€•      Œsphinx.addnodes”Œdocument”“”)”}”(Œ	rawsource”Œ ”Œchildren”]”(Œtranslations”ŒLanguagesNode”“”)”}”(hhh]”(h Œpending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ
attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ	refdomain”Œstd”Œreftype”Œdoc”Œ	reftarget”Œ%/translations/zh_CN/networking/tcp_ao”Œmodname”NŒ	classname”NŒrefexplicit”ˆuŒtagname”hhhubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ%/translations/zh_TW/networking/tcp_ao”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ%/translations/it_IT/networking/tcp_ao”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ%/translations/ja_JP/networking/tcp_ao”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ%/translations/ko_KR/networking/tcp_ao”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒSpanish”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ%/translations/sp_SP/networking/tcp_ao”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h
hhŒ	_document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh£sbah}”(h]”h ]”h"]”h$]”h&]”Œ	xml:space”Œpreserve”uh1h¡hhhžhhŸŒ?/var/lib/git/docbuild/linux/Documentation/networking/tcp_ao.rst”h KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ8TCP Authentication Option Linux implementation (RFC5925)”h]”hŒ8TCP Authentication Option Linux implementation (RFC5925)”…””}”(hh»hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hh¶hžhhŸh³h KubhŒ	paragraph”“”)”}”(hX°  TCP Authentication Option (TCP-AO) provides a TCP extension aimed at verifying
segments between trusted peers. It adds a new TCP header option with
a Message Authentication Code (MAC). MACs are produced from the content
of a TCP segment using a hashing function with a password known to both peers.
The intent of TCP-AO is to deprecate TCP-MD5 providing better security,
key rotation and support for a variety of hashing algorithms.”h]”hX°  TCP Authentication Option (TCP-AO) provides a TCP extension aimed at verifying
segments between trusted peers. It adds a new TCP header option with
a Message Authentication Code (MAC). MACs are produced from the content
of a TCP segment using a hashing function with a password known to both peers.
The intent of TCP-AO is to deprecate TCP-MD5 providing better security,
key rotation and support for a variety of hashing algorithms.”…””}”(hhËhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Khh¶hžhubhµ)”}”(hhh]”(hº)”}”(hŒ1. Introduction”h]”hŒ1. Introduction”…””}”(hhÜhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hhÙhžhhŸh³h KubhŒtable”“”)”}”(hhh]”(hº)”}”(hŒ2Short and Limited Comparison of TCP-AO and TCP-MD5”h]”hŒ2Short and Limited Comparison of TCP-AO and TCP-MD5”…””}”(hhïhžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hŸh³h KhhìubhŒtgroup”“”)”}”(hhh]”(hŒcolspec”“”)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1j  hhÿubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1j  hhÿubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1j  hhÿubhŒthead”“”)”}”(hhh]”hŒrow”“”)”}”(hhh]”(hŒentry”“”)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj)  ubj-  )”}”(hhh]”hÊ)”}”(hŒTCP-MD5”h]”hŒTCP-MD5”…””}”(hj:  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Khj7  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj)  ubj-  )”}”(hhh]”hÊ)”}”(hŒTCP-AO”h]”hŒTCP-AO”…””}”(hjQ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KhjN  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj)  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hj$  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hhÿubhŒtbody”“”)”}”(hhh]”(j(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒSupported hashing
algorithms”h]”hŒSupported hashing
algorithms”…””}”(hj|  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Khjy  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjv  ubj-  )”}”(hhh]”hÊ)”}”(hŒMD5
(cryptographically weak)”h]”hŒMD5
(cryptographically weak)”…””}”(hj“  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Khj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjv  ubj-  )”}”(hhh]”hÊ)”}”(hŒMust support HMAC-SHA1
(chosen-prefix attacks)
and CMAC-AES-128 (only
side-channel attacks).
May support any hashing
algorithm.”h]”hŒMust support HMAC-SHA1
(chosen-prefix attacks)
and CMAC-AES-128 (only
side-channel attacks).
May support any hashing
algorithm.”…””}”(hjª  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Khj§  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjv  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒLength of MACs (bytes)”h]”hŒLength of MACs (bytes)”…””}”(hjÊ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KhjÇ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjÄ  ubj-  )”}”(hhh]”hÊ)”}”(hŒ16”h]”hŒ16”…””}”(hjá  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KhjÞ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjÄ  ubj-  )”}”(hhh]”hÊ)”}”(hŒ>Typically 12-16.
Other variants that fit
TCP header permitted.”h]”hŒ>Typically 12-16.
Other variants that fit
TCP header permitted.”…””}”(hjø  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Khjõ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjÄ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ!Number of keys per
TCP connection”h]”hŒ!Number of keys per
TCP connection”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K!hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj  ubj-  )”}”(hhh]”hÊ)”}”(hŒ1”h]”hŒ1”…””}”(hj/  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K!hj,  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj  ubj-  )”}”(hhh]”hÊ)”}”(hŒMany”h]”hŒMany”…””}”(hjF  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K!hjC  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ#Possibility to change
an active key”h]”hŒ#Possibility to change
an active key”…””}”(hjf  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K$hjc  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj`  ubj-  )”}”(hhh]”hÊ)”}”(hŒ9Non-practical (both
peers have to change
them during MSL)”h]”hŒ9Non-practical (both
peers have to change
them during MSL)”…””}”(hj}  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K$hjz  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj`  ubj-  )”}”(hhh]”hÊ)”}”(hŒSupported by protocol”h]”hŒSupported by protocol”…””}”(hj”  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K$hj‘  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj`  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ%Protection against
ICMP 'hard errors'”h]”hŒ)Protection against
ICMP â€˜hard errorsâ€™”…””}”(hj´  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K(hj±  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj®  ubj-  )”}”(hhh]”hÊ)”}”(hŒNo”h]”hŒNo”…””}”(hjË  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K(hjÈ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj®  ubj-  )”}”(hhh]”hÊ)”}”(hŒ8Yes: ignoring them
by default on
established connections”h]”hŒ8Yes: ignoring them
by default on
established connections”…””}”(hjâ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K(hjß  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj®  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ*Protection against
traffic-crossing
attack”h]”hŒ*Protection against
traffic-crossing
attack”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K,hjÿ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjü  ubj-  )”}”(hhh]”hÊ)”}”(hŒNo”h]”hŒNo”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K,hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjü  ubj-  )”}”(hhh]”hÊ)”}”(hŒ&Yes: pseudo-header
includes TCP ports.”h]”hŒ&Yes: pseudo-header
includes TCP ports.”…””}”(hj0  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K,hj-  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjü  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ(Protection against
replayed TCP segments”h]”hŒ(Protection against
replayed TCP segments”…””}”(hjP  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K0hjM  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjJ  ubj-  )”}”(hhh]”hÊ)”}”(hŒNo”h]”hŒNo”…””}”(hjg  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K0hjd  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjJ  ubj-  )”}”(hhh]”hÊ)”}”(hŒCSequence Number
Extension (SNE) and
Initial Sequence
Numbers (ISNs)”h]”hŒCSequence Number
Extension (SNE) and
Initial Sequence
Numbers (ISNs)”…””}”(hj~  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K0hj{  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjJ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒSupports
Connectionless Resets”h]”hŒSupports
Connectionless Resets”…””}”(hjž  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K5hj›  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj˜  ubj-  )”}”(hhh]”hÊ)”}”(hŒYes”h]”hŒYes”…””}”(hjµ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K5hj²  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj˜  ubj-  )”}”(hhh]”hÊ)”}”(hŒ.No. ISNs+SNE are needed
to correctly sign RST.”h]”hŒ.No. ISNs+SNE are needed
to correctly sign RST.”…””}”(hjÌ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K5hjÉ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj˜  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ	Standards”h]”hŒ	Standards”…””}”(hjì  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K8hjé  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjæ  ubj-  )”}”(hhh]”hÊ)”}”(hŒRFC 2385”h]”hŒRFC 2385”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K8hj   ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjæ  ubj-  )”}”(hhh]”hÊ)”}”(hŒRFC 5925, RFC 5926”h]”hŒRFC 5925, RFC 5926”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K8hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjæ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjs  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jq  hhÿubeh}”(h]”h ]”h"]”h$]”h&]”Œcols”Kuh1hýhhìubeh}”(h]”Œid1”ah ]”h"]”h$]”h&]”uh1hêhhÙhžhhŸh³h Nubhµ)”}”(hhh]”(hº)”}”(hŒ@1.1 Frequently Asked Questions (FAQ) with references to RFC 5925”h]”hŒ@1.1 Frequently Asked Questions (FAQ) with references to RFC 5925”…””}”(hjK  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hjH  hžhhŸh³h K=ubhÊ)”}”(hŒgQ: Can either SendID or RecvID be non-unique for the same 4-tuple
(srcaddr, srcport, dstaddr, dstport)?”h]”hŒgQ: Can either SendID or RecvID be non-unique for the same 4-tuple
(srcaddr, srcport, dstaddr, dstport)?”…””}”(hjY  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K?hjH  hžhubhÊ)”}”(hŒA: No [3.1]::”h]”hŒA: No [3.1]:”…””}”(hjg  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KBhjH  hžhubhŒliteral_block”“”)”}”(hŒS>> The IDs of MKTs MUST NOT overlap where their TCP connection
identifiers overlap.”h]”hŒS>> The IDs of MKTs MUST NOT overlap where their TCP connection
identifiers overlap.”…””}”hjw  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KDhjH  hžhubhÊ)”}”(hŒBQ: Can Master Key Tuple (MKT) for an active connection be removed?”h]”hŒBQ: Can Master Key Tuple (MKT) for an active connection be removed?”…””}”(hj…  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KGhjH  hžhubhÊ)”}”(hŒBA: No, unless it's copied to Transport Control Block (TCB) [3.1]::”h]”hŒCA: No, unless itâ€™s copied to Transport Control Block (TCB) [3.1]:”…””}”(hj“  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KIhjH  hžhubjv  )”}”(hX
  It is presumed that an MKT affecting a particular connection cannot
be destroyed during an active connection -- or, equivalently, that
its parameters are copied to an area local to the connection (i.e.,
instantiated) and so changes would affect only new connections.”h]”hX
  It is presumed that an MKT affecting a particular connection cannot
be destroyed during an active connection -- or, equivalently, that
its parameters are copied to an area local to the connection (i.e.,
instantiated) and so changes would affect only new connections.”…””}”hj¡  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KKhjH  hžhubhÊ)”}”(hŒŸQ: If an old MKT needs to be deleted, how should it be done in order
to not remove it for an active connection? (As it can be still in use
at any moment later)”h]”hŒŸQ: If an old MKT needs to be deleted, how should it be done in order
to not remove it for an active connection? (As it can be still in use
at any moment later)”…””}”(hj¯  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KPhjH  hžhubhÊ)”}”(hŒ†A: Not specified by RFC 5925, seems to be a problem for key management
to ensure that no one uses such MKT before trying to remove it.”h]”hŒ†A: Not specified by RFC 5925, seems to be a problem for key management
to ensure that no one uses such MKT before trying to remove it.”…””}”(hj½  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KThjH  hžhubhÊ)”}”(hŒ<Q: Can an old MKT exist forever and be used by another peer?”h]”hŒ<Q: Can an old MKT exist forever and be used by another peer?”…””}”(hjË  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KWhjH  hžhubhÊ)”}”(hŒQA: It can, it's a key management task to decide when to remove an old key [6.1]::”h]”hŒRA: It can, itâ€™s a key management task to decide when to remove an old key [6.1]:”…””}”(hjÙ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KYhjH  hžhubjv  )”}”(hX  Deciding when to start using a key is a performance issue. Deciding
when to remove an MKT is a security issue. Invalid MKTs are expected
to be removed. TCP-AO provides no mechanism to coordinate their removal,
as we consider this a key management operation.”h]”hX  Deciding when to start using a key is a performance issue. Deciding
when to remove an MKT is a security issue. Invalid MKTs are expected
to be removed. TCP-AO provides no mechanism to coordinate their removal,
as we consider this a key management operation.”…””}”hjç  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h K[hjH  hžhubhÊ)”}”(hŒalso [6.1]::”h]”hŒalso [6.1]:”…””}”(hjõ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K`hjH  hžhubjv  )”}”(hŒsThe only way to avoid reuse of previously used MKTs is to remove the MKT
when it is no longer considered permitted.”h]”hŒsThe only way to avoid reuse of previously used MKTs is to remove the MKT
when it is no longer considered permitted.”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KbhjH  hžhubhÊ)”}”(hX­  Linux TCP-AO will try its best to prevent you from removing a key that's
being used, considering it a key management failure. But since keeping
an outdated key may become a security issue and as a peer may
unintentionally prevent the removal of an old key by always setting
it as RNextKeyID - a forced key removal mechanism is provided, where
userspace has to supply KeyID to use instead of the one that's being removed
and the kernel will atomically delete the old key, even if the peer is
still requesting it. There are no guarantees for force-delete as the peer
may yet not have the new key - the TCP connection may just break.
Alternatively, one may choose to shut down the socket.”h]”hX±  Linux TCP-AO will try its best to prevent you from removing a key thatâ€™s
being used, considering it a key management failure. But since keeping
an outdated key may become a security issue and as a peer may
unintentionally prevent the removal of an old key by always setting
it as RNextKeyID - a forced key removal mechanism is provided, where
userspace has to supply KeyID to use instead of the one thatâ€™s being removed
and the kernel will atomically delete the old key, even if the peer is
still requesting it. There are no guarantees for force-delete as the peer
may yet not have the new key - the TCP connection may just break.
Alternatively, one may choose to shut down the socket.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KehjH  hžhubhÊ)”}”(hŒYQ: What happens when a packet is received on a new connection with no known
MKT's RecvID?”h]”hŒ[Q: What happens when a packet is received on a new connection with no known
MKTâ€™s RecvID?”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KphjH  hžhubhÊ)”}”(hŒ‡A: RFC 5925 specifies that by default it is accepted with a warning logged, but
the behaviour can be configured by the user [7.5.1.a]::”h]”hŒ†A: RFC 5925 specifies that by default it is accepted with a warning logged, but
the behaviour can be configured by the user [7.5.1.a]:”…””}”(hj-  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KshjH  hžhubjv  )”}”(hXñ  If the segment is a SYN, then this is the first segment of a new
connection. Find the matching MKT for this segment, using the segment's
socket pair and its TCP-AO KeyID, matched against the MKT's TCP connection
identifier and the MKT's RecvID.

   i. If there is no matching MKT, remove TCP-AO from the segment.
      Proceed with further TCP handling of the segment.
      NOTE: this presumes that connections that do not match any MKT
      should be silently accepted, as noted in Section 7.3.”h]”hXñ  If the segment is a SYN, then this is the first segment of a new
connection. Find the matching MKT for this segment, using the segment's
socket pair and its TCP-AO KeyID, matched against the MKT's TCP connection
identifier and the MKT's RecvID.

   i. If there is no matching MKT, remove TCP-AO from the segment.
      Proceed with further TCP handling of the segment.
      NOTE: this presumes that connections that do not match any MKT
      should be silently accepted, as noted in Section 7.3.”…””}”hj;  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KvhjH  hžhubhÊ)”}”(hŒ[7.3]::”h]”hŒ[7.3]:”…””}”(hjI  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K€hjH  hžhubjv  )”}”(hXË  >> A TCP-AO implementation MUST allow for configuration of the behavior
of segments with TCP-AO but that do not match an MKT. The initial default
of this configuration SHOULD be to silently accept such connections.
If this is not the desired case, an MKT can be included to match such
connections, or the connection can indicate that TCP-AO is required.
Alternately, the configuration can be changed to discard segments with
the AO option not matching an MKT.”h]”hXË  >> A TCP-AO implementation MUST allow for configuration of the behavior
of segments with TCP-AO but that do not match an MKT. The initial default
of this configuration SHOULD be to silently accept such connections.
If this is not the desired case, an MKT can be included to match such
connections, or the connection can indicate that TCP-AO is required.
Alternately, the configuration can be changed to discard segments with
the AO option not matching an MKT.”…””}”hjW  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h K‚hjH  hžhubhÊ)”}”(hŒ
[10.2.b]::”h]”hŒ	[10.2.b]:”…””}”(hje  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KŠhjH  hžhubjv  )”}”(hŒ¼Connections not matching any MKT do not require TCP-AO. Further, incoming
segments with TCP-AO are not discarded solely because they include
the option, provided they do not match any MKT.”h]”hŒ¼Connections not matching any MKT do not require TCP-AO. Further, incoming
segments with TCP-AO are not discarded solely because they include
the option, provided they do not match any MKT.”…””}”hjs  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KŒhjH  hžhubhÊ)”}”(hŒ˜Note that Linux TCP-AO implementation differs in this aspect. Currently, TCP-AO
segments with unknown key signatures are discarded with warnings logged.”h]”hŒ˜Note that Linux TCP-AO implementation differs in this aspect. Currently, TCP-AO
segments with unknown key signatures are discarded with warnings logged.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KhjH  hžhubhÊ)”}”(hŒŠQ: Does the RFC imply centralized kernel key management in any way?
(i.e. that a key on all connections MUST be rotated at the same time?)”h]”hŒŠQ: Does the RFC imply centralized kernel key management in any way?
(i.e. that a key on all connections MUST be rotated at the same time?)”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K“hjH  hžhubhÊ)”}”(hŒdA: Not specified. MKTs can be managed in userspace, the only relevant part to
key changes is [7.3]::”h]”hŒcA: Not specified. MKTs can be managed in userspace, the only relevant part to
key changes is [7.3]:”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K–hjH  hžhubjv  )”}”(hŒd>> All TCP segments MUST be checked against the set of MKTs for matching
TCP connection identifiers.”h]”hŒd>> All TCP segments MUST be checked against the set of MKTs for matching
TCP connection identifiers.”…””}”hj«  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h K™hjH  hžhubhÊ)”}”(hŒ_Q: What happens when RNextKeyID requested by a peer is unknown? Should
the connection be reset?”h]”hŒ_Q: What happens when RNextKeyID requested by a peer is unknown? Should
the connection be reset?”…””}”(hj¹  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KœhjH  hžhubhÊ)”}”(hŒ=A: It should not, no action needs to be performed [7.5.2.e]::”h]”hŒ<A: It should not, no action needs to be performed [7.5.2.e]:”…””}”(hjÇ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KŸhjH  hžhubjv  )”}”(hX  ii. If they differ, determine whether the RNextKeyID MKT is ready.

    1. If the MKT corresponding to the segmentâ€™s socket pair and RNextKeyID
    is not available, no action is required (RNextKeyID of a received
    segment needs to match the MKTâ€™s SendID).”h]”hX  ii. If they differ, determine whether the RNextKeyID MKT is ready.

    1. If the MKT corresponding to the segmentâ€™s socket pair and RNextKeyID
    is not available, no action is required (RNextKeyID of a received
    segment needs to match the MKTâ€™s SendID).”…””}”hjÕ  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h K¡hjH  hžhubhÊ)”}”(hŒÁQ: How is current_key set, and when does it change? Is it a user-triggered
change, or is it triggered by a request from the remote peer? Is it set by the
user explicitly, or by a matching rule?”h]”hŒÁQ: How is current_key set, and when does it change? Is it a user-triggered
change, or is it triggered by a request from the remote peer? Is it set by the
user explicitly, or by a matching rule?”…””}”(hjã  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K§hjH  hžhubhÊ)”}”(hŒ+A: current_key is set by RNextKeyID [6.1]::”h]”hŒ*A: current_key is set by RNextKeyID [6.1]:”…””}”(hjñ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K«hjH  hžhubjv  )”}”(hX1  Rnext_key is changed only by manual user intervention or MKT management
protocol operation. It is not manipulated by TCP-AO. Current_key is updated
by TCP-AO when processing received TCP segments as discussed in the segment
processing description in Section 7.5. Note that the algorithm allows
the current_key to change to a new MKT, then change back to a previously
used MKT (known as "backing up"). This can occur during an MKT change when
segments are received out of order, and is considered a feature of TCP-AO,
because reordering does not result in drops.”h]”hX1  Rnext_key is changed only by manual user intervention or MKT management
protocol operation. It is not manipulated by TCP-AO. Current_key is updated
by TCP-AO when processing received TCP segments as discussed in the segment
processing description in Section 7.5. Note that the algorithm allows
the current_key to change to a new MKT, then change back to a previously
used MKT (known as "backing up"). This can occur during an MKT change when
segments are received out of order, and is considered a feature of TCP-AO,
because reordering does not result in drops.”…””}”hjÿ  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h K­hjH  hžhubhÊ)”}”(hŒ[7.5.2.e.ii]::”h]”hŒ[7.5.2.e.ii]:”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K¶hjH  hžhubjv  )”}”(hŒŽ2. If the matching MKT corresponding to the segmentâ€™s socket pair and
RNextKeyID is available:

   a. Set current_key to the RNextKeyID MKT.”h]”hŒŽ2. If the matching MKT corresponding to the segmentâ€™s socket pair and
RNextKeyID is available:

   a. Set current_key to the RNextKeyID MKT.”…””}”hj  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h K¸hjH  hžhubhÊ)”}”(hŒ”Q: If both peers have multiple MKTs matching the connection's socket pair
(with different KeyIDs), how should the sender/receiver pick KeyID to use?”h]”hŒ–Q: If both peers have multiple MKTs matching the connectionâ€™s socket pair
(with different KeyIDs), how should the sender/receiver pick KeyID to use?”…””}”(hj)  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h K½hjH  hžhubhÊ)”}”(hŒ7A: Some mechanism should pick the "desired" MKT [3.3]::”h]”hŒ:A: Some mechanism should pick the â€œdesiredâ€ MKT [3.3]:”…””}”(hj7  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KÀhjH  hžhubjv  )”}”(hXS  Multiple MKTs may match a single outgoing segment, e.g., when MKTs
are being changed. Those MKTs cannot have conflicting IDs (as noted
elsewhere), and some mechanism must determine which MKT to use for each
given outgoing segment.

>> An outgoing TCP segment MUST match at most one desired MKT, indicated
by the segmentâ€™s socket pair. The segment MAY match multiple MKTs, provided
that exactly one MKT is indicated as desired. Other information in
the segment MAY be used to determine the desired MKT when multiple MKTs
match; such information MUST NOT include values in any TCP option fields.”h]”hXS  Multiple MKTs may match a single outgoing segment, e.g., when MKTs
are being changed. Those MKTs cannot have conflicting IDs (as noted
elsewhere), and some mechanism must determine which MKT to use for each
given outgoing segment.

>> An outgoing TCP segment MUST match at most one desired MKT, indicated
by the segmentâ€™s socket pair. The segment MAY match multiple MKTs, provided
that exactly one MKT is indicated as desired. Other information in
the segment MAY be used to determine the desired MKT when multiple MKTs
match; such information MUST NOT include values in any TCP option fields.”…””}”hjE  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KÂhjH  hžhubhÊ)”}”(hŒ=Q: Can TCP-MD5 connection migrate to TCP-AO (and vice-versa):”h]”hŒ=Q: Can TCP-MD5 connection migrate to TCP-AO (and vice-versa):”…””}”(hjS  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KÍhjH  hžhubhÊ)”}”(hŒA: No [1]::”h]”hŒ
A: No [1]:”…””}”(hja  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KÏhjH  hžhubjv  )”}”(hŒ TCP MD5-protected connections cannot be migrated to TCP-AO because TCP MD5
does not support any changes to a connectionâ€™s security algorithm
once established.”h]”hŒ TCP MD5-protected connections cannot be migrated to TCP-AO because TCP MD5
does not support any changes to a connectionâ€™s security algorithm
once established.”…””}”hjo  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KÑhjH  hžhubhÊ)”}”(hŒYQ: If all MKTs are removed on a connection, can it become a non-TCP-AO signed
connection?”h]”hŒYQ: If all MKTs are removed on a connection, can it become a non-TCP-AO signed
connection?”…””}”(hj}  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KÕhjH  hžhubhÊ)”}”(hXU  A: [7.5.2] doesn't have the same choice as SYN packet handling in [7.5.1.i]
that would allow accepting segments without a sign (which would be insecure).
While switching to non-TCP-AO connection is not prohibited directly, it seems
what the RFC means. Also, there's a requirement for TCP-AO connections to
always have one current_key [3.3]::”h]”hXX  A: [7.5.2] doesnâ€™t have the same choice as SYN packet handling in [7.5.1.i]
that would allow accepting segments without a sign (which would be insecure).
While switching to non-TCP-AO connection is not prohibited directly, it seems
what the RFC means. Also, thereâ€™s a requirement for TCP-AO connections to
always have one current_key [3.3]:”…””}”(hj‹  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KØhjH  hžhubjv  )”}”(hŒGTCP-AO requires that every protected TCP segment match exactly one MKT.”h]”hŒGTCP-AO requires that every protected TCP segment match exactly one MKT.”…””}”hj™  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KÞhjH  hžhubhÊ)”}”(hŒ[3.3]::”h]”hŒ[3.3]:”…””}”(hj§  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KàhjH  hžhubjv  )”}”(hŒ>> An incoming TCP segment including TCP-AO MUST match exactly one MKT,
indicated solely by the segmentâ€™s socket pair and its TCP-AO KeyID.”h]”hŒ>> An incoming TCP segment including TCP-AO MUST match exactly one MKT,
indicated solely by the segmentâ€™s socket pair and its TCP-AO KeyID.”…””}”hjµ  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KâhjH  hžhubhÊ)”}”(hŒ[4.4]::”h]”hŒ[4.4]:”…””}”(hjÃ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KåhjH  hžhubjv  )”}”(hŒPOne or more MKTs. These are the MKTs that match this connectionâ€™s
socket pair.”h]”hŒPOne or more MKTs. These are the MKTs that match this connectionâ€™s
socket pair.”…””}”hjÑ  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h KçhjH  hžhubhÊ)”}”(hŒ;Q: Can a non-TCP-AO connection become a TCP-AO-enabled one?”h]”hŒ;Q: Can a non-TCP-AO connection become a TCP-AO-enabled one?”…””}”(hjß  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KêhjH  hžhubhÊ)”}”(hX  A: No: for an already established non-TCP-AO connection it would be impossible
to switch to using TCP-AO, as the traffic key generation requires the initial
sequence numbers. Paraphrasing, starting using TCP-AO would require
re-establishing the TCP connection.”h]”hX  A: No: for an already established non-TCP-AO connection it would be impossible
to switch to using TCP-AO, as the traffic key generation requires the initial
sequence numbers. Paraphrasing, starting using TCP-AO would require
re-establishing the TCP connection.”…””}”(hjí  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h KìhjH  hžhubeh}”(h]”Œ:frequently-asked-questions-faq-with-references-to-rfc-5925”ah ]”h"]”Œ@1.1 frequently asked questions (faq) with references to rfc 5925”ah$]”h&]”uh1h´hhÙhžhhŸh³h K=ubeh}”(h]”Œintroduction”ah ]”h"]”Œ1. introduction”ah$]”h&]”uh1h´hh¶hžhhŸh³h Kubhµ)”}”(hhh]”(hº)”}”(hŒ32. In-kernel MKTs database vs database in userspace”h]”hŒ32. In-kernel MKTs database vs database in userspace”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hj  hžhhŸh³h KòubhÊ)”}”(hXS  Linux TCP-AO support is implemented using ``setsockopt()s``, in a similar way
to TCP-MD5. It means that a userspace application that wants to use TCP-AO
should perform ``setsockopt()`` on a TCP socket when it wants to add,
remove or rotate MKTs. This approach moves the key management responsibility
to userspace as well as decisions on corner cases, i.e. what to do if
the peer doesn't respect RNextKeyID; moving more code to userspace, especially
responsible for the policy decisions. Besides, it's flexible and scales well
(with less locking needed than in the case of an in-kernel database). One also
should keep in mind that mainly intended users are BGP processes, not any
random applications, which means that compared to IPsec tunnels,
no transparency is really needed and modern BGP daemons already have
``setsockopt()s`` for TCP-MD5 support.”h]”(hŒ*Linux TCP-AO support is implemented using ”…””}”(hj  hžhhŸNh NubhŒliteral”“”)”}”(hŒ``setsockopt()s``”h]”hŒsetsockopt()s”…””}”(hj&  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒm, in a similar way
to TCP-MD5. It means that a userspace application that wants to use TCP-AO
should perform ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt()``”h]”hŒsetsockopt()”…””}”(hj8  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhXy   on a TCP socket when it wants to add,
remove or rotate MKTs. This approach moves the key management responsibility
to userspace as well as decisions on corner cases, i.e. what to do if
the peer doesnâ€™t respect RNextKeyID; moving more code to userspace, especially
responsible for the policy decisions. Besides, itâ€™s flexible and scales well
(with less locking needed than in the case of an in-kernel database). One also
should keep in mind that mainly intended users are BGP processes, not any
random applications, which means that compared to IPsec tunnels,
no transparency is really needed and modern BGP daemons already have
”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt()s``”h]”hŒsetsockopt()s”…””}”(hjJ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ for TCP-MD5 support.”…””}”(hj  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Kôhj  hžhubhë)”}”(hhh]”(hº)”}”(hŒ*Considered pros and cons of the approaches”h]”hŒ*Considered pros and cons of the approaches”…””}”(hje  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hŸh³h Mhjb  ubhþ)”}”(hhh]”(j  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1j  hjs  ubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1j  hjs  ubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œcolwidth”Kuh1j  hjs  ubj#  )”}”(hhh]”j(  )”}”(hhh]”(j-  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj—  ubj-  )”}”(hhh]”hÊ)”}”(hŒ``setsockopt()``”h]”j%  )”}”(hj¨  h]”hŒsetsockopt()”…””}”(hjª  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¦  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj£  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj—  ubj-  )”}”(hhh]”hÊ)”}”(hŒin-kernel DB”h]”hŒin-kernel DB”…””}”(hjÆ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MhjÃ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj—  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hj”  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j"  hjs  ubjr  )”}”(hhh]”(j(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒExtendability”h]”hŒExtendability”…””}”(hjï  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhjì  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjé  ubj-  )”}”(hhh]”hÊ)”}”(hŒ7``setsockopt()``
commands should be
extendable syscalls”h]”(j%  )”}”(hŒ``setsockopt()``”h]”hŒsetsockopt()”…””}”(hj
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ'
commands should be
extendable syscalls”…””}”(hj  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjé  ubj-  )”}”(hhh]”hÊ)”}”(hŒ*Netlink messages are
simple and extendable”h]”hŒ*Netlink messages are
simple and extendable”…””}”(hj+  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj(  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjé  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒRequired userspace
changes”h]”hŒRequired userspace
changes”…””}”(hjK  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M
hjH  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjE  ubj-  )”}”(hhh]”hÊ)”}”(hŒaBGP or any application
that wants TCP-AO needs
to perform
``setsockopt()s``
and do key management”h]”(hŒ:BGP or any application
that wants TCP-AO needs
to perform
”…””}”(hjb  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt()s``”h]”hŒsetsockopt()s”…””}”(hjj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjb  ubhŒ
and do key management”…””}”(hjb  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M
hj_  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjE  ubj-  )”}”(hhh]”hÊ)”}”(hŒccould be transparent
as tunnels, providing
something like
``ip tcpao add key``
(delete/show/rotate)”h]”(hŒ:could be transparent
as tunnels, providing
something like
”…””}”(hj‹  hžhhŸNh Nubj%  )”}”(hŒ``ip tcpao add key``”h]”hŒip tcpao add key”…””}”(hj“  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj‹  ubhŒ
(delete/show/rotate)”…””}”(hj‹  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M
hjˆ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjE  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒMKTs removal or adding”h]”hŒMKTs removal or adding”…””}”(hj½  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhjº  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj·  ubj-  )”}”(hhh]”hÊ)”}”(hŒharder for userspace”h]”hŒharder for userspace”…””}”(hjÔ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MhjÑ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj·  ubj-  )”}”(hhh]”hÊ)”}”(hŒharder for kernel”h]”hŒharder for kernel”…””}”(hjë  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhjè  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj·  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒDump-ability”h]”hŒDump-ability”…””}”(hj	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj	  ubj-  )”}”(hhh]”hÊ)”}”(hŒ``getsockopt()``”h]”j%  )”}”(hj$	  h]”hŒgetsockopt()”…””}”(hj&	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj"	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj	  ubj-  )”}”(hhh]”hÊ)”}”(hŒNetlink .dump()
callback”h]”hŒNetlink .dump()
callback”…””}”(hjB	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj?	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒ!Limits on kernel
resources/memory”h]”hŒ!Limits on kernel
resources/memory”…””}”(hjb	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj_	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj\	  ubj-  )”}”(hhh]”hÊ)”}”(hŒequal”h]”hŒequal”…””}”(hjy	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhjv	  ubah}”(h]”h ]”h"]”h$]”h&]”Œmorecols”Kuh1j,  hj\	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒScalability”h]”hŒScalability”…””}”(hjš	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj—	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj”	  ubj-  )”}”(hhh]”hÊ)”}”(hŒ$contention on
``TCP_LISTEN`` sockets”h]”(hŒcontention on
”…””}”(hj±	  hžhhŸNh Nubj%  )”}”(hŒ``TCP_LISTEN``”h]”hŒ
TCP_LISTEN”…””}”(hj¹	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj±	  ubhŒ sockets”…””}”(hj±	  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj®	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj”	  ubj-  )”}”(hhh]”hÊ)”}”(hŒ contention on
the whole database”h]”hŒ contention on
the whole database”…””}”(hjÚ	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj×	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hj”	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒMonitoring & warnings”h]”hŒMonitoring & warnings”…””}”(hjú	  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj÷	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjô	  ubj-  )”}”(hhh]”hÊ)”}”(hŒ``TCP_DIAG``”h]”j%  )”}”(hj
  h]”hŒTCP_DIAG”…””}”(hj
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjô	  ubj-  )”}”(hhh]”hÊ)”}”(hŒsame Netlink socket”h]”hŒsame Netlink socket”…””}”(hj1
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj.
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjô	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubj(  )”}”(hhh]”(j-  )”}”(hhh]”hÊ)”}”(hŒMatching of MKTs”h]”hŒMatching of MKTs”…””}”(hjQ
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MhjN
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjK
  ubj-  )”}”(hhh]”hÊ)”}”(hŒ!half-problem: only
listen sockets”h]”hŒ!half-problem: only
listen sockets”…””}”(hjh
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhje
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjK
  ubj-  )”}”(hhh]”hÊ)”}”(hŒhard”h]”hŒhard”…””}”(hj
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mhj|
  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j,  hjK
  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1j'  hjæ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jq  hjs  ubeh}”(h]”h ]”h"]”h$]”h&]”Œcols”Kuh1hýhjb  ubeh}”(h]”Œid2”ah ]”h"]”h$]”h&]”uh1hêhj  hžhhŸh³h Nubeh}”(h]”Œ0in-kernel-mkts-database-vs-database-in-userspace”ah ]”h"]”Œ32. in-kernel mkts database vs database in userspace”ah$]”h&]”uh1h´hh¶hžhhŸh³h Kòubhµ)”}”(hhh]”(hº)”}”(hŒ3. uAPI”h]”hŒ3. uAPI”…””}”(hj¸
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hjµ
  hžhhŸh³h M#ubhÊ)”}”(hX_  Linux provides a set of ``setsockopt()s`` and ``getsockopt()s`` that let
userspace manage TCP-AO on a per-socket basis. In order to add/delete MKTs
``TCP_AO_ADD_KEY`` and ``TCP_AO_DEL_KEY`` TCP socket options must be used.
It is not allowed to add a key on an established non-TCP-AO connection
as well as to remove the last key from TCP-AO connection.”h]”(hŒLinux provides a set of ”…””}”(hjÆ
  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt()s``”h]”hŒsetsockopt()s”…””}”(hjÎ
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjÆ
  ubhŒ and ”…””}”(hjÆ
  hžhhŸNh Nubj%  )”}”(hŒ``getsockopt()s``”h]”hŒgetsockopt()s”…””}”(hjà
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjÆ
  ubhŒU that let
userspace manage TCP-AO on a per-socket basis. In order to add/delete MKTs
”…””}”(hjÆ
  hžhhŸNh Nubj%  )”}”(hŒ``TCP_AO_ADD_KEY``”h]”hŒTCP_AO_ADD_KEY”…””}”(hjò
  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjÆ
  ubhŒ and ”…””}”hjÆ
  sbj%  )”}”(hŒ``TCP_AO_DEL_KEY``”h]”hŒTCP_AO_DEL_KEY”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjÆ
  ubhŒ¢ TCP socket options must be used.
It is not allowed to add a key on an established non-TCP-AO connection
as well as to remove the last key from TCP-AO connection.”…””}”(hjÆ
  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M%hjµ
  hžhubhÊ)”}”(hX  ``setsockopt(TCP_AO_DEL_KEY)`` command may specify ``tcp_ao_del::current_key``
+ ``tcp_ao_del::set_current`` and/or ``tcp_ao_del::rnext``
+ ``tcp_ao_del::set_rnext`` which makes such delete "forced": it
provides userspace a way to delete a key that's being used and atomically set
another one instead. This is not intended for normal use and should be used
only when the peer ignores RNextKeyID and keeps requesting/using an old key.
It provides a way to force-delete a key that's not trusted but may break
the TCP-AO connection.”h]”(j%  )”}”(hŒ``setsockopt(TCP_AO_DEL_KEY)``”h]”hŒsetsockopt(TCP_AO_DEL_KEY)”…””}”(hj   hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ command may specify ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``tcp_ao_del::current_key``”h]”hŒtcp_ao_del::current_key”…””}”(hj2  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ
+ ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``tcp_ao_del::set_current``”h]”hŒtcp_ao_del::set_current”…””}”(hjD  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ and/or ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``tcp_ao_del::rnext``”h]”hŒtcp_ao_del::rnext”…””}”(hjV  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ
+ ”…””}”hj  sbj%  )”}”(hŒ``tcp_ao_del::set_rnext``”h]”hŒtcp_ao_del::set_rnext”…””}”(hjh  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhXt   which makes such delete â€œforcedâ€: it
provides userspace a way to delete a key thatâ€™s being used and atomically set
another one instead. This is not intended for normal use and should be used
only when the peer ignores RNextKeyID and keeps requesting/using an old key.
It provides a way to force-delete a key thatâ€™s not trusted but may break
the TCP-AO connection.”…””}”(hj  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M+hjµ
  hžhubhÊ)”}”(hX=  The usual/normal key-rotation can be performed with ``setsockopt(TCP_AO_INFO)``.
It also provides a uAPI to change per-socket TCP-AO settings, such as
ignoring ICMPs, as well as clear per-socket TCP-AO packet counters.
The corresponding ``getsockopt(TCP_AO_INFO)`` can be used to get those
per-socket TCP-AO settings.”h]”(hŒ4The usual/normal key-rotation can be performed with ”…””}”(hj€  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt(TCP_AO_INFO)``”h]”hŒsetsockopt(TCP_AO_INFO)”…””}”(hjˆ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj€  ubhŒž.
It also provides a uAPI to change per-socket TCP-AO settings, such as
ignoring ICMPs, as well as clear per-socket TCP-AO packet counters.
The corresponding ”…””}”(hj€  hžhhŸNh Nubj%  )”}”(hŒ``getsockopt(TCP_AO_INFO)``”h]”hŒgetsockopt(TCP_AO_INFO)”…””}”(hjš  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj€  ubhŒ5 can be used to get those
per-socket TCP-AO settings.”…””}”(hj€  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M4hjµ
  hžhubhÊ)”}”(hŒÝAnother useful command is ``getsockopt(TCP_AO_GET_KEYS)``. One can use it
to list all MKTs on a TCP socket or use a filter to get keys for a specific
peer and/or sndid/rcvid, VRF L3 interface or get current_key/rnext_key.”h]”(hŒAnother useful command is ”…””}”(hj²  hžhhŸNh Nubj%  )”}”(hŒ``getsockopt(TCP_AO_GET_KEYS)``”h]”hŒgetsockopt(TCP_AO_GET_KEYS)”…””}”(hjº  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj²  ubhŒ¤. One can use it
to list all MKTs on a TCP socket or use a filter to get keys for a specific
peer and/or sndid/rcvid, VRF L3 interface or get current_key/rnext_key.”…””}”(hj²  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M:hjµ
  hžhubhÊ)”}”(hŒ±To repair TCP-AO connections ``setsockopt(TCP_AO_REPAIR)`` is available,
provided that the user previously has checkpointed/dumped the socket with
``getsockopt(TCP_AO_REPAIR)``.”h]”(hŒTo repair TCP-AO connections ”…””}”(hjÒ  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt(TCP_AO_REPAIR)``”h]”hŒsetsockopt(TCP_AO_REPAIR)”…””}”(hjÚ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjÒ  ubhŒY is available,
provided that the user previously has checkpointed/dumped the socket with
”…””}”(hjÒ  hžhhŸNh Nubj%  )”}”(hŒ``getsockopt(TCP_AO_REPAIR)``”h]”hŒgetsockopt(TCP_AO_REPAIR)”…””}”(hjì  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjÒ  ubhŒ.”…””}”(hjÒ  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M>hjµ
  hžhubhÊ)”}”(hŒÃA tip here for scaled TCP_LISTEN sockets, that may have some thousands TCP-AO
keys, is: use filters in ``getsockopt(TCP_AO_GET_KEYS)`` and asynchronous
delete with ``setsockopt(TCP_AO_DEL_KEY)``.”h]”(hŒgA tip here for scaled TCP_LISTEN sockets, that may have some thousands TCP-AO
keys, is: use filters in ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``getsockopt(TCP_AO_GET_KEYS)``”h]”hŒgetsockopt(TCP_AO_GET_KEYS)”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ and asynchronous
delete with ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt(TCP_AO_DEL_KEY)``”h]”hŒsetsockopt(TCP_AO_DEL_KEY)”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ.”…””}”(hj  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MBhjµ
  hžhubhÊ)”}”(hX×  Linux TCP-AO also provides a bunch of segment counters that can be helpful
with troubleshooting/debugging issues. Every MKT has good/bad counters
that reflect how many packets passed/failed verification.
Each TCP-AO socket has the following counters:
- for good segments (properly signed)
- for bad segments (failed TCP-AO verification)
- for segments with unknown keys
- for segments where an AO signature was expected, but wasn't found
- for the number of ignored ICMPs”h]”hXÙ  Linux TCP-AO also provides a bunch of segment counters that can be helpful
with troubleshooting/debugging issues. Every MKT has good/bad counters
that reflect how many packets passed/failed verification.
Each TCP-AO socket has the following counters:
- for good segments (properly signed)
- for bad segments (failed TCP-AO verification)
- for segments with unknown keys
- for segments where an AO signature was expected, but wasnâ€™t found
- for the number of ignored ICMPs”…””}”(hj6  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MFhjµ
  hžhubhÊ)”}”(hŒÄTCP-AO per-socket counters are also duplicated with per-netns counters,
exposed with SNMP. Those are ``TCPAOGood``, ``TCPAOBad``, ``TCPAOKeyNotFound``,
``TCPAORequired`` and ``TCPAODroppedIcmps``.”h]”(hŒeTCP-AO per-socket counters are also duplicated with per-netns counters,
exposed with SNMP. Those are ”…””}”(hjD  hžhhŸNh Nubj%  )”}”(hŒ``TCPAOGood``”h]”hŒ	TCPAOGood”…””}”(hjL  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjD  ubhŒ, ”…””}”(hjD  hžhhŸNh Nubj%  )”}”(hŒ``TCPAOBad``”h]”hŒTCPAOBad”…””}”(hj^  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjD  ubhŒ, ”…””}”hjD  sbj%  )”}”(hŒ``TCPAOKeyNotFound``”h]”hŒTCPAOKeyNotFound”…””}”(hjp  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjD  ubhŒ,
”…””}”(hjD  hžhhŸNh Nubj%  )”}”(hŒ``TCPAORequired``”h]”hŒTCPAORequired”…””}”(hj‚  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjD  ubhŒ and ”…””}”(hjD  hžhhŸNh Nubj%  )”}”(hŒ``TCPAODroppedIcmps``”h]”hŒTCPAODroppedIcmps”…””}”(hj”  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjD  ubhŒ.”…””}”(hjD  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MPhjµ
  hžhubhÊ)”}”(hXX  For monitoring purposes, there are following TCP-AO trace events:
``tcp_hash_bad_header``, ``tcp_hash_ao_required``, ``tcp_ao_handshake_failure``,
``tcp_ao_wrong_maclen``, ``tcp_ao_wrong_maclen``, ``tcp_ao_key_not_found``,
``tcp_ao_rnext_request``, ``tcp_ao_synack_no_key``, ``tcp_ao_snd_sne_update``,
``tcp_ao_rcv_sne_update``. It's possible to separately enable any of them and
one can filter them by net-namespace, 4-tuple, family, L3 index, and TCP header
flags. If a segment has a TCP-AO header, the filters may also include
keyid, rnext, and maclen. SNE updates include the rolled-over numbers.”h]”(hŒBFor monitoring purposes, there are following TCP-AO trace events:
”…””}”(hj¬  hžhhŸNh Nubj%  )”}”(hŒ``tcp_hash_bad_header``”h]”hŒtcp_hash_bad_header”…””}”(hj´  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ, ”…””}”(hj¬  hžhhŸNh Nubj%  )”}”(hŒ``tcp_hash_ao_required``”h]”hŒtcp_hash_ao_required”…””}”(hjÆ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ, ”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_handshake_failure``”h]”hŒtcp_ao_handshake_failure”…””}”(hjØ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ,
”…””}”(hj¬  hžhhŸNh Nubj%  )”}”(hŒ``tcp_ao_wrong_maclen``”h]”hŒtcp_ao_wrong_maclen”…””}”(hjê  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ, ”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_wrong_maclen``”h]”hŒtcp_ao_wrong_maclen”…””}”(hjü  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ, ”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_key_not_found``”h]”hŒtcp_ao_key_not_found”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ,
”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_rnext_request``”h]”hŒtcp_ao_rnext_request”…””}”(hj   hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ, ”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_synack_no_key``”h]”hŒtcp_ao_synack_no_key”…””}”(hj2  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ, ”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_snd_sne_update``”h]”hŒtcp_ao_snd_sne_update”…””}”(hjD  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhŒ,
”…””}”hj¬  sbj%  )”}”(hŒ``tcp_ao_rcv_sne_update``”h]”hŒtcp_ao_rcv_sne_update”…””}”(hjV  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj¬  ubhX  . Itâ€™s possible to separately enable any of them and
one can filter them by net-namespace, 4-tuple, family, L3 index, and TCP header
flags. If a segment has a TCP-AO header, the filters may also include
keyid, rnext, and maclen. SNE updates include the rolled-over numbers.”…””}”(hj¬  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MThjµ
  hžhubhÊ)”}”(hŒQRFC 5925 very permissively specifies how TCP port matching can be done for
MKTs::”h]”hŒPRFC 5925 very permissively specifies how TCP port matching can be done for
MKTs:”…””}”(hjn  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M]hjµ
  hžhubjv  )”}”(hX  TCP connection identifier. A TCP socket pair, i.e., a local IP
address, a remote IP address, a TCP local port, and a TCP remote port.
Values can be partially specified using ranges (e.g., 2-30), masks
(e.g., 0xF0), wildcards (e.g., "*"), or any other suitable indication.”h]”hX  TCP connection identifier. A TCP socket pair, i.e., a local IP
address, a remote IP address, a TCP local port, and a TCP remote port.
Values can be partially specified using ranges (e.g., 2-30), masks
(e.g., 0xF0), wildcards (e.g., "*"), or any other suitable indication.”…””}”hj|  sbah}”(h]”h ]”h"]”h$]”h&]”h±h²uh1ju  hŸh³h M`hjµ
  hžhubhÊ)”}”(hŒžCurrently Linux TCP-AO implementation doesn't provide any TCP port matching.
Probably, port ranges are the most flexible for uAPI, but so far
not implemented.”h]”hŒ Currently Linux TCP-AO implementation doesnâ€™t provide any TCP port matching.
Probably, port ranges are the most flexible for uAPI, but so far
not implemented.”…””}”(hjŠ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mehjµ
  hžhubeh}”(h]”Œuapi”ah ]”h"]”Œ3. uapi”ah$]”h&]”uh1h´hh¶hžhhŸh³h M#ubhµ)”}”(hhh]”(hº)”}”(hŒ(4. ``setsockopt()`` vs ``accept()`` race”h]”(hŒ4. ”…””}”(hj£  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt()``”h]”hŒsetsockopt()”…””}”(hj«  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj£  ubhŒ vs ”…””}”(hj£  hžhhŸNh Nubj%  )”}”(hŒ``accept()``”h]”hŒaccept()”…””}”(hj½  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj£  ubhŒ race”…””}”(hj£  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1h¹hj   hžhhŸh³h MjubhÊ)”}”(hXÆ  In contrast with an established TCP-MD5 connection which has just one key,
TCP-AO connections may have many keys, which means that accepted connections
on a listen socket may have any amount of keys as well. As copying all those
keys on a first properly signed SYN would make the request socket bigger, that
would be undesirable. Currently, the implementation doesn't copy keys
to request sockets, but rather look them up on the "parent" listener socket.”h]”hXÌ  In contrast with an established TCP-MD5 connection which has just one key,
TCP-AO connections may have many keys, which means that accepted connections
on a listen socket may have any amount of keys as well. As copying all those
keys on a first properly signed SYN would make the request socket bigger, that
would be undesirable. Currently, the implementation doesnâ€™t copy keys
to request sockets, but rather look them up on the â€œparentâ€ listener socket.”…””}”(hjÕ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mlhj   hžhubhÊ)”}”(hŒûThe result is that when userspace removes TCP-AO keys, that may break
not-yet-established connections on request sockets as well as not removing
keys from sockets that were already established, but not yet ``accept()``'ed,
hanging in the accept queue.”h]”(hŒÎThe result is that when userspace removes TCP-AO keys, that may break
not-yet-established connections on request sockets as well as not removing
keys from sockets that were already established, but not yet ”…””}”(hjã  hžhhŸNh Nubj%  )”}”(hŒ``accept()``”h]”hŒaccept()”…””}”(hjë  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjã  ubhŒ#â€™ed,
hanging in the accept queue.”…””}”(hjã  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mshj   hžhubhÊ)”}”(hŒŸThe reverse is valid as well: if userspace adds a new key for a peer on
a listener socket, the established sockets in the accept queue won't
have the new keys.”h]”hŒ¡The reverse is valid as well: if userspace adds a new key for a peer on
a listener socket, the established sockets in the accept queue wonâ€™t
have the new keys.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mxhj   hžhubhÊ)”}”(hX•  At this moment, the resolution for the two races:
``setsockopt(TCP_AO_ADD_KEY)`` vs ``accept()``
and ``setsockopt(TCP_AO_DEL_KEY)`` vs ``accept()`` is delegated to userspace.
This means that it's expected that userspace would check the MKTs on the socket
that was returned by ``accept()`` to verify that any key rotation that
happened on the listen socket is reflected on the newly established connection.”h]”(hŒ2At this moment, the resolution for the two races:
”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt(TCP_AO_ADD_KEY)``”h]”hŒsetsockopt(TCP_AO_ADD_KEY)”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ vs ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``accept()``”h]”hŒaccept()”…””}”(hj+  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ
and ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``setsockopt(TCP_AO_DEL_KEY)``”h]”hŒsetsockopt(TCP_AO_DEL_KEY)”…””}”(hj=  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒ vs ”…””}”hj  sbj%  )”}”(hŒ``accept()``”h]”hŒaccept()”…””}”(hjO  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒƒ is delegated to userspace.
This means that itâ€™s expected that userspace would check the MKTs on the socket
that was returned by ”…””}”(hj  hžhhŸNh Nubj%  )”}”(hŒ``accept()``”h]”hŒaccept()”…””}”(hja  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hj  ubhŒu to verify that any key rotation that
happened on the listen socket is reflected on the newly established connection.”…””}”(hj  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M|hj   hžhubhÊ)”}”(hŒŸThis is a similar "do-nothing" approach to TCP-MD5 from the kernel side and
may be changed later by introducing new flags to ``tcp_ao_add``
and ``tcp_ao_del``.”h]”(hŒThis is a similar â€œdo-nothingâ€ approach to TCP-MD5 from the kernel side and
may be changed later by introducing new flags to ”…””}”(hjy  hžhhŸNh Nubj%  )”}”(hŒ``tcp_ao_add``”h]”hŒ
tcp_ao_add”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjy  ubhŒ
and ”…””}”(hjy  hžhhŸNh Nubj%  )”}”(hŒ``tcp_ao_del``”h]”hŒ
tcp_ao_del”…””}”(hj“  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j$  hjy  ubhŒ.”…””}”(hjy  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mƒhj   hžhubhÊ)”}”(hŒ}Note that this race is rare for it needs TCP-AO key rotation to happen
during the 3-way handshake for the new TCP connection.”h]”hŒ}Note that this race is rare for it needs TCP-AO key rotation to happen
during the 3-way handshake for the new TCP connection.”…””}”(hj«  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M‡hj   hžhubeh}”(h]”Œsetsockopt-vs-accept-race”ah ]”h"]”Œ 4. setsockopt() vs accept() race”ah$]”h&]”uh1h´hh¶hžhhŸh³h Mjubhµ)”}”(hhh]”(hº)”}”(hŒ5. Interaction with TCP-MD5”h]”hŒ5. Interaction with TCP-MD5”…””}”(hjÄ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hjÁ  hžhhŸh³h M‹ubhÊ)”}”(hŒ°A TCP connection can not migrate between TCP-AO and TCP-MD5 options. The
established sockets that have either AO or MD5 keys are restricted for
adding keys of the other option.”h]”hŒ°A TCP connection can not migrate between TCP-AO and TCP-MD5 options. The
established sockets that have either AO or MD5 keys are restricted for
adding keys of the other option.”…””}”(hjÒ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MhjÁ  hžhubhÊ)”}”(hX  For listening sockets the picture is different: BGP server may want to receive
both TCP-AO and (deprecated) TCP-MD5 clients. As a result, both types of keys
may be added to TCP_CLOSED or TCP_LISTEN sockets. It's not allowed to add
different types of keys for the same peer.”h]”hX  For listening sockets the picture is different: BGP server may want to receive
both TCP-AO and (deprecated) TCP-MD5 clients. As a result, both types of keys
may be added to TCP_CLOSED or TCP_LISTEN sockets. Itâ€™s not allowed to add
different types of keys for the same peer.”…””}”(hjà  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M‘hjÁ  hžhubeh}”(h]”Œinteraction-with-tcp-md5”ah ]”h"]”Œ5. interaction with tcp-md5”ah$]”h&]”uh1h´hh¶hžhhŸh³h M‹ubhµ)”}”(hhh]”(hº)”}”(hŒ6. SNE Linux implementation”h]”hŒ6. SNE Linux implementation”…””}”(hjù  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hjö  hžhhŸh³h M—ubhÊ)”}”(hX%  RFC 5925 [6.2] describes the algorithm of how to extend TCP sequence numbers
with SNE.  In short: TCP has to track the previous sequence numbers and set
sne_flag when the current SEQ number rolls over. The flag is cleared when
both current and previous SEQ numbers cross 0x7fff, which is 32Kb.”h]”hX%  RFC 5925 [6.2] describes the algorithm of how to extend TCP sequence numbers
with SNE.  In short: TCP has to track the previous sequence numbers and set
sne_flag when the current SEQ number rolls over. The flag is cleared when
both current and previous SEQ numbers cross 0x7fff, which is 32Kb.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M™hjö  hžhubhÊ)”}”(hX  In times when sne_flag is set, the algorithm compares SEQ for each packet with
0x7fff and if it's higher than 32Kb, it assumes that the packet should be
verified with SNE before the increment. As a result, there's
this [0; 32Kb] window, when packets with (SNE - 1) can be accepted.”h]”hX  In times when sne_flag is set, the algorithm compares SEQ for each packet with
0x7fff and if itâ€™s higher than 32Kb, it assumes that the packet should be
verified with SNE before the increment. As a result, thereâ€™s
this [0; 32Kb] window, when packets with (SNE - 1) can be accepted.”…””}”(hj  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mžhjö  hžhubhÊ)”}”(hXm  Linux implementation simplifies this a bit: as the network stack already tracks
the first SEQ byte that ACK is wanted for (snd_una) and the next SEQ byte that
is wanted (rcv_nxt) - that's enough information for a rough estimation
on where in the 4GB SEQ number space both sender and receiver are.
When they roll over to zero, the corresponding SNE gets incremented.”h]”hXo  Linux implementation simplifies this a bit: as the network stack already tracks
the first SEQ byte that ACK is wanted for (snd_una) and the next SEQ byte that
is wanted (rcv_nxt) - thatâ€™s enough information for a rough estimation
on where in the 4GB SEQ number space both sender and receiver are.
When they roll over to zero, the corresponding SNE gets incremented.”…””}”(hj#  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M£hjö  hžhubhÊ)”}”(hX1  tcp_ao_compute_sne() is called for each TCP-AO segment. It compares SEQ numbers
from the segment with snd_una or rcv_nxt and fits the result into a 2GB window around them,
detecting SEQ numbers rolling over. That simplifies the code a lot and only
requires SNE numbers to be stored on every TCP-AO socket.”h]”hX1  tcp_ao_compute_sne() is called for each TCP-AO segment. It compares SEQ numbers
from the segment with snd_una or rcv_nxt and fits the result into a 2GB window around them,
detecting SEQ numbers rolling over. That simplifies the code a lot and only
requires SNE numbers to be stored on every TCP-AO socket.”…””}”(hj1  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M©hjö  hžhubhÊ)”}”(hX½  The 2GB window at first glance seems much more permissive compared to
RFC 5926. But that is only used to pick the correct SNE before/after
a rollover. It allows more TCP segment replays, but yet all regular
TCP checks in tcp_sequence() are applied on the verified segment.
So, it trades a bit more permissive acceptance of replayed/retransmitted
segments for the simplicity of the algorithm and what seems better behaviour
for large TCP windows.”h]”hX½  The 2GB window at first glance seems much more permissive compared to
RFC 5926. But that is only used to pick the correct SNE before/after
a rollover. It allows more TCP segment replays, but yet all regular
TCP checks in tcp_sequence() are applied on the verified segment.
So, it trades a bit more permissive acceptance of replayed/retransmitted
segments for the simplicity of the algorithm and what seems better behaviour
for large TCP windows.”…””}”(hj?  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M®hjö  hžhubeh}”(h]”Œsne-linux-implementation”ah ]”h"]”Œ6. sne linux implementation”ah$]”h&]”uh1h´hh¶hžhhŸh³h M—ubhµ)”}”(hhh]”(hº)”}”(hŒ7. Links”h]”hŒ7. Links”…””}”(hjX  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1h¹hjU  hžhhŸh³h M·ubhŒdefinition_list”“”)”}”(hhh]”(hŒdefinition_list_item”“”)”}”(hŒ]RFC 5925 The TCP Authentication Option
https://www.rfc-editor.org/rfc/pdfrfc/rfc5925.txt.pdf
”h]”(hŒterm”“”)”}”(hŒ&RFC 5925 The TCP Authentication Option”h]”hŒ&RFC 5925 The TCP Authentication Option”…””}”(hjs  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jq  hŸh³h Mºhjm  ubhŒ
definition”“”)”}”(hhh]”hÊ)”}”(hŒ5https://www.rfc-editor.org/rfc/pdfrfc/rfc5925.txt.pdf”h•      ]”hŒ	reference”“”)”}”(hjˆ  h]”hŒ5https://www.rfc-editor.org/rfc/pdfrfc/rfc5925.txt.pdf”…””}”(hjŒ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”jˆ  uh1jŠ  hj†  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h Mºhjƒ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjm  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jk  hŸh³h Mºhjh  ubjl  )”}”(hŒƒRFC 5926 Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)
https://www.rfc-editor.org/rfc/pdfrfc/rfc5926.txt.pdf
”h]”(jr  )”}”(hŒLRFC 5926 Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)”h]”hŒLRFC 5926 Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)”…””}”(hj°  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jq  hŸh³h M½hj¬  ubj‚  )”}”(hhh]”hÊ)”}”(hŒ5https://www.rfc-editor.org/rfc/pdfrfc/rfc5926.txt.pdf”h]”j‹  )”}”(hjÃ  h]”hŒ5https://www.rfc-editor.org/rfc/pdfrfc/rfc5926.txt.pdf”…””}”(hjÅ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”jÃ  uh1jŠ  hjÁ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h M½hj¾  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj¬  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jk  hŸh³h M½hjh  hžhubjl  )”}”(hŒDraft "SHA-2 Algorithm for the TCP Authentication Option (TCP-AO)"
https://datatracker.ietf.org/doc/html/draft-nayak-tcp-sha2-03
”h]”(jr  )”}”(hŒBDraft "SHA-2 Algorithm for the TCP Authentication Option (TCP-AO)"”h]”hŒFDraft â€œSHA-2 Algorithm for the TCP Authentication Option (TCP-AO)â€”…””}”(hjé  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jq  hŸh³h MÀhjå  ubj‚  )”}”(hhh]”hÊ)”}”(hŒ=https://datatracker.ietf.org/doc/html/draft-nayak-tcp-sha2-03”h]”j‹  )”}”(hjü  h]”hŒ=https://datatracker.ietf.org/doc/html/draft-nayak-tcp-sha2-03”…””}”(hjþ  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”jü  uh1jŠ  hjú  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MÀhj÷  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjå  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jk  hŸh³h MÀhjh  hžhubjl  )”}”(hŒ{RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option
https://www.rfc-editor.org/rfc/pdfrfc/rfc2385.txt.pdf
”h]”(jr  )”}”(hŒDRFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option”h]”hŒDRFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option”…””}”(hj"  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jq  hŸh³h MÃhj  ubj‚  )”}”(hhh]”hÊ)”}”(hŒ5https://www.rfc-editor.org/rfc/pdfrfc/rfc2385.txt.pdf”h]”j‹  )”}”(hj5  h]”hŒ5https://www.rfc-editor.org/rfc/pdfrfc/rfc2385.txt.pdf”…””}”(hj7  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”j5  uh1jŠ  hj3  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MÃhj0  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jk  hŸh³h MÃhjh  hžhubeh}”(h]”h ]”h"]”h$]”h&]”uh1jf  hjU  hžhhŸh³h NubhŒ
field_list”“”)”}”(hhh]”hŒfield”“”)”}”(hhh]”(hŒ
field_name”“”)”}”(hŒAuthor”h]”hŒAuthor”…””}”(hji  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jg  hjd  hŸh³h K ubhŒ
field_body”“”)”}”(hŒ Dmitry Safonov <dima@arista.com>”h]”hÊ)”}”(hj{  h]”(hŒDmitry Safonov <”…””}”(hj}  hžhhŸNh Nubj‹  )”}”(hŒdima@arista.com”h]”hŒdima@arista.com”…””}”(hj„  hžhhŸNh Nubah}”(h]”h ]”h"]”h$]”h&]”Œrefuri”Œmailto:dima@arista.com”uh1jŠ  hj}  ubhŒ>”…””}”(hj}  hžhhŸNh Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÉhŸh³h MÅhjy  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jw  hjd  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jb  hŸh³h MÅhj_  hžhubah}”(h]”h ]”h"]”h$]”h&]”uh1j]  hjU  hžhhŸh³h MÅubeh}”(h]”Œlinks”ah ]”h"]”Œ7. links”ah$]”h&]”uh1h´hh¶hžhhŸh³h M·ubeh}”(h]”Œ6tcp-authentication-option-linux-implementation-rfc5925”ah ]”h"]”Œ8tcp authentication option linux implementation (rfc5925)”ah$]”h&]”uh1h´hhhžhhŸh³h Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”h³uh1hŒcurrent_source”NŒcurrent_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(h¹NŒ	generator”NŒ	datestamp”NŒsource_link”NŒ
source_url”NŒtoc_backlinks”j,  Œfootnote_backlinks”KŒsectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒstrip_classes”NŒreport_level”KŒ
halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ	traceback”ˆŒinput_encoding”Œ	utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jâ  Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œlanguage_code”Œen”Œrecord_dependencies”NŒconfig”NŒ	id_prefix”hŒauto_id_prefix”Œid”Œdump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”h³Œ_destination”NŒ_config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒraw_enabled”KŒline_length_limit”M'Œpep_references”NŒpep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒrfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ	tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œsmart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œdocinfo_xform”KŒsectsubtitle_xform”‰Œimage_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(j½  jº  j  j  j   jý  j²
  j¯
  j  jš  j¾  j»  jó  jð  jR  jO  jµ  j²  uŒ	nametypes”}”(j½  ‰j  ‰j   ‰j²
  ‰j  ‰j¾  ‰jó  ‰jR  ‰jµ  ‰uh}”(jº  h¶j  hÙjý  jH  j¯
  j  jš  jµ
  j»  j   jð  jÁ  jO  jö  j²  jU  jC  hìj¨
  jb  uŒfootnote_refs”}”Œcitation_refs”}”Œautofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ	footnotes”]”Œ	citations”]”Œautofootnote_start”KŒsymbol_footnote_start”K Œ
id_counter”Œcollections”ŒCounter”“”}”jð  Ks…”R”Œparse_messages”]”Œtransform_messages”]”Œtransformer”NŒinclude_log”]”Œ
decoration”Nhžhub.