Comment by ycombinatrix

1 day ago

You can also use TCP_CORK to reduce the number of packets without any increased latency.

Disabling TCP_NODELAY would also reduce number of packets + be portable & simpler to implement - but would incur a latency penalty.

8 comments

ycombinatrix

danudey 1 day ago

Haven't heard of TCP_CORK, very interesting.

For people who don't feel like googling it:

1. You TCP_CORK a socket

2. You put data into it and the kernel buffers it

3. If you uncork the socket, or if the buffer hits MSS, the kernel sends the packet

Basically, the kernel waits until it has a full packet worth of data, or until you say you don't have any more data to send, and then it sends. Sort of an extreme TCP_YESDELAY.

See https://catonmat.net/tcp-cork for where I learned it all from.

eieio 1 day ago

Oh wow - I've never heard of TCP_CORK before. Without disabling pings I'd still pay the cost of receiving way more packets, but maybe that'd be tolerable if I didn't have to send so many pongs. This is super handy; excited to play around with it.

I am aware of TCP_NODELAY (funny enough I recently posted about TCP_NODELAY to HN[1] when I was thinking about it for the same game that I wrote about here). But I think the latency hit from disabling it just doesn't work for me.

[1] https://news.ycombinator.com/item?id=46359120

joshstrange 1 day ago
I missed that thread originally, the post and the comments where a good read, thank you for sharing.
I got a kick out of this comment [0]. "BenjiWiebe" made a comment about the SSH packets you stumbled across in that thread. Obviously making the connection between what you were seeing in your game and this random off-hand comment would be insane (if you had seen the comment at all), but I got a smile out of it.
[0] https://news.ycombinator.com/item?id=46366291
- eieio 1 day ago
  
  wow, I missed that comment, that's an incredible connection. Thank you!
  
  1 reply →

squirrellous 1 day ago

Can you explain how TCP_CORK helps here? The chaff packets are spaced 20ms apart and sent per socket, so I don’t see how TCP_CORK could help unless it coalesced across 20ms intervals? But coalescing is clearly not an option for the intended obfuscation effect of the original feature.

ycombinatrix 17 hours ago
It is unrelated to SSH, it is a generic TCP thing.
"hello world" fits in a single TCP packet, but the kernel might end up sending one packet containing "hello" and another packet containing " world". It is completely opaque to userspace.
TCP_CORK lets userspace decide when packets are dispatched. You get to control whether "hello world" is sent across 1 packet or 11 packets.
- squirrellous 13 hours ago
  
  I’m aware what TCP_CORK does. I’m not seeing how it helps the situation in the post.
  Ah, maybe you are saying it doesn’t help the situation in the post. That’s what I misunderstood.