keywords
Type of Service (ToS) was deprecated in the late nineties and replaced
with the Differentiated Services architecture. Diffserv has significant
advantages for operators because this mechanism offers more granularity.
OpenSSH switched its default IPQoS from ToS to DSCP values in 2018.
IPQoS configurations with 'lowdelay', 'reliability', or 'throughput' will be
ignored and instead the system default QoS settings apply. Additionally, a
debug message is logged about the deprecation with a suggestion to use DSCP.
with/OK deraadt@ sthen@ djm@
OpenBSD-Commit-ID:
40c8c0c5cb20151a348728703536af2ec1c754ba
-/* $OpenBSD: misc.c,v 1.200 2025/05/22 03:53:46 dtucker Exp $ */
+/* $OpenBSD: misc.c,v 1.201 2025/07/31 11:23:39 job Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005-2020 Damien Miller. All rights reserved.
{ "cs7", IPTOS_DSCP_CS7 },
{ "ef", IPTOS_DSCP_EF },
{ "le", IPTOS_DSCP_LE },
- { "lowdelay", IPTOS_LOWDELAY },
- { "throughput", IPTOS_THROUGHPUT },
- { "reliability", IPTOS_RELIABILITY },
+ { "lowdelay", INT_MIN }, /* deprecated */
+ { "throughput", INT_MIN }, /* deprecated */
+ { "reliability", INT_MIN }, /* deprecated */
{ NULL, -1 }
};
-/* $OpenBSD: readconf.c,v 1.402 2025/07/31 09:38:41 job Exp $ */
+/* $OpenBSD: readconf.c,v 1.403 2025/07/31 11:23:39 job Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
filename, linenum, arg);
goto out;
}
+ if (value == INT_MIN) {
+ debug("%s line %d: Deprecated IPQoS value \"%s\" "
+ "ignored - using system default instead. Consider"
+ " using DSCP values.", filename, linenum, arg);
+ value = INT_MAX;
+ }
arg = argv_next(&ac, &av);
if (arg == NULL)
value2 = value;
filename, linenum, arg);
goto out;
}
+ if (value2 == INT_MIN) {
+ debug("%s line %d: Deprecated IPQoS value \"%s\" "
+ "ignored - using system default instead. Consider"
+ " using DSCP values.", filename, linenum, arg);
+ value2 = INT_MAX;
+ }
if (*activep && options->ip_qos_interactive == -1) {
options->ip_qos_interactive = value;
options->ip_qos_bulk = value2;
-/* $OpenBSD: readconf.h,v 1.159 2025/02/15 01:48:30 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.160 2025/07/31 11:23:39 job Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
int strict_host_key_checking; /* Strict host key checking. */
int compression; /* Compress packets in both directions. */
int tcp_keep_alive; /* Set SO_KEEPALIVE. */
- int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */
- int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */
+ int ip_qos_interactive; /* DSCP value for interactive */
+ int ip_qos_bulk; /* DSCP value for bulk traffic */
SyslogFacility log_facility; /* Facility for system logging. */
LogLevel log_level; /* Level for logging. */
u_int num_log_verbose; /* Verbose log overrides */
-/* $OpenBSD: servconf.c,v 1.428 2025/07/31 09:38:41 job Exp $ */
+/* $OpenBSD: servconf.c,v 1.429 2025/07/31 11:23:39 job Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
if ((value = parse_ipqos(arg)) == -1)
fatal("%s line %d: Bad %s value: %s",
filename, linenum, keyword, arg);
+ if (value == INT_MIN) {
+ debug("%s line %d: Deprecated IPQoS value \"%s\" "
+ "ignored - using system default instead. Consider"
+ " using DSCP values.", filename, linenum, arg);
+ value = INT_MAX;
+ }
arg = argv_next(&ac, &av);
if (arg == NULL)
value2 = value;
else if ((value2 = parse_ipqos(arg)) == -1)
fatal("%s line %d: Bad %s value: %s",
filename, linenum, keyword, arg);
+ if (value2 == INT_MIN) {
+ debug("%s line %d: Deprecated IPQoS value \"%s\" "
+ "ignored - using system default instead. Consider"
+ " using DSCP values.", filename, linenum, arg);
+ value2 = INT_MAX;
+ }
if (*activep) {
options->ip_qos_interactive = value;
options->ip_qos_bulk = value2;
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.415 2025/07/31 09:38:41 job Exp $
+.\" $OpenBSD: ssh_config.5,v 1.416 2025/07/31 11:23:39 job Exp $
.Dd $Mdocdate: July 31 2025 $
.Dt SSH_CONFIG 5
.Os
block
to perform conditional inclusion.
.It Cm IPQoS
-Specifies the IPv4 type-of-service or DSCP class for connections.
+Specifies the
+.Em Differentiated Services Field Codepoint Pq DSCP
+value for connections.
Accepted values are
.Cm af11 ,
.Cm af12 ,
.Cm cs7 ,
.Cm ef ,
.Cm le ,
-.Cm lowdelay ,
-.Cm throughput ,
-.Cm reliability ,
a numeric value, or
.Cm none
to use the operating system default.
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.382 2025/07/31 09:38:41 job Exp $
+.\" $OpenBSD: sshd_config.5,v 1.383 2025/07/31 11:23:39 job Exp $
.Dd $Mdocdate: July 31 2025 $
.Dt SSHD_CONFIG 5
.Os
block
to perform conditional inclusion.
.It Cm IPQoS
-Specifies the IPv4 type-of-service or DSCP class for the connection.
+Specifies the
+.Em Differentiated Services Field Codepoint Pq DSCP
+value for the connection.
Accepted values are
.Cm af11 ,
.Cm af12 ,
.Cm cs7 ,
.Cm ef ,
.Cm le ,
-.Cm lowdelay ,
-.Cm throughput ,
-.Cm reliability ,
a numeric value, or
.Cm none
to use the operating system default.
projects / thirdparty / openssh-portable.git / commitdiff
