OpenSolaris

Printable Version Enter a New Search
Bug ID 4625629
Synopsis perhaps TCP_STRONG_ISS should default to `2'
State 3-Accepted (Yes, that is a problem)
Category:Subcategory kernel:tcp-ip
Keywords SOOTB | modern_times | opensolaris | sol-sec-guide
Responsible Engineer Rao Shoaib
Reported Against 5.9 , 5.10 , s10_01 , s10_55 , s81_56 , snv_82
Duplicate Of
Introduced In
Commit to Fix
Fixed In
Release Fixed
Related Bugs 6664569 , 5089452
Submit Date 18-January-2002
Last Update Date 19-February-2008
Description 
 xxxxx@xxxxx.com 2002-01-18

From my platinum beta customer:

 >   I have been setting TCP_STRONG_ISS=2 in /etc/default/inetinit to get
 > more random initial TCP sequence number generation on sol8 machines. I
 > note that this is still set to TCP_STRONG_ISS=1 in the sol9 beta.  Is
 > there a reason this value is not set to 2 by default?

It seems that the historical reason is that TCP_STRONG_ISS=2 impacted
performance noticably, especially in configurations with lots of short-lived
connections (i.e., lots of connection setups/teardowns).  However, it's
possible that hardware has changed enough such that this is no longer an
issue.  I think the issue is worth at least investigating.
Work Around 
N/A
Comments 
N/A