git.cascardo.eti.br Git - cascardo/linux.git/commit

author	Neal Cardwell <ncardwell@google.com>
	Fri, 6 Feb 2015 21:04:40 +0000 (16:04 -0500)
committer	David S. Miller <davem@davemloft.net>
	Sun, 8 Feb 2015 09:03:12 +0000 (01:03 -0800)
commit	f2b2c582e82429270d5818fbabe653f4359d7024
tree	1e0545a57b7df4c2ee5a43c131386d453539c68d	tree \| snapshot
parent	a9b2c06dbef48ed31cff1764c5ce824829106f4f	commit \| diff

tcp: mitigate ACK loops for connections as tcp_sock

Ensure that in state ESTABLISHED, where the connection is represented
by a tcp_sock, we rate limit dupacks in response to incoming packets
(a) with TCP timestamps that fail PAWS checks, or (b) with sequence
numbers or ACK numbers that are out of the acceptable window.

We do not send a dupack in response to out-of-window packets if it has
been less than sysctl_tcp_invalid_ratelimit (default 500ms) since we
last sent a dupack in response to an out-of-window packet.

There is already a similar (although global) rate-limiting mechanism
for "challenge ACKs". When deciding whether to send a challence ACK,
we first consult the new per-connection rate limit, and then the
global rate limit.

Reported-by: Avery Fay <avery@mixpanel.com>
Signed-off-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/tcp.h		diff \| blob \| history
net/ipv4/tcp_input.c		diff \| blob \| history
net/ipv4/tcp_minisocks.c		diff \| blob \| history