blob: 43e1439e75e695fab622054bc48dd6d530f7f863 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001#
2# IP configuration
3#
Linus Torvalds1da177e2005-04-16 15:20:36 -07004config IP_MULTICAST
5 bool "IP: multicasting"
Linus Torvalds1da177e2005-04-16 15:20:36 -07006 help
7 This is code for addressing several networked computers at once,
8 enlarging your kernel by about 2 KB. You need multicasting if you
9 intend to participate in the MBONE, a high bandwidth network on top
10 of the Internet which carries audio and video broadcasts. More
11 information about the MBONE is on the WWW at
Adrian Bunk936bb142007-02-17 19:49:13 +010012 <http://www.savetz.com/mbone/>. Information about the multicast
Linus Torvalds1da177e2005-04-16 15:20:36 -070013 capabilities of the various network cards is contained in
14 <file:Documentation/networking/multicast.txt>. For most people, it's
15 safe to say N.
16
17config IP_ADVANCED_ROUTER
18 bool "IP: advanced router"
Linus Torvalds1da177e2005-04-16 15:20:36 -070019 ---help---
20 If you intend to run your Linux box mostly as a router, i.e. as a
21 computer that forwards and redistributes network packets, say Y; you
22 will then be presented with several options that allow more precise
23 control about the routing process.
24
25 The answer to this question won't directly affect the kernel:
26 answering N will just cause the configurator to skip all the
27 questions about advanced routing.
28
29 Note that your box can only act as a router if you enable IP
30 forwarding in your kernel; you can do that by saying Y to "/proc
31 file system support" and "Sysctl support" below and executing the
32 line
33
34 echo "1" > /proc/sys/net/ipv4/ip_forward
35
36 at boot time after the /proc file system has been mounted.
37
Jesper Dangaard Brouerb2cc46a2009-02-22 00:06:20 -080038 If you turn on IP forwarding, you should consider the rp_filter, which
Linus Torvalds1da177e2005-04-16 15:20:36 -070039 automatically rejects incoming packets if the routing table entry
40 for their source address doesn't match the network interface they're
41 arriving on. This has security advantages because it prevents the
42 so-called IP spoofing, however it can pose problems if you use
43 asymmetric routing (packets from you to a host take a different path
44 than packets from that host to you) or if you operate a non-routing
45 host which has several IP addresses on different interfaces. To turn
Dave Jonesd7394372007-05-17 15:02:21 -070046 rp_filter on use:
Linus Torvalds1da177e2005-04-16 15:20:36 -070047
Dave Jonesd7394372007-05-17 15:02:21 -070048 echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
Nicolas Dichtel750e9fa2010-08-31 05:50:43 +000049 or
Dave Jonesd7394372007-05-17 15:02:21 -070050 echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
Linus Torvalds1da177e2005-04-16 15:20:36 -070051
Jesper Dangaard Brouerb2cc46a2009-02-22 00:06:20 -080052 Note that some distributions enable it in startup scripts.
Jesper Dangaard Brouerd18921a2009-02-23 04:40:43 +000053 For details about rp_filter strict and loose mode read
54 <file:Documentation/networking/ip-sysctl.txt>.
Jesper Dangaard Brouerb2cc46a2009-02-22 00:06:20 -080055
Linus Torvalds1da177e2005-04-16 15:20:36 -070056 If unsure, say N here.
57
Stephen Hemminger66a2f7f2008-01-12 21:23:17 -080058config IP_FIB_TRIE_STATS
59 bool "FIB TRIE statistics"
David S. Miller3630b7c2011-02-01 15:15:39 -080060 depends on IP_ADVANCED_ROUTER
Stephen Hemminger66a2f7f2008-01-12 21:23:17 -080061 ---help---
62 Keep track of statistics on structure of FIB TRIE table.
63 Useful for testing and measuring TRIE performance.
64
Linus Torvalds1da177e2005-04-16 15:20:36 -070065config IP_MULTIPLE_TABLES
66 bool "IP: policy routing"
67 depends on IP_ADVANCED_ROUTER
Thomas Grafe1ef4bf2006-08-04 03:39:22 -070068 select FIB_RULES
Linus Torvalds1da177e2005-04-16 15:20:36 -070069 ---help---
70 Normally, a router decides what to do with a received packet based
71 solely on the packet's final destination address. If you say Y here,
72 the Linux router will also be able to take the packet's source
73 address into account. Furthermore, the TOS (Type-Of-Service) field
74 of the packet can be used for routing decisions as well.
75
76 If you are interested in this, please see the preliminary
77 documentation at <http://www.compendium.com.ar/policy-routing.txt>
78 and <ftp://post.tepkom.ru/pub/vol2/Linux/docs/advanced-routing.tex>.
79 You will need supporting software from
80 <ftp://ftp.tux.org/pub/net/ip-routing/>.
81
82 If unsure, say N.
83
Linus Torvalds1da177e2005-04-16 15:20:36 -070084config IP_ROUTE_MULTIPATH
85 bool "IP: equal cost multipath"
86 depends on IP_ADVANCED_ROUTER
87 help
88 Normally, the routing tables specify a single action to be taken in
89 a deterministic manner for a given packet. If you say Y here
90 however, it becomes possible to attach several actions to a packet
91 pattern, in effect specifying several alternative paths to travel
92 for those packets. The router considers all these paths to be of
93 equal "cost" and chooses one of them in a non-deterministic fashion
94 if a matching packet arrives.
95
Linus Torvalds1da177e2005-04-16 15:20:36 -070096config IP_ROUTE_VERBOSE
97 bool "IP: verbose route monitoring"
98 depends on IP_ADVANCED_ROUTER
99 help
100 If you say Y here, which is recommended, then the kernel will print
101 verbose messages regarding the routing, for example warnings about
102 received packets which look strange and could be evidence of an
103 attack or a misconfigured system somewhere. The information is
104 handled by the klogd daemon which is responsible for kernel messages
105 ("man klogd").
106
Patrick McHardyc7066f72011-01-14 13:36:42 +0100107config IP_ROUTE_CLASSID
108 bool
109
Linus Torvalds1da177e2005-04-16 15:20:36 -0700110config IP_PNP
111 bool "IP: kernel level autoconfiguration"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700112 help
113 This enables automatic configuration of IP addresses of devices and
114 of the routing table during kernel boot, based on either information
115 supplied on the kernel command line or by BOOTP or RARP protocols.
116 You need to say Y only for diskless machines requiring network
117 access to boot (in which case you want to say Y to "Root file system
118 on NFS" as well), because all other machines configure the network
119 in their startup scripts.
120
121config IP_PNP_DHCP
122 bool "IP: DHCP support"
123 depends on IP_PNP
124 ---help---
125 If you want your Linux box to mount its whole root file system (the
126 one containing the directory /) from some other computer over the
127 net via NFS and you want the IP address of your computer to be
128 discovered automatically at boot time using the DHCP protocol (a
129 special protocol designed for doing this job), say Y here. In case
130 the boot ROM of your network card was designed for booting Linux and
131 does DHCP itself, providing all necessary information on the kernel
132 command line, you can say N here.
133
134 If unsure, say Y. Note that if you want to use DHCP, a DHCP server
135 must be operating on your network. Read
J. Bruce Fieldsdc7a0812009-10-27 14:41:35 -0400136 <file:Documentation/filesystems/nfs/nfsroot.txt> for details.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700137
138config IP_PNP_BOOTP
139 bool "IP: BOOTP support"
140 depends on IP_PNP
141 ---help---
142 If you want your Linux box to mount its whole root file system (the
143 one containing the directory /) from some other computer over the
144 net via NFS and you want the IP address of your computer to be
145 discovered automatically at boot time using the BOOTP protocol (a
146 special protocol designed for doing this job), say Y here. In case
147 the boot ROM of your network card was designed for booting Linux and
148 does BOOTP itself, providing all necessary information on the kernel
149 command line, you can say N here. If unsure, say Y. Note that if you
150 want to use BOOTP, a BOOTP server must be operating on your network.
J. Bruce Fieldsdc7a0812009-10-27 14:41:35 -0400151 Read <file:Documentation/filesystems/nfs/nfsroot.txt> for details.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700152
153config IP_PNP_RARP
154 bool "IP: RARP support"
155 depends on IP_PNP
156 help
157 If you want your Linux box to mount its whole root file system (the
158 one containing the directory /) from some other computer over the
159 net via NFS and you want the IP address of your computer to be
160 discovered automatically at boot time using the RARP protocol (an
161 older protocol which is being obsoleted by BOOTP and DHCP), say Y
162 here. Note that if you want to use RARP, a RARP server must be
J. Bruce Fields6ded55d2008-04-07 15:59:03 -0400163 operating on your network. Read
J. Bruce Fieldsdc7a0812009-10-27 14:41:35 -0400164 <file:Documentation/filesystems/nfs/nfsroot.txt> for details.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700165
166# not yet ready..
Jesper Dangaard Brouera6e8f272009-02-22 00:07:13 -0800167# bool ' IP: ARP support' CONFIG_IP_PNP_ARP
Linus Torvalds1da177e2005-04-16 15:20:36 -0700168config NET_IPIP
169 tristate "IP: tunneling"
Herbert Xud2acc342006-03-28 01:12:13 -0800170 select INET_TUNNEL
Linus Torvalds1da177e2005-04-16 15:20:36 -0700171 ---help---
172 Tunneling means encapsulating data of one protocol type within
173 another protocol and sending it over a channel that understands the
174 encapsulating protocol. This particular tunneling driver implements
175 encapsulation of IP within IP, which sounds kind of pointless, but
176 can be useful if you want to make your (or some other) machine
177 appear on a different network than it physically is, or to use
178 mobile-IP facilities (allowing laptops to seamlessly move between
179 networks without changing their IP addresses).
180
181 Saying Y to this option will produce two modules ( = code which can
182 be inserted in and removed from the running kernel whenever you
183 want). Most people won't need this and can say N.
184
Dmitry Kozlov00959ad2010-08-21 23:05:39 -0700185config NET_IPGRE_DEMUX
186 tristate "IP: GRE demultiplexer"
187 help
188 This is helper module to demultiplex GRE packets on GRE version field criteria.
189 Required by ip_gre and pptp modules.
190
Linus Torvalds1da177e2005-04-16 15:20:36 -0700191config NET_IPGRE
192 tristate "IP: GRE tunnels over IP"
David S. Miller21a180c2010-10-04 11:56:38 -0700193 depends on (IPV6 || IPV6=n) && NET_IPGRE_DEMUX
Linus Torvalds1da177e2005-04-16 15:20:36 -0700194 help
195 Tunneling means encapsulating data of one protocol type within
196 another protocol and sending it over a channel that understands the
197 encapsulating protocol. This particular tunneling driver implements
198 GRE (Generic Routing Encapsulation) and at this time allows
199 encapsulating of IPv4 or IPv6 over existing IPv4 infrastructure.
200 This driver is useful if the other endpoint is a Cisco router: Cisco
201 likes GRE much better than the other Linux tunneling driver ("IP
202 tunneling" above). In addition, GRE allows multicast redistribution
203 through the tunnel.
204
205config NET_IPGRE_BROADCAST
206 bool "IP: broadcast GRE over IP"
207 depends on IP_MULTICAST && NET_IPGRE
208 help
209 One application of GRE/IP is to construct a broadcast WAN (Wide Area
210 Network), which looks like a normal Ethernet LAN (Local Area
211 Network), but can be distributed all over the Internet. If you want
212 to do that, say Y here and to "IP multicast routing" below.
213
214config IP_MROUTE
215 bool "IP: multicast routing"
216 depends on IP_MULTICAST
217 help
218 This is used if you want your machine to act as a router for IP
219 packets that have several destination addresses. It is needed on the
220 MBONE, a high bandwidth network on top of the Internet which carries
221 audio and video broadcasts. In order to do that, you would most
222 likely run the program mrouted. Information about the multicast
223 capabilities of the various network cards is contained in
224 <file:Documentation/networking/multicast.txt>. If you haven't heard
225 about it, you don't need it.
226
Patrick McHardyf0ad0862010-04-13 05:03:23 +0000227config IP_MROUTE_MULTIPLE_TABLES
228 bool "IP: multicast policy routing"
Patrick McHardy66496d42010-04-15 13:29:27 +0200229 depends on IP_MROUTE && IP_ADVANCED_ROUTER
Patrick McHardyf0ad0862010-04-13 05:03:23 +0000230 select FIB_RULES
231 help
232 Normally, a multicast router runs a userspace daemon and decides
233 what to do with a multicast packet based on the source and
234 destination addresses. If you say Y here, the multicast router
235 will also be able to take interfaces and packet marks into
236 account and run multiple instances of userspace daemons
237 simultaneously, each one handling a single table.
238
239 If unsure, say N.
240
Linus Torvalds1da177e2005-04-16 15:20:36 -0700241config IP_PIMSM_V1
242 bool "IP: PIM-SM version 1 support"
243 depends on IP_MROUTE
244 help
245 Kernel side support for Sparse Mode PIM (Protocol Independent
246 Multicast) version 1. This multicast routing protocol is used widely
247 because Cisco supports it. You need special software to use it
248 (pimd-v1). Please see <http://netweb.usc.edu/pim/> for more
249 information about PIM.
250
251 Say Y if you want to use PIM-SM v1. Note that you can say N here if
252 you just want to use Dense Mode PIM.
253
254config IP_PIMSM_V2
255 bool "IP: PIM-SM version 2 support"
256 depends on IP_MROUTE
257 help
258 Kernel side support for Sparse Mode PIM version 2. In order to use
259 this, you need an experimental routing daemon supporting it (pimd or
260 gated-5). This routing protocol is not used widely, so say N unless
261 you want to play with it.
262
263config ARPD
Timo Teräse61a4b62009-06-11 19:38:02 +0000264 bool "IP: ARP daemon support"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700265 ---help---
Timo Teräse61a4b62009-06-11 19:38:02 +0000266 The kernel maintains an internal cache which maps IP addresses to
267 hardware addresses on the local network, so that Ethernet/Token Ring/
268 etc. frames are sent to the proper address on the physical networking
269 layer. Normally, kernel uses the ARP protocol to resolve these
270 mappings.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700271
Timo Teräse61a4b62009-06-11 19:38:02 +0000272 Saying Y here adds support to have an user space daemon to do this
273 resolution instead. This is useful for implementing an alternate
274 address resolution protocol (e.g. NHRP on mGRE tunnels) and also for
275 testing purposes.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700276
Timo Teräse61a4b62009-06-11 19:38:02 +0000277 If unsure, say N.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700278
279config SYN_COOKIES
Florian Westphal57f15532010-06-03 00:42:30 +0000280 bool "IP: TCP syncookie support"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700281 ---help---
282 Normal TCP/IP networking is open to an attack known as "SYN
283 flooding". This denial-of-service attack prevents legitimate remote
284 users from being able to connect to your computer during an ongoing
285 attack and requires very little work from the attacker, who can
286 operate from anywhere on the Internet.
287
288 SYN cookies provide protection against this type of attack. If you
289 say Y here, the TCP/IP stack will use a cryptographic challenge
290 protocol known as "SYN cookies" to enable legitimate users to
291 continue to connect, even when your machine is under attack. There
292 is no need for the legitimate users to change their TCP/IP software;
293 SYN cookies work transparently to them. For technical information
294 about SYN cookies, check out <http://cr.yp.to/syncookies.html>.
295
296 If you are SYN flooded, the source address reported by the kernel is
297 likely to have been forged by the attacker; it is only reported as
298 an aid in tracing the packets to their actual source and should not
299 be taken as absolute truth.
300
301 SYN cookies may prevent correct error reporting on clients when the
302 server is really overloaded. If this happens frequently better turn
303 them off.
304
Florian Westphal57f15532010-06-03 00:42:30 +0000305 If you say Y here, you can disable SYN cookies at run time by
306 saying Y to "/proc file system support" and
Linus Torvalds1da177e2005-04-16 15:20:36 -0700307 "Sysctl support" below and executing the command
308
Florian Westphal57f15532010-06-03 00:42:30 +0000309 echo 0 > /proc/sys/net/ipv4/tcp_syncookies
Linus Torvalds1da177e2005-04-16 15:20:36 -0700310
Florian Westphal57f15532010-06-03 00:42:30 +0000311 after the /proc file system has been mounted.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700312
313 If unsure, say N.
314
315config INET_AH
316 tristate "IP: AH transformation"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700317 select XFRM
318 select CRYPTO
319 select CRYPTO_HMAC
320 select CRYPTO_MD5
321 select CRYPTO_SHA1
322 ---help---
323 Support for IPsec AH.
324
325 If unsure, say Y.
326
327config INET_ESP
328 tristate "IP: ESP transformation"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700329 select XFRM
330 select CRYPTO
Herbert Xued58dd42008-03-04 14:29:21 -0800331 select CRYPTO_AUTHENC
Linus Torvalds1da177e2005-04-16 15:20:36 -0700332 select CRYPTO_HMAC
333 select CRYPTO_MD5
Herbert Xu6b7326c2006-07-30 15:41:01 +1000334 select CRYPTO_CBC
Linus Torvalds1da177e2005-04-16 15:20:36 -0700335 select CRYPTO_SHA1
336 select CRYPTO_DES
337 ---help---
338 Support for IPsec ESP.
339
340 If unsure, say Y.
341
342config INET_IPCOMP
343 tristate "IP: IPComp transformation"
Herbert Xud2acc342006-03-28 01:12:13 -0800344 select INET_XFRM_TUNNEL
Herbert Xu6fccab62008-07-25 02:54:40 -0700345 select XFRM_IPCOMP
Linus Torvalds1da177e2005-04-16 15:20:36 -0700346 ---help---
347 Support for IP Payload Compression Protocol (IPComp) (RFC3173),
348 typically needed for IPsec.
Jesper Dangaard Brouera6e8f272009-02-22 00:07:13 -0800349
Linus Torvalds1da177e2005-04-16 15:20:36 -0700350 If unsure, say Y.
351
Herbert Xud2acc342006-03-28 01:12:13 -0800352config INET_XFRM_TUNNEL
353 tristate
354 select INET_TUNNEL
355 default n
356
Linus Torvalds1da177e2005-04-16 15:20:36 -0700357config INET_TUNNEL
Herbert Xud2acc342006-03-28 01:12:13 -0800358 tristate
359 default n
Linus Torvalds1da177e2005-04-16 15:20:36 -0700360
Herbert Xub59f45d2006-05-27 23:05:54 -0700361config INET_XFRM_MODE_TRANSPORT
362 tristate "IP: IPsec transport mode"
363 default y
364 select XFRM
365 ---help---
366 Support for IPsec transport mode.
367
368 If unsure, say Y.
369
370config INET_XFRM_MODE_TUNNEL
371 tristate "IP: IPsec tunnel mode"
372 default y
373 select XFRM
374 ---help---
375 Support for IPsec tunnel mode.
376
377 If unsure, say Y.
378
Diego Beltrami0a694522006-10-03 23:47:05 -0700379config INET_XFRM_MODE_BEET
380 tristate "IP: IPsec BEET mode"
381 default y
382 select XFRM
383 ---help---
384 Support for IPsec BEET mode.
385
386 If unsure, say Y.
387
Jan-Bernd Themann71c87e02007-08-08 22:38:05 -0700388config INET_LRO
Ben Hutchingsc5d35572010-10-03 15:37:42 +0000389 tristate "Large Receive Offload (ipv4/tcp)"
Frans Popbc8a5392009-05-18 21:48:38 -0700390 default y
Jan-Bernd Themann71c87e02007-08-08 22:38:05 -0700391 ---help---
392 Support for Large Receive Offload (ipv4/tcp).
393
394 If unsure, say Y.
395
Arnaldo Carvalho de Melo17b085e2005-08-12 12:59:17 -0300396config INET_DIAG
397 tristate "INET: socket monitoring interface"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700398 default y
399 ---help---
Arnaldo Carvalho de Melo73c1f4a2005-08-12 12:51:49 -0300400 Support for INET (TCP, DCCP, etc) socket monitoring interface used by
401 native Linux tools such as ss. ss is included in iproute2, currently
Michael Wittenc996d8b2010-11-15 19:55:34 +0000402 downloadable at:
403
404 http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2
Jesper Dangaard Brouera6e8f272009-02-22 00:07:13 -0800405
Linus Torvalds1da177e2005-04-16 15:20:36 -0700406 If unsure, say Y.
407
Arnaldo Carvalho de Melo17b085e2005-08-12 12:59:17 -0300408config INET_TCP_DIAG
409 depends on INET_DIAG
410 def_tristate INET_DIAG
411
Pavel Emelyanov507dd792011-12-09 06:24:36 +0000412config INET_UDP_DIAG
David S. Miller6d62a662012-01-07 12:13:06 -0800413 tristate "UDP: socket monitoring interface"
Pavel Emelyanov507dd792011-12-09 06:24:36 +0000414 depends on INET_DIAG
David S. Miller6d62a662012-01-07 12:13:06 -0800415 default n
416 ---help---
417 Support for UDP socket monitoring interface used by the ss tool.
418 If unsure, say Y.
Pavel Emelyanov507dd792011-12-09 06:24:36 +0000419
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700420menuconfig TCP_CONG_ADVANCED
David S. Millera6484042005-06-24 18:07:51 -0700421 bool "TCP: advanced congestion control"
David S. Millera6484042005-06-24 18:07:51 -0700422 ---help---
423 Support for selection of various TCP congestion control
424 modules.
425
426 Nearly all users can safely say no here, and a safe default
Stephen Hemminger597811e2006-09-24 20:13:03 -0700427 selection will be made (CUBIC with new Reno as a fallback).
David S. Millera6484042005-06-24 18:07:51 -0700428
429 If unsure, say N.
430
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700431if TCP_CONG_ADVANCED
Stephen Hemminger83803032005-06-23 12:23:25 -0700432
433config TCP_CONG_BIC
434 tristate "Binary Increase Congestion (BIC) control"
Stephen Hemminger597811e2006-09-24 20:13:03 -0700435 default m
Stephen Hemminger83803032005-06-23 12:23:25 -0700436 ---help---
437 BIC-TCP is a sender-side only change that ensures a linear RTT
438 fairness under large windows while offering both scalability and
439 bounded TCP-friendliness. The protocol combines two schemes
440 called additive increase and binary search increase. When the
441 congestion window is large, additive increase with a large
442 increment ensures linear RTT fairness as well as good
443 scalability. Under small congestion windows, binary search
444 increase provides TCP friendliness.
445 See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/
446
Stephen Hemmingerdf3271f2005-12-13 23:13:28 -0800447config TCP_CONG_CUBIC
448 tristate "CUBIC TCP"
Stephen Hemminger597811e2006-09-24 20:13:03 -0700449 default y
Stephen Hemmingerdf3271f2005-12-13 23:13:28 -0800450 ---help---
451 This is version 2.0 of BIC-TCP which uses a cubic growth function
452 among other techniques.
453 See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/cubic-paper.pdf
454
Stephen Hemminger87270762005-06-23 12:24:09 -0700455config TCP_CONG_WESTWOOD
456 tristate "TCP Westwood+"
Stephen Hemminger87270762005-06-23 12:24:09 -0700457 default m
458 ---help---
459 TCP Westwood+ is a sender-side only modification of the TCP Reno
460 protocol stack that optimizes the performance of TCP congestion
461 control. It is based on end-to-end bandwidth estimation to set
462 congestion window and slow start threshold after a congestion
463 episode. Using this estimation, TCP Westwood+ adaptively sets a
464 slow start threshold and a congestion window which takes into
465 account the bandwidth used at the time congestion is experienced.
466 TCP Westwood+ significantly increases fairness wrt TCP Reno in
467 wired networks and throughput over wireless links.
468
Baruch Evena7868ea2005-06-23 12:28:11 -0700469config TCP_CONG_HTCP
470 tristate "H-TCP"
Baruch Evena7868ea2005-06-23 12:28:11 -0700471 default m
472 ---help---
473 H-TCP is a send-side only modifications of the TCP Reno
474 protocol stack that optimizes the performance of TCP
475 congestion control for high speed network links. It uses a
476 modeswitch to change the alpha and beta parameters of TCP Reno
477 based on network conditions and in a way so as to be fair with
478 other Reno and H-TCP flows.
479
John Heffnera628d292005-06-23 12:24:58 -0700480config TCP_CONG_HSTCP
481 tristate "High Speed TCP"
Sam Ravnborg6a2e9b72005-07-11 21:13:56 -0700482 depends on EXPERIMENTAL
John Heffnera628d292005-06-23 12:24:58 -0700483 default n
484 ---help---
485 Sally Floyd's High Speed TCP (RFC 3649) congestion control.
486 A modification to TCP's congestion control mechanism for use
487 with large congestion windows. A table indicates how much to
488 increase the congestion window by when an ACK is received.
489 For more detail see http://www.icir.org/floyd/hstcp.html
490
Daniele Lacamera835b3f02005-06-23 12:26:34 -0700491config TCP_CONG_HYBLA
492 tristate "TCP-Hybla congestion control algorithm"
Sam Ravnborg6a2e9b72005-07-11 21:13:56 -0700493 depends on EXPERIMENTAL
Daniele Lacamera835b3f02005-06-23 12:26:34 -0700494 default n
495 ---help---
496 TCP-Hybla is a sender-side only change that eliminates penalization of
497 long-RTT, large-bandwidth connections, like when satellite legs are
Matt LaPlante44c09202006-10-03 22:34:14 +0200498 involved, especially when sharing a common bottleneck with normal
Daniele Lacamera835b3f02005-06-23 12:26:34 -0700499 terrestrial connections.
500
Stephen Hemmingerb87d8562005-06-23 12:27:19 -0700501config TCP_CONG_VEGAS
502 tristate "TCP Vegas"
Sam Ravnborg6a2e9b72005-07-11 21:13:56 -0700503 depends on EXPERIMENTAL
Stephen Hemmingerb87d8562005-06-23 12:27:19 -0700504 default n
505 ---help---
506 TCP Vegas is a sender-side only change to TCP that anticipates
507 the onset of congestion by estimating the bandwidth. TCP Vegas
508 adjusts the sending rate by modifying the congestion
509 window. TCP Vegas should provide less packet loss, but it is
510 not as aggressive as TCP Reno.
511
John Heffner0e579762005-06-23 12:29:07 -0700512config TCP_CONG_SCALABLE
513 tristate "Scalable TCP"
Sam Ravnborg6a2e9b72005-07-11 21:13:56 -0700514 depends on EXPERIMENTAL
John Heffner0e579762005-06-23 12:29:07 -0700515 default n
516 ---help---
517 Scalable TCP is a sender-side only change to TCP which uses a
518 MIMD congestion control algorithm which has some nice scaling
519 properties, though is known to have fairness issues.
Baruch Evenf4b94792007-02-21 19:32:37 -0800520 See http://www.deneholme.net/tom/scalable/
Baruch Evena7868ea2005-06-23 12:28:11 -0700521
Wong Hoi Sing Edison7c106d72006-06-05 17:27:58 -0700522config TCP_CONG_LP
523 tristate "TCP Low Priority"
524 depends on EXPERIMENTAL
525 default n
526 ---help---
527 TCP Low Priority (TCP-LP), a distributed algorithm whose goal is
Matt LaPlantecab00892006-10-03 22:36:44 +0200528 to utilize only the excess network bandwidth as compared to the
Wong Hoi Sing Edison7c106d72006-06-05 17:27:58 -0700529 ``fair share`` of bandwidth as targeted by TCP.
530 See http://www-ece.rice.edu/networks/TCP-LP/
531
Bin Zhou76f10172006-06-05 17:28:30 -0700532config TCP_CONG_VENO
533 tristate "TCP Veno"
534 depends on EXPERIMENTAL
535 default n
536 ---help---
537 TCP Veno is a sender-side only enhancement of TCP to obtain better
538 throughput over wireless networks. TCP Veno makes use of state
539 distinguishing to circumvent the difficult judgment of the packet loss
540 type. TCP Veno cuts down less congestion window in response to random
541 loss packets.
Justin P. Mattock631dd1a2010-10-18 11:03:14 +0200542 See <http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1177186>
Bin Zhou76f10172006-06-05 17:28:30 -0700543
Angelo P. Castellani5ef81472007-02-22 00:23:05 -0800544config TCP_CONG_YEAH
545 tristate "YeAH TCP"
546 depends on EXPERIMENTAL
David S. Miller2ff011e2007-05-17 00:07:47 -0700547 select TCP_CONG_VEGAS
Angelo P. Castellani5ef81472007-02-22 00:23:05 -0800548 default n
549 ---help---
550 YeAH-TCP is a sender-side high-speed enabled TCP congestion control
551 algorithm, which uses a mixed loss/delay approach to compute the
552 congestion window. It's design goals target high efficiency,
553 internal, RTT and Reno fairness, resilience to link loss while
554 keeping network elements load as low as possible.
555
556 For further details look here:
557 http://wil.cs.caltech.edu/pfldnet2007/paper/YeAH_TCP.pdf
558
Stephen Hemmingerc4622382007-04-20 17:07:51 -0700559config TCP_CONG_ILLINOIS
560 tristate "TCP Illinois"
561 depends on EXPERIMENTAL
562 default n
563 ---help---
Matt LaPlante01dd2fb2007-10-20 01:34:40 +0200564 TCP-Illinois is a sender-side modification of TCP Reno for
Stephen Hemmingerc4622382007-04-20 17:07:51 -0700565 high speed long delay links. It uses round-trip-time to
566 adjust the alpha and beta parameters to achieve a higher average
567 throughput and maintain fairness.
568
569 For further details see:
570 http://www.ews.uiuc.edu/~shaoliu/tcpillinois/index.html
571
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700572choice
573 prompt "Default TCP congestion control"
Stephen Hemminger597811e2006-09-24 20:13:03 -0700574 default DEFAULT_CUBIC
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700575 help
576 Select the TCP congestion control that will be used by default
577 for all connections.
578
579 config DEFAULT_BIC
580 bool "Bic" if TCP_CONG_BIC=y
581
582 config DEFAULT_CUBIC
583 bool "Cubic" if TCP_CONG_CUBIC=y
584
585 config DEFAULT_HTCP
586 bool "Htcp" if TCP_CONG_HTCP=y
587
Jan Engelhardtdd2acaa2010-03-11 09:57:27 +0000588 config DEFAULT_HYBLA
589 bool "Hybla" if TCP_CONG_HYBLA=y
590
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700591 config DEFAULT_VEGAS
592 bool "Vegas" if TCP_CONG_VEGAS=y
593
Jan Engelhardt6ce1a6d2010-03-11 09:57:28 +0000594 config DEFAULT_VENO
595 bool "Veno" if TCP_CONG_VENO=y
596
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700597 config DEFAULT_WESTWOOD
598 bool "Westwood" if TCP_CONG_WESTWOOD=y
599
600 config DEFAULT_RENO
601 bool "Reno"
602
603endchoice
604
605endif
Stephen Hemminger83803032005-06-23 12:23:25 -0700606
Stephen Hemminger597811e2006-09-24 20:13:03 -0700607config TCP_CONG_CUBIC
David S. Miller6c360762005-06-26 15:20:20 -0700608 tristate
David S. Millera6484042005-06-24 18:07:51 -0700609 depends on !TCP_CONG_ADVANCED
610 default y
611
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700612config DEFAULT_TCP_CONG
613 string
614 default "bic" if DEFAULT_BIC
615 default "cubic" if DEFAULT_CUBIC
616 default "htcp" if DEFAULT_HTCP
Jan Engelhardtdd2acaa2010-03-11 09:57:27 +0000617 default "hybla" if DEFAULT_HYBLA
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700618 default "vegas" if DEFAULT_VEGAS
619 default "westwood" if DEFAULT_WESTWOOD
Jan Engelhardt6ce1a6d2010-03-11 09:57:28 +0000620 default "veno" if DEFAULT_VENO
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700621 default "reno" if DEFAULT_RENO
Stephen Hemminger597811e2006-09-24 20:13:03 -0700622 default "cubic"
Stephen Hemminger3d2573f2006-09-24 20:11:58 -0700623
YOSHIFUJI Hideakicfb6eeb2006-11-14 19:07:45 -0800624config TCP_MD5SIG
625 bool "TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL)"
626 depends on EXPERIMENTAL
627 select CRYPTO
628 select CRYPTO_MD5
629 ---help---
David Sterba3dde6ad2007-05-09 07:12:20 +0200630 RFC2385 specifies a method of giving MD5 protection to TCP sessions.
YOSHIFUJI Hideakicfb6eeb2006-11-14 19:07:45 -0800631 Its main (only?) use is to protect BGP sessions between core routers
632 on the Internet.
633
634 If unsure, say N.