Git Product home page Git Product logo

Comments (6)

venkat1109 avatar venkat1109 commented on May 13, 2024

If we are to go with adaptive record sizing, that resizing decision has to be driven by tcp cwnd size ultimately. One idea would be to start small and then after transmitting x bytes of data, go big. Then downsize after y seconds of inactivity.

from s2n-tls.

mark-kubacki avatar mark-kubacki commented on May 13, 2024

There's something similar for Nginx which you could use as template:

http://forum.nginx.org/read.php?29,258662,259191#msg-259191

https://github.com/wmark/ossdl-overlay/blob/576dbf36ff6a1d80a2fa4a025ee1c4ecf2c2e8cd/www-servers/nginx/files/nginx-1.9.1-SSL-dynamic-record-size-redux.patch

from s2n-tls.

igrigorik avatar igrigorik commented on May 13, 2024

Related ATS bug & discussion: https://issues.apache.org/jira/browse/TS-2503

from s2n-tls.

venkat1109 avatar venkat1109 commented on May 13, 2024

First pass at dynamic record sizing:

venkat1109@70498df
venkat1109@eac8c3d

There are a couple of things that I don't like about this change:

(1) Re-allocation / resizing of conn.out stuffer whenever the record size changes.
What do we do when re-allocation fails because of mlock() or madvise() ? Do we really want to bail the connection ? If so, how do we propagate the error to the caller ?

(2) Calls to s2n_timer_reset() inside of s2n_send()

Thoughts / suggestions ?

from s2n-tls.

fatrat1117 avatar fatrat1117 commented on May 13, 2024

Hi:
I am going to implement a simper logic to increase record size. here is my proposal:

Define:
outgoing_rec_threshold: the number of bytes to send before changing the record size.
outgoing_rec_timeout (in seconds). If this value > 0 then dynamic TLS record sizes feature is enabled. Otherwise, the feature is disabled (default).

Logic:
increase record size (phase 1):
Each connection starts with records of the min (S2N_SMALL_FRAGMENT_LENGTH, max_outgoing_fragment_length). if S2N_SMALL_FRAGMENT_LENGTH < max_outgoing_fragment_length, after sending outgoing_rec_threshold bytes the record size is increased to max_outgoing_fragment_length.

reset record size (phase 2):
if the connection idles for longer than outgoing_rec_timeout then the TLS record size is reduced to S2N_SMALL_FRAGMENT_LENGTH and the logic above is repeated.

from s2n-tls.

lrstewart avatar lrstewart commented on May 13, 2024

Dynamic record size support was added in 8b8cd07

from s2n-tls.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.