On Fri, Aug 17, 2018 at 1:31 PM, Joe Touch <[email protected]> wrote: > > > > > On 2018-08-17 11:43, Tom Herbert wrote:The purpose of an application keep > alive is not to do favors for TCP, > > it's to verify the end to end liveness between application end points. > This is at a much higher layer, verifying liveness of the TCP > connection is a side effect. > > > Sure - that's fine and not what I'm concerned about. > > I don't want the text to say that higher level protocols or apps should try > to do favors to keepalive lower level protocols - because it doesn't > necessarily work. > > > > > However, if that 1GB goes out in 10 seconds, then TCP would have sent its > own keepalives just fine. It didn't need the app's help. > > So the app didn't help at all; at best, it does nothing and at worst it > hurts. > > > Consider that someone sets an application keepalive to 35 second > interval and the TCP keepalive timer is 30 seconds. When the > connection goes idle TCP keepalive will fire at thirty seconds, and > five seconds later the application keepalive fires. So every > thirty-five seconds two keepalives are done at two layers. This is not > good as it wastes network resources and power. > > > Agreed. > > > In this case, the > application keepalive is sufficient > > > In this *implementation* it *might* be sufficient, in others, it might not. > There's simply no way for the layers to know. > > > and the TCP keepalive shouldn't be > used. > > > If you KNOW that the app keepalive will cause the TCP transmission, sure - > but how do you KNOW that? You don't and can't. Even if you write to the TCP > socket, all you know when the socket returns is that the data was copied to > the kernel. You don't know for sure that you've triggered a TCP packet. > Actually, you do know that information. Application keepalives are request/response messages sent in TCP data. When a response is received to keepalive request over the TCP connection that is proof that the keepalive was sent. If the application keepalive was sent on the socket, and no response is received before the application timer expires, then the application declares the the connection dead and most likely will just close the socket and try to reconnect. The fact that an application keepalive request, or its response, might be stuck in a TCP send buffer (e.g. peer rcv window is zero) versus the peer host completely disappeared is irrelevant. To the application it's all the same, a connection to a peer application has failed and action needs to be taken.
Tom > Besides, your "keepalives" might end up causing TCP to send packets it never > needed to send in the first place - even IF you think you're doing it a > favor. > > > > This is an example of the problems in running two control loops > at different layers with overlapping functionality, > > > > The problem is trying to infer overlap in functionality. If you realize that > these are independent control loops *and leave them alone* you're fine. > Independence of control loops does not mean they can't conflict. Mulitple layers performing keepalives is just one example, and probably one with lesser insidious behavoir. Look at http://qurinet.ucdavis.edu/pubs/conf/wicon2008.pdf for good example how link layer retransmissions can conflict with TCP algorithms to produce really bad results. Tom > It's only in trying to optimize them as overlapping that a problem is > created. > > > > > if the > ramifications of doing aren't understood it can lead to undesirable > interactions and behavior. > > > Agreed - so don't. Admit that there are inefficiencies *regardless of how > hard you try to do otherwise* and leave them alone, IMO. > > > If the app needs an app-level keepalive, do it. > > If the app wants TCP to be kept alive, let IT do it and leave it alone. > > Don't try to couple the two because you can't, and whatever you think you > might gain you could easily lose. Leaving the two alone and separate is > sufficient and robust. > > Joe
