add workaround for the port-fowarding performance issue w/ kernel 4.20

AkihiroSuda · AkihiroSuda · commit f014fd0e9066 · 2019-08-20T18:29:56.000+09:00
The kernel 4.20 bumped up the default value of `/proc/sys/net/ipv4/tcp_rmem` from 87380 to 131072. torvalds/linux@a337531 This is known to slow down slirp4netns port forwarding: rootless-containers#128 As a workaround, it is recommended to modify `/proc/sys/net/ipv4/tcp_rmem` inside the namespace. The file is automatically modified when running with `--configure`. Update rootless-containers#128 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
diff --git a/main.c b/main.c
@@ -19,6 +19,7 @@
 #include <getopt.h>
 #include <stdbool.h>
 #include <regex.h>
+#include <glib.h>
 #include "slirp4netns.h"
 
 #define DEFAULT_MTU (1500)
@@ -120,6 +121,54 @@ static int sendfd(int sock, int fd)
     return rc;
 }
 
+
+/*
+   kernel 4.20 bumped up the default value of /proc/sys/net/ipv4/tcp_rmem from
+   87380 to 131072. This is known to slow down slirp4netns port forwarding. See
+   https://github.com/rootless-containers/slirp4netns/issues/128 See
+   https://github.com/torvalds/linux/commit/a337531b942bd8a03e7052444d7e36972aac2d92
+   */
+static void try_configure_kernel420_net_ipv4_tcp_rmem()
+{
+    gchar *contents = NULL;
+    gsize length = 0;
+    gchar **tokenv = NULL;
+    int nfd = -1;
+    if (!g_file_get_contents("/proc/sys/net/ipv4/tcp_rmem", &contents, &length,
+                             NULL)) {
+        goto ret;
+    }
+    tokenv = g_strsplit_set(contents, " \t\r\n", 4);
+    if (g_strv_length(tokenv) != 4) {
+        goto ret;
+    }
+    /* when running with kernel <  4.20, tokenv is like {"4096",  "87380",
+     * "6291456", ""} (preferred) */
+    /* when running with kernel >= 4.20, tokenv is like {"4096", "131072",
+     * "6291456", ""} (not preferred) */
+    if (g_strcmp0(tokenv[1], "87380") == 0) {
+        /* no need to adjust */
+        goto ret;
+    }
+    /* g_file_set_contents() can't be used as it attempts to create
+     * /proc/sys/net/ipv4/tcp_rmem.RANDOMSTR */
+    nfd = open("/proc/sys/net/ipv4/tcp_rmem", O_WRONLY);
+    if (nfd < 0) {
+        goto ret;
+    }
+    if (dprintf(nfd, "%s\t%s\t%s%s\n", tokenv[0], "87380",
+                g_strcmp0(tokenv[2], "131072") == 0 ? "87380" : tokenv[2],
+                tokenv[3]) > 0) {
+        printf("configure: Adjusted the value of /proc/sys/net/ipv4/tcp_rmem "
+               "inside the namespace (131072 -> 87380)\n");
+    }
+ret:
+    if (nfd >= 0)
+        close(nfd);
+    g_strfreev(tokenv);
+    g_free(contents);
+}
+
 static int configure_network(const char *tapname,
                              struct slirp4netns_config *cfg)
 {
@@ -191,6 +240,8 @@ static int configure_network(const char *tapname,
         perror("set route");
         return -1;
     }
+
+    try_configure_kernel420_net_ipv4_tcp_rmem();
     return 0;
 }
 
diff --git a/slirp4netns.1 b/slirp4netns.1
@@ -45,6 +45,8 @@ IPv6 DNS:          fd00::3
 \fB\-c\fP, \fB\-\-configure\fP
 bring up the TAP interface. IP will be set to 10.0.2.100 (network address + 100) by default. IPv6 will be set to a random address.
 Starting with v0.4.0, the loopback interface (\fBlo\fP) is brought up as well.
+Starting with v0.4.0, \fB/proc/sys/net/ipv4/tcp\_rmem\fP in the namespace is adjusted when running with kernel >= 4.20.
+This adjustment may differ in the future releases. (See BUGS)
 
 .PP
 \fB\-e\fP, \fB\-\-exit\-fd=FD\fP
@@ -328,6 +330,28 @@ $ slirp4netns \-\-netns\-type=path \-\-userns\-path=/path/to/userns /path/to/net
 .RE
 
 
+.SH BUGS
+.PP
+Kernel 4.20 bumped up the default value of \fB/proc/sys/net/ipv4/tcp\_rmem\fP from 87380 to 131072.
+This is known to slow down slirp4netns port forwarding: \fBhttps://github.com/rootless\-containers/slirp4netns/issues/128\fP\&.
+
+.PP
+As a workaround, you can adjust the value of \fB/proc/sys/net/ipv4/tcp\_rmem\fP inside the namespace.
+No real root privilege is needed to modify the file since kernel 4.15.
+
+.PP
+.RS
+
+.nf
+unshared$ c=$(cat /proc/sys/net/ipv4/tcp\_rmem); echo $c | sed \-e s/131072/87380/g > /proc/sys/net/ipv4/tcp\_rmem
+
+.fi
+.RE
+
+.PP
+Since slirp4netns v0.4.0, the value is automatically adjusted when running with \fB\-\-configure\fP\&.
+
+
 .SH SEE ALSO
 .PP
 \fBnetwork\_namespaces\fP(7), \fBuser\_namespaces\fP(7), \fBveth\fP(4)
diff --git a/slirp4netns.1.md b/slirp4netns.1.md
@@ -30,6 +30,8 @@ Default configuration:
 **-c**, **--configure**
 bring up the TAP interface. IP will be set to 10.0.2.100 (network address + 100) by default. IPv6 will be set to a random address.
 Starting with v0.4.0, the loopback interface (**lo**) is brought up as well.
+Starting with v0.4.0, **/proc/sys/net/ipv4/tcp_rmem** in the namespace is adjusted when running with kernel >= 4.20.
+This adjustment may differ in the future releases. (See BUGS)
 
 **-e**, **--exit-fd=FD**
 specify the FD for terminating slirp4netns.
@@ -206,6 +208,19 @@ Additionally, a **--userns-path=PATH** argument can be included to override any
 ```console
 $ slirp4netns --netns-type=path --userns-path=/path/to/userns /path/to/netns tap0
 ```
+# BUGS
+
+Kernel 4.20 bumped up the default value of **/proc/sys/net/ipv4/tcp_rmem** from 87380 to 131072.
+This is known to slow down slirp4netns port forwarding: **https://github.com/rootless-containers/slirp4netns/issues/128**.
+
+As a workaround, you can adjust the value of **/proc/sys/net/ipv4/tcp_rmem** inside the namespace.
+No real root privilege is needed to modify the file since kernel 4.15.
+
+```console
+unshared$ c=$(cat /proc/sys/net/ipv4/tcp_rmem); echo $c | sed -e s/131072/87380/g > /proc/sys/net/ipv4/tcp_rmem
+```
+
+Since slirp4netns v0.4.0, the value is automatically adjusted when running with **--configure**.
 
 # SEE ALSO
 
