diff options
author | job@openbsd.org <job@openbsd.org> | 2018-04-04 15:12:17 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-04-06 14:20:33 +1000 |
commit | 5ee8448ad7c306f05a9f56769f95336a8269f379 (patch) | |
tree | fac0e97f27145aeef62714ac0f50651ef4621df9 /ssh_config.5 | |
parent | 424b544fbda963f973da80f884717c3e0a513288 (diff) |
upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for
interactive and CS1 for bulk
AF21 was selected as this is the highest priority within the low-latency
service class (and it is higher than what we have today). SSH is elastic
and time-sensitive data, where a user is waiting for a response via the
network in order to continue with a task at hand. As such, these flows
should be considered foreground traffic, with delays or drops to such
traffic directly impacting user-productivity.
For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable
networks implementing a scavanger/lower-than-best effort class to
discriminate scp(1) below normal activities, such as web surfing. In
general this type of bulk SSH traffic is a background activity.
An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH
is that they are recognisable values on all common platforms (IANA
https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and
for AF21 specifically a definition of the intended behavior exists
https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition
of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and
for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662
The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE
802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate",
or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e,
MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK").
OK deraadt@, "no objection" djm@
OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 71705cabd..010bca479 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.268 2018/02/23 07:38:09 jmc Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.269 2018/04/04 15:12:17 job Exp $ |
37 | .Dd $Mdocdate: February 23 2018 $ | 37 | .Dd $Mdocdate: April 4 2018 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -984,9 +984,11 @@ If one argument is specified, it is used as the packet class unconditionally. | |||
984 | If two values are specified, the first is automatically selected for | 984 | If two values are specified, the first is automatically selected for |
985 | interactive sessions and the second for non-interactive sessions. | 985 | interactive sessions and the second for non-interactive sessions. |
986 | The default is | 986 | The default is |
987 | .Cm lowdelay | 987 | .Cm af21 |
988 | .Ar (Low-Latency Data) | ||
988 | for interactive sessions and | 989 | for interactive sessions and |
989 | .Cm throughput | 990 | .Cm cs1 |
991 | .Ar (Lower Effort) | ||
990 | for non-interactive sessions. | 992 | for non-interactive sessions. |
991 | .It Cm KbdInteractiveAuthentication | 993 | .It Cm KbdInteractiveAuthentication |
992 | Specifies whether to use keyboard-interactive authentication. | 994 | Specifies whether to use keyboard-interactive authentication. |