Date: Thu, 10 Sep 2020 12:52:51 +0000 (UTC) From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r365568 - in stable/12: share/man/man4 sys/netinet sys/netinet/tcp_stacks Message-ID: <202009101252.08ACqpBK056831@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tuexen Date: Thu Sep 10 12:52:50 2020 New Revision: 365568 URL: https://svnweb.freebsd.org/changeset/base/365568 Log: MFC r359487: Allow the TCP backhole detection to be disabled at all, enabled only for IPv4, enabled only for IPv6, and enabled for IPv4 and IPv6. The current blackhole detection might classify a temporary outage as an MTU issue and reduces permanently the MSS. Since the consequences of such a reduction due to a misclassification are much more drastically for IPv4 than for IPv6, allow the administrator to enable it for IPv6 only. Manually resolve conflict for BBR, which does not exist in stable/12 Modified: stable/12/share/man/man4/tcp.4 stable/12/sys/netinet/tcp_stacks/rack.c stable/12/sys/netinet/tcp_timer.c Directory Properties: stable/12/ (props changed) Modified: stable/12/share/man/man4/tcp.4 ============================================================================== --- stable/12/share/man/man4/tcp.4 Thu Sep 10 12:49:16 2020 (r365567) +++ stable/12/share/man/man4/tcp.4 Thu Sep 10 12:52:50 2020 (r365568) @@ -34,7 +34,7 @@ .\" From: @(#)tcp.4 8.1 (Berkeley) 6/5/93 .\" $FreeBSD$ .\" -.Dd March 29, 2020 +.Dd March 31, 2020 .Dt TCP 4 .Os .Sh NAME @@ -573,21 +573,31 @@ specific connection. This is needed to help with connection establishment when a broken firewall is in the network path. .It Va pmtud_blackhole_detection -Turn on automatic path MTU blackhole detection. -In case of retransmits OS will -lower the MSS to check if it's MTU problem. -If current MSS is greater than -configured value to try +Enable automatic path MTU blackhole detection. +In case of retransmits of MSS sized segments, +the OS will lower the MSS to check if it's an MTU problem. +If the current MSS is greater than the configured value to try .Po Va net.inet.tcp.pmtud_blackhole_mss and .Va net.inet.tcp.v6pmtud_blackhole_mss .Pc , it will be set to this value, otherwise, -MSS will be set to default values +the MSS will be set to the default values .Po Va net.inet.tcp.mssdflt and .Va net.inet.tcp.v6mssdflt .Pc . +Settings: +.Bl -tag -compact +.It 0 +Disable path MTU blackhole detection. +.It 1 +Enable path MTU blackhole detection for IPv4 and IPv6. +.It 2 +Enable path MTU blackhole detection only for IPv4. +.It 3 +Enable path MTU blackhole detection only for IPv6. +.El .It Va pmtud_blackhole_mss MSS to try for IPv4 if PMTU blackhole detection is turned on. .It Va v6pmtud_blackhole_mss Modified: stable/12/sys/netinet/tcp_stacks/rack.c ============================================================================== --- stable/12/sys/netinet/tcp_stacks/rack.c Thu Sep 10 12:49:16 2020 (r365567) +++ stable/12/sys/netinet/tcp_stacks/rack.c Thu Sep 10 12:52:50 2020 (r365568) @@ -2934,6 +2934,7 @@ rack_timeout_rxt(struct tcpcb *tp, struct tcp_rack *ra int32_t rexmt; struct inpcb *inp; int32_t retval = 0; + bool isipv6; inp = tp->t_inpcb; if (tp->t_timers->tt_flags & TT_STOPPED) { @@ -3010,11 +3011,16 @@ rack_timeout_rxt(struct tcpcb *tp, struct tcp_rack *ra * of packets and process straight to FIN. In that case we won't * catch ESTABLISHED state. */ - if (V_tcp_pmtud_blackhole_detect && (((tp->t_state == TCPS_ESTABLISHED)) - || (tp->t_state == TCPS_FIN_WAIT_1))) { #ifdef INET6 - int32_t isipv6; + isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) ? true : false; +#else + isipv6 = false; #endif + if (((V_tcp_pmtud_blackhole_detect == 1) || + (V_tcp_pmtud_blackhole_detect == 2 && !isipv6) || + (V_tcp_pmtud_blackhole_detect == 3 && isipv6)) && + ((tp->t_state == TCPS_ESTABLISHED) || + (tp->t_state == TCPS_FIN_WAIT_1))) { /* * Idea here is that at each stage of mtu probe (usually, @@ -3044,7 +3050,6 @@ rack_timeout_rxt(struct tcpcb *tp, struct tcp_rack *ra * default in an attempt to retransmit. */ #ifdef INET6 - isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) ? 1 : 0; if (isipv6 && tp->t_maxseg > V_tcp_v6pmtud_blackhole_mss) { /* Use the sysctl tuneable blackhole MSS. */ Modified: stable/12/sys/netinet/tcp_timer.c ============================================================================== --- stable/12/sys/netinet/tcp_timer.c Thu Sep 10 12:49:16 2020 (r365567) +++ stable/12/sys/netinet/tcp_timer.c Thu Sep 10 12:52:50 2020 (r365568) @@ -589,6 +589,7 @@ tcp_timer_rexmt(void * xtp) int rexmt; struct inpcb *inp; struct epoch_tracker et; + bool isipv6; #ifdef TCPDEBUG int ostate; @@ -687,12 +688,16 @@ tcp_timer_rexmt(void * xtp) * packets and process straight to FIN. In that case we won't catch * ESTABLISHED state. */ - if (V_tcp_pmtud_blackhole_detect && (((tp->t_state == TCPS_ESTABLISHED)) - || (tp->t_state == TCPS_FIN_WAIT_1))) { #ifdef INET6 - int isipv6; + isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) ? true : false; +#else + isipv6 = false; #endif - + if (((V_tcp_pmtud_blackhole_detect == 1) || + (V_tcp_pmtud_blackhole_detect == 2 && !isipv6) || + (V_tcp_pmtud_blackhole_detect == 3 && isipv6)) && + ((tp->t_state == TCPS_ESTABLISHED) || + (tp->t_state == TCPS_FIN_WAIT_1))) { /* * Idea here is that at each stage of mtu probe (usually, 1448 * -> 1188 -> 524) should be given 2 chances to recover before @@ -721,7 +726,6 @@ tcp_timer_rexmt(void * xtp) * in an attempt to retransmit. */ #ifdef INET6 - isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) ? 1 : 0; if (isipv6 && tp->t_maxseg > V_tcp_v6pmtud_blackhole_mss) { /* Use the sysctl tuneable blackhole MSS. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202009101252.08ACqpBK056831>