Dnia Sun, Mar 19, 2023 at 06:35:29PM +0100, [email protected] napisaĆ(a): > > On 19. Mar 2023, at 16:59, Marek Zarychta <[email protected]> > > wrote: > > > > W dniu 19.03.2023 o 14:42, [email protected] pisze: > >>> On 19. Mar 2023, at 14:12, Marek Zarychta <[email protected]> > >>> wrote: > >>> > >>> Dear subscribers of the list, > >>> > >>> TCP algo modules can be loaded/unloaded/changed on the fly. In FreeBSD > >>> 14-CURRENT one can even change it on an active socket with tcpsso(8) > >>> utility, but there is no way to run jail with different TCP stack. > >>> Neither normal nor VNET jail support switching sysctl > >>> net.inet.tcp.functions_default. > >>> > >>> Is there any way to set TCP algo inherited through fork+exec in a similar > >>> way setfib(1) assigns fib or perhaps assign TCP algo per VNET instance? > >> Hi Marek, > >> > >> so you are asking for the sysctl variable net.inet.tcp.functions_default > >> to be vnet specific? > > > > Thanks for the reply Michael, > > > > yes, and... not. I tend to run non-vnet jails when it's possible, so in my > > case, a jail(8) parameter like exec.fib would fit better, and even an > > execute helper utility, a counterpart of setfib(1) would suffice. > Im not familiar with fibs, but the TCP stack knows about the vnet, so the > handling of the stack can > be made vnet specific in the same way the handling of the CC module is. But > I'm not sure about fibs. > I can bring this up on the next FreeBSD transport VC and see what others > think.
Thank you in advance for bringing this topic there. Making the stack switchable in either way would be profitable. With kind regards Marek > > Best regards > Michael > > > > With kind regards > > > > Marek > > > >> > >> Best regards > >> Michael > >>> I am asking, since the almost perfect tcp_rack(4) applied on the host is > >>> missing TCP-MD5 singing feature which is required in one of the jails. > >>> > >>> Cheers > >>> -- > >>> Marek Zarychta > > -- Marek Zarychta
