Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tkt-63180: [loader.conf] Raise max TCP segment queue length #2228

Merged
merged 1 commit into from Dec 10, 2018

Conversation

Projects
None yet
2 participants
@freqlabs
Copy link
Contributor

commented Dec 10, 2018

(cherry-picked from 6f79caa)

Out-of-order TCP segments are queued in the reassembly queue until
the missing in-sequence segments arrive. As a DoS mitigation, the
length of this queue is limited, with a default of 100. Since TCP
allows a whole window to be in-flight at once, there can be up to
1448 to 11586 segments arriving before the sender expects an ACK,
depending on the configured max receive buffer size and negotiated
window size. The limit of 100 is not usually an issue in wired
networks, because segments seldom arrive out of order. However,
reordering and/or losses are more frequent with wireless networks
and more complex networks, so the low default limit can cause a lot
of segments to be discarded.

Raise the limit to 1448, which allows a full window to be queued
in the default configuration. Behavior in configurations where the
max receive buffer length has been raised to 16 MiB (for example by
the autotune script) is also improved, while still mitigating DoS.

Ticket: #63180

tkt-43558: [loader.conf] Raise max TCP segment queue length (#2185)
Out-of-order TCP segments are queued in the reassembly queue until
the missing in-sequence segments arrive.  As a DoS mitigation, the
length of this queue is limited, with a default of 100.  Since TCP
allows a whole window to be in-flight at once, there can be up to
1448 to 11586 segments arriving before the sender expects an ACK,
depending on the configured max receive buffer size and negotiated
window size.  The limit of 100 is not usually an issue in wired
networks, because segments seldom arrive out of order.  However,
reordering and/or losses are more frequent with wireless networks
and more complex networks, so the low default limit can cause a lot
of segments to be discarded.

Raise the limit to 1448, which allows a full window to be queued
in the default configuration.  Behavior in configurations where the
max receive buffer length has been raised to 16 MiB (for example by
the autotune script) is also improved, while still mitigating DoS.

Ticket: #43558

@bugclerk bugclerk changed the title [loader.conf] Raise max TCP segment queue length tkt-63180: [loader.conf] Raise max TCP segment queue length Dec 10, 2018

@freqlabs freqlabs requested a review from amotin Dec 10, 2018

@amotin

amotin approved these changes Dec 10, 2018

@freqlabs freqlabs merged commit f95849c into freenas/11.1-stable Dec 10, 2018

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@freqlabs freqlabs deleted the FIX-63180 branch Dec 10, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.