterprising hacker with a bit more time will either make the broken bits work (should be easy for netipx) or dike them out.
* Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are notpeter1997-02-221-1/+1
| | | | ready for it yet.
* Make the long-awaited change from $Id$ to $FreeBSD$jkh1997-01-141-1/+1
| | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
* Move TCPCTL_KEEPINIT to end of MIB list (sigh)pst1996-09-131-4/+4
|
* Make the misnamed tcp initial keepalive timer value (which is really thepst1996-09-131-4/+6
| | | | | | | | time, in seconds, that state for non-established TCP sessions stays about) a sysctl modifyable variable. [part 1 of two commits, I just realized I can't play with the indices as I was typing this commit message.]
* Modify the kernel to use the new pr_usrreqs interface rather than the oldwollman1996-07-111-3/+2
| | | | | | | | | | | | | | pr_usrreq mechanism which was poorly designed and error-prone. This commit renames pr_usrreq to pr_ousrreq so that old code which depended on it would break in an obvious manner. This commit also implements the new interface for TCP, although the old function is left as an example (#ifdef'ed out). This commit ALSO fixes a longstanding bug in the TCP timer processing (introduced by davidg on 1995/04/12) which caused timer processing on a TCB to always stop after a single timer had expired (because it misinterpreted the return value from tcp_usrreq() to indicate that the TCB had been deleted). Finally, some code related to polling has been deleted from if.c because it is not relevant t -current and doesn't look at all like my current code.
* Correct formula for TCP RTO calculation. Also try to do a better job inwollman1996-06-051-3/+3
| | | | | filling in a new PCB's rttvar (but this is not the last word on the subject). And get rid of `#ifdef RTV_RTT', it's been true for four years now...
* Delete #ifdef notdef blocks containing old method of srtt calculation.wollman1996-04-261-18/+1
| | | | Requested by: davidg
* A number of performance-reducing flaws fixed based on commentswollman1996-03-221-1/+23
| | | | | | | | | | | | | | | | from Larry Peterson &co. at Arizona: - Header prediction for ACKs did not exclude Fast Retransmit/Recovery. - srtt calculation tended to get ``stuck'' and could never decrease when below 8. It still can't, but the scaling factors are adjusted so that this artifact does not cause as bad an effect on the RTO value as it used to. The paper also points out the incr/8 error that has been long since fixed, and the problems with ACKing frequency resulting from the use of options which I suspect to be fixed already as well (as part of the T/TCP work). Obtained from: Brakmo & Peterson, ``Performance Problems in BSD4.4 TCP''
* Spell tcp_listendrop consistently so that tcp_input.c and netstat compile.bde1996-02-271-2/+2
|
* Add a counter for the number of times the listen queue was overflowed toguido1996-02-261-1/+2
| | | | | | the tcpstat structure. (netstat -s) Reviewed by: wollman Obtained from: Steves, TCP/IP Ill. vol.3, page 189
* Fix a bunch of spelling errors in the comment fields ofmpp1996-01-301-2/+2
| | | | a bunch of system include files.
* remove tcp_lastport - it has not been used for quite a while (at leastpeter1996-01-191-2/+1
| | | | since the hashed pcb's I think).
* Remove some bogus externs.dg1995-12-291-4/+1
|
* Uniformized pr_ctlinput protosw functions. The third arg is now `voidbde1995-12-161-2/+2
| | | | | | | *' instead of caddr_t and it isn't optional (it never was). Most of the netipx (and netns) pr_ctlinput functions abuse the second arg instead of using the third arg but fixing this is beyond the scope of this round of changes.
* Path MTU Discovery is now standard.wollman1995-12-051-4/+2
|
* New style sysctl & staticize alot of stuff.phk1995-11-141-15/+1
|
* Fix a logical error in T/TCP: when we actively open a connection, weolah1995-11-031-1/+2
| | | | | | | | | | have to decide whether to send a CC or CCnew option in our SYN segment depending on the contents of our TAO cache. This decision has to be made once when the connection starts. The earlier code delayed this decision until the segment was assembled in tcp_output() and retransmitted SYN segments could have different CC options. Reviewed by: Richard Stevens, davidg, wollman
* The ability to administratively change the MTU of an interface presentswollman1995-10-161-1/+4
| | | | | | | a few new wrinkles for MTU discovery which tcp_output() had better be prepared to handle. ip_output() is also modified to do something helpful in this case, since it has already calculated the information we need.
* The additional checks involving sequence numbers in MTU discovery resendswollman1995-10-121-3/+1
| | | | | | turned out not to be necessary; simply watching for MTU decreases (which we already did) automagically eliminates all the cases we were trying to protect against.
* More MTU discovery: avoid over-retransmission if route changes in thewollman1995-10-101-1/+4
| | | | | | | | middle of a fully-open window. Also, keep track of how many retransmits we do as a result of MTU discovery. This may actually do more work than necessary, but it's an unusual condition... Suggested by: Janey Hoe <janey@lcs.mit.edu>
* Make a whole bunch of PCB variables ints rather than shorts. There appearwollman1995-10-041-16/+16
| | | | | | | | to be no ill effects, and so far as Iknow none of the variables in question depend on 16-bit wraparound behavior. (The sizes are in many cases relics from when a PCB had to fit inside a 128-byte mbuf. PCBs are no longer stored in that way, and the old structure would not have fit, either.)
* Remove duplicate definition for tcps_persistdrop, as added by davidg somepeter1995-09-221-2/+1
| | | | | | | | time ago. I left in Garrett's one, because his was in the 4.4-Lite-2 location, making any diffs just that little bit smaller. I presume this choice means that netstat needs to be recompiled before "netstat -s" will give a meaningful answer on tcp stats.
OpenPOWER on IntegriCloud