-
CONFIG_NET_TCP_TIME_WAIT_DELAY
¶
How long to wait in TIME_WAIT state (in milliseconds)
Type: int
Help¶
To avoid a (low-probability) issue when delayed packets from previous connection get delivered to next connection reusing the same local/remote ports, RFC 793 (TCP) suggests to keep an old, closed connection in a special “TIME_WAIT” state for the duration of 2*MSL (Maximum Segment Lifetime). The RFC suggests to use MSL of 2 minutes, but notes “This is an engineering choice, and may be changed if experience indicates it is desirable to do so.” For low-resource systems, having large MSL may lead to quick resource exhaustion (and related DoS attacks). At the same time, the issue of packet misdelivery is largely alleviated in the modern TCP stacks by using random, non-repeating port numbers and initial sequence numbers. Due to this, Zephyr uses much lower value of 250ms by default. Value of 0 disables TIME_WAIT state completely.
Direct dependencies¶
NET_TCP
&& !NET_RAW_MODE
&& NETWORKING
(Includes any dependencies from ifs and menus.)
Default¶
250
Kconfig definition¶
At <Zephyr>/subsys/net/ip/Kconfig:350
Included via <Zephyr>/Kconfig:8
→ <Zephyr>/Kconfig.zephyr:34
→ <Zephyr>/subsys/Kconfig:37
→ <Zephyr>/subsys/net/Kconfig:87
Menu path: (Top) → Sub Systems and OS Services → Networking → Link layer and IP networking support → IP stack → Enable TCP
config NET_TCP_TIME_WAIT_DELAY int "How long to wait in TIME_WAIT state (in milliseconds)" default 250 depends onNET_TCP
&& !NET_RAW_MODE
&&NETWORKING
help To avoid a (low-probability) issue when delayed packets from previous connection get delivered to next connection reusing the same local/remote ports, RFC 793 (TCP) suggests to keep an old, closed connection in a special "TIME_WAIT" state for the duration of 2*MSL (Maximum Segment Lifetime). The RFC suggests to use MSL of 2 minutes, but notes "This is an engineering choice, and may be changed if experience indicates it is desirable to do so." For low-resource systems, having large MSL may lead to quick resource exhaustion (and related DoS attacks). At the same time, the issue of packet misdelivery is largely alleviated in the modern TCP stacks by using random, non-repeating port numbers and initial sequence numbers. Due to this, Zephyr uses much lower value of 250ms by default. Value of 0 disables TIME_WAIT state completely.
(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)