[OpenAFS-devel] Rx over TCP to solve some NAT & Firewall issues?

Pete Zaitcev zaitcev@redhat.com
Thu, 20 Nov 2003 12:23:34 -0500


On Thu, Nov 20, 2003 at 09:16:39AM -0500, chas williams wrote:
> >Possible problems with this approach are:
> >- TCP may cause worse performance than UDP.
> >- Can multiple users behind the same NAT be handled?
> >- For large servers, the number of TCP connections may become too great
> 
> you might want to take a look at the 'rx performance' threads 
> back in june 2003.  in particular, this comment about tcp
> makes me skeptical about tcp:
> 
> https://lists.openafs.org/pipermail/openafs-devel/2003-June/004424.html):

I'm truly shocked that Derek in particular would bring up
this old strawman. He's one of elders, saw the migration
of NFS from UDP to TCP, saw everything, cheesh...

The case of 20,000 simultaneous long lived TCP connections
is not unheard of, it's routine on IRC servers. It's all
down to the hashing quality.

That said, tearing dowin idle connections is generally a good
idea, because it makes the system to keep less state, especially
at gateways. But I'm not an experienced AFS hacker, so I am wary
of implications here. What if a server wants to contact a client
to make some sort of a callback? That goes against the direction
of NAT setup if the connection was dropped. Someone with experience
needs to think this out.

-- Pete