lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 02 Mar 2015 17:29:56 +0800
From:	Fan Du <fengyuleidian0615@...il.com>
To:	John Heffner <johnwheffner@...il.com>
CC:	Fan Du <fan.du@...el.com>, edumazet@...gle.com,
	David Miller <davem@...emloft.net>,
	Netdev <netdev@...r.kernel.org>
Subject: Re: [PATCHv3 net-next 3/4] ipv4: shrink current mss for tcp PMTU
 blackhole detection

于 2015年03月01日 07:39, John Heffner 写道:
> On Fri, Feb 27, 2015 at 10:23 PM, Fan Du<fan.du@...el.com>  wrote:
>> >Reducing current tcp mss instead of search_low will make
>> >more sense, as current tcp mss still got lost.
>> >@@ -113,7 +114,8 @@ static void tcp_mtu_probing(struct inet_connection_sock *icsk, struct sock *sk)
>> >                         struct tcp_sock *tp = tcp_sk(sk);
>> >                         int mss;
>> >
>> >-                       mss = tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low) >> 1;
>> >+                       /* try mss smaller than current mss */
>> >+                       mss = tcp_current_mss(sk) >> 1;
>> >                         mss = min(net->ipv4.sysctl_tcp_base_mss, mss);
>> >                         mss = max(mss, 68 - tp->tcp_header_len);
>> >                         icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, mss);
>> >@@ -176,7 +178,7 @@ static int tcp_write_timeout(struct sock *sk)
> I don't believe there's a problem with the code as written.  Modulo
> headers, search_low <= mss =< search_high.  This code, on successive
> timeouts, widens the search range by adjusting search_low (and mss)
> downward.
With original approach(doubling mss), mss is not in between search_low and search_high,
it always equates search_low(subtract headers), the potential mss in case of blackhole
is 256 and 128, after doubling, it will become 512 and 256 eventually no matter how
route changes, even mtu reduced from 1500 to 1100 in intermediate node.

After using binary search, halve search_low will make search window left boundary expending
in a slower manner, as a result the limit of mss is search_high/2, because search_high does
not change.

Timeout indicates search_high should be set to the new mtu corresponding to current_mss no
matter how we change search_low. So the best shot here IMO would be updating search_high
with current_mss, which in return makes the search window *slide* from right to left, and
the probing will converge in good speed eventually.

So my thoughts is:
@@ -113,6 +113,7 @@ static void tcp_mtu_probing(struct inet_connection_sock *icsk, struct sock *sk)
                         struct tcp_sock *tp = tcp_sk(sk);
                         int mss;

+                       icsk_mtup.search_high = tcp_mss_to_mtu(sk, tcp_current_mss(sk));
                         mss = tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low) >> 1;
                         mss = min(net->ipv4.sysctl_tcp_base_mss, mss);
                         mss = max(mss, 68 - tp->tcp_header_len);
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists