From mboxrd@z Thu Jan 1 00:00:00 1970 From: Eric Dumazet Subject: Re: Why not use all the syn queues? in the function "tcp_conn_request", I have some questions. Date: Tue, 4 Sep 2018 00:23:32 -0700 Message-ID: References: <47NgfBCN4YlW5rstCQGVJicSQ3yqiWFZpYPuBnmE1Jer0vxuBffWYbZzM2VmkeNNdk8gFgnMYo5T1fODpWGiRKnElyAY7bUmS_r-Z-SSaf4=@protonmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit To: Ttttabcd , "netdev@vger.kernel.org" Return-path: Received: from mail-wr1-f67.google.com ([209.85.221.67]:37692 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726041AbeIDLr0 (ORCPT ); Tue, 4 Sep 2018 07:47:26 -0400 Received: by mail-wr1-f67.google.com with SMTP id u12-v6so2779471wrr.4 for ; Tue, 04 Sep 2018 00:23:36 -0700 (PDT) In-Reply-To: <47NgfBCN4YlW5rstCQGVJicSQ3yqiWFZpYPuBnmE1Jer0vxuBffWYbZzM2VmkeNNdk8gFgnMYo5T1fODpWGiRKnElyAY7bUmS_r-Z-SSaf4=@protonmail.com> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 09/03/2018 10:31 PM, Ttttabcd wrote: > Hello everyone,recently I am looking at the source code for handling TCP three-way handshake(Linux Kernel version 4.18.5). > > I found some strange places in the source code for handling syn messages. > > in the function "tcp_conn_request" > > This code will be executed when we don't enable the syn cookies. > > if (!net->ipv4.sysctl_tcp_syncookies && > (net->ipv4.sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) < > (net->ipv4.sysctl_max_syn_backlog >> 2)) && > !tcp_peer_is_proven(req, dst)) { > /* Without syncookies last quarter of > * backlog is filled with destinations, > * proven to be alive. > * It means that we continue to communicate > * to destinations, already remembered > * to the moment of synflood. > */ > pr_drop_req(req, ntohs(tcp_hdr(skb)->source), > rsk_ops->family); > goto drop_and_release; > } > > But why don't we use all the syn queues? Isn't it explained in the comment ? Anyway, I am not sure anyone disables syn cookies.