Date: Mon, 17 Dec 2001 19:54:06 +1100 From: "Tim J. Robbins" <tim@robbins.dropbear.id.au> To: freebsd-security@FreeBSD.ORG Subject: Re: options TCP_DROP_SYNFIN Message-ID: <20011217195406.A34425@raven.robbins.dropbear.id.au> In-Reply-To: <20011217083432.GA96883@noname>; from paulius@kaktusas.org on Mon, Dec 17, 2001 at 10:34:32AM %2B0200 References: <20011217073102.GA94480@noname> <20011217185456.A34365@raven.robbins.dropbear.id.au> <20011217083432.GA96883@noname>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 17, 2001 at 10:34:32AM +0200, Paulius Bulotas wrote: > Ok, so I should disable keep alive in Apache and enable SYN+FIN (disable > option ;), then I'll get faster connects.?. but how many clients (OSes) use > this rfc? None? or they should be enabled somehow? There's no point changing these settings from the defaults on a web server. Leaving HTTP keepalives enabled and T/TCP un-broken should be more efficient than any other combination. I don't know of any clients other than FreeBSD that have T/TCP support; to enable it, sysctl -w net.inet.tcp.rfc1644=1 . Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011217195406.A34425>