Re: statement regarding keepalives

[Tom Herbert <tom@herbertland.com>]

On Fri, Aug 17, 2018 at 1:31 PM, Joe Touch <touch@strayalpha.com> wrote:
>
>
>
>
> On 2018-08-17 11:43, Tom Herbert wrote:The purpose of an application keep
> alive is not to do favors for TCP,
>
> it's to verify the end to end liveness between application end points.
> This is at a much higher layer, verifying liveness of the TCP
> connection is a side effect.
>
>
> Sure - that's fine and not what I'm concerned about.
>
> I don't want the text to say that higher level protocols or apps should try
> to do favors to keepalive lower level protocols - because it doesn't
> necessarily work.
>
>
>
>
> However, if that 1GB goes out in 10 seconds, then TCP would have sent its
> own keepalives just fine. It didn't need the app's help.
>
> So the app didn't help at all; at best, it does nothing and at worst it
> hurts.
>
>
> Consider that someone sets an application keepalive to 35 second
> interval and the TCP keepalive timer is 30 seconds. When the
> connection goes idle TCP keepalive will fire at thirty seconds, and
> five seconds later the application keepalive fires. So every
> thirty-five seconds two keepalives are done at two layers. This is not
> good as it wastes network resources and power.
>
>
> Agreed.
>
>
> In this case, the
> application keepalive is sufficient
>
>
> In this *implementation* it *might* be sufficient, in others, it might not.
> There's simply no way for the layers to know.
>
>
> and the TCP keepalive shouldn't be
> used.
>
>
> If you KNOW that the app keepalive will cause the TCP transmission, sure -
> but how do you KNOW that? You don't and can't. Even if you write to the TCP
> socket, all you know when the socket returns is that the data was copied to
> the kernel. You don't know for sure that you've triggered a TCP packet.
>
Actually, you do know that information. Application keepalives are
request/response messages sent in TCP data. When a response is
received to keepalive request over the TCP connection that is proof
that the keepalive was sent. If the application keepalive was sent on
the socket, and no response is received before the application timer
expires, then the application declares the the connection dead and
most likely will just close the socket and try to reconnect. The fact
that an application keepalive request, or its response, might be stuck
in a TCP send buffer (e.g. peer rcv window is zero) versus the peer
host completely disappeared is irrelevant. To the application it's all
the same, a connection to a peer application has failed and action
needs to be taken.

Tom

> Besides, your "keepalives" might end up causing TCP to send packets it never
> needed to send in the first place - even IF you think you're doing it a
> favor.
>
>
>
> This is an example of the problems in running two control loops
> at different layers with overlapping functionality,
>
>
>
> The problem is trying to infer overlap in functionality. If you realize that
> these are independent control loops *and leave them alone* you're fine.
>
Independence of control loops does not mean they can't conflict.
Mulitple layers performing keepalives is just one example, and
probably one with lesser insidious behavoir. Look at
http://qurinet.ucdavis.edu/pubs/conf/wicon2008.pdf for good example
how link layer retransmissions can conflict with TCP algorithms to
produce really bad results.

Tom

> It's only in trying to optimize them as overlapping that a problem is
> created.
>
>
>
>
> if the
> ramifications of doing aren't understood it can lead to undesirable
> interactions and behavior.
>
>
> Agreed - so don't. Admit that there are inefficiencies *regardless of how
> hard you try to do otherwise* and leave them alone, IMO.
>
>
> If the app needs an app-level keepalive, do it.
>
> If the app wants TCP to be kept alive, let IT do it and leave it alone.
>
> Don't try to couple the two because you can't, and whatever you think you
> might gain you could easily lose. Leaving the two alone and separate is
> sufficient and robust.
>
> Joe