From: Rick Jones <rick.jones2@hp.com>
To: Chris Verges <cverges@sentient-energy.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
davem@davemloft.net, kuznet@ms2.inr.ac.ru, jmorris@namei.org,
yoshfuji@linux-ipv6.org, kaber@trash.net, netdev@vger.kernel.org
Subject: Re: Established sockets remain open after iface down or address lost
Date: Tue, 01 Oct 2013 10:06:17 -0700 [thread overview]
Message-ID: <524B0109.80007@hp.com> (raw)
In-Reply-To: <20131001160825.GA8784@cverges-dev-lnx.sentient-energy.com>
On 10/01/2013 09:08 AM, Chris Verges wrote:
> On Tue, Oct 01, 2013 at 08:44:17AM -0700, Rick Jones wrote:
>> The protocol between client and server needs to have an
>> application-layer "keepalive" mechanism added, and then the server
>> will be able to detect a dangling connection without need of any
>> further kernel modifications.
>>
>> If that is not possible, the server can/should set SO_KEEPALIVE and
>> perhaps tweak the TCP keepalive settings. Not as good (IMO) as an
>> application-layer keepalive because it only shows that the connection
>> is good as far as TCP, but I suppose it could do in a pinch.
>
> I agree that some form of keepalives would solve the problem where
> blocking reads need to be interrupted. However, this creates traffic
> across the link -- directly proportional to the keepalive interval.
>
> The underlying physical layer is such that we pay for all traffic going
> across it -- including any keepalives at either the application or TCP
> layers. Paying for this keepalive traffic when the link is operational
> is not desired.
Pick your poison :)
If the server application is in a "I know there should be (more) data
arriving on this connection" mode, then you can simply have an
application-layer timeout in the server code that does not rely on
active probing the connection.
Otherwise, even if you do get some sort of "nuke connections using a
source IP matching an interface we just brought down" option into the
kernel, you will still have the small matter of something else between
the client and server going down that neither can see directly.
rick jones
next prev parent reply other threads:[~2013-10-01 17:06 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-26 6:04 Established sockets remain open after iface down or address lost Chris Verges
2013-09-26 13:49 ` Eric Dumazet
2013-10-01 13:27 ` Chris Verges
2013-10-01 15:44 ` Rick Jones
2013-10-01 16:08 ` Chris Verges
2013-10-01 17:06 ` Rick Jones [this message]
2013-10-01 16:33 ` Alexey Kuznetsov
2013-10-01 17:07 ` Chris Verges
2013-10-01 19:00 ` Alexey Kuznetsov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=524B0109.80007@hp.com \
--to=rick.jones2@hp.com \
--cc=cverges@sentient-energy.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=jmorris@namei.org \
--cc=kaber@trash.net \
--cc=kuznet@ms2.inr.ac.ru \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).