QuickStart (spartiate) Guide ------------------------------ 0. Pre-Install ------------ * Kernel code only work on vanilla linux kernel 2.6.19 and later * Current kernel TCP Splicing implementation doesn t support Selective Ack nor Window scaling, please set the following values on the system running kernel tcp splicing module : . sysctl -w net.ipv4.tcp_sack=0 . sysctl -w net.ipv4.tcp_dsack=0 . sysctl -w net.ipv4.tcp_window_scaling=0 I. Installation ------------- Software is split in a userspace daemon called switchd and a kernelspace module called tcp_splice. Kernel module instructions: root@devel:~/layer7switch-0.1.2# cd kernel root@devel:~/layer7switch-0.1.2# make root@devel:~/layer7switch-0.1.2# make install Userspace daemon instructions: root@devel:~/layer7switch-0.1.2# cd userland/switchd root@devel:~/layer7switch-0.1.2# make root@devel:~/layer7switch-0.1.2# make install II. Kernel module tweaking ----------------------- Kernel module export CTL vars and a procfs for connections entries. CTL vars will give you the opportunity to modify default TCP FSM timer for state transition: root@devel:~/layer7switch-0.1.2# ls /proc/sys/net/tcp_splice -rw-r--r-- 1 root root 0 2006-12-11 00:15 debug_level -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_close -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_closewait -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_established -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_finwait -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_lastack -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_listen -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_synack -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_synrecv -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_synsent -rw-r--r-- 1 root root 0 2006-12-11 00:15 timeout_timewait Connection table is accessible through procfs: root@devel:~/layer7switch-0.1.2# cat /proc/net/tcp_splice_conn FromIP FPrt ToIP TPrt LocalIP LPrt DestIP DPrt State Expires C0A8C801 A802 C0A8C864 0680 C0A8C864 A85F D41C3001 0050 TIME_WAIT 119 C0A8C801 A801 C0A8C864 0680 C0A8C864 A85E D41C3001 0050 TIME_WAIT 119 C0A8C801 A800 C0A8C864 0680 C0A8C864 A85D D41C3001 0050 TIME_WAIT 118 III. Userspace daemon tweaking -------------------------- Current switchd daemon is just a proof of concept. It will just relay data stream between client and server by processing client HTTP request in userspace. The daemon currently only support HTTP. configuration file looks like: root@devel:~/layer7switch-0.1.2# cat /etc/switchd/switchd.conf ! Configuration file for switchd ! ! Currently we just dont support SACK and WSCALE =8-D ! Before using switchd you MUST set : ! sysctl -w net.ipv4.tcp_window_scaling=0 ! sysctl -w net.ipv4.tcp_sack=0 ! sysctl -w net.ipv4.tcp_dsack=0 ! ! valuable stuff can be : ! sysctl -w net.ipv4.tcp_tw_recycle=1 ! sysctl -w net.ipv4.tcp_ecn=0 ! sysctl -w net.ipv4.tcp_max_syn_backlog=4096 virtual_server 192.168.200.100 8080 { ! schedule_rr ! Default scheduler is rr ! schedule_lc ! listen_backlog 1024 ! Default backlog is 1024 real_server X.Y.Z.1 80 real_server X.Y.Z.2 80 real_server X.Y.Z.3 80 real_server X.Y.Z.4 80 real_server X.Y.Z.5 80 } virtual_server 192.168.200.100 8081 { real_server X.Y.Z.10 80 } Well that's all for the moment :), all feedback and contributions are welcome ;) Have fun, Alexandre