首先服务器和客户端都开启tcp fast open:
net.ipv4.tcp_fastopen = 3使用curl开启tfo测试:
curl --tcp-fastopen https://www.haiyun.me/
#httping -F https://www.haiyun.me/nginx开启tfo:
listen 80 fastopen=256使用tcpdump监听数据发现:
第一次请求时客户端syn携带cookiereq,服务器如果支持tfo则返回tfo cookie:
Flags [S], options [mss 1460,sackOK,TS val 4250936141 ecr 0,nop,wscale 6,exp-tfo cookiereq], length 0
Flags [S.], options [mss 1460,sackOK,TS val 2764503812 ecr 4250936141,nop,wscale 11,exp-tfo cookie f6aecea49990ea33], length 0后续再请求时会在syn带上tfo cookie和请求数据:
Flags [S], options [mss 1460,sackOK,TS val 4250944477 ecr 0,nop,wscale 6,exp-tfo cookie f6aecea49990ea33], length 77: HTTP: GET / HTTP/1.1以上都配置了如果客户端syn数据包未带tfo cookiereq,则可能因为丢包或防火墙原因返回了正常模式,修改以下再测试:
net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0标签:none