From owner-freebsd-net  Wed Apr 17 13:32:56 2002
Delivered-To: freebsd-net@freebsd.org
Received: from patrocles.silby.com (d152.as2.nwbl0.wi.voyager.net [169.207.95.26])
	by hub.freebsd.org (Postfix) with ESMTP id 57B7637B417
	for <freebsd-net@FreeBSD.ORG>; Wed, 17 Apr 2002 13:32:47 -0700 (PDT)
Received: from patrocles.silby.com (localhost [127.0.0.1])
	by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g3I2WaLx016821;
	Wed, 17 Apr 2002 21:32:36 -0500 (CDT)
	(envelope-from silby@silby.com)
Received: from localhost (silby@localhost)
	by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g3I2WZJn016818;
	Wed, 17 Apr 2002 21:32:35 -0500 (CDT)
X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs
Date: Wed, 17 Apr 2002 21:32:34 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: Bill Fenner <fenner@research.att.com>
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: What does FreeBSD do when listen queue is full ?
In-Reply-To: <200204171956.MAA02194@windsor.research.att.com>
Message-ID: <20020417211402.O16380-100000@patrocles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


On Wed, 17 Apr 2002, Bill Fenner wrote:

> >We don't send a RST, we just silently drop the connection.
>
> This is wrong too; it should silently drop the ACK and leave the
> connection in the pending queue.

Hm, I suppose that could work.  It still feels icky, though; if the
problem is that the app is building up a backlog, I'd think that it should
be handled by increasing the length of the backlog queue.  OTOH, keeping a
syncache socket around waiting for an ack to be retransmitted IS better
than dropping the connection...

Accept filters might interact badly with such a change, that'd have to be
checked.  Also, this would open up the potential that one bad app could
fill the syncache.  That would require a lot of work though; someone with
a local account can already do much worse things.

How do the apps which try to rate-limit connections (OpenSSH, sendmail) do
it?  Would that behavior be defeated with your proposed changes?

I'm not opposed to your idea, I'd just like to fully understand the
implications before any changes are made.

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message