Skip to content

Implement TCP FastOpen (TFO) RFC7413 #840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bradh352 merged 31 commits into from
Jul 31, 2024
Merged

Implement TCP FastOpen (TFO) RFC7413 #840

bradh352 merged 31 commits into from
Jul 31, 2024

Conversation

@bradh352
Copy link
Member

@bradh352 bradh352 commented Jul 29, 2024
edited
Loading

TCP Fast Open (TFO) allows TCP connection establishment in 0-RTT when a client and server have previously communicated. The SYN packet will also contain the initial data packet from the client to the server. This means there should be virtually no slowdown over UDP when both sides support TCP FastOpen, which is unfortunately not always the case. For instance, 1.1.1.1 appears to support TFO, however 8.8.8.8 does not.

This implementation supports Linux, Android, FreeBSD, MacOS, and iOS. While Windows does have support for TCP FastOpen it does so via completion APIs only, and that can't be used with polling APIs like used by every other OS. We could implement it in the future if desired for those using ARES_OPT_EVENT_THREAD, but it would probably require adopting IOCP completely on Windows.

Sysctls are required to be set appropriately:

  • Linux: net.ipv4.tcp_fastopen:
    • 1 = client only (typically default)
    • 2 = server only
    • 3 = client and server
  • MacOS: net.inet.tcp.fastopen
    • 1 = client only
    • 2 = server only
    • 3 = client and server (typically default)
  • FreeBSD: net.inet.tcp.fastopen.server_enable (boolean) and net.inet.tcp.fastopen.client_enable (boolean)

This feature is always-on, when running on an OS with the capability enabled. Though some middleboxes have impacted end-to-end TFO and caused connectivity errors, all modern OSs perform automatic blackholing of IPs that have issues with TFO. It is not expected this to cause any issues in the modern day implementations.

This will also help with improving latency for future DoT and DoH implementations.

Authored-By: Brad House (@bradh352)

@bradh352 bradh352 marked this pull request as draft July 29, 2024 21:09
@bradh352 bradh352 marked this pull request as ready for review July 31, 2024 00:48
@bradh352 bradh352 merged commit dc423fb into c-ares:main Jul 31, 2024
@bradh352 bradh352 deleted the tcp_fastopen branch July 31, 2024 12:28
@cd606
Copy link

cd606 commented Aug 11, 2024

Hello, this update broken my vcpkg build on CentOS 7, which has an old kernel version that does not support TCP_FASTOPEN_CONNECT. Is it possible to get this working for these kind of older kernels? Thanks.

@bradh352
Copy link
Member Author

bradh352 commented Aug 11, 2024

Hello, this update broken my vcpkg build on CentOS 7, which has an old kernel version that does not support TCP_FASTOPEN_CONNECT. Is it possible to get this working for these kind of older kernels? Thanks.

already fixed in 4abdf7d

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bradh352 @cd606