Nginx TCP Fast Open Issue
I have configured Nginx and Apache on one of my servers. The nginx server listens on port 80 and Apache on port 81. Nginx works as a reverse proxy. In nginx I configured TCP Fast Open:
server {
listen 107.6.155.74 fastopen=50;
server_name servtest.com www.servtest.com;
TCP Fast Open is also enabled on the server itself:
root@server:~/projects/nginx# cat /proc/sys/net/ipv4/tcp_fastopen
3
In order to test if this works I configured Chrome on a PC running Ubuntu to use TCP Fast Open (chrome://flags page). The tcp_fastopen settings is set to 1 on the client.
On the server I use the following grep to find out if TCP Fast Open is used or not:
grep '^TcpExt:' /proc/net/netstat | cut -d ' ' -f 87-92 | column -t
TCPOFOMerge TCPChallengeACK TCPSYNChallenge TCPFastOpenActive TCPFastOpenPassive TCPFastOpenPassiveFail
0 2 2 0 0 0
I believe that the TCPFastOpenActive and/or TCPFastOpenPassive counters should not be "0" if this works. Any ideas how to actually find out if TCP Fast Open is used and works as expected? Let me know if I need to provide some more info.
Solution 1:
I've done some tests using the TCP fast open test code at https://github.com/yuryu/tfoecho
My count TCPFastOpenPassive does go up when using the test code.
$ grep '^TcpExt:' /proc/net/netstat | cut -d ' ' -f 87-92 | column -t
TCPOFOMerge TCPChallengeACK TCPSYNChallenge TCPFastOpenActive TCPFastOpenActiveFail TCPFastOpenPassive
1000 56217 1316 0 0 2041
So I think your method of analysing is correct.
And running wireshark, you can clearly see the Fast Open Cookie under TCP options.
I tested with the same pair of machines using Chromium and Nginx.
Chromium version:
Version 55.0.2883.75 built on Debian stretch/sid, running on Debian stretch/sid (64-bit)
No fast open cookie in the wireshark traces. Even with the fast open option enabled in Chromium. So I suspect the problem lies with Chromium.