tcp: temporarily disable Fast Open on SYN timeout
Fast Open currently has a fall back feature to address SYN-data being dropped but it requires the middle-box to pass on regular SYN retry after SYN-data. This is implemented in commitaab487435
("net-tcp: Fast Open client - detecting SYN-data drops") However some NAT boxes will drop all subsequent packets after first SYN-data and blackholes the entire connections. An example is in commit356d7d8
"netfilter: nf_conntrack: fix tcp_in_window for Fast Open". The sender should note such incidents and fall back to use the regular TCP handshake on subsequent attempts temporarily as well: after the second SYN timeouts the original Fast Open SYN is most likely lost. When such an event recurs Fast Open is disabled based on the number of recurrences exponentially. Signed-off-by: Yuchung Cheng <ycheng@google.com> Signed-off-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
aa58d9813d
commit
c968601d17
|
@ -671,8 +671,9 @@ void tcp_fastopen_cache_set(struct sock *sk, u16 mss,
|
|||
struct tcp_fastopen_metrics *tfom = &tm->tcpm_fastopen;
|
||||
|
||||
write_seqlock_bh(&fastopen_seqlock);
|
||||
tfom->mss = mss;
|
||||
if (cookie->len > 0)
|
||||
if (mss)
|
||||
tfom->mss = mss;
|
||||
if (cookie && cookie->len > 0)
|
||||
tfom->cookie = *cookie;
|
||||
if (syn_lost) {
|
||||
++tfom->syn_loss;
|
||||
|
|
|
@ -156,12 +156,16 @@ static bool retransmits_timed_out(struct sock *sk,
|
|||
static int tcp_write_timeout(struct sock *sk)
|
||||
{
|
||||
struct inet_connection_sock *icsk = inet_csk(sk);
|
||||
struct tcp_sock *tp = tcp_sk(sk);
|
||||
int retry_until;
|
||||
bool do_reset, syn_set = false;
|
||||
|
||||
if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) {
|
||||
if (icsk->icsk_retransmits)
|
||||
if (icsk->icsk_retransmits) {
|
||||
dst_negative_advice(sk);
|
||||
if (tp->syn_fastopen || tp->syn_data)
|
||||
tcp_fastopen_cache_set(sk, 0, NULL, true);
|
||||
}
|
||||
retry_until = icsk->icsk_syn_retries ? : sysctl_tcp_syn_retries;
|
||||
syn_set = true;
|
||||
} else {
|
||||
|
|
Loading…
Reference in New Issue