TOS byte on port forwarding-only connections
Matt Johnston
matt at ucc.asn.au
Tue Jul 8 21:44:28 WST 2014
On Fri, Jul 04, 2014 at 02:59:09AM -0400, Catalin Patulea wrote:
> 'ssh -Lx:x:x cat' is a workaround, albeit ugly. Ideally I would like
> 'ssh -N -Lx:x:x' to also trigger IPTOS_BULK.
>
> I think for that I could start the connection at LOWDELAY, then reduce
> to BULK until the first pty session, then set LOWDELAY again. If the
> client deletes the pty session but keeps the connection, it will stay
> at LOWDELAY - we probably want it to reduce to BULK in that case.
>
> How about a cleaner approach, where we keep a "refcount on lowdelay",
> updated when pty channels are created/removed. When the refcount
> transitions from 0->1, set LOWDELAY, 1->0, set BULK. I don't think
> it's all that much extra code and it will really do the right thing in
> many situations.
>
> How would you feel about a patch for that?
Hi,
Thanks for the thoughts. It sounds consistent, but -L always
implying IPTOS_BULK isn't necessarily desirable. Multihop
interactive sessions ("dbclient host1,host2,host3") will
establish no-pty channels to host1 and host2. I assume there
are people using -N to tunnel interactive traffic through
port forwards too.
I'm not really sure how to resolve it though. Maybe as a
tradeoff the refcounting could just switch between LOWDELAY
and no-tos-flags if there are TCP forwards going on, then
BULK if there aren't TCP forwards?
Matt
More information about the Dropbear
mailing list