Skip to content

3. Custom Compilation

Jump to bottom
Chema García edited this page Dec 22, 2015 · 2 revisions

Once you now how to compile the library you are ready to customize some parameters. To change the value of a definition, you should specify the modification when calling to cmake:

$ cmake .. -D<NAME>=<VALUE>

IPv4 Defragmentation Parameters

  • MIN_FRAGMENT_LENGTH 576 bytes as recommends RFC 791

    • Minimun data length inside an IPv4 fragment.

  • MAX_DATAGRAM_LENGTH 65535 bytes

    • Maximum data length for a defragmented IPv4 datagram

  • DEFAULT_IPV4_FRAGMENT_TIMEOUT 15 (s) as recommends RFC 791

    • Maximum idle time for an IPv4 flow

  • DEFAULT_IPV4_MAX_FLOWS 1024

    • Maximum number of IPv4 flows that can be stored in a session

  • DEFAULT_IPV4_MAX_FRAGMENTS 12MB / size_of ( fragment )

    • Maximum amount of IPv4 fragments stored in a session

IPv6 Defragmentation Parameters

  • MIN_IPV6_FRAGMENT_LENGTH 1280

    • Minimun data length inside an IPv4 fragment

  • MAX_IPV6_DATAGRAM_LENGTH 4294967295UL (jumbograms)

    • Maximum IPv6 datagram fragment length

  • DEFAULT_IPV6_FRAGMENT_TIMEOUT 15 seconds

    • Maximum idle time for an IPv6 flow

  • DEFAULT_IPV6_MAX_FLOWS 1024

    • Maximum number of IPv4 flows that can be stored in a session

  • DEFAULT_IPV6_MAX_FRAGMENTS 12MB / size_of ( fragment )

    • Maximum amount of IPv6 fragments stored in a session

TCP Reassembly Parameters

  • DEFAULT_TCP_MAX_STREAMS 1024

    • Maximum number of TCP streams that can be stored in a session

  • DEFAULT_TCP_SYN_RETRIES 5 as specifies the Linux Kernel

    • Maximum retries of TCP segments with SYN flag enabled at the begining of a connection

  • DEFAULT_TCP_SYNSENT_TIMEOUT 5 seconds

    • Maximum idle time waiting for a SYN+ACK confirmation, at the begining of a connection

  • DEFAULT_TCP_SYNACK_RETRIES 5 as specifies the Linux Kernel

    • Maximum retries of TCP segments with SYN+ACK flags enabled at the begining of a connection

  • DEFAULT_TCP_SYNRCV_TIMEOUT 5 seconds

    • Maximum idle time waiting for a ACK confirmation, at the begining of a connection

  • DEFAULT_TCP_ESTABLISHED_TIMEOUT 60 (s) as specifies the Linux Kernel (BSD Kernel specifies 30s)

    • Maximum idle time for an established connection. (Maximum Segment Life)

  • DEFAULT_TCP_FINWAIT2_TIMEOUT 60 (s) as specifies the Linux Kernel

    • Maximum idle time to hold a connection in FINWAIT2 status (closing)

  • DEFAULT_TCP_TIMEWAIT_TIMEOUT 2 * DEFAULT_TCP_ESTABLISHED_TIMEOUT

    • Mximum idle time to hold a connection in TIMEWAIT status ("closed")

  • DEFAULT_TCP_MAX_TIMEWAIT_STREAMS DEFAULT_TCP_MAX_STREAMS / 3

    • Maximum number of connections that can be stored with TIMEWAIT status

  • DEFAULT_TIMEOUT_DELAY 3000 milliseconds

    • Period of time to check the streams timeout

So if you want to change the value of DEFAULT_TCP_MAX_STREAMS to 2048 and DEFAULT_TCP_SYN_RETRIES to 1, you should type:

$ cmake .. -DDEFAULT_TCP_MAX_STREAMS=2048 -DDEFAULT_TCP_SYN_RETRIES=1

Note: As you have noticed, there is no definition to specify the maximum amount of TCP segments in a stream. Don't panic this can be added in the future, however libntoh uses a TCP feature (TCP Window) forbidding to store more bytes than specified in the window.

As an example, let's assume a TCP window of 1K. If a new segment arrives and there is no space to store it, queued segments will be sent to let the new segment to be stored, so we will never have more than 1K in a queue. On the other hand, if we have a window of 1K and restrict the queue to not to store more than 512 segments, the connection will be possibly corrupted, so let's rely on TCP Window to do the work!

Clone this wiki locally