ipv4: Namespaceify tcp_fastopen_blackhole_timeout knob Different namespace application might require different time period in second to disable Fastopen on active TCP sockets. Tested: Simulate following similar situation that the server's data gets dropped after 3WHS. C ---- syn-data ---> S C <--- syn/ack ----- S C ---- ack --------> S S (accept & write) C? X <- data ------ S [retry and timeout] And then print netstat of TCPFastOpenBlackhole, the counter increased as expected when the firewall blackhole issue is detected and active TFO is disabled. # cat /proc/net/netstat | awk '{print $91}' TCPFastOpenBlackhole 1 Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 3733be14a32bae288b61ed28341e593baba983af [log] [tgz]
author: Haishuang Yan <yanhaishuang@cmss.chinamobile.com> Wed Sep 27 11:35:43 2017 +0800
committer: David S. Miller <davem@davemloft.net> Sun Oct 01 17:55:54 2017 -0700
tree: 972622b76e08246aee043832bdc8224f6ac50501
parent: 437138485656c41e32b8c63c0987cfa0348be0e6 [diff] [blame]
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index 7bb9603..2c4222a 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h

@@ -133,6 +133,9 @@ struct netns_ipv4 {
 	int sysctl_tcp_fastopen;
 	struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
 	spinlock_t tcp_fastopen_ctx_lock;
+	unsigned int sysctl_tcp_fastopen_blackhole_timeout;
+	atomic_t tfo_active_disable_times;
+	unsigned long tfo_active_disable_stamp;
 
 #ifdef CONFIG_NET_L3_MASTER_DEV
 	int sysctl_udp_l3mdev_accept;
commit	3733be14a32bae288b61ed28341e593baba983af	[log] [tgz]
author	Haishuang Yan <yanhaishuang@cmss.chinamobile.com>	Wed Sep 27 11:35:43 2017 +0800
committer	David S. Miller <davem@davemloft.net>	Sun Oct 01 17:55:54 2017 -0700
tree	972622b76e08246aee043832bdc8224f6ac50501
parent	437138485656c41e32b8c63c0987cfa0348be0e6 [diff] [blame]