lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANn89iL=MTgYygnFaCeaMpSzjooDgnzwUd_ueSnJFxasXwyMwg@mail.gmail.com>
Date: Thu, 18 Dec 2025 11:10:24 +0100
From: Eric Dumazet <edumazet@...gle.com>
To: Christian Ebner <c.ebner@...xmox.com>
Cc: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, 
	Paolo Abeni <pabeni@...hat.com>, Neal Cardwell <ncardwell@...gle.com>, 
	Simon Horman <horms@...nel.org>, Kuniyuki Iwashima <kuniyu@...gle.com>, 
	Willem de Bruijn <willemb@...gle.com>, netdev@...r.kernel.org, eric.dumazet@...il.com, 
	lkolbe@...iuswillert.com
Subject: Re: [PATCH net-next 7/8] tcp: stronger sk_rcvbuf checks

On Thu, Dec 18, 2025 at 10:31 AM Christian Ebner <c.ebner@...xmox.com> wrote:
>
> Hi,
> to add some more information gained.
>
> pcaps obtained via tcpdump of the traffic while in a stale state show
> the following recurring pattern:
>
> 41      0.705618        10.xx.xx.aa     10.xx.xx.bb     TCP     66      [TCP ZeroWindow] 8007 → 55554
> [ACK] Seq=1 Ack=28673 Win=0 Len=0 TSval=2656874280 TSecr=1348075902
> 42      0.705662        10.xx.xx.aa     10.xx.xx.bb     TCP     66      [TCP Window Update] 8007 →
> 55554 [ACK] Seq=1 Ack=28673 Win=7 Len=0 TSval=2656874280 TSecr=1348075902
> 90      0.914606        10.xx.xx.bb     10.xx.xx.aa     TCP     7234    55554 → 8007 [PSH, ACK]
> Seq=28673 Ack=1 Win=139 Len=7168 TSval=1348076111 TSecr=2656874280
>
> Output of `ss -tim` show the sockets being severely limited in buffer size:
>
> ESTAB                          0                               0
>
> [::ffff:10.xx.xx.aa]:8007
>        [::ffff:10.xx.xx.bb]:55554
>           skmem:(r0,rb7488,t0,tb332800,f0,w0,o0,bl0,d20) cubic
> wscale:10,10 rto:201 rtt:0.085/0.015 ato:40 mss:8948 pmtu:9000
> rcvmss:7168 advmss:8948 cwnd:10 bytes_sent:937478 bytes_acked:937478
> bytes_received:1295747055 segs_out:301010 segs_in:162410
> data_segs_out:1035 data_segs_in:161588 send 8.42Gbps lastsnd:3308
> lastrcv:191 lastack:191 pacing_rate 16.7Gbps delivery_rate 2.74Gbps
> delivered:1036 app_limited busy:437ms rcv_rtt:207.551 rcv_space:96242
> rcv_ssthresh:903417 minrtt:0.049 rcv_ooopack:23 snd_wnd:142336 rcv_wnd:7168
>
> This would indicate that the buffer size not growing while in this
> state, therefore limiting the rcv_wnd?

Can you give us (on receive side) : cat /proc/sys/net/ipv4/tcp_rmem

It seems your application is enforcing a small SO_RCVBUF ?


I would take a look at

ecfea98b7d0d tcp: add net.ipv4.tcp_rcvbuf_low_rtt
416dd649f3aa tcp: add net.ipv4.tcp_comp_sack_rtt_percent
aa251c84636c tcp: fix too slow tcp_rcvbuf_grow() action

After applying these patches, you can on the receiver :

perf record -a -e tcp:tcp_rcvbuf_grow sleep 30 ; perf script

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ