> Unfortunately, this solution flies right in the face of section 1.2 of
> RFC 1323.

As long as the initial sequence numbers increase at a rate between zero
and the appropriate maximum, I don't see why the rate need be constant.
Section 1.2 of RFC 1323 is talking about the maximum rate.

I suggest the following changes:

 * in tcp_init() in tcp_subr.c, instead of initialising tcp_iss to 1,
   initialise it to a random 32-bit value (or perhaps a 31-bit value
   for TCP_COMPAT_42).  Note that the danger of re-using old ISNs after
   a reboot is independent of the value of the first ISN chosen after
   reboot.

 * in tcp_slowtimo() in tcp_timer.c, instead of resetting tcp_iss to 0
   in the TCP_COMPAT_42 code, just clear the 2**31 bit using 'tcp_iss &=
   0x7fffffff'.

 * wherever TCP_ISSINCR or TCP_ISSINCR/2 or whatever is used, instead
   use a random value between 1 and {TCP_ISSINCR or TCP_ISSINCR/2 or
   whatever}.

--apb (Alan Barrett)