Date: Wed, 15 Sep 2010 10:39:30 +0000 (UTC) From: Andre Oppermann <andre@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r212653 - head/sys/netinet Message-ID: <201009151039.o8FAdU4H030416@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: andre Date: Wed Sep 15 10:39:30 2010 New Revision: 212653 URL: http://svn.freebsd.org/changeset/base/212653 Log: Change the default MSS for IPv4 and IPv6 TCP connections from an artificial power-of-2 rounded number to their real values specified in RFC879 and RFC2460. From the history and existing comments it appears that the rounded numbers were intended to be advantageous for the kernel and mbuf system. However this hasn't been the case at for at least a long time. The mbuf clusters used in tcp_output() have enough space to hold the larger real value for the default MSS for both IPv4 and IPv6. Note that the default MSS is only used when path MTU discovery is disabled. Update and expand related comments. Reviewed by: lsteward (including some word-smithing) MFC after: 2 weeks Modified: head/sys/netinet/tcp.h Modified: head/sys/netinet/tcp.h ============================================================================== --- head/sys/netinet/tcp.h Wed Sep 15 10:39:21 2010 (r212652) +++ head/sys/netinet/tcp.h Wed Sep 15 10:39:30 2010 (r212653) @@ -103,29 +103,37 @@ struct tcphdr { /* - * Default maximum segment size for TCP. - * With an IP MTU of 576, this is 536, - * but 512 is probably more convenient. - * This should be defined as MIN(512, IP_MSS - sizeof (struct tcpiphdr)). - */ -#define TCP_MSS 512 -/* - * TCP_MINMSS is defined to be 216 which is fine for the smallest - * link MTU (256 bytes, AX.25 packet radio) in the Internet. - * However it is very unlikely to come across such low MTU interfaces - * these days (anno dato 2003). - * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments. - * Setting this to "0" disables the minmss check. + * The default maximum segment size (MSS) to be used for new TCP connections + * when path MTU discovery is not enabled. + * + * RFC879 derives the default MSS from the largest datagram size hosts are + * minimally required to handle directly or through IP reassembly minus the + * size of the IP and TCP header. With IPv6 the minimum MTU is specified + * in RFC2460. + * + * For IPv4 the MSS is 576 - sizeof(struct tcpiphdr) + * For IPv6 the MSS is IPV6_MMTU - sizeof(struct ip6_hdr) - sizeof(struct tcphdr) + * + * We use explicit numerical definition here to avoid header pollution. */ -#define TCP_MINMSS 216 +#define TCP_MSS 536 +#define TCP6_MSS 1220 /* - * Default maximum segment size for TCP6. - * With an IP6 MSS of 1280, this is 1220, - * but 1024 is probably more convenient. (xxx kazu in doubt) - * This should be defined as MIN(1024, IP6_MSS - sizeof (struct tcpip6hdr)) + * Limit the lowest MSS we accept from path MTU discovery and the TCP SYN MSS + * option. Allowing too low values of MSS can consume significant amounts of + * resources and be used as a form of a resource exhaustion attack. + * Connections requesting lower MSS values will be rounded up to this value + * and the IP_DF flag is cleared to allow fragmentation along the path. + * + * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments. Setting + * it to "0" disables the minmss check. + * + * The default value is fine for the smallest official link MTU (256 bytes, + * AX.25 packet radio) in the Internet. However it is very unlikely to come + * across such low MTU interfaces these days (anno domini 2003). */ -#define TCP6_MSS 1024 +#define TCP_MINMSS 216 #define TCP_MAXWIN 65535 /* largest value for (unscaled) window */ #define TTCP_CLIENT_SND_WND 4096 /* dflt send window for T/TCP client */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201009151039.o8FAdU4H030416>