- From: Willy Tarreau <w@1wt.eu>
- Date: Sat, 10 Aug 2013 07:12:40 +0200
- To: Yuchung Cheng <ycheng@google.com>
- Cc: Amos Jeffries <squid3@treenet.co.nz>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Hi Yuchung, On Fri, Aug 09, 2013 at 04:36:34PM -0700, Yuchung Cheng wrote: > > I also remember when experimenting with TFO on Linux that sometimes it stopped > > accepting it when I was flooding it, I suspect that if the failure rate is too > > high, it might decide to disable it, but I'm not sure about this since it was > > a very early implementation (so it might as well have been a bug). > Yes it's an intentional feature :) we design & impl. TFO with caution > about the middleboxes from day one. > > If the SYN-data never gets acked, TFO socket retries with a pure, > normal SYN (w/o data or any option), and the connection falls back to > regular TCP. > > (Linux-specific) If the handshake completes with that, we know this > path is not quite TFO friendly so the client remembers that. If this > recurs another time we disable TFO for a while and all connections to > that server use regular TCP. This is normal, what I'm describing is different, the server stopped accepting TFO, which means that anybody on the net could disable its support. But that was probably a bug from the very early implementation that I tested since I did not observe that recently. Regards, Willy
Received on Saturday, 10 August 2013 05:14:33 UTC