FreeBSD: better support for TFO
[exim.git] / test / scripts / 1990-TCP-Fast-Open / 1990
CommitLineData
a2673768
JH
1# TCP Fast Open
2#
3# Linux:
4# Both server and client-side TFO support must be enabled in the
5# kernel, 'sudo sh -c "echo 3 > /proc/sys/net/ipv4/tcp_fastopen"'.
6#
7# A packet capture on the loopback interface will show the TFO
8# option on the SYN, but the fast-output SMTP banner will not
9# be seen unless you also deliberately emulate a long path:
8255135b 10# 'sudo tc qdisc add dev lo root netem delay 50ms'
11a5264b 11# You'll need iproute-tc installed, for the tc command.
1ccd5f67
JH
12# You'll need kernel-modules-extra installed, or you get
13# an unhelpful error from RTNETLINK.
14# To tidy up: 'sudo tc qdisc delete dev lo root'
a2673768 15#
b536a578
JH
16# MacOS:
17# The kernel seems to have TFO enabled both ways as default.
18# There is a net.inet.tcp.clear_tfocache parameter
19## sysctl -w foo-val
20#
21# For network delays there is something called 'Network Link Conditioner'
22# which might do the job. But how to manipulate it?
23#
24#
73a10da9
JH
25# FreeBSD: it looks like you have to compile a custom kernel, with
26# 'options TCP_RFC7413' in the config. Also set
27# 'net.inet.tcp.fastopen.server_enable=1' in /etc/sysctl.conf
28# Seems to always claim TFO used by transport, if tried.
29#
8255135b
JH
30sudo perl
31system ("tc qdisc add dev lo root netem delay 50ms");
32****
33#
38da9088
JH
34#
35# Disable the TFO blackhole detection, as we seem to be running foul of it.
36# If bitten, we see the expected EINPROGRESS for sendto, yet no TFO cookie
37# option on the SYN.
38#
39sudo perl
2d58d815 40system ("[ -e /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec ] && echo 0 > /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec");
38da9088
JH
41****
42#
a2673768
JH
43# First time runs will see a TFO request option only; subsequent
44# ones should see the TFO cookie and fast-output SMTP banner
45# (currently on a separate packet after the server SYN,ACK but before
46# the client ACK).
47#
b536a578
JH
48# The client log => line should have a "TFO" element.
49# The server log <= line for a@test.ex should not.
ac0dcd3f 50#
b536a578 51# First clear any previously-obtained cookie:
8255135b
JH
52sudo perl
53system ("ip tcp_metrics delete 127.0.0.1");
54****
55#
a2673768
JH
56#
57#
a2673768
JH
58exim -DSERVER=server -bd -oX PORT_D
59****
ac0dcd3f 60#
a2673768
JH
61exim a@test.ex
62Testing
63****
64sleep 3
ac0dcd3f 65#
b536a578
JH
66# The server log <= line for b@test.ex should have a "TFO" element, but
67# this will only be obtained when the above delay is inserted into the
68# loopback net path.
69#
a2673768
JH
70exim b@test.ex
71Testing
72****
73sleep 3
ac0dcd3f 74#
8255135b
JH
75#
76sudo perl
77system ("tc qdisc delete dev lo root");
2d58d815 78system ("[ -e /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec ] && echo 3600 > /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec");
8255135b
JH
79****
80#
a2673768
JH
81killdaemon
82no_msglog_check