[PATCH 1/3] icmp: fix units for ratelimit

[PATCH 1/3] icmp: fix units for ratelimit

[Stephen Hemminger]

Convert the sysctl values for icmp ratelimit to use milliseconds instead
of jiffies which is based on kernel configured HZ.
Internal kernel jiffies are not a proper unit for any userspace API.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>

---
Patch against net-next-2.6

--- a/Documentation/networking/ip-sysctl.txt	2008-07-01 14:11:39.000000000 -0700
+++ b/Documentation/networking/ip-sysctl.txt	2008-07-01 14:14:15.000000000 -0700
@@ -548,8 +548,9 @@ icmp_echo_ignore_broadcasts - BOOLEAN
 icmp_ratelimit - INTEGER
 	Limit the maximal rates for sending ICMP packets whose type matches
 	icmp_ratemask (see below) to specific targets.
-	0 to disable any limiting, otherwise the maximal rate in jiffies(1)
-	Default: 100
+	0 to disable any limiting,
+	otherwise the minimal space between responses in milliseconds.
+	Default: 1000
 
 icmp_ratemask - INTEGER
 	Mask made of ICMP types for which rates are being limited.
@@ -1027,8 +1028,9 @@ max_addresses - INTEGER
 icmp/*:
 ratelimit - INTEGER
 	Limit the maximal rates for sending ICMPv6 packets.
-	0 to disable any limiting, otherwise the maximal rate in jiffies(1)
-	Default: 100
+	0 to disable any limiting,
+	otherwise the minimal space between responses in milliseconds.
+	Default: 1000
 
 
 IPv6 Update by:
--- a/net/ipv4/sysctl_net_ipv4.c	2008-07-01 14:14:34.000000000 -0700
+++ b/net/ipv4/sysctl_net_ipv4.c	2008-07-01 14:17:10.000000000 -0700
@@ -793,7 +793,8 @@ static struct ctl_table ipv4_net_table[]
 		.data		= &init_net.ipv4.sysctl_icmp_ratelimit,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
-		.proc_handler	= &proc_dointvec
+		.proc_handler	= &proc_dointvec_ms_jiffies,
+		.strategy	= &sysctl_ms_jiffies
 	},
 	{
 		.ctl_name	= NET_IPV4_ICMP_RATEMASK,
--- a/net/ipv6/icmp.c	2008-07-01 14:15:37.000000000 -0700
+++ b/net/ipv6/icmp.c	2008-07-01 14:17:06.000000000 -0700
@@ -954,7 +954,8 @@ ctl_table ipv6_icmp_table_template[] = {
 		.data		= &init_net.ipv6.sysctl.icmpv6_time,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
-		.proc_handler	= &proc_dointvec
+		.proc_handler	= &proc_dointvec_ms_jiffies,
+		.strategy	= &sysctl_ms_jiffies
 	},
 	{ .ctl_name = 0 },
 };

[PATCH 2/3] ipv4: fix sysctl documentation of time related values

[Stephen Hemminger]

These sysctl values are time related and all use the same routine
(proc_dointvec_jiffies) that internally converts from seconds to jiffies.
The code is fine, the documentation is just wrong.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>


--- a/Documentation/networking/ip-sysctl.txt	2008-07-01 14:45:30.000000000 -0700
+++ b/Documentation/networking/ip-sysctl.txt	2008-07-01 14:45:56.000000000 -0700
@@ -81,23 +81,23 @@ inet_peer_minttl - INTEGER
 	Minimum time-to-live of entries.  Should be enough to cover fragment
 	time-to-live on the reassembling side.  This minimum time-to-live  is
 	guaranteed if the pool size is less than inet_peer_threshold.
-	Measured in jiffies(1).
+	Measured in seconds.
 
 inet_peer_maxttl - INTEGER
 	Maximum time-to-live of entries.  Unused entries will expire after
 	this period of time if there is no memory pressure on the pool (i.e.
 	when the number of entries in the pool is very small).
-	Measured in jiffies(1).
+	Measured in seconds.
 
 inet_peer_gc_mintime - INTEGER
 	Minimum interval between garbage collection passes.  This interval is
 	in effect under high memory pressure on the pool.
-	Measured in jiffies(1).
+	Measured in seconds.
 
 inet_peer_gc_maxtime - INTEGER
 	Minimum interval between garbage collection passes.  This interval is
 	in effect under low (or absent) memory pressure on the pool.
-	Measured in jiffies(1).
+	Measured in seconds.
 
 TCP variables: 
 
@@ -795,10 +795,6 @@ tag - INTEGER
 	Allows you to write a number, which can be used as required.
 	Default value is 0.
 
-(1) Jiffie: internal timeunit for the kernel. On the i386 1/100s, on the
-Alpha 1/1024s. See the HZ define in /usr/include/asm/param.h for the exact
-value on your system. 
-
 Alexey Kuznetsov.
 kuznet@ms2.inr.ac.ru
 

[PATCH 3/3] ip: sysctl documentation cleanup

[Stephen Hemminger]

Fix some documentation stuff:
  * replace non-standard spelling
  * remove confusing sentence in F-RTO description. The existing
    text is sufficient to explain what the option does
  * reorganize and update list of undocumented values

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>

--- a/Documentation/networking/ip-sysctl.txt	2008-07-01 14:52:00.000000000 -0700
+++ b/Documentation/networking/ip-sysctl.txt	2008-07-01 15:12:26.000000000 -0700
@@ -148,9 +148,9 @@ tcp_available_congestion_control - STRIN
 	but not loaded.
 
 tcp_base_mss - INTEGER
-	The initial value of search_low to be used by Packetization Layer
-	Path MTU Discovery (MTU probing).  If MTU probing is enabled,
-	this is the inital MSS used by the connection.
+	The initial value of search_low to be used by the packetization layer
+	Path MTU discovery (MTU probing).  If MTU probing is enabled,
+	this is the initial MSS used by the connection.
 
 tcp_congestion_control - STRING
 	Set the congestion control algorithm to be used for new
@@ -159,7 +159,7 @@ tcp_congestion_control - STRING
 	Default is set as part of kernel configuration.
 
 tcp_dsack - BOOLEAN
-	Allows TCP to send "duplicate" SACKs.
+	Allows TCP to send "duplicate" SACK's.
 
 tcp_ecn - BOOLEAN
 	Enable Explicit Congestion Notification in TCP.
@@ -185,10 +185,9 @@ tcp_frto - INTEGER
 	timeouts.  It is particularly beneficial in wireless environments
 	where packet loss is typically due to random radio interference
 	rather than intermediate router congestion.  F-RTO is sender-side
-	only modification.  Therefore it does not require any support from
-	the peer, but in a typical case, however, where wireless link is
-	the local access link and most of the data flows downlink, the
-	faraway servers should have F-RTO enabled to take advantage of it.
+	only modification therefore it does not require any support from
+	the peer.
+
 	If set to 1, basic version is enabled.  2 enables SACK enhanced
 	F-RTO if flow uses SACK.  The basic version can be used also when
 	SACK is in use though scenario(s) with it exists where F-RTO
@@ -261,7 +260,7 @@ tcp_max_tw_buckets - INTEGER
 	but rather increase it (probably, after increasing installed memory),
 	if network conditions require more than default value.
 
-tcp_mem - vector of 3 INTEGERs: min, pressure, max
+tcp_mem - vector of 3 INTEGER's: min, pressure, max
 	min: below this number of pages TCP is not bothered about its
 	memory appetite.
 
@@ -270,13 +269,13 @@ tcp_mem - vector of 3 INTEGERs: min, pre
 	pressure mode, which is exited when memory consumption falls
 	under "min".
 
-	max: number of pages allowed for queueing by all TCP sockets.
+	max: number of pages allowed for queuing by all TCP sockets.
 
 	Defaults are calculated at boot time from amount of available
 	memory.
 
 tcp_moderate_rcvbuf - BOOLEAN
-	If set, TCP performs receive buffer autotuning, attempting to
+	If set, TCP performs receive buffer auto tuning, attempting to
 	automatically size the buffer (no greater than tcp_rmem[2]) to
 	match the size required by the path for full throughput.  Enabled by
 	default.
@@ -330,7 +329,7 @@ tcp_rfc1337 - BOOLEAN
 	assassination.
 	Default: 0
 
-tcp_rmem - vector of 3 INTEGERs: min, default, max
+tcp_rmem - vector of 3 INTEGER's: min, default, max
 	min: Minimal size of receive buffer used by TCP sockets.
 	It is guaranteed to each TCP socket, even under moderate memory
 	pressure.
@@ -358,13 +357,13 @@ tcp_slow_start_after_idle - BOOLEAN
 	Default: 1
 
 tcp_stdurg - BOOLEAN
-	Use the Host requirements interpretation of the TCP urg pointer field.
+	Use the Host requirements interpretation of the TCP urgent pointer field.
 	Most hosts use the older BSD interpretation, so if you turn this on
 	Linux might not communicate correctly with them.
 	Default: FALSE
 
 tcp_synack_retries - INTEGER
-	Number of times SYNACKs for a passive TCP connection attempt will
+	Number of times SYNACK's for a passive TCP connection attempt will
 	be retransmitted. Should not be higher than 255. Default value
 	is 5, which corresponds to ~180seconds.
 
@@ -376,7 +375,7 @@ tcp_syncookies - BOOLEAN
 
 	Note, that syncookies is fallback facility.
 	It MUST NOT be used to help highly loaded servers to stand
-	against legal connection rate. If you see synflood warnings
+	against legal connection rate. If you see SYN flood warnings
 	in your logs, but investigation	shows that they occur
 	because of overload with legal connections, you should tune
 	another parameters until this warning disappear.
@@ -386,11 +385,11 @@ tcp_syncookies - BOOLEAN
 	to use TCP extensions, can result in serious degradation
 	of some services (f.e. SMTP relaying), visible not by you,
 	but your clients and relays, contacting you. While you see
-	synflood warnings in logs not being really flooded, your server
+	SYN flood warnings in logs not being really flooded, your server
 	is seriously misconfigured.
 
 tcp_syn_retries - INTEGER
-	Number of times initial SYNs for an active TCP connection attempt
+	Number of times initial SYN's for an active TCP connection attempt
 	will be retransmitted. Should not be higher than 255. Default value
 	is 5, which corresponds to ~180seconds.
 
@@ -418,7 +417,7 @@ tcp_tw_reuse - BOOLEAN
 tcp_window_scaling - BOOLEAN
 	Enable window scaling as defined in RFC1323.
 
-tcp_wmem - vector of 3 INTEGERs: min, default, max
+tcp_wmem - vector of 3 INTEGER's: min, default, max
 	min: Amount of memory reserved for send buffers for TCP socket.
 	Each TCP socket has rights to use it due to fact of its birth.
 	Default: 4K
@@ -448,8 +447,8 @@ tcp_dma_copybreak - INTEGER
 
 UDP variables:
 
-udp_mem - vector of 3 INTEGERs: min, pressure, max
-	Number of pages allowed for queueing by all UDP sockets.
+udp_mem - vector of 3 INTEGER's: min, pressure, max
+	Number of pages allowed for queuing by all UDP sockets.
 
 	min: Below this number of pages UDP is not bothered about its
 	memory appetite. When amount of memory allocated by UDP exceeds
@@ -457,7 +456,7 @@ udp_mem - vector of 3 INTEGERs: min, pre
 
 	pressure: This value was introduced to follow format of tcp_mem.
 
-	max: Number of pages allowed for queueing by all UDP sockets.
+	max: Number of pages allowed for queuing by all UDP sockets.
 
 	Default is calculated at boot time from amount of available memory.
 
@@ -707,7 +706,7 @@ rp_filter - BOOLEAN
 
 arp_filter - BOOLEAN
 	1 - Allows you to have multiple network interfaces on the same
-	subnet, and have the ARPs for each interface be answered
+	subnet, and have the ARP's for each interface be answered
 	based on whether or not the kernel would route a packet from
 	the ARP'd IP out that interface (therefore you must use source
 	based routing for this to work). In other words it allows control
@@ -1061,25 +1060,24 @@ bridge-nf-filter-pppoe-tagged - BOOLEAN
 	0 : disable this.
 	Default: 1
 
-
 UNDOCUMENTED:
 
-dev_weight FIXME
-discovery_slots FIXME
-discovery_timeout FIXME
-fast_poll_increase FIXME
-ip6_queue_maxlen FIXME
-lap_keepalive_time FIXME
-lo_cong FIXME
-max_baud_rate FIXME
-max_dgram_qlen FIXME
-max_noreply_time FIXME
-max_tx_data_size FIXME
-max_tx_window FIXME
-min_tx_turn_time FIXME
-mod_cong FIXME
-no_cong FIXME
-no_cong_thresh FIXME
-slot_timeout FIXME
-warn_noreply_time FIXME
+/proc/sys/net/core/*
+	dev_weight FIXME
+
+/proc/sys/net/unix/*
+	max_dgram_qlen FIXME
+
+/proc/sys/net/irda/*
+	fast_poll_increase FIXME
+	warn_noreply_time FIXME
+	discovery_slots FIXME
+	slot_timeout FIXME
+	max_baud_rate FIXME
+	discovery_timeout FIXME
+	lap_keepalive_time FIXME
+	max_noreply_time FIXME
+	max_tx_data_size FIXME
+	max_tx_window FIXME
+	min_tx_turn_time FIXME
 

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[Randy.Dunlap]

Hi Stephen,

On Tue, 1 Jul 2008, Stephen Hemminger wrote:

> Fix some documentation stuff:
>   * replace non-standard spelling
>   * remove confusing sentence in F-RTO description. The existing
>     text is sufficient to explain what the option does
>   * reorganize and update list of undocumented values
> 
> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
> 
> --- a/Documentation/networking/ip-sysctl.txt	2008-07-01 14:52:00.000000000 -0700
> +++ b/Documentation/networking/ip-sysctl.txt	2008-07-01 15:12:26.000000000 -0700
> @@ -159,7 +159,7 @@ tcp_congestion_control - STRING
>  	Default is set as part of kernel configuration.
>  
>  tcp_dsack - BOOLEAN
> -	Allows TCP to send "duplicate" SACKs.
> +	Allows TCP to send "duplicate" SACK's.

I think that either way is OK for these...

>  
>  tcp_ecn - BOOLEAN
>  	Enable Explicit Congestion Notification in TCP.
> @@ -185,10 +185,9 @@ tcp_frto - INTEGER
>  	timeouts.  It is particularly beneficial in wireless environments
>  	where packet loss is typically due to random radio interference
>  	rather than intermediate router congestion.  F-RTO is sender-side
> -	only modification.  Therefore it does not require any support from
> -	the peer, but in a typical case, however, where wireless link is
> -	the local access link and most of the data flows downlink, the
> -	faraway servers should have F-RTO enabled to take advantage of it.
> +	only modification therefore it does not require any support from
> +	the peer.

Run-on sentence :(

> +
>  	If set to 1, basic version is enabled.  2 enables SACK enhanced
>  	F-RTO if flow uses SACK.  The basic version can be used also when
>  	SACK is in use though scenario(s) with it exists where F-RTO
> @@ -270,13 +269,13 @@ tcp_mem - vector of 3 INTEGERs: min, pre
>  	pressure mode, which is exited when memory consumption falls
>  	under "min".
>  
> -	max: number of pages allowed for queueing by all TCP sockets.
> +	max: number of pages allowed for queuing by all TCP sockets.

google for "queuing theory" has about 198,000 hits.
google for "queueing theory" has about 499,000 hits.

grep kernel source tree for "queuing" has 487 hits.
grep kernel source tree for "queueing" has 728 hits.

I wouldn't change this.

>  
>  	Defaults are calculated at boot time from amount of available
>  	memory.
>  
>  tcp_moderate_rcvbuf - BOOLEAN
> -	If set, TCP performs receive buffer autotuning, attempting to
> +	If set, TCP performs receive buffer auto tuning, attempting to

or auto-tuning?  :)

>  	automatically size the buffer (no greater than tcp_rmem[2]) to
>  	match the size required by the path for full throughput.  Enabled by
>  	default.

-- 
~Randy

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[Stephen Hemminger]

On Tue, 1 Jul 2008 15:55:05 -0700 (PDT)
"Randy.Dunlap" <rdunlap@xenotime.net> wrote:

> Hi Stephen,
> 
> On Tue, 1 Jul 2008, Stephen Hemminger wrote:
> 
> > Fix some documentation stuff:
> >   * replace non-standard spelling
> >   * remove confusing sentence in F-RTO description. The existing
> >     text is sufficient to explain what the option does
> >   * reorganize and update list of undocumented values
> > 
> > Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
> > 
> > --- a/Documentation/networking/ip-sysctl.txt	2008-07-01 14:52:00.000000000 -0700
> > +++ b/Documentation/networking/ip-sysctl.txt	2008-07-01 15:12:26.000000000 -0700
> > @@ -159,7 +159,7 @@ tcp_congestion_control - STRING
> >  	Default is set as part of kernel configuration.
> >  
> >  tcp_dsack - BOOLEAN
> > -	Allows TCP to send "duplicate" SACKs.
> > +	Allows TCP to send "duplicate" SACK's.
> 
> I think that either way is OK for these...
> 
> >  
> >  tcp_ecn - BOOLEAN
> >  	Enable Explicit Congestion Notification in TCP.
> > @@ -185,10 +185,9 @@ tcp_frto - INTEGER
> >  	timeouts.  It is particularly beneficial in wireless environments
> >  	where packet loss is typically due to random radio interference
> >  	rather than intermediate router congestion.  F-RTO is sender-side
> > -	only modification.  Therefore it does not require any support from
> > -	the peer, but in a typical case, however, where wireless link is
> > -	the local access link and most of the data flows downlink, the
> > -	faraway servers should have F-RTO enabled to take advantage of it.
> > +	only modification therefore it does not require any support from
> > +	the peer.
> 
> Run-on sentence :(
> 
> > +
> >  	If set to 1, basic version is enabled.  2 enables SACK enhanced
> >  	F-RTO if flow uses SACK.  The basic version can be used also when
> >  	SACK is in use though scenario(s) with it exists where F-RTO
> > @@ -270,13 +269,13 @@ tcp_mem - vector of 3 INTEGERs: min, pre
> >  	pressure mode, which is exited when memory consumption falls
> >  	under "min".
> >  
> > -	max: number of pages allowed for queueing by all TCP sockets.
> > +	max: number of pages allowed for queuing by all TCP sockets.
> 
> google for "queuing theory" has about 198,000 hits.
> google for "queueing theory" has about 499,000 hits.
> 
> grep kernel source tree for "queuing" has 487 hits.
> grep kernel source tree for "queueing" has 728 hits.

I wouldn't accept either as definitive norm on spelling, but looking at Webster
online, either spelling is now acceptable.  My spellchecker and old dictionary
appear out of date.

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[Karen Shaeffer]

On Tue, Jul 01, 2008 at 04:13:57PM -0700, Stephen Hemminger wrote:
> On Tue, 1 Jul 2008 15:55:05 -0700 (PDT)
> "Randy.Dunlap" <rdunlap@xenotime.net> wrote:
> 
> > google for "queuing theory" has about 198,000 hits.
> > google for "queueing theory" has about 499,000 hits.

Interesting. I just did a google test:
google: "queuing theory" 597,000 hits
google: "queueing theory" 596,000 hits
Maybe everybody is doing the test, and Google is figuring
out the answer is the same for both. (smiles ;)
Karen
-- 
 Karen Shaeffer
 Neuralscape, Palo Alto, Ca. 94306
 shaeffer@neuralscape.com  http://www.neuralscape.com

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[Randy.Dunlap]

On Tue, 1 Jul 2008, Karen Shaeffer wrote:

> On Tue, Jul 01, 2008 at 04:13:57PM -0700, Stephen Hemminger wrote:
> > On Tue, 1 Jul 2008 15:55:05 -0700 (PDT)
> > "Randy.Dunlap" <rdunlap@xenotime.net> wrote:
> > 
> > > google for "queuing theory" has about 198,000 hits.
> > > google for "queueing theory" has about 499,000 hits.
> 
> Interesting. I just did a google test:
> google: "queuing theory" 597,000 hits
> google: "queueing theory" 596,000 hits
> Maybe everybody is doing the test, and Google is figuring
> out the answer is the same for both. (smiles ;)

You entered in the box:  queueing theory
I entered in the box:   "queueing theory"

The quotes make it look for those words together.

-- 
~Randy

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[David Miller]

From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Tue, 1 Jul 2008 16:13:57 -0700

> On Tue, 1 Jul 2008 15:55:05 -0700 (PDT)
> "Randy.Dunlap" <rdunlap@xenotime.net> wrote:
> 
> > google for "queuing theory" has about 198,000 hits.
> > google for "queueing theory" has about 499,000 hits.
> > 
> > grep kernel source tree for "queuing" has 487 hits.
> > grep kernel source tree for "queueing" has 728 hits.
> 
> I wouldn't accept either as definitive norm on spelling, but looking at Webster
> online, either spelling is now acceptable.  My spellchecker and old dictionary
> appear out of date.

Stephen, please make whichever fixes (run on sentences, consistent
spelling) you deem necessary and resubmit this, thanks!

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[Stephen Hemminger]

Reduced version of the spelling cleanup patch.
Take out the confusing language in tcp_frto, and organize the undocumented
values.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>


--- a/Documentation/networking/ip-sysctl.txt	2008-07-07 11:16:14.000000000 -0700
+++ b/Documentation/networking/ip-sysctl.txt	2008-07-07 11:17:23.000000000 -0700
@@ -148,9 +148,9 @@ tcp_available_congestion_control - STRIN
 	but not loaded.
 
 tcp_base_mss - INTEGER
-	The initial value of search_low to be used by Packetization Layer
-	Path MTU Discovery (MTU probing).  If MTU probing is enabled,
-	this is the inital MSS used by the connection.
+	The initial value of search_low to be used by the packetization layer
+	Path MTU discovery (MTU probing).  If MTU probing is enabled,
+	this is the initial MSS used by the connection.
 
 tcp_congestion_control - STRING
 	Set the congestion control algorithm to be used for new
@@ -185,10 +185,9 @@ tcp_frto - INTEGER
 	timeouts.  It is particularly beneficial in wireless environments
 	where packet loss is typically due to random radio interference
 	rather than intermediate router congestion.  F-RTO is sender-side
-	only modification.  Therefore it does not require any support from
-	the peer, but in a typical case, however, where wireless link is
-	the local access link and most of the data flows downlink, the
-	faraway servers should have F-RTO enabled to take advantage of it.
+	only modification. Therefore it does not require any support from
+	the peer.
+
 	If set to 1, basic version is enabled.  2 enables SACK enhanced
 	F-RTO if flow uses SACK.  The basic version can be used also when
 	SACK is in use though scenario(s) with it exists where F-RTO
@@ -276,7 +275,7 @@ tcp_mem - vector of 3 INTEGERs: min, pre
 	memory.
 
 tcp_moderate_rcvbuf - BOOLEAN
-	If set, TCP performs receive buffer autotuning, attempting to
+	If set, TCP performs receive buffer auto-tuning, attempting to
 	automatically size the buffer (no greater than tcp_rmem[2]) to
 	match the size required by the path for full throughput.  Enabled by
 	default.
@@ -358,7 +357,7 @@ tcp_slow_start_after_idle - BOOLEAN
 	Default: 1
 
 tcp_stdurg - BOOLEAN
-	Use the Host requirements interpretation of the TCP urg pointer field.
+	Use the Host requirements interpretation of the TCP urgent pointer field.
 	Most hosts use the older BSD interpretation, so if you turn this on
 	Linux might not communicate correctly with them.
 	Default: FALSE
@@ -371,12 +370,12 @@ tcp_synack_retries - INTEGER
 tcp_syncookies - BOOLEAN
 	Only valid when the kernel was compiled with CONFIG_SYNCOOKIES
 	Send out syncookies when the syn backlog queue of a socket
-	overflows. This is to prevent against the common 'syn flood attack'
+	overflows. This is to prevent against the common 'SYN flood attack'
 	Default: FALSE
 
 	Note, that syncookies is fallback facility.
 	It MUST NOT be used to help highly loaded servers to stand
-	against legal connection rate. If you see synflood warnings
+	against legal connection rate. If you see SYN flood warnings
 	in your logs, but investigation	shows that they occur
 	because of overload with legal connections, you should tune
 	another parameters until this warning disappear.
@@ -386,7 +385,7 @@ tcp_syncookies - BOOLEAN
 	to use TCP extensions, can result in serious degradation
 	of some services (f.e. SMTP relaying), visible not by you,
 	but your clients and relays, contacting you. While you see
-	synflood warnings in logs not being really flooded, your server
+	SYN flood warnings in logs not being really flooded, your server
 	is seriously misconfigured.
 
 tcp_syn_retries - INTEGER
@@ -1072,25 +1071,24 @@ bridge-nf-filter-pppoe-tagged - BOOLEAN
 	0 : disable this.
 	Default: 1
 
-
 UNDOCUMENTED:
 
-dev_weight FIXME
-discovery_slots FIXME
-discovery_timeout FIXME
-fast_poll_increase FIXME
-ip6_queue_maxlen FIXME
-lap_keepalive_time FIXME
-lo_cong FIXME
-max_baud_rate FIXME
-max_dgram_qlen FIXME
-max_noreply_time FIXME
-max_tx_data_size FIXME
-max_tx_window FIXME
-min_tx_turn_time FIXME
-mod_cong FIXME
-no_cong FIXME
-no_cong_thresh FIXME
-slot_timeout FIXME
-warn_noreply_time FIXME
+/proc/sys/net/core/*
+	dev_weight FIXME
+
+/proc/sys/net/unix/*
+	max_dgram_qlen FIXME
+
+/proc/sys/net/irda/*
+	fast_poll_increase FIXME
+	warn_noreply_time FIXME
+	discovery_slots FIXME
+	slot_timeout FIXME
+	max_baud_rate FIXME
+	discovery_timeout FIXME
+	lap_keepalive_time FIXME
+	max_noreply_time FIXME
+	max_tx_data_size FIXME
+	max_tx_window FIXME
+	min_tx_turn_time FIXME
 

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[Randy Dunlap]

On Thu, 10 Jul 2008 14:39:07 -0700 Stephen Hemminger wrote:

> Reduced version of the spelling cleanup patch.
> Take out the confusing language in tcp_frto, and organize the undocumented
> values.
> 
> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
> 

Looks good to me.  Thanks/Ack.


> 
> --- a/Documentation/networking/ip-sysctl.txt	2008-07-07 11:16:14.000000000 -0700
> +++ b/Documentation/networking/ip-sysctl.txt	2008-07-07 11:17:23.000000000 -0700
> @@ -148,9 +148,9 @@ tcp_available_congestion_control - STRIN
>  	but not loaded.
>  
>  tcp_base_mss - INTEGER
> -	The initial value of search_low to be used by Packetization Layer
> -	Path MTU Discovery (MTU probing).  If MTU probing is enabled,
> -	this is the inital MSS used by the connection.
> +	The initial value of search_low to be used by the packetization layer
> +	Path MTU discovery (MTU probing).  If MTU probing is enabled,
> +	this is the initial MSS used by the connection.
>  
>  tcp_congestion_control - STRING
>  	Set the congestion control algorithm to be used for new
> @@ -185,10 +185,9 @@ tcp_frto - INTEGER
>  	timeouts.  It is particularly beneficial in wireless environments
>  	where packet loss is typically due to random radio interference
>  	rather than intermediate router congestion.  F-RTO is sender-side
> -	only modification.  Therefore it does not require any support from
> -	the peer, but in a typical case, however, where wireless link is
> -	the local access link and most of the data flows downlink, the
> -	faraway servers should have F-RTO enabled to take advantage of it.
> +	only modification. Therefore it does not require any support from
> +	the peer.
> +
>  	If set to 1, basic version is enabled.  2 enables SACK enhanced
>  	F-RTO if flow uses SACK.  The basic version can be used also when
>  	SACK is in use though scenario(s) with it exists where F-RTO
> @@ -276,7 +275,7 @@ tcp_mem - vector of 3 INTEGERs: min, pre
>  	memory.
>  
>  tcp_moderate_rcvbuf - BOOLEAN
> -	If set, TCP performs receive buffer autotuning, attempting to
> +	If set, TCP performs receive buffer auto-tuning, attempting to
>  	automatically size the buffer (no greater than tcp_rmem[2]) to
>  	match the size required by the path for full throughput.  Enabled by
>  	default.
> @@ -358,7 +357,7 @@ tcp_slow_start_after_idle - BOOLEAN
>  	Default: 1
>  
>  tcp_stdurg - BOOLEAN
> -	Use the Host requirements interpretation of the TCP urg pointer field.
> +	Use the Host requirements interpretation of the TCP urgent pointer field.
>  	Most hosts use the older BSD interpretation, so if you turn this on
>  	Linux might not communicate correctly with them.
>  	Default: FALSE
> @@ -371,12 +370,12 @@ tcp_synack_retries - INTEGER
>  tcp_syncookies - BOOLEAN
>  	Only valid when the kernel was compiled with CONFIG_SYNCOOKIES
>  	Send out syncookies when the syn backlog queue of a socket
> -	overflows. This is to prevent against the common 'syn flood attack'
> +	overflows. This is to prevent against the common 'SYN flood attack'
>  	Default: FALSE
>  
>  	Note, that syncookies is fallback facility.
>  	It MUST NOT be used to help highly loaded servers to stand
> -	against legal connection rate. If you see synflood warnings
> +	against legal connection rate. If you see SYN flood warnings
>  	in your logs, but investigation	shows that they occur
>  	because of overload with legal connections, you should tune
>  	another parameters until this warning disappear.
> @@ -386,7 +385,7 @@ tcp_syncookies - BOOLEAN
>  	to use TCP extensions, can result in serious degradation
>  	of some services (f.e. SMTP relaying), visible not by you,
>  	but your clients and relays, contacting you. While you see
> -	synflood warnings in logs not being really flooded, your server
> +	SYN flood warnings in logs not being really flooded, your server
>  	is seriously misconfigured.
>  
>  tcp_syn_retries - INTEGER
> @@ -1072,25 +1071,24 @@ bridge-nf-filter-pppoe-tagged - BOOLEAN
>  	0 : disable this.
>  	Default: 1
>  
> -
>  UNDOCUMENTED:
>  
> -dev_weight FIXME
> -discovery_slots FIXME
> -discovery_timeout FIXME
> -fast_poll_increase FIXME
> -ip6_queue_maxlen FIXME
> -lap_keepalive_time FIXME
> -lo_cong FIXME
> -max_baud_rate FIXME
> -max_dgram_qlen FIXME
> -max_noreply_time FIXME
> -max_tx_data_size FIXME
> -max_tx_window FIXME
> -min_tx_turn_time FIXME
> -mod_cong FIXME
> -no_cong FIXME
> -no_cong_thresh FIXME
> -slot_timeout FIXME
> -warn_noreply_time FIXME
> +/proc/sys/net/core/*
> +	dev_weight FIXME
> +
> +/proc/sys/net/unix/*
> +	max_dgram_qlen FIXME
> +
> +/proc/sys/net/irda/*
> +	fast_poll_increase FIXME
> +	warn_noreply_time FIXME
> +	discovery_slots FIXME
> +	slot_timeout FIXME
> +	max_baud_rate FIXME
> +	discovery_timeout FIXME
> +	lap_keepalive_time FIXME
> +	max_noreply_time FIXME
> +	max_tx_data_size FIXME
> +	max_tx_window FIXME
> +	min_tx_turn_time FIXME

---
~Randy
Linux Plumbers Conference, 17-19 September 2008, Portland, Oregon USA
http://linuxplumbersconf.org/

Re: [PATCH 3/3] ip: sysctl documentation cleanup

[David Miller]

From: Randy Dunlap <rdunlap@xenotime.net>
Date: Thu, 10 Jul 2008 14:44:23 -0700

> On Thu, 10 Jul 2008 14:39:07 -0700 Stephen Hemminger wrote:
> 
> > Reduced version of the spelling cleanup patch.
> > Take out the confusing language in tcp_frto, and organize the undocumented
> > values.
> > 
> > Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
> > 
> 
> Looks good to me.  Thanks/Ack.

Applied, thanks.

Re: [PATCH 2/3] ipv4: fix sysctl documentation of time related values

[David Miller]

From: Stephen Hemminger <shemminger@vyatta.com>
Date: Tue, 1 Jul 2008 15:39:26 -0700

> These sysctl values are time related and all use the same routine
> (proc_dointvec_jiffies) that internally converts from seconds to jiffies.
> The code is fine, the documentation is just wrong.
> 
> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>

As a doc fix, I've applied this to net-2.6, thanks!

Re: [PATCH 1/3] icmp: fix units for ratelimit

[David Miller]

From: Stephen Hemminger <shemminger@vyatta.com>
Date: Tue, 1 Jul 2008 15:38:20 -0700

> Convert the sysctl values for icmp ratelimit to use milliseconds instead
> of jiffies which is based on kernel configured HZ.
> Internal kernel jiffies are not a proper unit for any userspace API.
> 
> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>

Applied to net-next-2.6, thanks!