[gentoo-server] Relatively recent guide on TCP congestion-avoidance algo's & traffic shaping

[gentoo-server] Relatively recent guide on TCP congestion-avoidance algo's & traffic shaping

[Pandu Poluan]

Can't sleep much last night due to the baby's quirky sleep pattern, so
been spending the night reading about TCP congestion avoidance
algorithms [1] -- and bufferbloat [2].

So, here's a spark of what (I hope) could be a starter for a deep
discussion for us sysadmins/netadmins. (Which is why I decided to post
in the -Server list).

I've been, um, enjoying bandwidth beyond what I should be
experiencing, by extensively tuning the TCP buffers (among others,
increasing its max-size to, like, um, 16MB) and using a non-default
congestion avoidance algo (namely, H-TCP). However, reading the
article from Jim Getty about bufferbloat made me re-think my setup.

Another factor that made me re-think my setup is the 'strange'
characteristics of traffic between my office and our
brand-spankin'-new subsidiary office 14 floors below us: SSH is very
nice, but any big file transfers (sftp, http, ftp, cifs, *anything*
biggish) will run well only for the first 10 seconds or so, before
slowing to a crawl (and even managed to make WinSCP complaining of 'no
response for 15 seconds'). But the ping's have no dropped packets at
all.

Oh, and this slowdownishness also affects some app in the sub office
which connects to the MS SQL Server @ HQ.

I'm in a bit of quandary; my bandwidth may be ill-gotten, but
employees (and the Management) enjoy the current performance. But,
then again, connection between HQ and Sub is flakey.

Reading more on the comments given in [2], I had thought that traffic
shaping -- at least between HQ and Sub -- may be the solution. And I
might alleviate the interconnection pressure somewhat by changing to a
different algo.

Unfortunately, howto's and guides re: traffic shaping and TCP
cong-algo that I can find using GooBing seems... outdated.

So, some questions popped into my head:

1. Is there a quite-recent and near-up-to-date guide to traffic
shaping and/or TCP cong-algo?

1a. Any analisis on the pro's/con's of H-TCP vs CUBIC vs Westwood+ vs
(insert some exotic-but-available cong-algo here)?

2. Am I experiencing and/or causing and/or contributing bufferbloat?

3. What else could explain the peculiar traffic characteristics
between my HQ and my sub-office?

3a. Will egress traffic shaping help?

Any thoughts are welcome. This thread is open for discussion.

And forgive me if I write somewhat incoherently; I'm yet to finish my
first cup of coffee.

[1] http://www.google.com/m?client=ms-opera-mini&channel=new&q=linux+tcp+congestion+avoidance+algorithm&spell=1&ei=wxYNTpjZM6eViAKkpfSCAg&ved=0CAQQvwUoAA

[2] http://gettys.wordpress.com/2010/12/06/whose-house-is-of-glasse-must-not-throw-stones-at-another/

Rgds,


-- 
--
Pandu E Poluan - IT Optimizer
My website: http://pandu.poluan.info/

[gentoo-server] Re: Relatively recent guide on TCP congestion-avoidance algo's & traffic shaping

[Kerin Millar]

On 01/07/2011 01:58, Pandu Poluan wrote:
> Another factor that made me re-think my setup is the 'strange'
> characteristics of traffic between my office and our
> brand-spankin'-new subsidiary office 14 floors below us: SSH is very
> nice, but any big file transfers (sftp, http, ftp, cifs,*anything*
> biggish) will run well only for the first 10 seconds or so, before
> slowing to a crawl (and even managed to make WinSCP complaining of 'no
> response for 15 seconds'). But the ping's have no dropped packets at
> all.

With respect to this particular syndrome, I have found the approach 
described here to be extraordinarily effective:-

http://blog.edseek.com/~jasonb/articles/traffic_shaping/scenarios.html

At the time of writing, the link appears to be down but you should able 
to access it via Google's cache.

Also, check out the tosfix() function in FireHOL, which demonstrates the 
above implementation (and happens to be the best iptables wrapper, 
imho). There's an ebuild in portage but I would advise that you 
supplement it by grabbing the latest instance of the "firehol.sh" script 
from upstream CVS.

Cheers,

--Kerin

Re: [gentoo-server] Re: Relatively recent guide on TCP congestion-avoidance algo's & traffic shaping

[David]

[-- Attachment #1: Type: text/plain, Size: 1675 bytes --]

*> **http://blog.edseek.com/~jasonb/articles/traffic_shaping/scenarios.html

> At the time of writing, the link appears to be down but you should able
to access it via Google's cache.*


The site is also available here...

http://web.archive.org/web/20100727135916/http://blog.edseek.com/~jasonb/articles/traffic_shaping/scenarios.html




On Mon, Jan 16, 2012 at 1:10 PM, Kerin Millar <kerframil@gmail.com> wrote:

> On 01/07/2011 01:58, Pandu Poluan wrote:
>
>> Another factor that made me re-think my setup is the 'strange'
>> characteristics of traffic between my office and our
>> brand-spankin'-new subsidiary office 14 floors below us: SSH is very
>> nice, but any big file transfers (sftp, http, ftp, cifs,*anything*
>> biggish) will run well only for the first 10 seconds or so, before
>> slowing to a crawl (and even managed to make WinSCP complaining of 'no
>> response for 15 seconds'). But the ping's have no dropped packets at
>> all.
>>
>
> With respect to this particular syndrome, I have found the approach
> described here to be extraordinarily effective:-
>
> http://blog.edseek.com/~**jasonb/articles/traffic_**shaping/scenarios.html<http://blog.edseek.com/%7Ejasonb/articles/traffic_shaping/scenarios.html>
>
> At the time of writing, the link appears to be down but you should able to
> access it via Google's cache.
>
> Also, check out the tosfix() function in FireHOL, which demonstrates the
> above implementation (and happens to be the best iptables wrapper, imho).
> There's an ebuild in portage but I would advise that you supplement it by
> grabbing the latest instance of the "firehol.sh" script from upstream CVS.
>
> Cheers,
>
> --Kerin
>
>
>

[-- Attachment #2: Type: text/html, Size: 2475 bytes --]