| From foo@baz Fri Dec 11 11:38:06 EST 2015 |
| From: Yuchung Cheng <ycheng@google.com> |
| Date: Wed, 18 Nov 2015 18:17:30 -0800 |
| Subject: tcp: disable Fast Open on timeouts after handshake |
| |
| From: Yuchung Cheng <ycheng@google.com> |
| |
| [ Upstream commit 0e45f4da5981895e885dd72fe912a3f8e32bae73 ] |
| |
| Some middle-boxes black-hole the data after the Fast Open handshake |
| (https://www.ietf.org/proceedings/94/slides/slides-94-tcpm-13.pdf). |
| The exact reason is unknown. The work-around is to disable Fast Open |
| temporarily after multiple recurring timeouts with few or no data |
| delivered in the established state. |
| |
| Signed-off-by: Yuchung Cheng <ycheng@google.com> |
| Signed-off-by: Eric Dumazet <edumazet@google.com> |
| Reported-by: Christoph Paasch <cpaasch@apple.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/ipv4/tcp_timer.c | 12 ++++++++++++ |
| 1 file changed, 12 insertions(+) |
| |
| --- a/net/ipv4/tcp_timer.c |
| +++ b/net/ipv4/tcp_timer.c |
| @@ -176,6 +176,18 @@ static int tcp_write_timeout(struct sock |
| syn_set = true; |
| } else { |
| if (retransmits_timed_out(sk, sysctl_tcp_retries1, 0, 0)) { |
| + /* Some middle-boxes may black-hole Fast Open _after_ |
| + * the handshake. Therefore we conservatively disable |
| + * Fast Open on this path on recurring timeouts with |
| + * few or zero bytes acked after Fast Open. |
| + */ |
| + if (tp->syn_data_acked && |
| + tp->bytes_acked <= tp->rx_opt.mss_clamp) { |
| + tcp_fastopen_cache_set(sk, 0, NULL, true, 0); |
| + if (icsk->icsk_retransmits == sysctl_tcp_retries1) |
| + NET_INC_STATS_BH(sock_net(sk), |
| + LINUX_MIB_TCPFASTOPENACTIVEFAIL); |
| + } |
| /* Black hole detection */ |
| tcp_mtu_probing(icsk, sk); |
| |