[net] tcp: disable TFO blackhole logic by default

Message ID	20210721172738.1895009-1-weiwan@google.com
State	New
Headers	show Return-Path: <netdev-owner@kernel.org> Date: Wed, 21 Jul 2021 10:27:38 -0700 Message-Id: <20210721172738.1895009-1-weiwan@google.com> Mime-Version: 1.0 Subject: [PATCH net] tcp: disable TFO blackhole logic by default From: Wei Wang <weiwan@google.com> To: Jakub Kicinski <kuba@kernel.org>, "David S . Miller" <davem@davemloft.net>, netdev@vger.kernel.org Cc: Eric Dumazet <edumazet@google.com>, Neal Cardwell <ncardwell@google.com>, Soheil Hassas Yeganeh <soheil@google.com>, Yuchung Cheng <ycheng@google.com> Content-Type: text/plain; charset="UTF-8" Precedence: bulk
Series	[net] tcp: disable TFO blackhole logic by default \| expand [net] tcp: disable TFO blackhole logic by default

Message ID

20210721172738.1895009-1-weiwan@google.com

State

New

Headers

Date: Wed, 21 Jul 2021 10:27:38 -0700
Message-Id: <20210721172738.1895009-1-weiwan@google.com>
Mime-Version: 1.0
Subject: [PATCH net] tcp: disable TFO blackhole logic by default
From: Wei Wang <weiwan@google.com>
To: Jakub Kicinski <kuba@kernel.org>,
	"David S . Miller" <davem@davemloft.net>, netdev@vger.kernel.org
Cc: Eric Dumazet <edumazet@google.com>, Neal Cardwell <ncardwell@google.com>,
	Soheil Hassas Yeganeh <soheil@google.com>,
	Yuchung Cheng <ycheng@google.com>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

Series

[net] tcp: disable TFO blackhole logic by default | expand

Commit Message

Wei Wang July 21, 2021, 5:27 p.m. UTC

Multiple complaints have been raised from the TFO users on the internet
stating that the TFO blackhole logic is too aggressive and gets falsely
triggered too often.
(e.g. https://blog.apnic.net/2021/07/05/tcp-fast-open-not-so-fast/)
Considering that most middleboxes no longer drop TFO packets, we decide
to disable the blackhole logic by setting
/proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_set to 0 by default.

Fixes: cf1ef3f0719b4 ("net/tcp_fastopen: Disable active side TFO in certain scenarios")
Signed-off-by: Wei Wang <weiwan@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com> 
Acked-by: Neal Cardwell <ncardwell@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
---
 Documentation/networking/ip-sysctl.rst | 2 +-
 net/ipv4/tcp_fastopen.c                | 9 ++++++++-
 net/ipv4/tcp_ipv4.c                    | 2 +-
 3 files changed, 10 insertions(+), 3 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org July 22, 2021, 6 a.m. UTC | #1

Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Wed, 21 Jul 2021 10:27:38 -0700 you wrote:
> Multiple complaints have been raised from the TFO users on the internet
> stating that the TFO blackhole logic is too aggressive and gets falsely
> triggered too often.
> (e.g. https://blog.apnic.net/2021/07/05/tcp-fast-open-not-so-fast/)
> Considering that most middleboxes no longer drop TFO packets, we decide
> to disable the blackhole logic by setting
> /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_set to 0 by default.
> 
> [...]

Here is the summary with links:
  - [net] tcp: disable TFO blackhole logic by default
    https://git.kernel.org/netdev/net/c/213ad73d0607

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
index b3fa522e4cd9..316c7dfa9693 100644
--- a/Documentation/networking/ip-sysctl.rst
+++ b/Documentation/networking/ip-sysctl.rst
@@ -826,7 +826,7 @@  tcp_fastopen_blackhole_timeout_sec - INTEGER
 	initial value when the blackhole issue goes away.
 	0 to disable the blackhole detection.
 
-	By default, it is set to 1hr.
+	By default, it is set to 0 (feature is disabled).
 
 tcp_fastopen_key - list of comma separated 32-digit hexadecimal INTEGERs
 	The list consists of a primary key and an optional backup key. The
diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
index b32af76e2132..25fa4c01a17f 100644
--- a/net/ipv4/tcp_fastopen.c
+++ b/net/ipv4/tcp_fastopen.c
@@ -507,6 +507,9 @@  void tcp_fastopen_active_disable(struct sock *sk)
 {
 	struct net *net = sock_net(sk);
 
+	if (!sock_net(sk)->ipv4.sysctl_tcp_fastopen_blackhole_timeout)
+		return;
+
 	/* Paired with READ_ONCE() in tcp_fastopen_active_should_disable() */
 	WRITE_ONCE(net->ipv4.tfo_active_disable_stamp, jiffies);
 
@@ -526,10 +529,14 @@  void tcp_fastopen_active_disable(struct sock *sk)
 bool tcp_fastopen_active_should_disable(struct sock *sk)
 {
 	unsigned int tfo_bh_timeout = sock_net(sk)->ipv4.sysctl_tcp_fastopen_blackhole_timeout;
-	int tfo_da_times = atomic_read(&sock_net(sk)->ipv4.tfo_active_disable_times);
 	unsigned long timeout;
+	int tfo_da_times;
 	int multiplier;
 
+	if (!tfo_bh_timeout)
+		return false;
+
+	tfo_da_times = atomic_read(&sock_net(sk)->ipv4.tfo_active_disable_times);
 	if (!tfo_da_times)
 		return false;
 
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index b9dc2d6197be..a692626c19e4 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -2965,7 +2965,7 @@  static int __net_init tcp_sk_init(struct net *net)
 	net->ipv4.sysctl_tcp_comp_sack_nr = 44;
 	net->ipv4.sysctl_tcp_fastopen = TFO_CLIENT_ENABLE;
 	spin_lock_init(&net->ipv4.tcp_fastopen_ctx_lock);
-	net->ipv4.sysctl_tcp_fastopen_blackhole_timeout = 60 * 60;
+	net->ipv4.sysctl_tcp_fastopen_blackhole_timeout = 0;
 	atomic_set(&net->ipv4.tfo_active_disable_times, 0);
 
 	/* Reno is always built in */

[net] tcp: disable TFO blackhole logic by default

Commit Message

Comments

Patch