[PATCH] TCP window tracking retransmission handling
Martin Josefsson
gandalf at wlug.westbo.se
Tue Jan 25 10:47:12 CET 2005
On Tue, 25 Jan 2005, Jozsef Kadlecsik wrote:
> If we really want to attempt to detect resent packets, then I agree with
> you and the proposed solution. I was reluctant to add another field to
> ip_ct_tcp, but that cannot be avoided in order to do the job properly.
>
> [However, from another point of view, we actually could get rid of the
> feeble attempt of detecting resent packets (and thus the retrans and
> last_end fields) with the price of possible dangling connections in the
> conntrack table. The current code handles just fine "reopening" stuck
> connections.]
I think this is one of the features that really help keep the hashtable
small and nice. And of course the ability to disable connection pickup by
disabling ip_conntrack_tcp_loose. With the old code I easily had ~100k
entries in the hashtable, with the new code and loose disabled I see
35-40k entries unless there's a lot of udp scanning going on.
I'd like for it to continue existing unless it bloats the code and
datastructures too much.
/Martin
More information about the netfilter-devel
mailing list