diff options
| author | Daniil Baturin <daniil@baturin.org> | 2023-08-08 20:28:38 +0100 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2023-08-17 16:30:00 +0100 |
| commit | 6e1333d1e71651e9822ef74d989b928df313ea6e (patch) | |
| tree | aadf8232178786c0aca6f796ff83bc5b0f10289d /src/conf_mode/system-ip.py | |
| parent | 0e92ee262d8ec6ee88d7331f2cbffe8b6b689437 (diff) | |
| download | vyos-1x-6e1333d1e71651e9822ef74d989b928df313ea6e.tar.gz vyos-1x-6e1333d1e71651e9822ef74d989b928df313ea6e.zip | |
system-ip: T5449: add TCP MSS probing options
Diffstat (limited to 'src/conf_mode/system-ip.py')
| -rwxr-xr-x | src/conf_mode/system-ip.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/src/conf_mode/system-ip.py b/src/conf_mode/system-ip.py index cca996e4f..c89267afc 100755 --- a/src/conf_mode/system-ip.py +++ b/src/conf_mode/system-ip.py @@ -98,6 +98,27 @@ def apply(opt): value = '1' if (tmp != None) else '0' sysctl_write('net.ipv4.fib_multipath_hash_policy', value) + # configure TCP options (defaults as of Linux 6.4) + tmp = dict_search('tcp.mss.probing', opt) + if tmp is None: + value = 0 + elif tmp == 'on-icmp-black-hole': + value = 1 + elif tmp == 'force': + value = 2 + else: + # Shouldn't happen + raise ValueError("TCP MSS probing is neither 'on-icmp-black-hole' nor 'force'!") + sysctl_write('net.ipv4.tcp_mtu_probing', value) + + tmp = dict_search('tcp.mss.base', opt) + value = '1024' if (tmp is None) else tmp + sysctl_write('net.ipv4.tcp_base_mss', value) + + tmp = dict_search('tcp.mss.floor', opt) + value = '48' if (tmp is None) else tmp + sysctl_write('net.ipv4.tcp_mtu_probe_floor', value) + if 'protocol' in opt: zebra_daemon = 'zebra' # Save original configuration prior to starting any commit actions |