lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20140507.151637.562958118271192092.davem@davemloft.net>
Date:	Wed, 07 May 2014 15:16:37 -0400 (EDT)
From:	David Miller <davem@...emloft.net>
To:	vincent@...nat.im
Cc:	edumazet@...gle.com, linux-doc@...r.kernel.org,
	netdev@...r.kernel.org
Subject: Re: [PATCH] tcp: more documentation for tcp_tw_reuse and
 tcp_tw_recycle

From: Vincent Bernat <vincent@...nat.im>
Date: Sun,  4 May 2014 11:41:39 +0200

> The documentation is not very helpful about what those settings
> affect. We find numerous tuning guides advising to set both these
> settings to 1 to reduce the number of entries in the TIME-WAIT
> state. However, enabling tcp_tw_recycle will cause massive problems when
> working with NAT.
> 
> The documentation is completed a bit to explain quickly what kind of
> connections both those settings will affect and to encourage the use of
> tcp_tw_reuse instead of tcp_tw_recycle for outgoing connections.

First of all your change locks a proper signoff.

Second of all, both options can cause problems in the presence of NAT
because both optimizations assume unique IP addresses identify unique
physical hosts.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ