]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | # |
2 | # IP configuration | |
3 | # | |
4 | config IP_MULTICAST | |
5 | bool "IP: multicasting" | |
1da177e4 LT |
6 | help |
7 | This is code for addressing several networked computers at once, | |
8 | enlarging your kernel by about 2 KB. You need multicasting if you | |
9 | intend to participate in the MBONE, a high bandwidth network on top | |
10 | of the Internet which carries audio and video broadcasts. More | |
11 | information about the MBONE is on the WWW at | |
936bb14c | 12 | <http://www.savetz.com/mbone/>. Information about the multicast |
1da177e4 LT |
13 | capabilities of the various network cards is contained in |
14 | <file:Documentation/networking/multicast.txt>. For most people, it's | |
15 | safe to say N. | |
16 | ||
17 | config IP_ADVANCED_ROUTER | |
18 | bool "IP: advanced router" | |
1da177e4 LT |
19 | ---help--- |
20 | If you intend to run your Linux box mostly as a router, i.e. as a | |
21 | computer that forwards and redistributes network packets, say Y; you | |
22 | will then be presented with several options that allow more precise | |
23 | control about the routing process. | |
24 | ||
25 | The answer to this question won't directly affect the kernel: | |
26 | answering N will just cause the configurator to skip all the | |
27 | questions about advanced routing. | |
28 | ||
29 | Note that your box can only act as a router if you enable IP | |
30 | forwarding in your kernel; you can do that by saying Y to "/proc | |
31 | file system support" and "Sysctl support" below and executing the | |
32 | line | |
33 | ||
34 | echo "1" > /proc/sys/net/ipv4/ip_forward | |
35 | ||
36 | at boot time after the /proc file system has been mounted. | |
37 | ||
b2cc46a8 | 38 | If you turn on IP forwarding, you should consider the rp_filter, which |
1da177e4 LT |
39 | automatically rejects incoming packets if the routing table entry |
40 | for their source address doesn't match the network interface they're | |
41 | arriving on. This has security advantages because it prevents the | |
42 | so-called IP spoofing, however it can pose problems if you use | |
43 | asymmetric routing (packets from you to a host take a different path | |
44 | than packets from that host to you) or if you operate a non-routing | |
45 | host which has several IP addresses on different interfaces. To turn | |
d7394372 | 46 | rp_filter on use: |
1da177e4 | 47 | |
d7394372 | 48 | echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter |
750e9fad | 49 | or |
d7394372 | 50 | echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter |
1da177e4 | 51 | |
b2cc46a8 | 52 | Note that some distributions enable it in startup scripts. |
d18921a0 JDB |
53 | For details about rp_filter strict and loose mode read |
54 | <file:Documentation/networking/ip-sysctl.txt>. | |
b2cc46a8 | 55 | |
1da177e4 LT |
56 | If unsure, say N here. |
57 | ||
a6e8f27f | 58 | choice |
bb298ca3 DM |
59 | prompt "Choose IP: FIB lookup algorithm (choose FIB_HASH if unsure)" |
60 | depends on IP_ADVANCED_ROUTER | |
6876f95f | 61 | default ASK_IP_FIB_HASH |
bb298ca3 | 62 | |
6876f95f | 63 | config ASK_IP_FIB_HASH |
bb298ca3 DM |
64 | bool "FIB_HASH" |
65 | ---help--- | |
a6e8f27f | 66 | Current FIB is very proven and good enough for most users. |
bb298ca3 DM |
67 | |
68 | config IP_FIB_TRIE | |
69 | bool "FIB_TRIE" | |
70 | ---help--- | |
a6e8f27f JDB |
71 | Use new experimental LC-trie as FIB lookup algorithm. |
72 | This improves lookup performance if you have a large | |
73 | number of routes. | |
74 | ||
75 | LC-trie is a longest matching prefix lookup algorithm which | |
76 | performs better than FIB_HASH for large routing tables. | |
77 | But, it consumes more memory and is more complex. | |
78 | ||
79 | LC-trie is described in: | |
80 | ||
81 | IP-address lookup using LC-tries. Stefan Nilsson and Gunnar Karlsson | |
82 | IEEE Journal on Selected Areas in Communications, 17(6):1083-1092, | |
83 | June 1999 | |
84 | ||
85 | An experimental study of compression methods for dynamic tries | |
86 | Stefan Nilsson and Matti Tikkanen. Algorithmica, 33(1):19-33, 2002. | |
87 | http://www.nada.kth.se/~snilsson/public/papers/dyntrie2/ | |
88 | ||
bb298ca3 DM |
89 | endchoice |
90 | ||
bb298ca3 | 91 | config IP_FIB_HASH |
6876f95f | 92 | def_bool ASK_IP_FIB_HASH || !IP_ADVANCED_ROUTER |
bb298ca3 | 93 | |
66a2f7fd SH |
94 | config IP_FIB_TRIE_STATS |
95 | bool "FIB TRIE statistics" | |
96 | depends on IP_FIB_TRIE | |
97 | ---help--- | |
98 | Keep track of statistics on structure of FIB TRIE table. | |
99 | Useful for testing and measuring TRIE performance. | |
100 | ||
1da177e4 LT |
101 | config IP_MULTIPLE_TABLES |
102 | bool "IP: policy routing" | |
103 | depends on IP_ADVANCED_ROUTER | |
e1ef4bf2 | 104 | select FIB_RULES |
1da177e4 LT |
105 | ---help--- |
106 | Normally, a router decides what to do with a received packet based | |
107 | solely on the packet's final destination address. If you say Y here, | |
108 | the Linux router will also be able to take the packet's source | |
109 | address into account. Furthermore, the TOS (Type-Of-Service) field | |
110 | of the packet can be used for routing decisions as well. | |
111 | ||
112 | If you are interested in this, please see the preliminary | |
113 | documentation at <http://www.compendium.com.ar/policy-routing.txt> | |
114 | and <ftp://post.tepkom.ru/pub/vol2/Linux/docs/advanced-routing.tex>. | |
115 | You will need supporting software from | |
116 | <ftp://ftp.tux.org/pub/net/ip-routing/>. | |
117 | ||
118 | If unsure, say N. | |
119 | ||
1da177e4 LT |
120 | config IP_ROUTE_MULTIPATH |
121 | bool "IP: equal cost multipath" | |
122 | depends on IP_ADVANCED_ROUTER | |
123 | help | |
124 | Normally, the routing tables specify a single action to be taken in | |
125 | a deterministic manner for a given packet. If you say Y here | |
126 | however, it becomes possible to attach several actions to a packet | |
127 | pattern, in effect specifying several alternative paths to travel | |
128 | for those packets. The router considers all these paths to be of | |
129 | equal "cost" and chooses one of them in a non-deterministic fashion | |
130 | if a matching packet arrives. | |
131 | ||
1da177e4 LT |
132 | config IP_ROUTE_VERBOSE |
133 | bool "IP: verbose route monitoring" | |
134 | depends on IP_ADVANCED_ROUTER | |
135 | help | |
136 | If you say Y here, which is recommended, then the kernel will print | |
137 | verbose messages regarding the routing, for example warnings about | |
138 | received packets which look strange and could be evidence of an | |
139 | attack or a misconfigured system somewhere. The information is | |
140 | handled by the klogd daemon which is responsible for kernel messages | |
141 | ("man klogd"). | |
142 | ||
143 | config IP_PNP | |
144 | bool "IP: kernel level autoconfiguration" | |
1da177e4 LT |
145 | help |
146 | This enables automatic configuration of IP addresses of devices and | |
147 | of the routing table during kernel boot, based on either information | |
148 | supplied on the kernel command line or by BOOTP or RARP protocols. | |
149 | You need to say Y only for diskless machines requiring network | |
150 | access to boot (in which case you want to say Y to "Root file system | |
151 | on NFS" as well), because all other machines configure the network | |
152 | in their startup scripts. | |
153 | ||
154 | config IP_PNP_DHCP | |
155 | bool "IP: DHCP support" | |
156 | depends on IP_PNP | |
157 | ---help--- | |
158 | If you want your Linux box to mount its whole root file system (the | |
159 | one containing the directory /) from some other computer over the | |
160 | net via NFS and you want the IP address of your computer to be | |
161 | discovered automatically at boot time using the DHCP protocol (a | |
162 | special protocol designed for doing this job), say Y here. In case | |
163 | the boot ROM of your network card was designed for booting Linux and | |
164 | does DHCP itself, providing all necessary information on the kernel | |
165 | command line, you can say N here. | |
166 | ||
167 | If unsure, say Y. Note that if you want to use DHCP, a DHCP server | |
168 | must be operating on your network. Read | |
dc7a0816 | 169 | <file:Documentation/filesystems/nfs/nfsroot.txt> for details. |
1da177e4 LT |
170 | |
171 | config IP_PNP_BOOTP | |
172 | bool "IP: BOOTP support" | |
173 | depends on IP_PNP | |
174 | ---help--- | |
175 | If you want your Linux box to mount its whole root file system (the | |
176 | one containing the directory /) from some other computer over the | |
177 | net via NFS and you want the IP address of your computer to be | |
178 | discovered automatically at boot time using the BOOTP protocol (a | |
179 | special protocol designed for doing this job), say Y here. In case | |
180 | the boot ROM of your network card was designed for booting Linux and | |
181 | does BOOTP itself, providing all necessary information on the kernel | |
182 | command line, you can say N here. If unsure, say Y. Note that if you | |
183 | want to use BOOTP, a BOOTP server must be operating on your network. | |
dc7a0816 | 184 | Read <file:Documentation/filesystems/nfs/nfsroot.txt> for details. |
1da177e4 LT |
185 | |
186 | config IP_PNP_RARP | |
187 | bool "IP: RARP support" | |
188 | depends on IP_PNP | |
189 | help | |
190 | If you want your Linux box to mount its whole root file system (the | |
191 | one containing the directory /) from some other computer over the | |
192 | net via NFS and you want the IP address of your computer to be | |
193 | discovered automatically at boot time using the RARP protocol (an | |
194 | older protocol which is being obsoleted by BOOTP and DHCP), say Y | |
195 | here. Note that if you want to use RARP, a RARP server must be | |
6ded55da | 196 | operating on your network. Read |
dc7a0816 | 197 | <file:Documentation/filesystems/nfs/nfsroot.txt> for details. |
1da177e4 LT |
198 | |
199 | # not yet ready.. | |
a6e8f27f | 200 | # bool ' IP: ARP support' CONFIG_IP_PNP_ARP |
1da177e4 LT |
201 | config NET_IPIP |
202 | tristate "IP: tunneling" | |
d2acc347 | 203 | select INET_TUNNEL |
1da177e4 LT |
204 | ---help--- |
205 | Tunneling means encapsulating data of one protocol type within | |
206 | another protocol and sending it over a channel that understands the | |
207 | encapsulating protocol. This particular tunneling driver implements | |
208 | encapsulation of IP within IP, which sounds kind of pointless, but | |
209 | can be useful if you want to make your (or some other) machine | |
210 | appear on a different network than it physically is, or to use | |
211 | mobile-IP facilities (allowing laptops to seamlessly move between | |
212 | networks without changing their IP addresses). | |
213 | ||
214 | Saying Y to this option will produce two modules ( = code which can | |
215 | be inserted in and removed from the running kernel whenever you | |
216 | want). Most people won't need this and can say N. | |
217 | ||
218 | config NET_IPGRE | |
219 | tristate "IP: GRE tunnels over IP" | |
68c1f3a9 | 220 | depends on IPV6 || IPV6=n |
1da177e4 LT |
221 | help |
222 | Tunneling means encapsulating data of one protocol type within | |
223 | another protocol and sending it over a channel that understands the | |
224 | encapsulating protocol. This particular tunneling driver implements | |
225 | GRE (Generic Routing Encapsulation) and at this time allows | |
226 | encapsulating of IPv4 or IPv6 over existing IPv4 infrastructure. | |
227 | This driver is useful if the other endpoint is a Cisco router: Cisco | |
228 | likes GRE much better than the other Linux tunneling driver ("IP | |
229 | tunneling" above). In addition, GRE allows multicast redistribution | |
230 | through the tunnel. | |
231 | ||
232 | config NET_IPGRE_BROADCAST | |
233 | bool "IP: broadcast GRE over IP" | |
234 | depends on IP_MULTICAST && NET_IPGRE | |
235 | help | |
236 | One application of GRE/IP is to construct a broadcast WAN (Wide Area | |
237 | Network), which looks like a normal Ethernet LAN (Local Area | |
238 | Network), but can be distributed all over the Internet. If you want | |
239 | to do that, say Y here and to "IP multicast routing" below. | |
240 | ||
241 | config IP_MROUTE | |
242 | bool "IP: multicast routing" | |
243 | depends on IP_MULTICAST | |
244 | help | |
245 | This is used if you want your machine to act as a router for IP | |
246 | packets that have several destination addresses. It is needed on the | |
247 | MBONE, a high bandwidth network on top of the Internet which carries | |
248 | audio and video broadcasts. In order to do that, you would most | |
249 | likely run the program mrouted. Information about the multicast | |
250 | capabilities of the various network cards is contained in | |
251 | <file:Documentation/networking/multicast.txt>. If you haven't heard | |
252 | about it, you don't need it. | |
253 | ||
f0ad0860 PM |
254 | config IP_MROUTE_MULTIPLE_TABLES |
255 | bool "IP: multicast policy routing" | |
66496d49 | 256 | depends on IP_MROUTE && IP_ADVANCED_ROUTER |
f0ad0860 PM |
257 | select FIB_RULES |
258 | help | |
259 | Normally, a multicast router runs a userspace daemon and decides | |
260 | what to do with a multicast packet based on the source and | |
261 | destination addresses. If you say Y here, the multicast router | |
262 | will also be able to take interfaces and packet marks into | |
263 | account and run multiple instances of userspace daemons | |
264 | simultaneously, each one handling a single table. | |
265 | ||
266 | If unsure, say N. | |
267 | ||
1da177e4 LT |
268 | config IP_PIMSM_V1 |
269 | bool "IP: PIM-SM version 1 support" | |
270 | depends on IP_MROUTE | |
271 | help | |
272 | Kernel side support for Sparse Mode PIM (Protocol Independent | |
273 | Multicast) version 1. This multicast routing protocol is used widely | |
274 | because Cisco supports it. You need special software to use it | |
275 | (pimd-v1). Please see <http://netweb.usc.edu/pim/> for more | |
276 | information about PIM. | |
277 | ||
278 | Say Y if you want to use PIM-SM v1. Note that you can say N here if | |
279 | you just want to use Dense Mode PIM. | |
280 | ||
281 | config IP_PIMSM_V2 | |
282 | bool "IP: PIM-SM version 2 support" | |
283 | depends on IP_MROUTE | |
284 | help | |
285 | Kernel side support for Sparse Mode PIM version 2. In order to use | |
286 | this, you need an experimental routing daemon supporting it (pimd or | |
287 | gated-5). This routing protocol is not used widely, so say N unless | |
288 | you want to play with it. | |
289 | ||
290 | config ARPD | |
e61a4b63 | 291 | bool "IP: ARP daemon support" |
1da177e4 | 292 | ---help--- |
e61a4b63 TT |
293 | The kernel maintains an internal cache which maps IP addresses to |
294 | hardware addresses on the local network, so that Ethernet/Token Ring/ | |
295 | etc. frames are sent to the proper address on the physical networking | |
296 | layer. Normally, kernel uses the ARP protocol to resolve these | |
297 | mappings. | |
298 | ||
299 | Saying Y here adds support to have an user space daemon to do this | |
300 | resolution instead. This is useful for implementing an alternate | |
301 | address resolution protocol (e.g. NHRP on mGRE tunnels) and also for | |
302 | testing purposes. | |
303 | ||
304 | If unsure, say N. | |
1da177e4 LT |
305 | |
306 | config SYN_COOKIES | |
57f1553e | 307 | bool "IP: TCP syncookie support" |
1da177e4 LT |
308 | ---help--- |
309 | Normal TCP/IP networking is open to an attack known as "SYN | |
310 | flooding". This denial-of-service attack prevents legitimate remote | |
311 | users from being able to connect to your computer during an ongoing | |
312 | attack and requires very little work from the attacker, who can | |
313 | operate from anywhere on the Internet. | |
314 | ||
315 | SYN cookies provide protection against this type of attack. If you | |
316 | say Y here, the TCP/IP stack will use a cryptographic challenge | |
317 | protocol known as "SYN cookies" to enable legitimate users to | |
318 | continue to connect, even when your machine is under attack. There | |
319 | is no need for the legitimate users to change their TCP/IP software; | |
320 | SYN cookies work transparently to them. For technical information | |
321 | about SYN cookies, check out <http://cr.yp.to/syncookies.html>. | |
322 | ||
323 | If you are SYN flooded, the source address reported by the kernel is | |
324 | likely to have been forged by the attacker; it is only reported as | |
325 | an aid in tracing the packets to their actual source and should not | |
326 | be taken as absolute truth. | |
327 | ||
328 | SYN cookies may prevent correct error reporting on clients when the | |
329 | server is really overloaded. If this happens frequently better turn | |
330 | them off. | |
331 | ||
57f1553e FW |
332 | If you say Y here, you can disable SYN cookies at run time by |
333 | saying Y to "/proc file system support" and | |
1da177e4 LT |
334 | "Sysctl support" below and executing the command |
335 | ||
57f1553e | 336 | echo 0 > /proc/sys/net/ipv4/tcp_syncookies |
1da177e4 | 337 | |
57f1553e | 338 | after the /proc file system has been mounted. |
1da177e4 LT |
339 | |
340 | If unsure, say N. | |
341 | ||
342 | config INET_AH | |
343 | tristate "IP: AH transformation" | |
1da177e4 LT |
344 | select XFRM |
345 | select CRYPTO | |
346 | select CRYPTO_HMAC | |
347 | select CRYPTO_MD5 | |
348 | select CRYPTO_SHA1 | |
349 | ---help--- | |
350 | Support for IPsec AH. | |
351 | ||
352 | If unsure, say Y. | |
353 | ||
354 | config INET_ESP | |
355 | tristate "IP: ESP transformation" | |
1da177e4 LT |
356 | select XFRM |
357 | select CRYPTO | |
ed58dd41 | 358 | select CRYPTO_AUTHENC |
1da177e4 LT |
359 | select CRYPTO_HMAC |
360 | select CRYPTO_MD5 | |
6b7326c8 | 361 | select CRYPTO_CBC |
1da177e4 LT |
362 | select CRYPTO_SHA1 |
363 | select CRYPTO_DES | |
364 | ---help--- | |
365 | Support for IPsec ESP. | |
366 | ||
367 | If unsure, say Y. | |
368 | ||
369 | config INET_IPCOMP | |
370 | tristate "IP: IPComp transformation" | |
d2acc347 | 371 | select INET_XFRM_TUNNEL |
6fccab67 | 372 | select XFRM_IPCOMP |
1da177e4 LT |
373 | ---help--- |
374 | Support for IP Payload Compression Protocol (IPComp) (RFC3173), | |
375 | typically needed for IPsec. | |
a6e8f27f | 376 | |
1da177e4 LT |
377 | If unsure, say Y. |
378 | ||
d2acc347 HX |
379 | config INET_XFRM_TUNNEL |
380 | tristate | |
381 | select INET_TUNNEL | |
382 | default n | |
383 | ||
1da177e4 | 384 | config INET_TUNNEL |
d2acc347 HX |
385 | tristate |
386 | default n | |
1da177e4 | 387 | |
b59f45d0 HX |
388 | config INET_XFRM_MODE_TRANSPORT |
389 | tristate "IP: IPsec transport mode" | |
390 | default y | |
391 | select XFRM | |
392 | ---help--- | |
393 | Support for IPsec transport mode. | |
394 | ||
395 | If unsure, say Y. | |
396 | ||
397 | config INET_XFRM_MODE_TUNNEL | |
398 | tristate "IP: IPsec tunnel mode" | |
399 | default y | |
400 | select XFRM | |
401 | ---help--- | |
402 | Support for IPsec tunnel mode. | |
403 | ||
404 | If unsure, say Y. | |
405 | ||
0a69452c DB |
406 | config INET_XFRM_MODE_BEET |
407 | tristate "IP: IPsec BEET mode" | |
408 | default y | |
409 | select XFRM | |
410 | ---help--- | |
411 | Support for IPsec BEET mode. | |
412 | ||
413 | If unsure, say Y. | |
414 | ||
71c87e0c | 415 | config INET_LRO |
e81963b1 | 416 | bool "Large Receive Offload (ipv4/tcp)" |
bc8a5397 | 417 | default y |
71c87e0c JBT |
418 | ---help--- |
419 | Support for Large Receive Offload (ipv4/tcp). | |
420 | ||
421 | If unsure, say Y. | |
422 | ||
17b085ea ACM |
423 | config INET_DIAG |
424 | tristate "INET: socket monitoring interface" | |
1da177e4 LT |
425 | default y |
426 | ---help--- | |
73c1f4a0 ACM |
427 | Support for INET (TCP, DCCP, etc) socket monitoring interface used by |
428 | native Linux tools such as ss. ss is included in iproute2, currently | |
f4b9479d | 429 | downloadable at <http://linux-net.osdl.org/index.php/Iproute2>. |
a6e8f27f | 430 | |
1da177e4 LT |
431 | If unsure, say Y. |
432 | ||
17b085ea ACM |
433 | config INET_TCP_DIAG |
434 | depends on INET_DIAG | |
435 | def_tristate INET_DIAG | |
436 | ||
3d2573f7 | 437 | menuconfig TCP_CONG_ADVANCED |
a6484045 | 438 | bool "TCP: advanced congestion control" |
a6484045 DM |
439 | ---help--- |
440 | Support for selection of various TCP congestion control | |
441 | modules. | |
442 | ||
443 | Nearly all users can safely say no here, and a safe default | |
597811ec | 444 | selection will be made (CUBIC with new Reno as a fallback). |
a6484045 DM |
445 | |
446 | If unsure, say N. | |
447 | ||
3d2573f7 | 448 | if TCP_CONG_ADVANCED |
83803034 SH |
449 | |
450 | config TCP_CONG_BIC | |
451 | tristate "Binary Increase Congestion (BIC) control" | |
597811ec | 452 | default m |
83803034 SH |
453 | ---help--- |
454 | BIC-TCP is a sender-side only change that ensures a linear RTT | |
455 | fairness under large windows while offering both scalability and | |
456 | bounded TCP-friendliness. The protocol combines two schemes | |
457 | called additive increase and binary search increase. When the | |
458 | congestion window is large, additive increase with a large | |
459 | increment ensures linear RTT fairness as well as good | |
460 | scalability. Under small congestion windows, binary search | |
461 | increase provides TCP friendliness. | |
462 | See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/ | |
463 | ||
df3271f3 SH |
464 | config TCP_CONG_CUBIC |
465 | tristate "CUBIC TCP" | |
597811ec | 466 | default y |
df3271f3 SH |
467 | ---help--- |
468 | This is version 2.0 of BIC-TCP which uses a cubic growth function | |
469 | among other techniques. | |
470 | See http://www.csc.ncsu.edu/faculty/rhee/export/bitcp/cubic-paper.pdf | |
471 | ||
87270762 SH |
472 | config TCP_CONG_WESTWOOD |
473 | tristate "TCP Westwood+" | |
87270762 SH |
474 | default m |
475 | ---help--- | |
476 | TCP Westwood+ is a sender-side only modification of the TCP Reno | |
477 | protocol stack that optimizes the performance of TCP congestion | |
478 | control. It is based on end-to-end bandwidth estimation to set | |
479 | congestion window and slow start threshold after a congestion | |
480 | episode. Using this estimation, TCP Westwood+ adaptively sets a | |
481 | slow start threshold and a congestion window which takes into | |
482 | account the bandwidth used at the time congestion is experienced. | |
483 | TCP Westwood+ significantly increases fairness wrt TCP Reno in | |
484 | wired networks and throughput over wireless links. | |
485 | ||
a7868ea6 BE |
486 | config TCP_CONG_HTCP |
487 | tristate "H-TCP" | |
a7868ea6 BE |
488 | default m |
489 | ---help--- | |
490 | H-TCP is a send-side only modifications of the TCP Reno | |
491 | protocol stack that optimizes the performance of TCP | |
492 | congestion control for high speed network links. It uses a | |
493 | modeswitch to change the alpha and beta parameters of TCP Reno | |
494 | based on network conditions and in a way so as to be fair with | |
495 | other Reno and H-TCP flows. | |
496 | ||
a628d29b JH |
497 | config TCP_CONG_HSTCP |
498 | tristate "High Speed TCP" | |
6a2e9b73 | 499 | depends on EXPERIMENTAL |
a628d29b JH |
500 | default n |
501 | ---help--- | |
502 | Sally Floyd's High Speed TCP (RFC 3649) congestion control. | |
503 | A modification to TCP's congestion control mechanism for use | |
504 | with large congestion windows. A table indicates how much to | |
505 | increase the congestion window by when an ACK is received. | |
506 | For more detail see http://www.icir.org/floyd/hstcp.html | |
507 | ||
835b3f0c DL |
508 | config TCP_CONG_HYBLA |
509 | tristate "TCP-Hybla congestion control algorithm" | |
6a2e9b73 | 510 | depends on EXPERIMENTAL |
835b3f0c DL |
511 | default n |
512 | ---help--- | |
513 | TCP-Hybla is a sender-side only change that eliminates penalization of | |
514 | long-RTT, large-bandwidth connections, like when satellite legs are | |
44c09201 | 515 | involved, especially when sharing a common bottleneck with normal |
835b3f0c DL |
516 | terrestrial connections. |
517 | ||
b87d8561 SH |
518 | config TCP_CONG_VEGAS |
519 | tristate "TCP Vegas" | |
6a2e9b73 | 520 | depends on EXPERIMENTAL |
b87d8561 SH |
521 | default n |
522 | ---help--- | |
523 | TCP Vegas is a sender-side only change to TCP that anticipates | |
524 | the onset of congestion by estimating the bandwidth. TCP Vegas | |
525 | adjusts the sending rate by modifying the congestion | |
526 | window. TCP Vegas should provide less packet loss, but it is | |
527 | not as aggressive as TCP Reno. | |
528 | ||
0e57976b JH |
529 | config TCP_CONG_SCALABLE |
530 | tristate "Scalable TCP" | |
6a2e9b73 | 531 | depends on EXPERIMENTAL |
0e57976b JH |
532 | default n |
533 | ---help--- | |
534 | Scalable TCP is a sender-side only change to TCP which uses a | |
535 | MIMD congestion control algorithm which has some nice scaling | |
536 | properties, though is known to have fairness issues. | |
f4b9479d | 537 | See http://www.deneholme.net/tom/scalable/ |
a7868ea6 | 538 | |
7c106d7e WHSE |
539 | config TCP_CONG_LP |
540 | tristate "TCP Low Priority" | |
541 | depends on EXPERIMENTAL | |
542 | default n | |
543 | ---help--- | |
544 | TCP Low Priority (TCP-LP), a distributed algorithm whose goal is | |
cab00891 | 545 | to utilize only the excess network bandwidth as compared to the |
7c106d7e WHSE |
546 | ``fair share`` of bandwidth as targeted by TCP. |
547 | See http://www-ece.rice.edu/networks/TCP-LP/ | |
548 | ||
76f10177 BZ |
549 | config TCP_CONG_VENO |
550 | tristate "TCP Veno" | |
551 | depends on EXPERIMENTAL | |
552 | default n | |
553 | ---help--- | |
554 | TCP Veno is a sender-side only enhancement of TCP to obtain better | |
555 | throughput over wireless networks. TCP Veno makes use of state | |
556 | distinguishing to circumvent the difficult judgment of the packet loss | |
557 | type. TCP Veno cuts down less congestion window in response to random | |
558 | loss packets. | |
559 | See http://www.ntu.edu.sg/home5/ZHOU0022/papers/CPFu03a.pdf | |
560 | ||
5ef81475 AC |
561 | config TCP_CONG_YEAH |
562 | tristate "YeAH TCP" | |
563 | depends on EXPERIMENTAL | |
2ff011ef | 564 | select TCP_CONG_VEGAS |
5ef81475 AC |
565 | default n |
566 | ---help--- | |
567 | YeAH-TCP is a sender-side high-speed enabled TCP congestion control | |
568 | algorithm, which uses a mixed loss/delay approach to compute the | |
569 | congestion window. It's design goals target high efficiency, | |
570 | internal, RTT and Reno fairness, resilience to link loss while | |
571 | keeping network elements load as low as possible. | |
572 | ||
573 | For further details look here: | |
574 | http://wil.cs.caltech.edu/pfldnet2007/paper/YeAH_TCP.pdf | |
575 | ||
c462238d SH |
576 | config TCP_CONG_ILLINOIS |
577 | tristate "TCP Illinois" | |
578 | depends on EXPERIMENTAL | |
579 | default n | |
580 | ---help--- | |
01dd2fbf | 581 | TCP-Illinois is a sender-side modification of TCP Reno for |
c462238d SH |
582 | high speed long delay links. It uses round-trip-time to |
583 | adjust the alpha and beta parameters to achieve a higher average | |
584 | throughput and maintain fairness. | |
585 | ||
586 | For further details see: | |
587 | http://www.ews.uiuc.edu/~shaoliu/tcpillinois/index.html | |
588 | ||
3d2573f7 SH |
589 | choice |
590 | prompt "Default TCP congestion control" | |
597811ec | 591 | default DEFAULT_CUBIC |
3d2573f7 SH |
592 | help |
593 | Select the TCP congestion control that will be used by default | |
594 | for all connections. | |
595 | ||
596 | config DEFAULT_BIC | |
597 | bool "Bic" if TCP_CONG_BIC=y | |
598 | ||
599 | config DEFAULT_CUBIC | |
600 | bool "Cubic" if TCP_CONG_CUBIC=y | |
601 | ||
602 | config DEFAULT_HTCP | |
603 | bool "Htcp" if TCP_CONG_HTCP=y | |
604 | ||
dd2acaa7 JE |
605 | config DEFAULT_HYBLA |
606 | bool "Hybla" if TCP_CONG_HYBLA=y | |
607 | ||
3d2573f7 SH |
608 | config DEFAULT_VEGAS |
609 | bool "Vegas" if TCP_CONG_VEGAS=y | |
610 | ||
6ce1a6df JE |
611 | config DEFAULT_VENO |
612 | bool "Veno" if TCP_CONG_VENO=y | |
613 | ||
3d2573f7 SH |
614 | config DEFAULT_WESTWOOD |
615 | bool "Westwood" if TCP_CONG_WESTWOOD=y | |
616 | ||
617 | config DEFAULT_RENO | |
618 | bool "Reno" | |
619 | ||
620 | endchoice | |
621 | ||
622 | endif | |
83803034 | 623 | |
597811ec | 624 | config TCP_CONG_CUBIC |
6c360767 | 625 | tristate |
a6484045 DM |
626 | depends on !TCP_CONG_ADVANCED |
627 | default y | |
628 | ||
3d2573f7 SH |
629 | config DEFAULT_TCP_CONG |
630 | string | |
631 | default "bic" if DEFAULT_BIC | |
632 | default "cubic" if DEFAULT_CUBIC | |
633 | default "htcp" if DEFAULT_HTCP | |
dd2acaa7 | 634 | default "hybla" if DEFAULT_HYBLA |
3d2573f7 SH |
635 | default "vegas" if DEFAULT_VEGAS |
636 | default "westwood" if DEFAULT_WESTWOOD | |
6ce1a6df | 637 | default "veno" if DEFAULT_VENO |
3d2573f7 | 638 | default "reno" if DEFAULT_RENO |
597811ec | 639 | default "cubic" |
3d2573f7 | 640 | |
cfb6eeb4 YH |
641 | config TCP_MD5SIG |
642 | bool "TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL)" | |
643 | depends on EXPERIMENTAL | |
644 | select CRYPTO | |
645 | select CRYPTO_MD5 | |
646 | ---help--- | |
3dde6ad8 | 647 | RFC2385 specifies a method of giving MD5 protection to TCP sessions. |
cfb6eeb4 YH |
648 | Its main (only?) use is to protect BGP sessions between core routers |
649 | on the Internet. | |
650 | ||
651 | If unsure, say N. | |
652 |