From mboxrd@z Thu Jan 1 00:00:00 1970 From: Eric Dumazet Subject: Re: [PATCH] net-tcp: extend tcp_tw_reuse sysctl to enable loopback only optimization Date: Mon, 4 Jun 2018 10:18:03 -0700 Message-ID: References: <20180603174117.48539-1-zenczykowski@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Cc: netdev@vger.kernel.org, Neal Cardwell , Yuchung Cheng , Wei Wang To: =?UTF-8?Q?Maciej_=c5=bbenczykowski?= , =?UTF-8?Q?Maciej_=c5=bbenczykowski?= , "David S . Miller" , Eric Dumazet Return-path: Received: from mail-pl0-f67.google.com ([209.85.160.67]:42293 "EHLO mail-pl0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751223AbeFDRSF (ORCPT ); Mon, 4 Jun 2018 13:18:05 -0400 Received: by mail-pl0-f67.google.com with SMTP id w17-v6so4255653pll.9 for ; Mon, 04 Jun 2018 10:18:05 -0700 (PDT) In-Reply-To: <20180603174117.48539-1-zenczykowski@gmail.com> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 06/03/2018 10:41 AM, Maciej Żenczykowski wrote: > From: Maciej Żenczykowski > > This changes the /proc/sys/net/ipv4/tcp_tw_reuse from a boolean > to an integer. > > It now takes the values 0, 1 and 2, where 0 and 1 behave as before, > while 2 enables timewait socket reuse only for sockets that we can > prove are loopback connections: > ie. bound to 'lo' interface or where one of source or destination > IPs is 127.0.0.0/8, ::ffff:127.0.0.0/104 or ::1. > > This enables quicker reuse of ephemeral ports for loopback connections > - where tcp_tw_reuse is 100% safe from a protocol perspective > (this assumes no artificially induced packet loss on 'lo'). > > This also makes estblishing many loopback connections *much* faster > (allocating ports out of the first half of the ephemeral port range > is significantly faster, then allocating from the second half) > > Without this change in a 32K ephemeral port space my sample program > (it just establishes and closes [::1]:ephemeral -> [::1]:server_port > connections in a tight loop) fails after 32765 connections in 24 seconds. > With it enabled 50000 connections only take 4.7 seconds. > > This is particularly problematic for IPv6 where we only have one local > address and cannot play tricks with varying source IP from 127.0.0.0/8 > pool. > > Signed-off-by: Maciej Żenczykowski > Cc: Eric Dumazet > Cc: Neal Cardwell > Cc: Yuchung Cheng > Cc: Wei Wang This seems fine, thanks Maciej Signed-off-by: Eric Dumazet