Chuck Swiger wrote:
On Mar 7, 2007, at 12:54 PM, Justin Robertson wrote:
[ ... ]
Due to the nature of the current performance disparity between 6.x (I
assume this is due to the work on making processes thread friendly?) and
4.11 (still kicking arse) I'm sticking with the 4.11 branch - and
here comes
my question. If someone is interested, could you work up an option to
allow
removal of the sackOK (sack permitted negotiation) on SYN packets,
and then
pass the SYN packet on with the tcpoption for sack stripped?
Perhaps trying:
sysctl net.inet.tcp.sack.enable=0
...will do what you are looking for?
---Chuck
No (this only works in 6.x, btw) - setting sack.enable=0 simply tells
the system not to send selective acks itself, this doesn't stop a host
from sending selective acks inbound, and processing them still causes
the system to bog and die. What I'm looking for here, is a patch to ipfw
to allow one to set a flag to strip the tcpoption sack from syn packets.
--
Justin
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
