Bug 89831
Summary: | timeout of TCP-sockets is *infinite* by default .. even if TCP-connection is already *broken* | ||
---|---|---|---|
Product: | Networking | Reporter: | Andrej Antonov (polymorphm) |
Component: | IPV4 | Assignee: | Stephen Hemminger (stephen) |
Status: | NEW --- | ||
Severity: | normal | CC: | polymorphm, shemming, szg00000 |
Priority: | P1 | ||
Hardware: | All | ||
OS: | Linux | ||
Kernel Version: | all | Subsystem: | |
Regression: | No | Bisected commit-id: | |
Attachments: | test for catch infinite freezing (on TCP-sockets by default) on GNU/Linux |
Description
Andrej Antonov
2014-12-17 06:33:40 UTC
TCP connection time is independent of link state, this is how BSD sockets work, the IP layer is independent of underlying link. The protocols are designed to retry. The default timeout for a TCP connection is determined by the number of retries and the retry timeout. This number of retries is controlled by the sysctl documented in kernel (Documentation/networking/ip-sysctl.txt) tcp_syn_retries - INTEGER Number of times initial SYNs for an active TCP connection attempt will be retransmitted. Should not be higher than 255. Default value is 6, which corresponds to 63seconds till the last retransmission with the current initial RTO of 1second. With this the final timeout for an active TCP connection attempt will happen after 127seconds. > TCP connection time is independent of link state, this is how BSD sockets > work, the IP layer is independent of underlying link. The protocols are > designed to retry. yes, in my example ( https://gist.github.com/polymorphm/0e057402c9fa82547d72 ) -- we made some DOWN-and-UP of iface link-layer at localhost. but if we will breaking link on *router-cumputer* (not breaking link on localhost) -- than we will get same issue on localhost: infinite freeze after "[step 8]". and on router-computer: we may using (for example) iptables for temporary breaking TCP-socket-states (not necessarily physical link iface down\up): iptables -w -P FORWARD DROP; ip6tables -w -P FORWARD DROP sleep "${some_seconds_for_breaking_TCP_sessions}" iptables -w -P FORWARD ACCEPT; ip6tables -w -P FORWARD ACCEPT sorry, I can not write *fully-automated* example-code, that parallelly-manipulating actions on localhost and actions on router-computer. :-) > tcp_syn_retries ... if TCP-socket yet already transmitted all own data (successfully transmitted) and local-peer now only waiting data (or disconnection) from remote-peer... at this TCP-socket-state -- parameter "tcp_syn_retries" -- does not affect to this waiting. if (at this TCP-socket-state) TCP-session would be broken -- than on local-peer timeout never reached. |