4 USec timer for Initial Sequence Number generation in Linux
Below are few lines taken from RFC6528. S3
Proposed Initial Sequence Number Generation Algorithm.
TCP SHOULD generate its Initial Sequence Numbers with the expression:
ISN = M + F(localip, localport, remoteip, remoteport, secretkey)
where M is the 4 microsecond timer
What exactly is meant by 4 microsecond timer ?
(Please do not get deviated from the main focus of the question by the stuff below. This is just to clarify one of my comments)
This an image which confused me.
(MD5 has replaced MD4 from kernels 3.1.But I'm not sure whether the re-keying is avoided. The re-key counter is set to zero on boot, if it is still used)
Answers
To avoid trouble from receiving stale segments from an earlier incarnation of a TCP connection, the relevant RFCs suggest a series of measures.
One of the measures is monotically incrementing the ISN at a rate faster than the bandwidth would permit on a live connection, so the next time a connection is opened using the same (source ip, dest ip, source port, dest port) tuple, the sequence number used doesn't coincide with a sequence number used in a TCP segment from the earlier connection.
This and other mechanisms are talked about in the Appendix to RFC1185.
Apparently a 4 µs timer is good for a 2Mb/s network. Linux uses a 64 ns timer.