lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 08 Sep 2018 15:23:10 +0000
From:   Ttttabcd <ttttabcd@...tonmail.com>
To:     Neal Cardwell <ncardwell@...gle.com>
Cc:     Netdev <netdev@...r.kernel.org>
Subject: Re: Why not use all the syn queues? in the function "tcp_conn_request", I have some questions.

Thank you very much for your previous answer, sorry for the inconvenience.

But now I want to ask you one more question.

The question is why we need two variables to control the syn queue?

The first is the "backlog" parameter of the "listen" system call that controls the maximum length limit of the syn queue, it also controls the accept queue.

The second is /proc/sys/net/ipv4/tcp_max_syn_backlog, which also controls the maximum length limit of the syn queue.

So simply changing one of them and wanting to increase the syn queue is not working.

In our last discussion, I understood tcp_max_syn_backlog will retain the last quarter to the IP that has been proven to be alive

But if tcp_max_syn_backlog is very large, the syn queue will be filled as well.

So I don't understand why not just use a variable to control the syn queue.

For example, just use tcp_max_syn_backlog, which is the maximum length limit for the syn queue, and it can also be retained to prove that the IP remains the last quarter.

The backlog parameter of the listen system call only controls the accpet queue.

I feel this is more reasonable. If I don't look at the source code, I really can't guess the backlog parameter actually controls the syn queue.

I always thought that it only controlled the accept queue before I looked at the source code, because the man page is written like this.


Here is the man page's original words.

The behavior of the backlog argument on TCP sockets changed with Linux 2.2. Now it specifies the queue length for completely established sockets waiting to be accepted, instead of the number of incomplete connection requests. The maximum length of the queue for incomplete sockets can be set using /proc/sys/net/ipv4/tcp_max_syn_backlog. When syncookies are enabled there is no logical maximum length and this setting is ignored. See tcp(7) for more information.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ