home *** CD-ROM | disk | FTP | other *** search
-
- tcp <subcommand>
-
- These commands are used for the Transmission Control Protocol
- service. All TCP parameters are configurable per interface. Commands
- of the form 'tcp <command>' set the default or global values. Use
- the 'ifconfig <iface> tcp <command>' form to set or show the interface-
- specific values.
-
- To set the system default TCP parameters, you must do so BEFORE
- attaching interfaces. After attachment, you must use the 'ifconfig
- <iface> tcp' command form to show or change values for that interface.
- THIS IS A CHANGE FROM THE BEHAVIOUR EXHIBITED PRIOR TO JNOS VERSION
- 1.10X16, RELEASED 08FEB94.
-
-
- Notes:
-
- Attempting outgoing connections to addresses without an
- existing route results in Error number 219.
-
-
- tcp access <permit|deny|delete> <ipaddr[/bits]|all> [loport [hiport]]
-
- Display or set tcp access controls, which determine which TCP services
- (ports) are accessible to which IP addresses. Default is to permit
- all hosts to access all ports, until the first TCP access command is
- entered, at which point all other ports and addresses are denied
- unless specifically permitted by subsequent tcp access commands.
-
- This subcommand adds or deletes an access control entry maintained
- in an internal table. Entries are scanned in the order that they
- were added, to determine if access will be granted. Access is granted
- only if an entry with matching ipaddr or range, and ports, is found
- with "permit" set before a match with "deny" or no match is found.
- The optional /bits suffix to the ipaddr specifies how many leading
- bits in the ipaddr are to be considered significant in the address
- comparisons. If not specified, 32 bits (i.e., full significance)
- is assumed. All addresses can be specified by "all". Loport and
- hiport specify the port or range of TCP ports for which the access
- control command applies. If "all" is given as the loport, or if no
- port range is specified, all ports are assumed, ie, 1 to 65534.
-
- "tcp access" will display the table of current access control entrys.
- Access commands should be entered from the most specific ipaddr to the
- least specific, since the first match (permit or deny) encountered
- in the internal table is returned.
-
- #Example:
- #Allow a specific AMPRnet host SMTP access
- tcp access permit 44.76.1.199 25
- #but deny all other services to him
- tcp access deny 44.76.1.199
- #Allow all other AMPRnet hosts full access to TCP services
- tcp access permit 44.76.1/24 all
-
- #Allow a specific subnet access to ports 1 through 25,
- #which includes echo, discard, ftp, telnet, and smtp.
- tcp access permit 23.1.46/24 1 25
- #Note that all other hosts not matched above, are denied access
-
-
- tcp blimit [<value>] Default: 31
-
- Display or set the default tcp retransmission backoff limit.
- Normally each successive tcp retransmission is delayed a time
- value that increases exponentially or linearly. The backoff
- limit <value> serves to set the maximum backoff delay allowed.
- See also tcp timertype and tcp maxwait.
-
-
- tcp clean
-
- Reset all tcp connections that are in a "FIN wait 2" state. This
- is useful to release memory resources held by Jnos for connections
- that were not properly closed.
-
-
- tcp irtt [<milliseconds>]
-
- (B) Display or set the initial round trip time estimate, in
- milliseconds, to be used for new TCP connections until they can
- measure and adapt to the actual value. The default is 5000
- milliseconds (5 seconds). Increasing irtt when operating over
- slow channels will avoid the flurry of re-transmissions that
- would otherwise occur as the smoothed estimate settles down at
- the correct value. Note that this command should be given before
- servers are started in order for it to have effect on incoming
- connections.
-
- TCP also keeps a cache of measured round trip times and mean
- deviations (MDEV) for current and recent destinations. Whenever
- a new TCP connection is opened, the system first looks in this
- cache. If the destination is found, the cached IRTT and MDEV
- values are used. If not, the default IRTT value mentioned above
- is used, along with a MDEV of 0. This feature is fully
- automatic, and it can improve performance greatly when a series
- of connections are opened and closed to a given destination (e.g.
- a series of FTP file transfers or directory listings).
-
-
- tcp kick <tcb_addr>
-
- If there is unacknowledged data on the send queue of the
- specified TCB, this command forces an immediate retransmission.
- <tcb addr> can be found with the 'tcp status' command.
-
-
- tcp maxwait [<msec>]
-
- Set or show the maximum time for retry timeout in milliseconds.
- Default = 0, no maximum.
-
-
- tcp mss [<size>]
-
- (B) Display or set the TCP Maximum Segment Size in bytes that
- will be sent on all outgoing TCP connect request (SYN segments).
- This tells the remote end the size of the largest segment
- (packet) it may send. Changing MSS affects only future
- connections; existing connections are unaffected. See also the
- section 'Of PACLEN, MTU, MSS, and More' in the JNOS40
- Configuration Manual.
-
-
- tcp reset <tcb_addr>
-
- Deletes the TCP control block at the specified address.
-
-
- tcp retries [<num>]
-
- (B) Display or set the number of retries before a tcp connection
- will be reset. Default is 16. This is useful to eliminate idle
- connections that have not been properly shut down. Default = 0,
- there is no maximum, i.e. a connection will never retry out.
-
-
- tcp rtt <tcb_addr> <milliseconds>
-
- Replaces the automatically computed round trip time in the
- specified TCB with the rtt in milliseconds. This command is
- useful to speed up recovery from a series of lost packets since
- it provides a manual bypass around the normal backoff
- retransmission timing mechanisms.
-
-
- tcp status [<tcb_addr> | all]
-
- Without arguments, displays several TCP-level statistics, plus a
- summary of all existing TCP connections, including TCB
- address, send and receive queue sizes, local and remote sockets,
- and connection state. If <tcb addr> is specified, a more
- detailed dump of the specified TCB is generated, including send
- and receive sequence numbers and timer information. If "all" is
- given, the summary will also include TCBs in a listening state
- (awaiting a connection). In this case, a (S) will indicate that
- a server process is to be spawned when a connection occurs.
-
-
- tcp syndata [yes | NO]
-
- (B) Display or set the tcp syn + data piggybacking flag. Some
- tcp systems cannot handle syn + data together.
-
-
- tcp timertype [linear | exponential]
-
- (B) Display the current setting or set the timer type backoff
- algorithm. Default is linear.
-
-
- tcp trace [yes | NO]
-
- (B) Display or set the tcp trace flag on or off.
-
-
- tcp window [<size>]
-
- (B) Displays or sets the default receive window size in bytes to
- be used by TCP when creating new connections. Existing
- connections are unaffected.
-
-
-
-