From owner-cvs-all@FreeBSD.ORG Thu May 24 19:49:53 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5036116A46D for ; Thu, 24 May 2007 19:49:53 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id AD84013C468 for ; Thu, 24 May 2007 19:49:52 +0000 (UTC) (envelope-from andre@freebsd.org) Received: (qmail 63602 invoked from network); 24 May 2007 19:06:55 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 24 May 2007 19:06:55 -0000 Message-ID: <4655EC64.1080405@freebsd.org> Date: Thu, 24 May 2007 21:49:56 +0200 From: Andre Oppermann User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Gleb Smirnoff References: <200705182113.l4ILD2qb044650@repoman.freebsd.org> <20070521073544.GP89017@FreeBSD.org> <4654D011.5040309@freebsd.org> <20070524092643.GC89017@FreeBSD.org> In-Reply-To: <20070524092643.GC89017@FreeBSD.org> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet tcp_syncache.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 19:49:53 -0000 Gleb Smirnoff wrote: > On Thu, May 24, 2007 at 01:36:49AM +0200, Andre Oppermann wrote: > A> Yes, these logs can be triggered remotely. Broken packets and spoofed > A> packets may cause them. We're interested in the former. > A> > A> I'll do some benchmarks on the impact of the logging and then decide > A> whether to put it under a sysctl. > A> > A> The reason it is unconditionally enabled is to see if non-compliant > A> TCP stacks are out there that fail the very strong (but fully RFC and > A> TCP-secure conform) checks. > A> > A> W/o logging we have no way of really knowing. Before we were possibly > A> accepting stuff we shouldn't have (spoofing and attacks). Now we may > A> drop stuff we perhaps should accept anyway. W/o logging diagnosing a > A> TCP problem was very difficult and would need a lot cooperation with > A> the PR submitter, if it was submitted at all. We normally only got a > A> report of TCP 'not working'. Figuring out what went wrong was pretty > A> much doing iterative shots into the dark and see if something squeaks. > A> > A> With logging I want to make things much more obvious and simpler to > A> diagnose. Plus we get information in cases (from admins reading the > A> logs) that were totally lost in the noise or not even attempted to > A> be debugged. > A> > A> For our TCP maintainers (mostly I at the moment) and also 3rd parties > A> this makes TCP trouble diagnosis much more accessible. Based on a > A> log report and the OS name/version of the remote end we can pretty > A> much tell right away what went wrong. This saves an order of a > A> magnitude in debugging and fault analysis time. From many hours and > A> email round trips to mere minutes and one or two information requests. > > I completely understand that this logging is very important in the > process of refactoring the TCP code. I just think that the performance > impact should be measured before merging this logging to RELENG_6. Currently I don't have any plans to MFC the TCP changes. -- Andre