Hangout 09 May 2019
Old Business
- IPv6 Fragment reviews which need testing:
IPv6 modernization project: Wiki Page
Julius proposed importing OpenBSD fragmentation regression test cases (see D17376). thj@ is working on it.
- Stalled; switched to fragment tests; will restart once basic fragment tests (next item) are imported.
- IP6 IDs (and IP IDs, maybe?): may use an insecure algorithm. Ideally, switch to some sort of per-host-pair hash?
- What do OpenBSD/NetBSD do?
- tuexen: OpenBSD does skip32. We use a linear congruential algorithm. NetBSD uses the same algorithm we do. jtl@ says he found an academic paper (analyzing ID-generation functions in another context) which says our function is insecure, but he needs to re-find it.
- Perhaps, a small cache would be sufficient?
RFC 7739 provides three different options to consider.
- What do OpenBSD/NetBSD do?
jtl@ to send patch to Richard for burst mitigation in the default stack. An idea is in D19047.
Still need to do.
D18811: standardize on snd_recover (vs. sack_newdata). Reviewer: tuexen@, lstewart@.
- @tuexen will review again.
D18624: RFC 6675 support. Actual functionality in D18985.
- Helps when HW LRO is enabled.
Also, this enables a PRR patch (based on Lars work). D18892. Needs review.
CUBIC: Only invoking NewReno after_idle, not resetting ssthreash, not resetting epoch time: D18982, D18954, and D19118. Including another issue, this will be discussed at the IETF.
- lstewart@ is the best person to review this.
D19000 deal with a bug that the 1 byte occupied in the sequence number space by SYN segments results in a cwnd increase when acked. This bug exists only on the server side. tuexen@ and Richard are working on it.
Richard is working on burst mitigation. An initial version (WIP) is available as D19047.
D20028: NUMA aware INPCB
- Committed.
- Can we lower TIME_WAIT?
- No action needed. Administrators can modify as appropriate for their environment via sysctl.
- tun/tap interfaces: should we see outgoing packets in tcpdump?
- Currently inconsistent. In general, yes, these should be visible.
- There was a re-write of tun/tap interfaces in the meantime. tuexen@ will re-evaluate.
New Things
Nothing!?!?
Next Meeting
Scheduled for 23 May, 14:00 UTC.