Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp7150082ybn; Mon, 30 Sep 2019 09:20:41 -0700 (PDT) X-Google-Smtp-Source: APXvYqyTN2DX/RjYxc1AN+vilC23E35nNbB/3g/tedulqHmkNsYXhAFMq6NJj0ctYII5FlUTzczR X-Received: by 2002:a17:906:27cf:: with SMTP id k15mr20008435ejc.150.1569860441578; Mon, 30 Sep 2019 09:20:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569860441; cv=none; d=google.com; s=arc-20160816; b=ZtcOkSuV5SlZjX8C0mQT46vHFCKm27teYEmVnuo7ZhfVmRJnLzaSaxA40YprB72ZGS RPMVTOwGf87GBIUG7ruSv2bgyHd6A1oivcFGZOq1h2atnMP1e6vZRq8CInpEQeHFAoHm d9wt9kppCHavo/Df/2JA2A/R6OkR800ObVyEvwH8Pm/4oF2qAX3g/8rtDvQRtGlZaG5G nsfXaIchfsX/XOCC+Bd1IHbKxbSzthWkxfjzXv0na0Rm9lCvP9mDIao5hCusEKbtlBjl aca61M/U7wwLMiqQFhdhPwX2aPtcn+kZfrL8jShSs2yE65L0by8+D77aw7KwkNEfS/Ac 6jVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=q+R5tR7mWRVo0BP2+mhGwaM32lwp4mzONzcIif+xRGQ=; b=rsUx2a+tJ27ZRYtDcafQiY2kyIxWUsfdwGsIIlJkfj+uJgKjK7ebxESXlfnCptM7Nh aUyuZ7Sfi9svJ3RYRtiG/m7EbjGYDYqoZMKSLSl3ODfSNXJFgabt8TxxA8g02PYlD00j z7C6Kb1hpjYD68w9YSWanTRgZ1Hlyx8CGKUwqNYQfROMuT0iUf7f7C8ughceKXeO+MAd aiV5GAubaN5PwDQ0D9hvCnNFnw8ZyYs+ow3BMTAUDAmogxEAr2GdserHxi9GwbSc0kOJ cmsVxs/jPvb1D1fK3cKQpbn64fUBC2qq9ovwFGl8qSTZ+elXkqf4+V2BMNL6BPcDSxmI NUoQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f45si7645800edb.166.2019.09.30.09.20.06; Mon, 30 Sep 2019 09:20:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731967AbfI3QT5 (ORCPT + 99 others); Mon, 30 Sep 2019 12:19:57 -0400 Received: from fieldses.org ([173.255.197.46]:38378 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727767AbfI3QT4 (ORCPT ); Mon, 30 Sep 2019 12:19:56 -0400 Received: by fieldses.org (Postfix, from userid 2815) id 8975363E; Mon, 30 Sep 2019 12:19:56 -0400 (EDT) Date: Mon, 30 Sep 2019 12:19:56 -0400 From: Bruce Fields To: Kevin Vasko Cc: Chuck Lever , Trond Myklebust , Linux NFS Mailing List Subject: Re: NFSv4 client locks up on larger writes with Kerberos enabled Message-ID: <20190930161956.GC10012@fieldses.org> References: <20190926195557.GC2849@fieldses.org> <3A4773DD-A4E4-47BD-957A-E24E4604E390@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <3A4773DD-A4E4-47BD-957A-E24E4604E390@gmail.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Mon, Sep 30, 2019 at 09:51:23AM -0500, Kevin Vasko wrote: > What does the GSS window control? I mentioned it in another thread > somewhere but I found out that clients with a slower connection seem > to not exhibit this issue. > > All of these clients are local to the NFS server (in same room, which > is in Korea). I’ve got clients in the USA and they don’t seem to > exhibit this lockup behavior. I haven’t done extensive testing but we > can get 3-4MB/s across the ocean and as of yet I haven’t see a client > from the USA lock up like the ones local. It obviously takes a lot > longer but haven’t seen it lock up on transferring several 5GB+ files. > > Could the GSS window not be overflowing with the slower connection and > we wouldn’t see the issue? Each RPCSEC_GSS request has a sequence number that increases by one for each rpc. Even if the client is careful to send RPCs in order, they're often out of order by the time server threads get around to processing them. To allow for this, the protocol has the server advertise a window size (128 on the linux server), and then accept requests with sequence numbers that fall within that window. So our theory is that something is happening that is causing requests to get reordered to such a degree that the server might see a sequence number more than 128 less than the most recent sequence number it's seen. I'd expect the likelihood of that happening to correlate with the number of rpc's that are in flight at a given time. Could be that the slower network has a higher (bandwidth * delay) product, allowing more rpc's in flight? I don't know. --b. > > -Kevin > > > On Sep 26, 2019, at 2:55 PM, Bruce Fields > > wrote: > > > > On Thu, Sep 26, 2019 at 08:55:17AM -0700, Chuck Lever wrote: > >>>> On Sep 25, 2019, at 1:07 PM, Bruce Fields > >>>> wrote: > >>> In that case--I seem to remember there's a way to configure the > >>> size of the client's slot table, maybe lowering that (decreasing > >>> the number of rpc's allowed to be outstanding at a time) would > >>> work around the problem. > >> > >>> Should the client be doing something different to avoid or recover > >>> from overflows of the gss window? > >> > >> The client attempts to meter the request stream so that it stays > >> within the bounds of the GSS sequence number window. The stream of > >> requests is typically unordered coming out of the transmit queue. > >> > >> There is some new code (since maybe v5.0?) that handles the > >> metering: gss_xmit_need_reencode(). > > > > I guess I was thinking he could write a small number (say 2 digits) > > into /sys/module/sunrpc/parameters/tcp_max_slot_table_entries > > (before mounting, I guess?) and see if the problem's reproducable. > > > > If not, that's a little more evidence that it's the gss sequence > > window. > > > > (And might be an adequate workaround for now.) > > > > --b.