DragonFlyBSD

/*

* Auto-sizing of socket buffers is managed by the protocols and

* the appropriate flags must be set in the pru_attach function.

*/

(sopt->sopt_name == SO_SNDBUF ? &so->so_snd :

&so->so_rcv)->ssb_flags &= ~SSB_AUTOSIZE;

so->so_rcv.ssb_lowat = head->so_rcv.ssb_lowat;

so->so_snd.ssb_lowat = head->so_snd.ssb_lowat;

so->so_rcv.ssb_timeo = head->so_rcv.ssb_timeo;

so->so_snd.ssb_timeo = head->so_snd.ssb_timeo;

so->so_rcv.ssb_flags |= head->so_rcv.ssb_flags & SSB_AUTOSIZE;

so->so_snd.ssb_flags |= head->so_snd.ssb_flags & SSB_AUTOSIZE;

if (so->so_rcv.ssb_flags & SSB_LOCK) {

* TCP_MINMSS is defined to be 256 which is fine for the smallest

* link MTU (296 bytes, SLIP interface) in the Internet.

* However it is very unlikely to come across such low MTU interfaces

* these days (anno dato 2003).

* Probably it can be set to 512 without ill effects. But we play safe.

* See tcp_subr.c tcp_minmss SYSCTL declaration for more comments.

* Setting this to "0" disables the minmss check.

*/

#define TCP_MINMSS 256

/*

* TCP_MINMSSOVERLOAD is defined to be 1000 which should cover any type

* of interactive TCP session.

* See tcp_subr.c tcp_minmssoverload SYSCTL declaration and tcp_input.c

* for more comments.

* Setting this to "0" disables the minmssoverload check.

*/

#define TCP_MINMSSOVERLOAD 1000

/*

int tcp_do_autorcvbuf = 1;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_auto, CTLFLAG_RW,

&tcp_do_autorcvbuf, 0, "Enable automatic receive buffer sizing");

int tcp_autorcvbuf_inc = 16*1024;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_inc, CTLFLAG_RW,

&tcp_autorcvbuf_inc, 0,

"Incrementor step size of automatic receive buffer");

int tcp_autorcvbuf_max = 16*1024*1024;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_max, CTLFLAG_RW,

&tcp_autorcvbuf_max, 0, "Max size of automatic receive buffer");

* This is the second part of the MSS DoS prevention code (after

* minmss on the sending side) and it deals with too many too small

* tcp packets in a too short timeframe (1 second).

*

* For every full second we count the number of received packets

* and bytes. If we get a lot of packets per second for this connection

* (tcp_minmssoverload) we take a closer look at it and compute the

* average packet size for the past second. If that is less than

* tcp_minmss we get too many packets with very small payload which

* is not good and burdens our system (and every packet generates

* a wakeup to the process connected to our socket). We can reasonable

* expect this to be small packet DoS attack to exhaust our CPU

* cycles.

*

* Care has to be taken for the minimum packet overload value. This

* value defines the minimum number of packets per second before we

* start to worry. This must not be too low to avoid killing for

* example interactive connections with many small packets like

* telnet or SSH.

*

* Setting either tcp_minmssoverload or tcp_minmss to "0" disables

* this check.

*

* Account for packet if payload packet, skip over ACK, etc.

*/

if (tcp_minmss && tcp_minmssoverload &&

tp->t_state == TCPS_ESTABLISHED && tlen > 0) {

if (tp->rcv_second > ticks) {

tp->rcv_pps++;

tp->rcv_byps += tlen + off;

if (tp->rcv_pps > tcp_minmssoverload) {

if ((tp->rcv_byps / tp->rcv_pps) < tcp_minmss) {

kprintf("too many small tcp packets from "

"%s:%u, av. %lubyte/packet, "

"dropping connection\n",

#ifdef INET6

isipv6 ?

ip6_sprintf(&inp->inp_inc.inc6_faddr) :

#endif

inet_ntoa(inp->inp_inc.inc_faddr),

inp->inp_inc.inc_fport,

tp->rcv_byps / tp->rcv_pps);

tp = tcp_drop(tp, ECONNRESET);

tcpstat.tcps_minmssdrops++;

goto drop;

}

}

} else {

tp->rcv_second = ticks + hz;

tp->rcv_pps = 1;

tp->rcv_byps = tlen + off;

}

}

/*

int newsize = 0; /* automatic sockbuf scaling */

/*

* Automatic sizing of receive socket buffer. Often the send

* buffer size is not optimally adjusted to the actual network

* conditions at hand (delay bandwidth product). Setting the

* buffer size too small limits throughput on links with high

* bandwidth and high delay (eg. trans-continental/oceanic links).

*

* On the receive side the socket buffer memory is only rarely

* used to any significant extent. This allows us to be much

* more aggressive in scaling the receive socket buffer. For

* the case that the buffer space is actually used to a large

* extent and we run out of kernel memory we can simply drop

* the new segments; TCP on the sender will just retransmit it

* later. Setting the buffer size too big may only consume too

* much kernel memory if the application doesn't read() from

* the socket or packet loss or reordering makes use of the

* reassembly queue.

*

* The criteria to step up the receive buffer one notch are:

* 1. the number of bytes received during the time it takes

* one timestamp to be reflected back to us (the RTT);

* 2. received bytes per RTT is within seven eighth of the

* current socket buffer size;

* 3. receive buffer size has not hit maximal automatic size;

*

* This algorithm does one step per RTT at most and only if

* we receive a bulk stream w/o packet losses or reorderings.

* Shrinking the buffer during idle times is not necessary as

* it doesn't consume any memory when idle.

*

* TODO: Only step up if the application is actually serving

* the buffer to better manage the socket buffer resources.

*/

if (tcp_do_autorcvbuf &&

to.to_tsecr &&

(so->so_rcv.ssb_flags & SSB_AUTOSIZE)) {

if (to.to_tsecr > tp->rfbuf_ts &&

to.to_tsecr - tp->rfbuf_ts < hz) {

if (tp->rfbuf_cnt >

(so->so_rcv.ssb_hiwat / 8 * 7) &&

so->so_rcv.ssb_hiwat <

tcp_autorcvbuf_max) {

newsize =

min(so->so_rcv.ssb_hiwat +

tcp_autorcvbuf_inc,

tcp_autorcvbuf_max);

}

/* Start over with next RTT. */

tp->rfbuf_ts = 0;

tp->rfbuf_cnt = 0;

} else

tp->rfbuf_cnt += tlen; /* add up */

}

/*

* Set new socket buffer size.

* Give up when limit is reached.

*/

if (newsize)

if (!ssb_reserve(&so->so_rcv, newsize,

so, NULL))

so->so_rcv.ssb_flags &= ~SSB_AUTOSIZE;

/* Reset receive buffer auto scaling when not in bulk receive mode. */

tp->rfbuf_ts = 0;

tp->rfbuf_cnt = 0;

if (offer == 0) {

} else {

/*

* Prevent DoS attack with too small MSS. Round up

* to at least minmss.

*/

offer = max(offer, tcp_minmss);

}

int tcp_do_autosndbuf = 1;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto, CTLFLAG_RW,

&tcp_do_autosndbuf, 0, "Enable automatic send buffer sizing");

int tcp_autosndbuf_inc = 8*1024;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_inc, CTLFLAG_RW,

&tcp_autosndbuf_inc, 0, "Incrementor step size of automatic send buffer");

int tcp_autosndbuf_max = 16*1024*1024;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW,

&tcp_autosndbuf_max, 0, "Max size of automatic send buffer");

KASSERT(len >= 0, ("%s: len < 0", __func__));

* Automatic sizing of send socket buffer. Often the send buffer

* size is not optimally adjusted to the actual network conditions

* at hand (delay bandwidth product). Setting the buffer size too

* small limits throughput on links with high bandwidth and high

* delay (eg. trans-continental/oceanic links). Setting the

* buffer size too big consumes too much real kernel memory,

* especially with many connections on busy servers.

*

* The criteria to step up the send buffer one notch are:

* 1. receive window of remote host is larger than send buffer

* (with a fudge factor of 5/4th);

* 2. send buffer is filled to 7/8th with data (so we actually

* have data to make use of it);

* 3. send buffer fill has not hit maximal automatic size;

* 4. our send window (slow start and cogestion controlled) is

* larger than sent but unacknowledged data in send buffer.

*

* The remote host receive window scaling factor may limit the

* growing of the send buffer before it reaches its allowed

* maximum.

*

* It scales directly with slow start or congestion window

* and does at most one step per received ACK. This fast

* scaling has the drawback of growing the send buffer beyond

* what is strictly necessary to make full use of a given

* delay*bandwith product. However testing has shown this not

* to be much of an problem. At worst we are trading wasting

* of available bandwith (the non-use of it) for wasting some

* socket buffer memory.

*

* TODO: Shrink send buffer during idle periods together

* with congestion window. Requires another timer. Has to

* wait for upcoming tcp timer rewrite.

*/

if (tcp_do_autosndbuf && so->so_snd.ssb_flags & SSB_AUTOSIZE) {

if ((tp->snd_wnd / 4 * 5) >= so->so_snd.ssb_hiwat &&

so->so_snd.ssb_cc >= (so->so_snd.ssb_hiwat / 8 * 7) &&

so->so_snd.ssb_cc < tcp_autosndbuf_max &&

sendwin >= (so->so_snd.ssb_cc - (tp->snd_nxt - tp->snd_una))) {

if (!ssb_reserve(&so->so_snd,

min(so->so_snd.ssb_hiwat + tcp_autosndbuf_inc,

tcp_autosndbuf_max), so, NULL))

so->so_snd.ssb_flags &= ~SSB_AUTOSIZE;

}

}

/*

* Truncate to the maximum segment length and ensure that FIN is

* removed if the length no longer contains the last data byte.

/* Set receive buffer autosizing timestamp. */

if (tp->rfbuf_ts == 0 && (so->so_rcv.ssb_flags & SSB_AUTOSIZE))

tp->rfbuf_ts = ticks;

/*

* Minimum MSS we accept and use. This prevents DoS attacks where

* we are forced to a ridiculous low MSS like 20 and send hundreds

* of packets instead of one. The effect scales with the available

* bandwidth and quickly saturates the CPU and network interface

* with packet generation and sending. Set to zero to disable MINMSS

* checking. This setting prevents us from sending too small packets.

*/

int tcp_minmss = TCP_MINMSS;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, minmss, CTLFLAG_RW,

&tcp_minmss , 0, "Minmum TCP Maximum Segment Size");

/*

* Number of TCP segments per second we accept from remote host

* before we start to calculate average segment size. If average

* segment size drops below the minimum TCP MSS we assume a DoS

* attack and reset+drop the connection. Care has to be taken not to

* set this value too small to not kill interactive type connections

* (telnet, SSH) which send many small packets.

*/

int tcp_minmssoverload = TCP_MINMSSOVERLOAD;

SYSCTL_INT(_net_inet_tcp, OID_AUTO, minmssoverload, CTLFLAG_RW,

&tcp_minmssoverload , 0, "Number of TCP Segments per Second allowed to"

"be under the MINMSS Size");

if (optval > 0 && optval <= tp->t_maxseg &&

optval + 40 >= tcp_minmss)

so->so_rcv.ssb_flags |= SSB_AUTOSIZE;

so->so_snd.ssb_flags |= SSB_AUTOSIZE;

/* anti DoS counters */

u_long rcv_second; /* start of interval second */

u_long rcv_pps; /* received packets per second */

u_long rcv_byps; /* received bytes per second */

u_int32_t rfbuf_ts; /* recv buffer autoscaling timestamp */

int rfbuf_cnt; /* recv buffer autoscaling byte count */

u_long tcps_minmssdrops; /* average minmss too low drops */

extern int tcp_minmss;

extern int tcp_minmssoverload;

#define SSB_AUTOSIZE 0x800 /* automatically size socket buffer */