> On 19. Mar 2023, at 16:59, Marek Zarychta <[email protected]> > wrote: > > W dniu 19.03.2023 o 14:42, [email protected] pisze: >>> On 19. Mar 2023, at 14:12, Marek Zarychta <[email protected]> >>> wrote: >>> >>> Dear subscribers of the list, >>> >>> TCP algo modules can be loaded/unloaded/changed on the fly. In FreeBSD >>> 14-CURRENT one can even change it on an active socket with tcpsso(8) >>> utility, but there is no way to run jail with different TCP stack. Neither >>> normal nor VNET jail support switching sysctl >>> net.inet.tcp.functions_default. >>> >>> Is there any way to set TCP algo inherited through fork+exec in a similar >>> way setfib(1) assigns fib or perhaps assign TCP algo per VNET instance? >> Hi Marek, >> >> so you are asking for the sysctl variable net.inet.tcp.functions_default to >> be vnet specific? > > Thanks for the reply Michael, > > yes, and... not. I tend to run non-vnet jails when it's possible, so in my > case, a jail(8) parameter like exec.fib would fit better, and even an execute > helper utility, a counterpart of setfib(1) would suffice. Im not familiar with fibs, but the TCP stack knows about the vnet, so the handling of the stack can be made vnet specific in the same way the handling of the CC module is. But I'm not sure about fibs. I can bring this up on the next FreeBSD transport VC and see what others think.
Best regards Michael > > With kind regards > > Marek > >> >> Best regards >> Michael >>> I am asking, since the almost perfect tcp_rack(4) applied on the host is >>> missing TCP-MD5 singing feature which is required in one of the jails. >>> >>> Cheers >>> -- >>> Marek Zarychta
