Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp2041668pxb;
        Sat, 2 Apr 2022 12:58:35 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzuU5XTyiO8i6XZbvH13Me4GtW9E7KiIO3R6TanyGlg19w06tvHF+Yx5E529+FwWz5MxByh
X-Received: by 2002:a17:907:3e22:b0:6e7:d37:204e with SMTP id hp34-20020a1709073e2200b006e70d37204emr1961719ejc.375.1648929515630;
        Sat, 02 Apr 2022 12:58:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1648929515; cv=none;
        d=google.com; s=arc-20160816;
        b=ydDRUNYt/85LZPeVf/7QlBjF0FvBWoymY/Yho9ZmqEX/GMplNpGEn85FyPDnSaIjRG
         XHrMP48ixLIrHqPG3ANachcyxK21qw/Nghn1S3/S9i4fSeSDvqFj+l/p9/zLU85qXxJe
         oYUIdB7LyVHBiKMJirUisdHRiCwaWzvtdhEXH1HYQ2c1D49kKY2i8FA9Bl3+PdcIr8Mw
         SE1FNGB96fLEH8YZKd1/CAULogTkZsSSMXcGU8wS4BfhBV27jWq4aAq53HsJTz1Wlorv
         wt6PwSAOheBcOY0YmBp+c2tWpaeG8CrelAhV6hCDOMu7OFITXWuQLSXvvro8twWYYOuJ
         4YPg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=OdazKsT4zwALASF1clrx3fpK2qYOv74SM0Ti28iF3/A=;
        b=opKjATsVcD5tcxwbCLhTWcFU3HFm9MiOJA+UhvCQyV4tEWa0x1GaA2iauGUuYDlIY3
         k/JwQqbGbGBOqExtaezjzoW9PmLk+gxg/84Ts8GGGQErlOnFVW3Rlg5hxxmjG3XFXywk
         FMi7pYb4VStzdUKLpvyjb3vNVDw/NPI9D9TmkgDpy4B877zekL03X6WmIyuKdU8fReST
         jH+BF6Q6lB0//tAC7C00lmP5lohSLih8EdzmAsvfkr/n1y9qzdt4oUUSDZAh739B/+ll
         8WwSYTebMdX4zDYoHhFYOQuPvX2Z6I2gsSGacsgPREVY6+nwLd1tSRA86FwiT+VaTMfm
         to3Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=RMzlQlbM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id t1-20020a1709063e4100b006e093439ce5si3484418eji.644.2022.04.02.12.57.58;
        Sat, 02 Apr 2022 12:58:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=RMzlQlbM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1344839AbiDAQY0 (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Fri, 1 Apr 2022 12:24:26 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46824 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1354770AbiDAQUp (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 1 Apr 2022 12:20:45 -0400
Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D1621CABF8
        for <linux-kernel@vger.kernel.org>; Fri,  1 Apr 2022 08:48:46 -0700 (PDT)
Received: by mail-qt1-x830.google.com with SMTP id t7so2475382qta.10
        for <linux-kernel@vger.kernel.org>; Fri, 01 Apr 2022 08:48:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=OdazKsT4zwALASF1clrx3fpK2qYOv74SM0Ti28iF3/A=;
        b=RMzlQlbMGDSKtWYL3rHde+nqXaHK1ey+Mvm2SYxpGZ9ak2AD6PN82NKcOEh51CDdts
         0+6ZXS1jX8CJMD+8neSCEXmnak9kCA2CMsTSvyNfDOgp13heLHaIyZA6Qh00/RuI7MnF
         DO6l+hjYRHAG0fn2FwraH/02MgIKlz6Sn27X8ZeJsfOBEBJyIV7m11JOwSlthTLnzUAT
         DaXcGdgrmeY87AxmnjLS4wLky2QDc2k2CNRz6b6lSPAYZu317yvNKWxUX1c6Z0e8jRkt
         MJeZddoxU3CsRfUinkSqp08J68R4fHWtA75JSWfPQDDf32CUAzNuGEZHdsozh/SRr/x6
         R/jw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=OdazKsT4zwALASF1clrx3fpK2qYOv74SM0Ti28iF3/A=;
        b=R2IZNgcJabRL+ACNzn74+Obus49VbEpIQXSKvzOTUPF5eg3TBkf6DX1vNu+H5mlFT3
         sSic1CgwJvqTfQ9kjq5fJ+h3kUROgfTZHVtXGDoQCLMGMGWGx0SjsNZ5BsZgRHe8p5KM
         oE0bt0kYVDw9EGaOMLmUSOMwODV5ETiK01/9ayov+FiTZInG6uoZ/rDiVJE+CsBUYEZW
         LE9bYpabemstCM8JKbpxSIkDwoK0aQ0fEZj5UBjS0YibzKarWPdQzrxoxnXUDq59l7xO
         ee13QkuJ44NvjiBpOhmg3BUSgu2VXrmkdedKvVEAJxR1IE8It2xOlV8lX9YW5vnIKQwA
         bCAw==
X-Gm-Message-State: AOAM531KP3WjVzhxZ71JSivSNTd6GEa0DkVksDMn0gOs7XdEUHrEZpRS
        PK//t0pQ2E8l1CxL15wPGG6iVt7ulo4pYf6LNbTcPw==
X-Received: by 2002:a05:622a:507:b0:2e2:3401:49e3 with SMTP id
 l7-20020a05622a050700b002e2340149e3mr8920548qtx.560.1648828125277; Fri, 01
 Apr 2022 08:48:45 -0700 (PDT)
MIME-Version: 1.0
References: <E1nZMdl-0006nG-0J@plastiekpoot> <CADVnQyn=A9EuTwxe-Bd9qgD24PLQ02YQy0_b7YWZj4_rqhWRVA@mail.gmail.com>
 <eaf54cab-f852-1499-95e2-958af8be7085@uls.co.za> <CANn89iKHbmVYoBdo2pCQWTzB4eFBjqAMdFbqL5EKSFqgg3uAJQ@mail.gmail.com>
 <10c1e561-8f01-784f-c4f4-a7c551de0644@uls.co.za> <CADVnQynf8f7SUtZ8iQi-fACYLpAyLqDKQVYKN-mkEgVtFUTVXQ@mail.gmail.com>
 <e0bc0c7f-5e47-ddb7-8e24-ad5fb750e876@uls.co.za> <CANn89i+Dqtrm-7oW+D6EY+nVPhRH07GXzDXt93WgzxZ1y9_tJA@mail.gmail.com>
 <CADVnQyn=VfcqGgWXO_9h6QTkMn5ZxPbNRTnMFAxwQzKpMRvH3A@mail.gmail.com>
 <5f1bbeb2-efe4-0b10-bc76-37eff30ea905@uls.co.za> <CADVnQymPoyY+AX_P7k+NcRWabJZrb7UCJdDZ=FOkvWguiTPVyQ@mail.gmail.com>
 <CADVnQy=GX0J_QbMJXogGzPwD=f0diKDDxLiHV0gzrb4bo=4FjA@mail.gmail.com>
In-Reply-To: <CADVnQy=GX0J_QbMJXogGzPwD=f0diKDDxLiHV0gzrb4bo=4FjA@mail.gmail.com>
From:   Neal Cardwell <ncardwell@google.com>
Date:   Fri, 1 Apr 2022 11:48:29 -0400
Message-ID: <CADVnQy=pOfT+OmXdibc6y6uWMk2i_5ZBC1_1JZyt=vOjWhyQAw@mail.gmail.com>
Subject: Re: linux 5.17.1 disregarding ACK values resulting in stalled TCP connections
To:     Jaco Kroon <jaco@uls.co.za>
Cc:     Eric Dumazet <edumazet@google.com>,
        LKML <linux-kernel@vger.kernel.org>,
        Netdev <netdev@vger.kernel.org>,
        Yuchung Cheng <ycheng@google.com>, Wei Wang <weiwan@google.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL
        autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Apr 1, 2022 at 11:39 AM Neal Cardwell <ncardwell@google.com> wrote:
...
> Jaco, to provide some evidence for this hypothesis, can you please
> re-enable fastopen but also enable the TFO blackhole detection that
> was disabled in v5.14 (213ad73d0607), with something like:
>
>   sysctl -w net.ipv4.tcp_fastopen=1
>   sysctl -w tcp_fastopen_blackhole_timeout=3600

I would also suggest using Florian's suggestion to log invalid
packets, so perhaps we can get a clue as to why netfilter thinks these
packets are invalid:

    sysctl net.netfilter.nf_conntrack_log_invalid=6

> And then after a few hours, check to see if this blackholing behavior
> has been detected:
>   nstat -az | grep -i blackhole
> And see if TFO FastOpenActive attempts have been cut to a super-low rate:
>   nstat -az | grep -i fastopenactive

Then I would correspondingly echo Florian's suggestion to check
dmesg/syslog/nflog to learn more about the drops.

neal