From: Matthieu Baerts <matthieu.baerts@tessares.net>
To: Mat Martineau <mathew.j.martineau@linux.intel.com>
Cc: MPTCP Upstream <mptcp@lists.linux.dev>
Subject: Re: Checksum support: default behaviour
Date: Mon, 14 Jun 2021 17:54:37 +0200 [thread overview]
Message-ID: <eac91c93-e4cb-4196-6daa-c9711606aa40@tessares.net> (raw)
In-Reply-To: <c8d3563b-4495-b151-645f-305e4192c2c@linux.intel.com>
Hi Mat,
Thank you for your reply!
On 12/06/2021 06:05, Mat Martineau wrote:
> On Fri, 11 Jun 2021, Matthieu Baerts wrote:
>
>> Hello,
>>
>> With the current checksum support series from Geliang and Paolo
>> available in our tree, the default behaviour is not to use this checksum
>> feature.
>>
>> Should we eventually do the opposite and have it enabled by default?
>>
>> I do understand this has a cost in terms of performances but this could
>> help detecting nasty middleboxes, i.e. the ones that modify the TCP
>> packets without modifying MPTCP options if needed.
>>
>> On the other hand, I don't have numbers showing if these middleboxes are
>> rare or not.
>>
>> But also, the main issue I see if we enable the checksum support by
>> default is that we are no longer able to talk to servers not supporting
>> it (<5.13), no?
>>
>> WDYT?
>>
>
> I lean toward leaving checksums off by default, based on what I've heard
> from community members. It sounds like large deployments haven't seen
> checksums catch many problems? Some actual data about the frequency of
> checksum failures would really help.
I don't have data but I asked around and the checksum support has been
added for middleboxes like Application-level gateway (ALG) or the ones
modifying HTTP to add more content, inject JS, etc.
For the ALG, I know that they are needed for NAT, e.g. for FTP to change
the IP/port inside the payload. But in this case, I don't think it is
supposed to change the size of the packet, only bytes inside. (except if
we switch from v4 to v6?). So in theory, MPTCP DSS doesn't need to be
updated.
For the other cases, hopefully these middleboxes should inject quite a
bit of data and that should be somehow visible for MPTCP to fallback to
TCP. But again, I didn't do any experiment on that nor have data.
At Tessares, we usually control the network between the client and the
server but the situation is different using the "wild Internet" :)
> Your last point about connecting to older upstream kernels is also an
> important one. I'd rather keep it possible to connect to those kernels
> using default configuration options unless it's too risky to do so.
Yes, that seems to force us to keep it disabled by default. At least for
the moment.
Cheers,
Matt
--
Tessares | Belgium | Hybrid Access Solutions
www.tessares.net
next prev parent reply other threads:[~2021-06-14 15:54 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-11 14:59 Checksum support: default behaviour Matthieu Baerts
2021-06-12 4:05 ` Mat Martineau
2021-06-14 10:39 ` Paolo Abeni
2021-06-14 15:58 ` Matthieu Baerts
2021-06-14 15:54 ` Matthieu Baerts [this message]
2021-06-18 14:23 ` Matthieu Baerts
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eac91c93-e4cb-4196-6daa-c9711606aa40@tessares.net \
--to=matthieu.baerts@tessares.net \
--cc=mathew.j.martineau@linux.intel.com \
--cc=mptcp@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.