Meeting time
As of November 7 (once all the summer time changes have occurred), we will change the meeting time to 2100 UTC. This seems to do a decent job at accommodating all time zones during the Northern Hemisphere winter, even if it is a bit early/late in some areas.
Old Things
- Richard updated on possible data corruption with fragmented TCP segments: the investigation has been dropped; it is doubtful there is a problem in the upstream kernel.
tuexen@ proposes replacing MD5 with SIP hash for ISNs and time stamps. It has better performance, and we think it has sufficient security for this purpose. tuexen@ notified the security team in case they have concerns. They had none. Michael is waiting for reviews. D21616
- tuexen@ committed code to handle the case where an application specifies an infeasible size of IPv6 options.
- jtl@ asks for feedback on a proposal to stop adding new syn cache entries when the syn cache hash bucket is full. tuexen@ suggests we stop all syn cache processing (and fallback to cookies only) when under attack. tuexen@ suggests a heuristic of one bucket overflowed. This should be accompanied by a log entry so the administrator can take appropriate action (whether investigating the attack, increasing bucket sizes for normal traffic levels, or ignoring the message).
New congestion window validation: Richard has a new patch which gives a rough draft of a proposal to avoid exponential congestion window growth while you are application limited (therefore, not actually exercising the congestion window): D21798.
- hps@ plans to merge fragment patches in 2-4 weeks unless he hears from bz@ sooner.
New Things
tuexen@ needs review in D21665. We gave some feedback on the call.
- FreeBSD is looking for someone to organize a TCP roundtable at the Bay Area Vendor Summit in 2 weeks. No volunteers.
jtl asks for review on D14387.
Next Meeting
Next meeting is 10 Oct 2019 @ 1400 UTC.