From: Rick Jones <rick.jones2@hp.com>
To: "Pádraig Brady" <P@draigBrady.com>
Cc: netdev@vger.kernel.org
Subject: Re: auto recycling of TIME_WAIT connections
Date: Fri, 07 Sep 2007 10:04:09 -0700 [thread overview]
Message-ID: <46E18489.6060100@hp.com> (raw)
In-Reply-To: <46E11829.4090607@draigBrady.com>
> The first issue, requires a large timeout, and
> the TIME_WAIT timeout is currently 60 seconds on linux.
> That timeout effectively limits the connection rate between
> local TCP clients and a server to 32k/60s or around 500 connections/second.
Actually, it would be more like 60k/60s if the application were making
explicit calls to bind() as arguably it should if it is going to be
churning through so many connections.
This was an issue over a decade ago with SPECweb96 benchmarking. The
initial solution was to make the explicit bind() calls and not rely on
the anonymous/ephemeral port space. After that, one starts adding
additional IP's into the mix (at least where possible). And if that
fails, one has to go back to the beginning and ask oneself exactly why a
client is trying to churn through so many connections per second in the
first place.
If we were slavishly conformant to the RFC's :) that 60 seconds would be
240 seconds...
> But that issue can't really happen when the client
> and server are on the same machine can it, and
> even if it could, the timeouts involved would be shorter.
>
> Now linux does have an (undocumented) /proc/sys/net/ipv4/tcp_tw_recycle flag
> to enable recycling of TIME_WAIT connections. This is global however and could cause
> problems in general for external connections.
Rampant speculation begins...
If the client can be convinced to just call shutdown(SHUT_RDWR) rather
than close(), and be the first to do so, ahead of the server, I think it
will retain a link to the TCP endpoint in TIME_WAIT. It could then, in
TCP theory, call connect() again, and go through a path that allows
transition from TIME_WAIT to ESTABLISHED if all the right things wrt
Initial Sequence Number selection happen. Whether randomization of the
ISN allows that today is questionable.
> So how about auto enabling recycling for local connections?
I think the standard response is that one can never _really_ know what
is local and what not, particularly in the presence of netfilter and the
rewriting of headers behind one's back.
rick jones
next prev parent reply other threads:[~2007-09-07 17:05 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-07 9:21 auto recycling of TIME_WAIT connections Pádraig Brady
2007-09-07 17:04 ` Rick Jones [this message]
2007-09-10 10:26 ` Pádraig Brady
2007-09-10 17:23 ` Rick Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46E18489.6060100@hp.com \
--to=rick.jones2@hp.com \
--cc=P@draigBrady.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).