Commit | Line | Data |
---|---|---|
a2673768 JH |
1 | # TCP Fast Open |
2 | # | |
3 | # Linux: | |
4 | # Both server and client-side TFO support must be enabled in the | |
5 | # kernel, 'sudo sh -c "echo 3 > /proc/sys/net/ipv4/tcp_fastopen"'. | |
6 | # | |
7 | # A packet capture on the loopback interface will show the TFO | |
8 | # option on the SYN, but the fast-output SMTP banner will not | |
9 | # be seen unless you also deliberately emulate a long path: | |
8255135b | 10 | # 'sudo tc qdisc add dev lo root netem delay 50ms' |
11a5264b | 11 | # You'll need iproute-tc installed, for the tc command. |
1ccd5f67 JH |
12 | # You'll need kernel-modules-extra installed, or you get |
13 | # an unhelpful error from RTNETLINK. | |
14 | # To tidy up: 'sudo tc qdisc delete dev lo root' | |
a2673768 | 15 | # |
b536a578 JH |
16 | # MacOS: |
17 | # The kernel seems to have TFO enabled both ways as default. | |
18 | # There is a net.inet.tcp.clear_tfocache parameter | |
19 | ## sysctl -w foo-val | |
20 | # | |
21 | # For network delays there is something called 'Network Link Conditioner' | |
22 | # which might do the job. But how to manipulate it? | |
23 | # | |
24 | # | |
73a10da9 JH |
25 | # FreeBSD: it looks like you have to compile a custom kernel, with |
26 | # 'options TCP_RFC7413' in the config. Also set | |
27 | # 'net.inet.tcp.fastopen.server_enable=1' in /etc/sysctl.conf | |
28 | # Seems to always claim TFO used by transport, if tried. | |
29 | # | |
8255135b JH |
30 | sudo perl |
31 | system ("tc qdisc add dev lo root netem delay 50ms"); | |
32 | **** | |
33 | # | |
38da9088 JH |
34 | # |
35 | # Disable the TFO blackhole detection, as we seem to be running foul of it. | |
36 | # If bitten, we see the expected EINPROGRESS for sendto, yet no TFO cookie | |
37 | # option on the SYN. | |
38 | # | |
39 | sudo perl | |
2d58d815 | 40 | system ("[ -e /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec ] && echo 0 > /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec"); |
38da9088 JH |
41 | **** |
42 | # | |
a2673768 JH |
43 | # First time runs will see a TFO request option only; subsequent |
44 | # ones should see the TFO cookie and fast-output SMTP banner | |
45 | # (currently on a separate packet after the server SYN,ACK but before | |
46 | # the client ACK). | |
47 | # | |
b536a578 JH |
48 | # The client log => line should have a "TFO" element. |
49 | # The server log <= line for a@test.ex should not. | |
ac0dcd3f | 50 | # |
b536a578 | 51 | # First clear any previously-obtained cookie: |
8255135b JH |
52 | sudo perl |
53 | system ("ip tcp_metrics delete 127.0.0.1"); | |
54 | **** | |
55 | # | |
a2673768 JH |
56 | # |
57 | # | |
a2673768 JH |
58 | exim -DSERVER=server -bd -oX PORT_D |
59 | **** | |
ac0dcd3f | 60 | # |
a2673768 JH |
61 | exim a@test.ex |
62 | Testing | |
63 | **** | |
64 | sleep 3 | |
ac0dcd3f | 65 | # |
b536a578 JH |
66 | # The server log <= line for b@test.ex should have a "TFO" element, but |
67 | # this will only be obtained when the above delay is inserted into the | |
68 | # loopback net path. | |
69 | # | |
a2673768 JH |
70 | exim b@test.ex |
71 | Testing | |
72 | **** | |
73 | sleep 3 | |
ac0dcd3f | 74 | # |
8255135b JH |
75 | # |
76 | sudo perl | |
77 | system ("tc qdisc delete dev lo root"); | |
2d58d815 | 78 | system ("[ -e /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec ] && echo 3600 > /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec"); |
8255135b JH |
79 | **** |
80 | # | |
a2673768 JH |
81 | killdaemon |
82 | no_msglog_check |