Date: Tue, 9 Sep 2025 18:16:44 GMT From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 9a6978136157 - stable/14 - syncache.4: add missing information Message-ID: <202509091816.589IGiZb005399@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=9a69781361576e597f68b25e22925f8c24b9e433 commit 9a69781361576e597f68b25e22925f8c24b9e433 Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2025-08-30 14:53:08 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2025-09-09 18:16:30 +0000 syncache.4: add missing information Add the description for one sysctl-variable and three counters provided by netstat. Reviewed by: gbe, rscheff Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D52226 (cherry picked from commit bed2299823b8173fd791c0bbacc75ac224cecc0a) --- share/man/man4/syncache.4 | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/share/man/man4/syncache.4 b/share/man/man4/syncache.4 index e92502fd15ff..f83e9b083e45 100644 --- a/share/man/man4/syncache.4 +++ b/share/man/man4/syncache.4 @@ -10,7 +10,7 @@ .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" -.Dd April 12, 2021 +.Dd August 30, 2025 .Dt SYNCACHE 4 .Os .Sh NAME @@ -39,6 +39,8 @@ MIBs for controlling TCP SYN caching .Nm sysctl Cm net.inet.tcp.syncache.count .It .Nm sysctl Cm net.inet.tcp.syncache.see_other +.It +.Nm sysctl Cm net.inet.tcp.syncache.rst_on_sock_fail .El .Sh DESCRIPTION The @@ -107,6 +109,18 @@ and run only with set .Va net.inet.tcp.syncookies_only to 1. +To use +.Nm syncookies +to handle bucket overflows in the +.Nm syncache +set +.Va net.inet.tcp.syncookies +to 1. +The default value for +.Va net.inet.tcp.syncookies_only +is 0 and the default value for +.Va net.inet.tcp.syncookies +is 1. .Pp The .Nm @@ -169,6 +183,9 @@ However, extra .Xr ucred 9 referencing is required on every incoming SYN packet processed. The default is off. +.It Va rst_on_sock_fail +Send a TCP RST segment if the socket allocation fails. +The default is on. .El .Pp Statistics on the performance of the @@ -206,8 +223,16 @@ Entries dropped due to ICMP unreachable messages. Failures to allocate new .Nm entry. +.It Li "cookies sent" +SYN cookies sent in SYN ACK segments. .It Li "cookies received" -Connections created from segment containing ACK. +ACK segments with valid syncookies which resulted in TCP connection +establishment. +.It Li "spurious cookies rejected" +Received ACKs, for which the syncache lookup failed and also no syncookie was +recently sent. +.It Li "failed cookies rejected" +Received ACKs for which the syncookie validation failed. .El .Sh SEE ALSO .Xr netstat 1 ,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202509091816.589IGiZb005399>