Re: RST not emitted on listen backlog full?

To: tech-net%netbsd.org@localhost
Subject: Re: RST not emitted on listen backlog full?
From: Chuck Swiger <cswiger%mac.com@localhost>
Date: Tue, 11 May 2010 07:34:31 -0700

On May 11, 2010, at 6:37 AM, Thor Simon wrote:
> We've been doing some automated load testing and have noticed something
> curious.  When the TCP SYN cache code can't create a new socket for an
> incoming connection because the listen backlog is full (128 max) there is
> a call to tcp_respond which seems intended to cause a RST, but we never
> see the RST hit the wire.  We see no reason why and wonder if others have
> noticed this (mis-)behavior.

Do you want to treat the listen backlog being full the same as if the port was 
closed?

Simply dropping the incoming SYN and letting TCP retransmit mechanism do 
another try later on, when perhaps the listen queue has room, seems to be a 
better choice.

However, if the SYN cache stuff has a lighter-weight entity handling the 
initial connections before creating the socket data structure once connection 
is established, it might be reasonable to reply with a SYN+ACK with window size 
= 0.  The other side will periodically try to send probe packets with 0 or 1 
byte of data, but you refuse to ack any more data until the listen queue has 
room, at which time you go ahead and allocate the socket, reply to the probe 
ack'ing the one byte (if sent) and setting a non-zero window size, and proceed 
with normal established behavior from there.

Regards,
-- 
-Chuck

Follow-Ups:
- Re: RST not emitted on listen backlog full?
  - From: Michael Richardson

References:
- RST not emitted on listen backlog full?
  - From: Thor Simon

Prev by Date: Re: RST not emitted on listen backlog full?
Next by Date: Re: RST not emitted on listen backlog full?
Previous by Thread: Re: RST not emitted on listen backlog full?
Next by Thread: Re: RST not emitted on listen backlog full?
Indexes:

Home | Main Index | Thread Index | Old Index