^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) # SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) # IP configuration
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) config IP_MULTICAST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) bool "IP: multicasting"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) This is code for addressing several networked computers at once,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) enlarging your kernel by about 2 KB. You need multicasting if you
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) intend to participate in the MBONE, a high bandwidth network on top
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) of the Internet which carries audio and video broadcasts. More
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) information about the MBONE is on the WWW at
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) <https://www.savetz.com/mbone/>. For most people, it's safe to say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) config IP_ADVANCED_ROUTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) bool "IP: advanced router"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) If you intend to run your Linux box mostly as a router, i.e. as a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) computer that forwards and redistributes network packets, say Y; you
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) will then be presented with several options that allow more precise
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) control about the routing process.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) The answer to this question won't directly affect the kernel:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) answering N will just cause the configurator to skip all the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) questions about advanced routing.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) Note that your box can only act as a router if you enable IP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) forwarding in your kernel; you can do that by saying Y to "/proc
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) file system support" and "Sysctl support" below and executing the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) line
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) echo "1" > /proc/sys/net/ipv4/ip_forward
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) at boot time after the /proc file system has been mounted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) If you turn on IP forwarding, you should consider the rp_filter, which
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) automatically rejects incoming packets if the routing table entry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) for their source address doesn't match the network interface they're
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) arriving on. This has security advantages because it prevents the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) so-called IP spoofing, however it can pose problems if you use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) asymmetric routing (packets from you to a host take a different path
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) than packets from that host to you) or if you operate a non-routing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) host which has several IP addresses on different interfaces. To turn
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) rp_filter on use:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) Note that some distributions enable it in startup scripts.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) For details about rp_filter strict and loose mode read
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) <file:Documentation/networking/ip-sysctl.rst>.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) If unsure, say N here.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) config IP_FIB_TRIE_STATS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) bool "FIB TRIE statistics"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) depends on IP_ADVANCED_ROUTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) Keep track of statistics on structure of FIB TRIE table.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) Useful for testing and measuring TRIE performance.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) config IP_MULTIPLE_TABLES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) bool "IP: policy routing"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) depends on IP_ADVANCED_ROUTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) select FIB_RULES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) Normally, a router decides what to do with a received packet based
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) solely on the packet's final destination address. If you say Y here,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) the Linux router will also be able to take the packet's source
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) address into account. Furthermore, the TOS (Type-Of-Service) field
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) of the packet can be used for routing decisions as well.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) If you need more information, see the Linux Advanced
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) Routing and Traffic Control documentation at
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) <https://lartc.org/howto/lartc.rpdb.html>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) config IP_ROUTE_MULTIPATH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) bool "IP: equal cost multipath"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) depends on IP_ADVANCED_ROUTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) Normally, the routing tables specify a single action to be taken in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) a deterministic manner for a given packet. If you say Y here
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) however, it becomes possible to attach several actions to a packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) pattern, in effect specifying several alternative paths to travel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) for those packets. The router considers all these paths to be of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) equal "cost" and chooses one of them in a non-deterministic fashion
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) if a matching packet arrives.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) config IP_ROUTE_VERBOSE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) bool "IP: verbose route monitoring"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) depends on IP_ADVANCED_ROUTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) If you say Y here, which is recommended, then the kernel will print
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) verbose messages regarding the routing, for example warnings about
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) received packets which look strange and could be evidence of an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) attack or a misconfigured system somewhere. The information is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) handled by the klogd daemon which is responsible for kernel messages
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) ("man klogd").
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) config IP_ROUTE_CLASSID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) config IP_PNP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) bool "IP: kernel level autoconfiguration"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) This enables automatic configuration of IP addresses of devices and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) of the routing table during kernel boot, based on either information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) supplied on the kernel command line or by BOOTP or RARP protocols.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) You need to say Y only for diskless machines requiring network
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) access to boot (in which case you want to say Y to "Root file system
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) on NFS" as well), because all other machines configure the network
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) in their startup scripts.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) config IP_PNP_DHCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) bool "IP: DHCP support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) depends on IP_PNP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) If you want your Linux box to mount its whole root file system (the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) one containing the directory /) from some other computer over the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) net via NFS and you want the IP address of your computer to be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) discovered automatically at boot time using the DHCP protocol (a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) special protocol designed for doing this job), say Y here. In case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) the boot ROM of your network card was designed for booting Linux and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) does DHCP itself, providing all necessary information on the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) command line, you can say N here.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) If unsure, say Y. Note that if you want to use DHCP, a DHCP server
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) must be operating on your network. Read
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) <file:Documentation/admin-guide/nfs/nfsroot.rst> for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) config IP_PNP_BOOTP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) bool "IP: BOOTP support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) depends on IP_PNP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) If you want your Linux box to mount its whole root file system (the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) one containing the directory /) from some other computer over the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) net via NFS and you want the IP address of your computer to be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) discovered automatically at boot time using the BOOTP protocol (a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) special protocol designed for doing this job), say Y here. In case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) the boot ROM of your network card was designed for booting Linux and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) does BOOTP itself, providing all necessary information on the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) command line, you can say N here. If unsure, say Y. Note that if you
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) want to use BOOTP, a BOOTP server must be operating on your network.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) Read <file:Documentation/admin-guide/nfs/nfsroot.rst> for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) config IP_PNP_RARP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) bool "IP: RARP support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) depends on IP_PNP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) If you want your Linux box to mount its whole root file system (the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) one containing the directory /) from some other computer over the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) net via NFS and you want the IP address of your computer to be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) discovered automatically at boot time using the RARP protocol (an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) older protocol which is being obsoleted by BOOTP and DHCP), say Y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) here. Note that if you want to use RARP, a RARP server must be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) operating on your network. Read
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) <file:Documentation/admin-guide/nfs/nfsroot.rst> for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) config NET_IPIP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) tristate "IP: tunneling"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) select INET_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) select NET_IP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) Tunneling means encapsulating data of one protocol type within
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) another protocol and sending it over a channel that understands the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) encapsulating protocol. This particular tunneling driver implements
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) encapsulation of IP within IP, which sounds kind of pointless, but
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) can be useful if you want to make your (or some other) machine
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) appear on a different network than it physically is, or to use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) mobile-IP facilities (allowing laptops to seamlessly move between
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) networks without changing their IP addresses).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) Saying Y to this option will produce two modules ( = code which can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) be inserted in and removed from the running kernel whenever you
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) want). Most people won't need this and can say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) config NET_IPGRE_DEMUX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) tristate "IP: GRE demultiplexer"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) This is helper module to demultiplex GRE packets on GRE version field criteria.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) Required by ip_gre and pptp modules.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) config NET_IP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) tristate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) select DST_CACHE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) select GRO_CELLS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) config NET_IPGRE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) tristate "IP: GRE tunnels over IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) depends on (IPV6 || IPV6=n) && NET_IPGRE_DEMUX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) select NET_IP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) Tunneling means encapsulating data of one protocol type within
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) another protocol and sending it over a channel that understands the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) encapsulating protocol. This particular tunneling driver implements
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) GRE (Generic Routing Encapsulation) and at this time allows
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) encapsulating of IPv4 or IPv6 over existing IPv4 infrastructure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) This driver is useful if the other endpoint is a Cisco router: Cisco
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) likes GRE much better than the other Linux tunneling driver ("IP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) tunneling" above). In addition, GRE allows multicast redistribution
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) through the tunnel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) config NET_IPGRE_BROADCAST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) bool "IP: broadcast GRE over IP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) depends on IP_MULTICAST && NET_IPGRE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) One application of GRE/IP is to construct a broadcast WAN (Wide Area
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) Network), which looks like a normal Ethernet LAN (Local Area
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) Network), but can be distributed all over the Internet. If you want
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) to do that, say Y here and to "IP multicast routing" below.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) config IP_MROUTE_COMMON
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) depends on IP_MROUTE || IPV6_MROUTE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) config IP_MROUTE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) bool "IP: multicast routing"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) depends on IP_MULTICAST
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) select IP_MROUTE_COMMON
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) This is used if you want your machine to act as a router for IP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) packets that have several destination addresses. It is needed on the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) MBONE, a high bandwidth network on top of the Internet which carries
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) audio and video broadcasts. In order to do that, you would most
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) likely run the program mrouted. If you haven't heard about it, you
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) don't need it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) config IP_MROUTE_MULTIPLE_TABLES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) bool "IP: multicast policy routing"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) depends on IP_MROUTE && IP_ADVANCED_ROUTER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) select FIB_RULES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) Normally, a multicast router runs a userspace daemon and decides
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) what to do with a multicast packet based on the source and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) destination addresses. If you say Y here, the multicast router
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) will also be able to take interfaces and packet marks into
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) account and run multiple instances of userspace daemons
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) simultaneously, each one handling a single table.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) config IP_PIMSM_V1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) bool "IP: PIM-SM version 1 support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) depends on IP_MROUTE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) Kernel side support for Sparse Mode PIM (Protocol Independent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) Multicast) version 1. This multicast routing protocol is used widely
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) because Cisco supports it. You need special software to use it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) (pimd-v1). Please see <http://netweb.usc.edu/pim/> for more
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) information about PIM.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) Say Y if you want to use PIM-SM v1. Note that you can say N here if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) you just want to use Dense Mode PIM.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) config IP_PIMSM_V2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) bool "IP: PIM-SM version 2 support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) depends on IP_MROUTE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) Kernel side support for Sparse Mode PIM version 2. In order to use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) this, you need an experimental routing daemon supporting it (pimd or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) gated-5). This routing protocol is not used widely, so say N unless
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) you want to play with it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) config SYN_COOKIES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) bool "IP: TCP syncookie support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) Normal TCP/IP networking is open to an attack known as "SYN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) flooding". This denial-of-service attack prevents legitimate remote
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) users from being able to connect to your computer during an ongoing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) attack and requires very little work from the attacker, who can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) operate from anywhere on the Internet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) SYN cookies provide protection against this type of attack. If you
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) say Y here, the TCP/IP stack will use a cryptographic challenge
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) protocol known as "SYN cookies" to enable legitimate users to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) continue to connect, even when your machine is under attack. There
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) is no need for the legitimate users to change their TCP/IP software;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) SYN cookies work transparently to them. For technical information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) about SYN cookies, check out <https://cr.yp.to/syncookies.html>.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) If you are SYN flooded, the source address reported by the kernel is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) likely to have been forged by the attacker; it is only reported as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) an aid in tracing the packets to their actual source and should not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) be taken as absolute truth.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) SYN cookies may prevent correct error reporting on clients when the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) server is really overloaded. If this happens frequently better turn
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) them off.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) If you say Y here, you can disable SYN cookies at run time by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) saying Y to "/proc file system support" and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) "Sysctl support" below and executing the command
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) echo 0 > /proc/sys/net/ipv4/tcp_syncookies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) after the /proc file system has been mounted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) config NET_IPVTI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) tristate "Virtual (secure) IP: tunneling"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) depends on IPV6 || IPV6=n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) select INET_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) select NET_IP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) select XFRM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) Tunneling means encapsulating data of one protocol type within
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) another protocol and sending it over a channel that understands the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) encapsulating protocol. This can be used with xfrm mode tunnel to give
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) the notion of a secure tunnel for IPSEC and then use routing protocol
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) on top.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) config NET_UDP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) tristate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) select NET_IP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) config NET_FOU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) tristate "IP: Foo (IP protocols) over UDP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) select XFRM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) select NET_UDP_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) Foo over UDP allows any IP protocol to be directly encapsulated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) over UDP include tunnels (IPIP, GRE, SIT). By encapsulating in UDP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) network mechanisms and optimizations for UDP (such as ECMP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) and RSS) can be leveraged to provide better service.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) config NET_FOU_IP_TUNNELS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) bool "IP: FOU encapsulation of IP tunnels"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) depends on NET_IPIP || NET_IPGRE || IPV6_SIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) select NET_FOU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) Allow configuration of FOU or GUE encapsulation for IP tunnels.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) When this option is enabled IP tunnels can be configured to use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) FOU or GUE encapsulation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) config INET_AH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) tristate "IP: AH transformation"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) select XFRM_AH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) Support for IPsec AH (Authentication Header).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) AH can be used with various authentication algorithms. Besides
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) enabling AH support itself, this option enables the generic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) implementations of the algorithms that RFC 8221 lists as MUST be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) implemented. If you need any other algorithms, you'll need to enable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) them in the crypto API. You should also enable accelerated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) implementations of any needed algorithms when available.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) config INET_ESP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) tristate "IP: ESP transformation"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) select XFRM_ESP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) Support for IPsec ESP (Encapsulating Security Payload).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) ESP can be used with various encryption and authentication algorithms.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) Besides enabling ESP support itself, this option enables the generic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) implementations of the algorithms that RFC 8221 lists as MUST be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) implemented. If you need any other algorithms, you'll need to enable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) them in the crypto API. You should also enable accelerated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) implementations of any needed algorithms when available.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) config INET_ESP_OFFLOAD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) tristate "IP: ESP transformation offload"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) depends on INET_ESP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) select XFRM_OFFLOAD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) Support for ESP transformation offload. This makes sense
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) only if this system really does IPsec and want to do it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) with high throughput. A typical desktop system does not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) need it, even if it does IPsec.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) config INET_ESPINTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) bool "IP: ESP in TCP encapsulation (RFC 8229)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) depends on XFRM && INET_ESP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) select STREAM_PARSER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) select NET_SOCK_MSG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) select XFRM_ESPINTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) Support for RFC 8229 encapsulation of ESP and IKE over
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) TCP/IPv4 sockets.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) config INET_IPCOMP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) tristate "IP: IPComp transformation"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) select INET_XFRM_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) select XFRM_IPCOMP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) Support for IP Payload Compression Protocol (IPComp) (RFC3173),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) typically needed for IPsec.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) config INET_XFRM_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) tristate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) select INET_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) config INET_TUNNEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) tristate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) config INET_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) tristate "INET: socket monitoring interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) default y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) Support for INET (TCP, DCCP, etc) socket monitoring interface used by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) native Linux tools such as ss. ss is included in iproute2, currently
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) downloadable at:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) config INET_TCP_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) depends on INET_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) def_tristate INET_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) config INET_UDP_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) tristate "UDP: socket monitoring interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) depends on INET_DIAG && (IPV6 || IPV6=n)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) Support for UDP socket monitoring interface used by the ss tool.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) config INET_RAW_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) tristate "RAW: socket monitoring interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) depends on INET_DIAG && (IPV6 || IPV6=n)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) Support for RAW socket monitoring interface used by the ss tool.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) config INET_DIAG_DESTROY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) bool "INET: allow privileged process to administratively close sockets"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) depends on INET_DIAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) Provides a SOCK_DESTROY operation that allows privileged processes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) (e.g., a connection manager or a network administration tool such as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) ss) to close sockets opened by other processes. Closing a socket in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) this way interrupts any blocking read/write/connect operations on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) the socket and causes future socket calls to behave as if the socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) had been disconnected.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) menuconfig TCP_CONG_ADVANCED
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) bool "TCP: advanced congestion control"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) Support for selection of various TCP congestion control
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) modules.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) Nearly all users can safely say no here, and a safe default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) selection will be made (CUBIC with new Reno as a fallback).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) if TCP_CONG_ADVANCED
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) config TCP_CONG_BIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) tristate "Binary Increase Congestion (BIC) control"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) default m
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) BIC-TCP is a sender-side only change that ensures a linear RTT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) fairness under large windows while offering both scalability and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) bounded TCP-friendliness. The protocol combines two schemes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) called additive increase and binary search increase. When the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) congestion window is large, additive increase with a large
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) increment ensures linear RTT fairness as well as good
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) scalability. Under small congestion windows, binary search
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) increase provides TCP friendliness.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) config TCP_CONG_CUBIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) tristate "CUBIC TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) default y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) This is version 2.0 of BIC-TCP which uses a cubic growth function
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) among other techniques.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/cubic-paper.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) config TCP_CONG_WESTWOOD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) tristate "TCP Westwood+"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) default m
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) TCP Westwood+ is a sender-side only modification of the TCP Reno
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500) protocol stack that optimizes the performance of TCP congestion
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) control. It is based on end-to-end bandwidth estimation to set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) congestion window and slow start threshold after a congestion
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) episode. Using this estimation, TCP Westwood+ adaptively sets a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) slow start threshold and a congestion window which takes into
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) account the bandwidth used at the time congestion is experienced.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) TCP Westwood+ significantly increases fairness wrt TCP Reno in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) wired networks and throughput over wireless links.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) config TCP_CONG_HTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) tristate "H-TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) default m
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) H-TCP is a send-side only modifications of the TCP Reno
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) protocol stack that optimizes the performance of TCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) congestion control for high speed network links. It uses a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) modeswitch to change the alpha and beta parameters of TCP Reno
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) based on network conditions and in a way so as to be fair with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) other Reno and H-TCP flows.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) config TCP_CONG_HSTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) tristate "High Speed TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) Sally Floyd's High Speed TCP (RFC 3649) congestion control.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) A modification to TCP's congestion control mechanism for use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) with large congestion windows. A table indicates how much to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) increase the congestion window by when an ACK is received.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) For more detail see https://www.icir.org/floyd/hstcp.html
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) config TCP_CONG_HYBLA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) tristate "TCP-Hybla congestion control algorithm"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) TCP-Hybla is a sender-side only change that eliminates penalization of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) long-RTT, large-bandwidth connections, like when satellite legs are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) involved, especially when sharing a common bottleneck with normal
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) terrestrial connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) config TCP_CONG_VEGAS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) tristate "TCP Vegas"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) TCP Vegas is a sender-side only change to TCP that anticipates
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) the onset of congestion by estimating the bandwidth. TCP Vegas
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) adjusts the sending rate by modifying the congestion
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) window. TCP Vegas should provide less packet loss, but it is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) not as aggressive as TCP Reno.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) config TCP_CONG_NV
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) tristate "TCP NV"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) TCP NV is a follow up to TCP Vegas. It has been modified to deal with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) 10G networks, measurement noise introduced by LRO, GRO and interrupt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) coalescence. In addition, it will decrease its cwnd multiplicatively
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) instead of linearly.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) Note that in general congestion avoidance (cwnd decreased when # packets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) queued grows) cannot coexist with congestion control (cwnd decreased only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) when there is packet loss) due to fairness issues. One scenario when they
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) can coexist safely is when the CA flows have RTTs << CC flows RTTs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) For further details see http://www.brakmo.org/networking/tcp-nv/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) config TCP_CONG_SCALABLE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) tristate "Scalable TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) Scalable TCP is a sender-side only change to TCP which uses a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) MIMD congestion control algorithm which has some nice scaling
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) properties, though is known to have fairness issues.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) See http://www.deneholme.net/tom/scalable/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) config TCP_CONG_LP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) tristate "TCP Low Priority"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) TCP Low Priority (TCP-LP), a distributed algorithm whose goal is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) to utilize only the excess network bandwidth as compared to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) ``fair share`` of bandwidth as targeted by TCP.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) See http://www-ece.rice.edu/networks/TCP-LP/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) config TCP_CONG_VENO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) tristate "TCP Veno"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587) TCP Veno is a sender-side only enhancement of TCP to obtain better
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) throughput over wireless networks. TCP Veno makes use of state
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) distinguishing to circumvent the difficult judgment of the packet loss
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) type. TCP Veno cuts down less congestion window in response to random
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) loss packets.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) See <http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1177186>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) config TCP_CONG_YEAH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) tristate "YeAH TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) select TCP_CONG_VEGAS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) YeAH-TCP is a sender-side high-speed enabled TCP congestion control
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) algorithm, which uses a mixed loss/delay approach to compute the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) congestion window. It's design goals target high efficiency,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) internal, RTT and Reno fairness, resilience to link loss while
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) keeping network elements load as low as possible.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) For further details look here:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) http://wil.cs.caltech.edu/pfldnet2007/paper/YeAH_TCP.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) config TCP_CONG_ILLINOIS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) tristate "TCP Illinois"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) TCP-Illinois is a sender-side modification of TCP Reno for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) high speed long delay links. It uses round-trip-time to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) adjust the alpha and beta parameters to achieve a higher average
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) throughput and maintain fairness.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) For further details see:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) http://www.ews.uiuc.edu/~shaoliu/tcpillinois/index.html
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) config TCP_CONG_DCTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) tristate "DataCenter TCP (DCTCP)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) DCTCP leverages Explicit Congestion Notification (ECN) in the network to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) provide multi-bit feedback to the end hosts. It is designed to provide:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) - High burst tolerance (incast due to partition/aggregate),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) - Low latency (short flows, queries),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) - High throughput (continuous data updates, large file transfers) with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) commodity, shallow-buffered switches.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) All switches in the data center network running DCTCP must support
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) ECN marking and be configured for marking when reaching defined switch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) buffer thresholds. The default ECN marking threshold heuristic for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) DCTCP on switches is 20 packets (30KB) at 1Gbps, and 65 packets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) (~100KB) at 10Gbps, but might need further careful tweaking.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) For further details see:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) http://simula.stanford.edu/~alizade/Site/DCTCP_files/dctcp-final.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) config TCP_CONG_CDG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) tristate "CAIA Delay-Gradient (CDG)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) CAIA Delay-Gradient (CDG) is a TCP congestion control that modifies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) the TCP sender in order to:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) o Use the delay gradient as a congestion signal.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) o Back off with an average probability that is independent of the RTT.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) o Coexist with flows that use loss-based congestion control.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) o Tolerate packet loss unrelated to congestion.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) For further details see:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) D.A. Hayes and G. Armitage. "Revisiting TCP congestion control using
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) delay gradients." In Networking 2011. Preprint: http://goo.gl/No3vdg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) config TCP_CONG_BBR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) tristate "BBR TCP"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) default n
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) BBR (Bottleneck Bandwidth and RTT) TCP congestion control aims to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) maximize network utilization and minimize queues. It builds an explicit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) model of the bottleneck delivery rate and path round-trip propagation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) delay. It tolerates packet loss and delay unrelated to congestion. It
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) can operate over LAN, WAN, cellular, wifi, or cable modem links. It can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) coexist with flows that use loss-based congestion control, and can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) operate with shallow buffers, deep buffers, bufferbloat, policers, or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) AQM schemes that do not provide a delay signal. It requires the fq
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) ("Fair Queue") pacing packet scheduler.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) choice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) prompt "Default TCP congestion control"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) default DEFAULT_CUBIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) Select the TCP congestion control that will be used by default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) for all connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) config DEFAULT_BIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) bool "Bic" if TCP_CONG_BIC=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) config DEFAULT_CUBIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) bool "Cubic" if TCP_CONG_CUBIC=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) config DEFAULT_HTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) bool "Htcp" if TCP_CONG_HTCP=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) config DEFAULT_HYBLA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) bool "Hybla" if TCP_CONG_HYBLA=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) config DEFAULT_VEGAS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) bool "Vegas" if TCP_CONG_VEGAS=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) config DEFAULT_VENO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) bool "Veno" if TCP_CONG_VENO=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) config DEFAULT_WESTWOOD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) bool "Westwood" if TCP_CONG_WESTWOOD=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) config DEFAULT_DCTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) bool "DCTCP" if TCP_CONG_DCTCP=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) config DEFAULT_CDG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) bool "CDG" if TCP_CONG_CDG=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706) config DEFAULT_BBR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) bool "BBR" if TCP_CONG_BBR=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) config DEFAULT_RENO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) bool "Reno"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) endchoice
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) config TCP_CONG_CUBIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) tristate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) depends on !TCP_CONG_ADVANCED
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) default y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) config DEFAULT_TCP_CONG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) string
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722) default "bic" if DEFAULT_BIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) default "cubic" if DEFAULT_CUBIC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) default "htcp" if DEFAULT_HTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) default "hybla" if DEFAULT_HYBLA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) default "vegas" if DEFAULT_VEGAS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) default "westwood" if DEFAULT_WESTWOOD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728) default "veno" if DEFAULT_VENO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) default "reno" if DEFAULT_RENO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) default "dctcp" if DEFAULT_DCTCP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) default "cdg" if DEFAULT_CDG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732) default "bbr" if DEFAULT_BBR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) default "cubic"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) config TCP_MD5SIG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) bool "TCP: MD5 Signature Option support (RFC2385)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) select CRYPTO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738) select CRYPTO_MD5
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) RFC2385 specifies a method of giving MD5 protection to TCP sessions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) Its main (only?) use is to protect BGP sessions between core routers
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) on the Internet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) If unsure, say N.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags