man: add workaround for the port-fowarding performance issue w/ kernel 4.20

The kernel 4.20 bumped up the default value of `/proc/sys/net/ipv4/tcp_rmem` from 87380 to 131072.
This is known to slow down slirp4netns port forwarding: rootless-containers#128

As a workaround, it is recommended to modify `/proc/sys/net/ipv4/tcp_rmem` inside the namespace manually.
(No real root privilege is needed)

Update rootless-containers#128

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>

Author: AkihiroSuda

benchmarks/benchmark-iperf3-reverse.sh

@@ -9,6 +9,7 @@ unshare -r -n sleep infinity &
 child=$!
 
 wait_for_network_namespace $child
+fixup_kernel420_net_ipv4_tcp_rmem $child
 
 mtu=${MTU:=1500}
 tmpdir=$(mktemp -d /tmp/slirp4netns-bench.XXXXXXXXXX)

benchmarks/benchmark-iperf3.sh

@@ -10,6 +10,7 @@ unshare -r -n sleep infinity &
 child=$!
 
 wait_for_network_namespace $child
+fixup_kernel420_net_ipv4_tcp_rmem $child
 
 mtu=${MTU:=1500}
 slirp4netns -c --mtu $mtu $child tun11 &

slirp4netns.1.md

@@ -206,6 +206,16 @@ Additionally, a **--userns-path=PATH** argument can be included to override any
 ```console
 $ slirp4netns --netns-type=path --userns-path=/path/to/userns /path/to/netns tap0
 ```
+# BUGS
+
+The kernel 4.20 bumped up the default value of **/proc/sys/net/ipv4/tcp_rmem** from 87380 to 131072.
+This is known to slow down slirp4netns port forwarding: **https://github.com/rootless-containers/slirp4netns/issues/128**.
+
+As a workaround, you can revert the value of **/proc/sys/net/ipv4/tcp_rmem** inside the namespace manually. (No real root privilege is needed)
+
+```console
+unshared$ c=$(cat /proc/sys/net/ipv4/tcp_rmem); echo $c | sed -e s/131072/87380/g > /proc/sys/net/ipv4/tcp_rmem
+```
 
 # SEE ALSO
 

tests/common.sh

@@ -69,3 +69,12 @@ function expose_tcp() {
     echo -n $json | ncat -U $apisock
     echo -n "{\"execute\": \"list_hostfwd\"}" | ncat -U $apisock
 }
+
+function fixup_kernel420_net_ipv4_tcp_rmem() {
+    # kernel 4.20 bumped up the default value of /proc/sys/net/ipv4/tcp_rmem from 87380 to 131072.
+    # This is known to slow down slirp4netns port forwarding.
+    # See https://github.com/rootless-containers/slirp4netns/issues/128
+    # See https://github.com/torvalds/linux/commit/a337531b942bd8a03e7052444d7e36972aac2d92
+    child=$1
+    nsenter --preserve-credentials -U -n --target=$child sh -c 'c=$(cat /proc/sys/net/ipv4/tcp_rmem); echo $c | sed -e s/131072/87380/g > /proc/sys/net/ipv4/tcp_rmem'
+}