Ry/faster syn expiry#987
Open
rcgoodfellow wants to merge 6 commits into
Open
Conversation
This PR cuts down the TCP state entry expiry times for TCP flow entries which are either still within the three-way handshake or are actively being torn down. This does not affect the validity of any LFT entries which are responsible for actually *procesing* matched packets -- these exist on their own 60s expiry cadence. This might have some impact on flow state tracking, but the correct fix there is to get #744 over the line. Should answer for oxidecomputer/customer-support#1125.
rcgoodfellow
force-pushed
the
ry/faster-syn-expiry
branch
from
459486a to
a114c80
Compare
rcgoodfellow
commented
May 8, 2026
adamlouis
reviewed
May 8, 2026
bnaecker
reviewed
May 8, 2026
| | TcpState::CloseWait | ||
| | TcpState::FinWait1 | ||
| | TcpState::FinWait2 => self.quiescent_ttl, | ||
| TcpState::SynSent | TcpState::SynRcvd | TcpState::Listen => { |
Contributor
There was a problem hiding this comment.
I'm slightly concerned about LISTEN being here. IIUC, this will expire connections that make the handshake and then don't do much for a while. I dunno how bad that is, but it seems like a "normal" connection and one we'd want to apply the existing logic to, which would map this to keepalive_ttl.
Contributor
Author
There was a problem hiding this comment.
LISTEN is the handshake state for passive open, I think we should be ok here. We only exit the handshake through established.
bnaecker
reviewed
May 8, 2026
iliana
reviewed
May 8, 2026
bnaecker
reviewed
May 8, 2026
bnaecker
approved these changes
May 8, 2026
Contributor
bnaecker
left a comment
bnaecker
left a comment
There was a problem hiding this comment.
This looks good to me, thanks for double-checking and answering those questions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
A fork of #985 because Github told me bad things might happen if i retarget it to an r19 derivative branch.
Update: indeed bad things happened on a retarget from #985, so this is just R19 plus the commits from #985 cherry picked.