4 USec timer for Initial Sequence Number generation in Linux

Below are few lines taken from RFC6528. S3

Proposed Initial Sequence Number Generation Algorithm.

TCP SHOULD generate its Initial Sequence Numbers with the expression:

  ISN = M + F(localip, localport, remoteip, remoteport, secretkey)

where M is the 4 microsecond timer

What exactly is meant by 4 microsecond timer ?

(Please do not get deviated from the main focus of the question by the stuff below. This is just to clarify one of my comments)

This an image which confused me.

(MD5 has replaced MD4 from kernels 3.1.But I'm not sure whether the re-keying is avoided. The re-key counter is set to zero on boot, if it is still used)


To avoid trouble from receiving stale segments from an earlier incarnation of a TCP connection, the relevant RFCs suggest a series of measures.

One of the measures is monotically incrementing the ISN at a rate faster than the bandwidth would permit on a live connection, so the next time a connection is opened using the same (source ip, dest ip, source port, dest port) tuple, the sequence number used doesn't coincide with a sequence number used in a TCP segment from the earlier connection.

This and other mechanisms are talked about in the Appendix to RFC1185.

Apparently a 4 ┬Ás timer is good for a 2Mb/s network. Linux uses a 64 ns timer.

Need Your Help

How can write logs to a file in btrace?

java trace dtrace btrace

I have following btrace script. I would like to record entry and exit of functions in a specific class.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.