unconditionally generation of syncookies.
tcp_fastopen - INTEGER
- Enable TCP Fast Open feature (draft-ietf-tcpm-fastopen) to send data
- in the opening SYN packet. To use this feature, the client application
- must use sendmsg() or sendto() with MSG_FASTOPEN flag rather than
- connect() to perform a TCP handshake automatically.
+ Enable TCP Fast Open (RFC7413) to send and accept data in the opening
+ SYN packet.
- The values (bitmap) are
- 1: Enables sending data in the opening SYN on the client w/ MSG_FASTOPEN.
- 2: Enables TCP Fast Open on the server side, i.e., allowing data in
- a SYN packet to be accepted and passed to the application before
- 3-way hand shake finishes.
- 4: Send data in the opening SYN regardless of cookie availability and
- without a cookie option.
- 0x100: Accept SYN data w/o validating the cookie.
- 0x200: Accept data-in-SYN w/o any cookie option present.
- 0x400/0x800: Enable Fast Open on all listeners regardless of the
- TCP_FASTOPEN socket option. The two different flags designate two
- different ways of setting max_qlen without the TCP_FASTOPEN socket
- option.
+ The client support is enabled by flag 0x1 (on by default). The client
+ then must use sendmsg() or sendto() with the MSG_FASTOPEN flag,
+ rather than connect() to send data in SYN.
- Default: 1
+ The server support is enabled by flag 0x2 (off by default). Then
+ either enable for all listeners with another flag (0x400) or
+ enable individual listeners via TCP_FASTOPEN socket option with
+ the option value being the length of the syn-data backlog.
- Note that the client & server side Fast Open flags (1 and 2
- respectively) must be also enabled before the rest of flags can take
- effect.
+ The values (bitmap) are
+ 0x1: (client) enables sending data in the opening SYN on the client.
+ 0x2: (server) enables the server support, i.e., allowing data in
+ a SYN packet to be accepted and passed to the
+ application before 3-way handshake finishes.
+ 0x4: (client) send data in the opening SYN regardless of cookie
+ availability and without a cookie option.
+ 0x200: (server) accept data-in-SYN w/o any cookie option present.
+ 0x400: (server) enable all listeners to support Fast Open by
+ default without explicit TCP_FASTOPEN socket option.
+
+ Default: 0x1
- See include/net/tcp.h and the code for more details.
+ Note that that additional client or server features are only
+ effective if the basic support (0x1 and 0x2) are enabled respectively.
tcp_syn_retries - INTEGER
Number of times initial SYNs for an active TCP connection attempt
* we can only allow the backlog to be adjusted.
*/
if (old_state != TCP_LISTEN) {
- /* Check special setups for testing purpose to enable TFO w/o
- * requiring TCP_FASTOPEN sockopt.
+ /* Enable TFO w/o requiring TCP_FASTOPEN socket option.
* Note that only TCP sockets (SOCK_STREAM) will reach here.
- * Also fastopenq may already been allocated because this
- * socket was in TCP_LISTEN state previously but was
- * shutdown() (rather than close()).
+ * Also fastopen backlog may already been set via the option
+ * because the socket was in TCP_LISTEN state previously but
+ * was shutdown() rather than close().
*/
- if ((sysctl_tcp_fastopen & TFO_SERVER_ENABLE) != 0 &&
+ if ((sysctl_tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) &&
+ (sysctl_tcp_fastopen & TFO_SERVER_ENABLE) &&
!inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) {
- if ((sysctl_tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) != 0)
- fastopen_queue_tune(sk, backlog);
- else if ((sysctl_tcp_fastopen &
- TFO_SERVER_WO_SOCKOPT2) != 0)
- fastopen_queue_tune(sk,
- ((uint)sysctl_tcp_fastopen) >> 16);
-
+ fastopen_queue_tune(sk, backlog);
tcp_fastopen_init_key_once(true);
}
+
err = inet_csk_listen_start(sk, backlog);
if (err)
goto out;
projects / platform / kernel / linux-exynos.git / commitdiff