Bug 145201
Summary: | enable tcp_syncookies by default | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Marius Andreiana <marius.andreiana> |
Component: | initscripts | Assignee: | Bill Nottingham <notting> |
Status: | CLOSED RAWHIDE | QA Contact: | Brock Organ <borgan> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | jr-redhatbugs2, rvokal |
Target Milestone: | --- | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.redhat.com/archives/fedora-devel-list/2005-January/msg00447.html | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-01-17 18:59:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Marius Andreiana
2005-01-15 07:12:36 UTC
Added in CVS, will be in later builds. I noticed that the tcp_syncookies setting is no longer included in recent Fedora releases (starting with 10?). The only reference to this I can find is in the initscripts changelog: * Tue Jul 29 2008 Bill Nottingham <notting> - 8.80-1 - Turn off syncookies But that doesn't address *why* the change was made. So I'm curious: Has there been some new development since 2005 that makes enabling syncookies a Really Bad Idea? Were syncookies found to be incompatible with certain functionality in recent Fedora releases? It was done at the request of the upstream Linux networking stack maintainers (David Miller in particular). Hrm.. I assume you're referring to this: http://lkml.org/lkml/2008/7/24/51 Perhaps enabling syncookies did at one time completely disable SACK and timestamps, I don't know, but with current kernels, it has no effect on the TCP stack until the SYN queue becomes full: http://lkml.org/lkml/2008/7/24/178 http://lkml.org/lkml/2008/2/5/422 http://groups.google.com/group/linux_net/msg/9261a014825c042f And since 2.6.26, the SACK and window scaling options are preserved on connections saved by syncookies: http://lwn.net/Articles/277146/ |