diff options
| author | job@openbsd.org <job@openbsd.org> | 2018-04-04 15:12:17 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-04-06 14:20:33 +1000 |
| commit | 5ee8448ad7c306f05a9f56769f95336a8269f379 (patch) | |
| tree | fac0e97f27145aeef62714ac0f50651ef4621df9 /readconf.c | |
| parent | 424b544fbda963f973da80f884717c3e0a513288 (diff) | |
upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for
interactive and CS1 for bulk
AF21 was selected as this is the highest priority within the low-latency
service class (and it is higher than what we have today). SSH is elastic
and time-sensitive data, where a user is waiting for a response via the
network in order to continue with a task at hand. As such, these flows
should be considered foreground traffic, with delays or drops to such
traffic directly impacting user-productivity.
For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable
networks implementing a scavanger/lower-than-best effort class to
discriminate scp(1) below normal activities, such as web surfing. In
general this type of bulk SSH traffic is a background activity.
An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH
is that they are recognisable values on all common platforms (IANA
https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and
for AF21 specifically a definition of the intended behavior exists
https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition
of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and
for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662
The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE
802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate",
or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e,
MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK").
OK deraadt@, "no objection" djm@
OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/readconf.c b/readconf.c index 88051db57..f69b46547 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.283 2018/02/23 15:58:37 markus Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.284 2018/04/04 15:12:17 job Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -1998,9 +1998,9 @@ fill_default_options(Options * options) | |||
| 1998 | if (options->visual_host_key == -1) | 1998 | if (options->visual_host_key == -1) |
| 1999 | options->visual_host_key = 0; | 1999 | options->visual_host_key = 0; |
| 2000 | if (options->ip_qos_interactive == -1) | 2000 | if (options->ip_qos_interactive == -1) |
| 2001 | options->ip_qos_interactive = IPTOS_LOWDELAY; | 2001 | options->ip_qos_interactive = IPTOS_DSCP_AF21; |
| 2002 | if (options->ip_qos_bulk == -1) | 2002 | if (options->ip_qos_bulk == -1) |
| 2003 | options->ip_qos_bulk = IPTOS_THROUGHPUT; | 2003 | options->ip_qos_bulk = IPTOS_DSCP_CS1; |
| 2004 | if (options->request_tty == -1) | 2004 | if (options->request_tty == -1) |
| 2005 | options->request_tty = REQUEST_TTY_AUTO; | 2005 | options->request_tty = REQUEST_TTY_AUTO; |
| 2006 | if (options->proxy_use_fdpass == -1) | 2006 | if (options->proxy_use_fdpass == -1) |