From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LzuxJ-00084v-GD for qemu-devel@nongnu.org; Fri, 01 May 2009 11:47:17 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LzuxE-00084j-3n for qemu-devel@nongnu.org; Fri, 01 May 2009 11:47:16 -0400 Received: from [199.232.76.173] (port=53557 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LzuxD-00084g-Si for qemu-devel@nongnu.org; Fri, 01 May 2009 11:47:11 -0400 Received: from wf-out-1314.google.com ([209.85.200.168]:41490) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LzuxD-00041a-Fc for qemu-devel@nongnu.org; Fri, 01 May 2009 11:47:11 -0400 Received: by wf-out-1314.google.com with SMTP id 26so1839617wfd.4 for ; Fri, 01 May 2009 08:47:10 -0700 (PDT) Message-ID: <49FB1979.1070706@gmail.com> Date: Fri, 01 May 2009 09:47:05 -0600 From: David Ahern MIME-Version: 1.0 Subject: Re: [Qemu-devel] PATCH: enabling TCP keepalives - v3 References: <49F9FEBA.6050901@gmail.com> <20090501113204.GA10763@amd.home.annexia.org> <49FAEFDD.2070002@gmail.com> <20090501152312.GH13308@redhat.com> In-Reply-To: <20090501152312.GH13308@redhat.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , Paul Brook Cc: "Richard W.M. Jones" , qemu-devel@nongnu.org Daniel P. Berrange wrote: > On Fri, May 01, 2009 at 06:49:33AM -0600, David Ahern wrote: >> >> Richard W.M. Jones wrote: >>> On Thu, Apr 30, 2009 at 01:40:42PM -0600, David Ahern wrote: >>>> Did not see a response to the last version. >>>> >>>> This patch enables TCP keepalives on VNC connections and TCP-based char >>>> devices. >>>> >>>> Default parameters have keep alive probes sent after 60-seconds of idle >>>> time. Probes are sent every 12 seconds with the connection resetting >>>> after 5 failed probes (ie., connection is closed if no response received >>>> in 60-seconds). >>> IMHO this should be optional, and firmly default to _OFF_. Brief >>> network outages shouldn't result in connections failing all over the >>> place. In addition, does this negatively impact migration? >> It's not a matter of connections failing; it's a matter of cleaning them >> up for a variety of reasons. Besides the VPN example which motivated >> this patch (i.e, VPN connection drops and when re-established you get a >> differnt IP), there are a lot of networks with very aggressive firewalls >> (e.g., 60-minute timers). Without some sort of keepalive mechanisms >> those firewalls will close the holes and the connections will hang. > > You don't neccessarily always get a different IP for VPN connections, > as administrators may well choose to give users a fixed IP for their > VPN client. I'm not entirely against keepalives, but I thing making Agreed, you don't always get a different IP on reconnects, but in my case you do. Also, VPN users have no control over that; they just see/cause dead connections. > it drop the connection after a mere 60 seconds is way too quick, if this > is enabled by default. I'd be more inclined to just have it use the > kernel defaults for timeouts > > Daniel The parameters I put in cause a drop after 2 minutes of no response -- 60 seconds of idle (no data through the socket) followed by 60 seconds of failed probes. The default parameters for linux are harsh: 7 hours of idle time before the first keepalive is sent. Per an earlier email, I can add an option: tcpkeep=i,j,k where i is the idle time, j is the interval for sending probes and k is the count of missed probes, but I think this is getting to be overkill. I'd prefer to have the dead sockets cleaned up, so I'll take enabling keepalives with default parameters if that causes least resistance. With qemu now supporting multiple VNC sessions, at least that offers an option for recovery on that path. david