30c30
< * $FreeBSD: head/sys/netinet/tcp.h 203343 2010-02-01 14:13:44Z luigi $
---
> * $FreeBSD: head/sys/netinet/tcp.h 212653 2010-09-15 10:39:30Z andre $
106,109c106,117
< * Default maximum segment size for TCP.
< * With an IP MTU of 576, this is 536,
< * but 512 is probably more convenient.
< * This should be defined as MIN(512, IP_MSS - sizeof (struct tcpiphdr)).
---
> * The default maximum segment size (MSS) to be used for new TCP connections
> * when path MTU discovery is not enabled.
> *
> * RFC879 derives the default MSS from the largest datagram size hosts are
> * minimally required to handle directly or through IP reassembly minus the
> * size of the IP and TCP header. With IPv6 the minimum MTU is specified
> * in RFC2460.
> *
> * For IPv4 the MSS is 576 - sizeof(struct tcpiphdr)
> * For IPv6 the MSS is IPV6_MMTU - sizeof(struct ip6_hdr) - sizeof(struct tcphdr)
> *
> * We use explicit numerical definition here to avoid header pollution.
111c119,121
< #define TCP_MSS 512
---
> #define TCP_MSS 536
> #define TCP6_MSS 1220
>
113,118c123,134
< * TCP_MINMSS is defined to be 216 which is fine for the smallest
< * link MTU (256 bytes, AX.25 packet radio) in the Internet.
< * However it is very unlikely to come across such low MTU interfaces
< * these days (anno dato 2003).
< * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments.
< * Setting this to "0" disables the minmss check.
---
> * Limit the lowest MSS we accept from path MTU discovery and the TCP SYN MSS
> * option. Allowing too low values of MSS can consume significant amounts of
> * resources and be used as a form of a resource exhaustion attack.
> * Connections requesting lower MSS values will be rounded up to this value
> * and the IP_DF flag is cleared to allow fragmentation along the path.
> *
> * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments. Setting
> * it to "0" disables the minmss check.
> *
> * The default value is fine for the smallest official link MTU (256 bytes,
> * AX.25 packet radio) in the Internet. However it is very unlikely to come
> * across such low MTU interfaces these days (anno domini 2003).
122,129d137
< /*
< * Default maximum segment size for TCP6.
< * With an IP6 MSS of 1280, this is 1220,
< * but 1024 is probably more convenient. (xxx kazu in doubt)
< * This should be defined as MIN(1024, IP6_MSS - sizeof (struct tcpip6hdr))
< */
< #define TCP6_MSS 1024
<
< * $FreeBSD: head/sys/netinet/tcp.h 203343 2010-02-01 14:13:44Z luigi $
---
> * $FreeBSD: head/sys/netinet/tcp.h 212653 2010-09-15 10:39:30Z andre $
106,109c106,117
< * Default maximum segment size for TCP.
< * With an IP MTU of 576, this is 536,
< * but 512 is probably more convenient.
< * This should be defined as MIN(512, IP_MSS - sizeof (struct tcpiphdr)).
---
> * The default maximum segment size (MSS) to be used for new TCP connections
> * when path MTU discovery is not enabled.
> *
> * RFC879 derives the default MSS from the largest datagram size hosts are
> * minimally required to handle directly or through IP reassembly minus the
> * size of the IP and TCP header. With IPv6 the minimum MTU is specified
> * in RFC2460.
> *
> * For IPv4 the MSS is 576 - sizeof(struct tcpiphdr)
> * For IPv6 the MSS is IPV6_MMTU - sizeof(struct ip6_hdr) - sizeof(struct tcphdr)
> *
> * We use explicit numerical definition here to avoid header pollution.
111c119,121
< #define TCP_MSS 512
---
> #define TCP_MSS 536
> #define TCP6_MSS 1220
>
113,118c123,134
< * TCP_MINMSS is defined to be 216 which is fine for the smallest
< * link MTU (256 bytes, AX.25 packet radio) in the Internet.
< * However it is very unlikely to come across such low MTU interfaces
< * these days (anno dato 2003).
< * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments.
< * Setting this to "0" disables the minmss check.
---
> * Limit the lowest MSS we accept from path MTU discovery and the TCP SYN MSS
> * option. Allowing too low values of MSS can consume significant amounts of
> * resources and be used as a form of a resource exhaustion attack.
> * Connections requesting lower MSS values will be rounded up to this value
> * and the IP_DF flag is cleared to allow fragmentation along the path.
> *
> * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments. Setting
> * it to "0" disables the minmss check.
> *
> * The default value is fine for the smallest official link MTU (256 bytes,
> * AX.25 packet radio) in the Internet. However it is very unlikely to come
> * across such low MTU interfaces these days (anno domini 2003).
122,129d137
< /*
< * Default maximum segment size for TCP6.
< * With an IP6 MSS of 1280, this is 1220,
< * but 1024 is probably more convenient. (xxx kazu in doubt)
< * This should be defined as MIN(1024, IP6_MSS - sizeof (struct tcpip6hdr))
< */
< #define TCP6_MSS 1024
<