> On Sep 2, 2015, at 12:54 AM, Rui Paulo <rpa...@me.com> wrote:
>
>> On Tue, 2015-09-01 at 21:19 -0400, Patrick Kelsey wrote:
>> Hi,
>>
>> About two weeks from now, I will be starting work on server-side TCP
>> Fast
>> Open (TFO) support for FreeBSD head and stable/10, with the intention
>> of
>> having patches up for review by November. This message is an attempt
>> to
>> uncover any existing work on TFO for FreeBSD, as the existence of
>> such work
>> may change my plans.
>>
>> Copying Sara Dickinson and Tom Jones due to this thread:
>> https://lists.freebsd.org/pipermail/freebsd-net/2015
>> -January/040910.html.
>
> Have you performed any measurements on the likelihood that stateful
> packet inspectors (firewalls, NATs, etc.) will allow a SYN or a SYN/ACK
> to pass with data in it?
I have not performed any such measurements. This issue is discussed in section
7.1 of the RFC, which cites such studies and summarizes the finding as being
that 6% of the probed internet paths dropped SYN packets with data or with
unknown TCP options.
>
> How would this interact with our syncache? Does it just need to store
> the cookie?
>
The exact interaction with the syncache is still TBD, but I do not expect to be
storing TFO cookies in the syncache as the cookies are per client-server IP
pair and not per-connection.
-Patrick
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
