TCP Fast Open Support #185
Comments
|
Seconding this request. |
|
Using TFO in varnish and would be great if it would also be possible in Hitch. +1 for TFO in hitch |
|
TFO makes even more sense in Hitch than in Varnish, due to the extra round trips with TLS. +1. |
|
+11 :) to add fastopen to hitch. That would be one more reason to use hitch instead of Nginx for TLS termination. |
|
PR is done. @HLeithner , @ahmed-sigmalux , @didebuli , @lkarsten , @dvershinin : I would appreciate if someone could test it before I merge it. |
|
I'm sry I don't use hitch anymore 😥 |
|
@dmatetelki I didn't finish, but here is how far I got when I worked on this in December: https://gist.github.com/lkarsten/0ca6d4bc4a6f01465da68b18b64503f1 |
|
Good Job Denes ! thank you !!! Test results: curl --tcp-fastopen https:// -IXGET TFO works well with hitch and on this simulated 200ms latency link my result with TFO is about 1 RTT faster (~640ms) than without TFO (~840ms).. |
|
Reopening, apparently it doesn't play well on FreeBSD. |
What are the options? I am missing it in the doc: https://fossies.org/linux/hitch/hitch.conf.5 says "tcp−fastopen = on", but this does not work (Hitch is not starting with this option). Thanks! |
Mentions required config changes to actually enable TFO on supported systems
|
@unitb-ore when you compiled it, watch out for kernel support detection by the configure script. It should be:
If not, then I guess the kernel is not recent enough. Required is 3.13 and newer. |
|
I saw the line "checking whether TCP_FASTOPEN works... yes", but Hitch did not start. After removing the option it started again. It seems, that the OS has to support this feature. We just switched our Dockerfile from Ubuntu 18 (where apt-get provides Hitch 1.4, not 1.5) to Alpine 3.11: `FROM alpine:3.11 ARG HITCH_VERSION=1.5.2 RUN apk --update add bash build-base libev libev-dev automake openssl openssl-dev autoconf curl byacc flex RUN cd /tmp && curl -L https://hitch-tls.org/source/hitch-${HITCH_VERSION}.tar.gz | tar xz RUN adduser -h /var/lib/hitch -s /sbin/nologin -u 1000 -D hitch COPY conf/ /etc/hitch/ CMD /usr/local/sbin/hitch --pidfile=/run/hitch.pid --user hitch --group hitch --config=/etc/hitch/hitch.conf EXPOSE 443` |
Naturally. At compile time it checks whether the current kernel supports the feature. When you use something in Docker, AFAIK, you will be using the kernel of the "host machine". |
|
Ah, I found the error. This option is incorrect:
Correct is certainly:
Not Hitch starts. :) I copied it from https://fossies.org/linux/hitch/hitch.conf.5, where it has the wrong character (between "tcp" and "fastopen") -- but only, because the option is missing here: https://github.com/varnish/hitch/blob/master/docs/configuration.md ;) Thanks for your support! |
I was definitely confused before reading that part. Is it incorrectly generated by us in the man page or by fossies.org in their HTML conversion? Looking at other man pages I'm tempted to blame them. Thanks for #332! |
|
@dridi yep, fossies.org have faulty HTML conversion, the issue should be raised with them (everyone copy-pasting from that man conversion would have this highly puzzling issue with hyphen-minus). |
hitch-1.5.2 (2019-11-27) ------------------------ * Fix a problem introduced in the previous release that prevented us from running as a non-privileged user (Issue: 322_). .. _322: varnish/hitch#322 hitch-1.5.1 (2019-11-26) ------------------------ * Support for TCP Fast Open. Is is disabled by default (Issue: 185_) * Various code cleanups and minor bug fixes. .. _185: varnish/hitch#185
Mentions required config changes to actually enable TFO on supported systems
It seams that hitch doesn't support TFO.
Varnish supports TFO so it would be good if hitch also support TCP Fast Open.
The text was updated successfully, but these errors were encountered: