According to RFC 2988 and RFC 6298, we should use an exponential
backoff timeout for data retransmission starting from one second
(see Appendix A in RFC 6298), and limit it to about 60 seconds
as allowed by the same RFC:
(2.5) A maximum value MAY be placed on RTO provided it is at
least 60 seconds.
Combine the macros defining the initial timeout for both SYN and ACK.
And add a macro ACK_RETRIES to limit the total timeout to about 60s.
Signed-off-by: Yumei Huang
---
tcp.c | 32 ++++++++++++++++----------------
1 file changed, 16 insertions(+), 16 deletions(-)
diff --git a/tcp.c b/tcp.c
index 3ce3991..84da069 100644
--- a/tcp.c
+++ b/tcp.c
@@ -179,16 +179,12 @@
*
* Timeouts are implemented by means of timerfd timers, set based on flags:
*
- * - SYN_TIMEOUT_INIT: if no ACK is received from tap/guest during handshake
- * (flag ACK_FROM_TAP_DUE without ESTABLISHED event) within this time, resend
- * SYN. It's the starting timeout for the first SYN retry. If this persists
- * for more than TCP_MAX_RETRIES or (tcp_syn_retries +
- * tcp_syn_linear_timeouts) times in a row, reset the connection
- *
- * - ACK_TIMEOUT: if no ACK segment was received from tap/guest, after sending
- * data (flag ACK_FROM_TAP_DUE with ESTABLISHED event), re-send data from the
- * socket and reset sequence to what was acknowledged. If this persists for
- * more than TCP_MAX_RETRIES times in a row, reset the connection
+ * - ACK_TIMEOUT_INIT: if no ACK segment was received from tap/guest, eiher
+ * during handshake(flag ACK_FROM_TAP_DUE without ESTABLISHED event) or after
+ * sending data (flag ACK_FROM_TAP_DUE with ESTABLISHED event), re-send data
+ * from the socket and reset sequence to what was acknowledged. It's the
+ * starting timeout for the first retry. If this persists for more than
+ * allowed times in a row, reset the connection
*
* - FIN_TIMEOUT: if a FIN segment was sent to tap/guest (flag ACK_FROM_TAP_DUE
* with TAP_FIN_SENT event), and no ACK is received within this time, reset
@@ -342,8 +338,7 @@ enum {
#define WINDOW_DEFAULT 14600 /* RFC 6928 */
#define ACK_INTERVAL 10 /* ms */
-#define SYN_TIMEOUT_INIT 1 /* s */
-#define ACK_TIMEOUT 2
+#define ACK_TIMEOUT_INIT 1 /* s, RFC 6298 */
#define FIN_TIMEOUT 60
#define ACT_TIMEOUT 7200
@@ -352,6 +347,11 @@ enum {
#define ACK_IF_NEEDED 0 /* See tcp_send_flag() */
+/* Number of retries calculated from the exponential backoff formula, limited
+ * by a total timeout of about 60 seconds.
+ */
+#define ACK_RETRIES 5
+
#define CONN_IS_CLOSING(conn) \
(((conn)->events & ESTABLISHED) && \
((conn)->events & (SOCK_FIN_RCVD | TAP_FIN_RCVD)))
@@ -589,13 +589,13 @@ static void tcp_timer_ctl(const struct ctx *c, struct tcp_tap_conn *conn)
} else if (conn->flags & ACK_FROM_TAP_DUE) {
if (!(conn->events & ESTABLISHED)) {
if (conn->retries < c->tcp.syn_linear_timeouts)
- it.it_value.tv_sec = SYN_TIMEOUT_INIT;
+ it.it_value.tv_sec = ACK_TIMEOUT_INIT;
else
- it.it_value.tv_sec = SYN_TIMEOUT_INIT <<
+ it.it_value.tv_sec = ACK_TIMEOUT_INIT <<
(conn->retries - c->tcp.syn_linear_timeouts);
}
else
- it.it_value.tv_sec = ACK_TIMEOUT;
+ it.it_value.tv_sec = ACK_TIMEOUT_INIT << conn->retries;
} else if (CONN_HAS(conn, SOCK_FIN_SENT | TAP_FIN_ACKED)) {
it.it_value.tv_sec = FIN_TIMEOUT;
} else {
@@ -2433,7 +2433,7 @@ void tcp_timer_handler(const struct ctx *c, union epoll_ref ref)
} else if (CONN_HAS(conn, SOCK_FIN_SENT | TAP_FIN_ACKED)) {
flow_dbg(conn, "FIN timeout");
tcp_rst(c, conn);
- } else if (conn->retries == TCP_MAX_RETRIES) {
+ } else if (conn->retries >= ACK_RETRIES) {
flow_dbg(conn, "retransmissions count exceeded");
tcp_rst(c, conn);
} else {
--
2.47.0