PERFORCE change 197228 for review

Catalin Nicutar cnicutar at FreeBSD.org
Fri Aug 5 16:39:33 UTC 2011 

http://p4web.freebsd.org/@@197228?ac=10

Change 197228 by cnicutar at cnicutar_cronos on 2011/08/05 16:38:30

	Forward-port UTO tcp.4 changes to HEAD.

Affected files ...

.. //depot/projects/soc2011/cnicutar_tcputo_9/src/share/man/man4/tcp.4#2 edit

Differences ...

==== //depot/projects/soc2011/cnicutar_tcputo_9/src/share/man/man4/tcp.4#2 (text+ko) ====

@@ -38,7 +38,7 @@
 .\"     From: @(#)tcp.4	8.1 (Berkeley) 6/5/93
 .\" $FreeBSD: src/share/man/man4/tcp.4,v 1.63 2011/02/21 11:56:11 lstewart Exp $
 .\"
-.Dd February 15, 2011
+.Dd August 05, 2011
 .Dt TCP 4
 .Os
 .Sh NAME
@@ -122,7 +122,7 @@
 .Xr setsockopt 2
 and tested with
 .Xr getsockopt 2 :
-.Bl -tag -width ".Dv TCP_CONGESTION"
+.Bl -tag -width ".Dv TCP_SNDUTO_TIMEOUT"
 .It Dv TCP_INFO
 Information about a socket's underlying TCP session may be retrieved
 by passing the read-only option
@@ -222,6 +222,46 @@
 will have an invalid digest option prepended, and the following error message
 will be visible on the system console:
 .Em "tcp_signature_compute: SADB lookup failed for %d.%d.%d.%d" .
+.It Dv TCP_SNDUTO_TIMEOUT
+By setting this option the user controls the exact time (in seconds) TCP will
+wait for an ACK before tearing the connection.
+.Pp
+Traditionally, a fixed number of retransmits
+.Dv TCP_MAXRXTSHIFT
+are performed before giving up.
+Using UTO completely overrides this and allows connections with stringent or
+relaxed timeouts.
+.Pp
+After setting the option the first subsequent segment will carry the specified
+value.
+This option is silently left out if (due to other options) not enough space
+is available.
+.It Dv TCP_RCVUTO_TIMEOUT
+By setting this option to a value larger than 1 the user allows a TCP to
+accept the timeout suggestion sent by the peer.
+The default value is 0.
+By getting this option the user can determine the actual timeout (in seconds)
+as advertised by the peer.
+.Pp
+When using both
+.Dv TCP_RCVUTO_TIMEOUT
+and
+.Dv TCP_SNDUTO_TIMEOUT,
+the larger value is chosen as User Timeout for the connection.
+.Pp
+The peer is allowed to send this option any number of times.
+Each time the user calls
+.Xr getsockopt 2
+the most recent value received is returned.
+.Pp
+A possible use of this option is allowing a user to request a large timeout
+(several hours) for a connection.
+Even if the user is offline for long periods of time the connection will be
+maintained.
+.Pp
+This option has security implications.
+An application must *not* enable this option before the peer has
+authenticated in order to prevent DoS attacks.
 .El
 .Pp
 The option level for the
@@ -431,6 +471,13 @@
 .It Va sack.globalmaxholes
 Maximum number of SACK holes per system, across all connections.
 Defaults to 65536.
+.It Va uto.enable
+Globally permit or deny using UTO.
+.It Va uto.max_timeout
+Maximum value for TCP_SNDUTO_TIMEOUT for any connection. Setting this to a
+large value has security implications.
+.It Va uto.min_timeout
+Minimum value for TCP_RCVUTO_TIMEOUT for any connection.
 .It Va maxtcptw
 When a TCP connection enters the
 .Dv TIME_WAIT

More information about the p4-projects mailing list