logo标签列表

Linux上TCP重传的应用控制

linuxtcpnetwork-programming
42

急切者请注意:

如何在Linux中为单个连接更改/proc/sys/net/ipv4/tcp_retries2的值,使用setsockopt()ioctl()或类似方法,或者是否可能?

更长的描述:

我正在开发一个使用长轮询HTTP请求的应用程序。在服务器端,需要知道客户端何时关闭了连接。准确性并不是关键,但肯定不能是15分钟。接近一分钟就可以。

对于那些不熟悉这个概念的人,长轮询HTTP请求的工作方式如下:

  • 客户端发送一个请求
  • 服务器响应HTTP头,但保持响应打开。使用分块传输编码,允许服务器在数据可用时发送数据块。
  • 当所有数据都发送完毕时,服务器发送一个“关闭块”,表示响应已完成。

在我的应用程序中,服务器每隔一段时间(默认为30秒)向客户端发送“心跳”。心跳只是作为响应块发送的换行符。这旨在保持线路繁忙,以便我们通知连接丢失。

当客户端正确关闭时没有问题。但是当它被强制关闭时(例如,客户端机器断电),不会发送TCP复位。在这种情况下,服务器发送一个心跳,客户端不会ACK。此后,服务器会保持重发该数据包约15分钟之久,然后放弃并将失败报告给应用程序层(我们的HTTP服务器)。15分钟对我来说等待时间太长了。

我可以通过写入以下文件来控制重传时间:/proc/sys/net/ipv4/

tcp_retries1 - INTEGER
    This value influences the time, after which TCP decides, that
    something is wrong due to unacknowledged RTO retransmissions,
    and reports this suspicion to the network layer.
    See tcp_retries2 for more details.

    RFC 1122 recommends at least 3 retransmissions, which is the
    default.

tcp_retries2 - INTEGER
    This value influences the timeout of an alive TCP connection,
    when RTO retransmissions remain unacknowledged.
    Given a value of N, a hypothetical TCP connection following
    exponential backoff with an initial RTO of TCP_RTO_MIN would
    retransmit N times before killing the connection at the (N+1)th RTO.

    The default value of 15 yields a hypothetical timeout of 924.6
    seconds and is a lower bound for the effective timeout.
    TCP will effectively time out at the first RTO which exceeds the
    hypothetical timeout.

    RFC 1122 recommends at least 100 seconds for the timeout,
    which corresponds to a value of at least 8.
tcp_retries2的默认值确实是8,我的经验是在15分钟(900秒)的重传时间内,与上面引用的内核文档相一致。 如果我将tcp_retries2的值更改为5,那么连接会更快地断开。但是这样设置会影响系统中的所有连接,我真的想仅为此一个长轮询连接设置它。 RFC 1122的一句引用:
4.2.3.5  TCP Connection Failures

   Excessive retransmission of the same segment by TCP
   indicates some failure of the remote host or the Internet
   path.  This failure may be of short or long duration.  The
   following procedure MUST be used to handle excessive
   retransmissions of data segments [IP:11]:

   (a)  There are two thresholds R1 and R2 measuring the amount
        of retransmission that has occurred for the same
        segment.  R1 and R2 might be measured in time units or
        as a count of retransmissions.

   (b)  When the number of transmissions of the same segment
        reaches or exceeds threshold R1, pass negative advice
        (see Section 3.3.1.4) to the IP layer, to trigger
        dead-gateway diagnosis.

   (c)  When the number of transmissions of the same segment
        reaches a threshold R2 greater than R1, close the
        connection.

   (d)  An application MUST be able to set the value for R2 for
        a particular connection.  For example, an interactive
        application might set R2 to "infinity," giving the user
        control over when to disconnect.

   (e)  TCP SHOULD inform the application of the delivery
        problem (unless such information has been disabled by
        the application; see Section 4.2.4.1), when R1 is
        reached and before R2.  This will allow a remote login
        (User Telnet) application program to inform the user,
        for example.

在Linux中,tcp_retries1tcp_retries2似乎对应于RFC中的R1R2。 RFC明确规定(项目d)符合规范的实现必须允许设置R2的值,但我发现没有使用setsockopt()ioctl()或类似方法的设置方式。

另一种选择是在超过R1时获得通知(项目e)。虽然这不如设置R2好,因为我认为R1很快就会被触发(几秒钟),而且不能针对每个连接设置R1的值,至少RFC没有要求这样做。

1
Linux 4.9中的tcp_retries2 = 15。默认值(根据文档),未在/etc/sysctl.conf中设置。 - Massimo
5个回答
33

看起来这是在2.6.37内核中添加的。 内核Git提交差异和摘自变更日志如下:

commit dca43c75e7e545694a9dd6288553f55c53e2a3a3 Author: Jerry Chu Date: Fri Aug 27 19:13:28 2010 +0000

tcp: Add TCP_USER_TIMEOUT socket option.

This patch provides a "user timeout" support as described in RFC793. The
socket option is also needed for the the local half of RFC5482 "TCP User
Timeout Option".

TCP_USER_TIMEOUT is a TCP level socket option that takes an unsigned int,
when > 0, to specify the maximum amount of time in ms that transmitted
data may remain unacknowledged before TCP will forcefully close the
corresponding connection and return ETIMEDOUT to the application. If 
0 is given, TCP will continue to use the system default.

Increasing the user timeouts allows a TCP connection to survive extended
periods without end-to-end connectivity. Decreasing the user timeouts
allows applications to "fail fast" if so desired. Otherwise it may take
upto 20 minutes with the current system defaults in a normal WAN
environment.

The socket option can be made during any state of a TCP connection, but
is only effective during the synchronized states of a connection
(ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, or LAST-ACK).
Moreover, when used with the TCP keepalive (SO_KEEPALIVE) option,
TCP_USER_TIMEOUT will overtake keepalive to determine when to close a
connection due to keepalive failure.

The option does not change in anyway when TCP retransmits a packet, nor
when a keepalive probe will be sent.

This option, like many others, will be inherited by an acceptor from its
listener.

Signed-off-by: H.K. Jerry Chu <hkchu@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
很好,有什么方法可以在Windows上轻松实现吗? - Jay
按套接字计算 - Jay
@Jay 根据这篇文章,这些设置只能在Windows全局范围内完成。 - fredk
16

我建议如果可以使用由Kimvais描述的 TCP_USER_TIMEOUT 套接字选项,您应该使用它。在旧版本的内核中,可能没有该套接字选项 , 您可以重复调用 SIOCOUTQ ioctl() 来确定套接字发送队列的大小 - 如果发送队列在您的超时期间不减少,则表示未收到任何 ACK,您就可以关闭套接字。

2

经过一番思考(和谷歌搜索),我得出结论,除非您对内核应用某种补丁,否则无法为单个套接字更改 tcp_retries1tcp_retries2 值。这对您可行吗?

另外,您可以使用 TCP_KEEPALIVE 套接字选项,其目的是检查连接是否仍处于活动状态(在我的看来,这正是您试图实现的,所以它有意义)。请注意,您需要略微调整其默认参数,因为默认设置是在约两个小时后断开连接!!!

5
这是一个非常古老的帖子,但对于那些仍在阅读的人,我想提醒一下,TCP_KEEPALIVE仅适用于空闲连接。这意味着如果你的套接字中有输出数据,保持活动状态就不会发挥作用,除非你通过tcp_retriesN或TCP_USER_TIMEOUT减少超时时间,否则你仍将面临长时间超时。 - Alex Che
0

这是为了我的理解。 tcp_retries2是系统允许在断开连接之前重新传输的次数。因此,如果我们想使用TCP_USER_TIMEOUT更改tcp_retries2的默认值,TCP_USER_TIMEOUT指定传输数据可能保持未确认的最长时间,我们必须增加TCP_USER_TIMEOUT的值,对吗?

在这种情况下,连接将等待更长的时间,并且不会重新传输数据包。 如果有什么不对的地方,请纠正我。

0
int name[] = {CTL_NET, NET_IPV4, NET_IPV4_TCP_RETRIES2};
long value = 0;
size_t size = sizeof(value);
if(!sysctl(name, sizeof(name)/sizeof(name[0]), &value, &size, NULL, 0) {
  value // It contains current value from /proc/sys/net/ipv4/tcp_retries2
}
value = ... // Change value if it needed
if(!sysctl(name, sizeof(name)/sizeof(name[0]), NULL, NULL, &value, size) {
  // Value in /proc/sys/net/ipv4/tcp_retries2 changed successfully
}

使用C的编程方式。它至少在Ubuntu上运行。但是(根据代码和系统变量),看起来它影响系统中所有TCP连接,而不仅仅是单个连接。

1
OP特别要求更改tcp_retries2的值仅适用于单个连接,而不是操作系统中的所有TCP连接。 - Fernando Silveira
此外,sysctl已被弃用。 - undefined
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接