PERFORCE change 197228 for review
Catalin Nicutar
cnicutar at FreeBSD.org
Fri Aug 5 16:39:33 UTC 2011
http://p4web.freebsd.org/@@197228?ac=10
Change 197228 by cnicutar at cnicutar_cronos on 2011/08/05 16:38:30
Forward-port UTO tcp.4 changes to HEAD.
Affected files ...
.. //depot/projects/soc2011/cnicutar_tcputo_9/src/share/man/man4/tcp.4#2 edit
Differences ...
==== //depot/projects/soc2011/cnicutar_tcputo_9/src/share/man/man4/tcp.4#2 (text+ko) ====
@@ -38,7 +38,7 @@
.\" From: @(#)tcp.4 8.1 (Berkeley) 6/5/93
.\" $FreeBSD: src/share/man/man4/tcp.4,v 1.63 2011/02/21 11:56:11 lstewart Exp $
.\"
-.Dd February 15, 2011
+.Dd August 05, 2011
.Dt TCP 4
.Os
.Sh NAME
@@ -122,7 +122,7 @@
.Xr setsockopt 2
and tested with
.Xr getsockopt 2 :
-.Bl -tag -width ".Dv TCP_CONGESTION"
+.Bl -tag -width ".Dv TCP_SNDUTO_TIMEOUT"
.It Dv TCP_INFO
Information about a socket's underlying TCP session may be retrieved
by passing the read-only option
@@ -222,6 +222,46 @@
will have an invalid digest option prepended, and the following error message
will be visible on the system console:
.Em "tcp_signature_compute: SADB lookup failed for %d.%d.%d.%d" .
+.It Dv TCP_SNDUTO_TIMEOUT
+By setting this option the user controls the exact time (in seconds) TCP will
+wait for an ACK before tearing the connection.
+.Pp
+Traditionally, a fixed number of retransmits
+.Dv TCP_MAXRXTSHIFT
+are performed before giving up.
+Using UTO completely overrides this and allows connections with stringent or
+relaxed timeouts.
+.Pp
+After setting the option the first subsequent segment will carry the specified
+value.
+This option is silently left out if (due to other options) not enough space
+is available.
+.It Dv TCP_RCVUTO_TIMEOUT
+By setting this option to a value larger than 1 the user allows a TCP to
+accept the timeout suggestion sent by the peer.
+The default value is 0.
+By getting this option the user can determine the actual timeout (in seconds)
+as advertised by the peer.
+.Pp
+When using both
+.Dv TCP_RCVUTO_TIMEOUT
+and
+.Dv TCP_SNDUTO_TIMEOUT,
+the larger value is chosen as User Timeout for the connection.
+.Pp
+The peer is allowed to send this option any number of times.
+Each time the user calls
+.Xr getsockopt 2
+the most recent value received is returned.
+.Pp
+A possible use of this option is allowing a user to request a large timeout
+(several hours) for a connection.
+Even if the user is offline for long periods of time the connection will be
+maintained.
+.Pp
+This option has security implications.
+An application must *not* enable this option before the peer has
+authenticated in order to prevent DoS attacks.
.El
.Pp
The option level for the
@@ -431,6 +471,13 @@
.It Va sack.globalmaxholes
Maximum number of SACK holes per system, across all connections.
Defaults to 65536.
+.It Va uto.enable
+Globally permit or deny using UTO.
+.It Va uto.max_timeout
+Maximum value for TCP_SNDUTO_TIMEOUT for any connection. Setting this to a
+large value has security implications.
+.It Va uto.min_timeout
+Minimum value for TCP_RCVUTO_TIMEOUT for any connection.
.It Va maxtcptw
When a TCP connection enters the
.Dv TIME_WAIT
More information about the p4-projects
mailing list