Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Testing TCP_FASTOPEN
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Testing TCP_FASTOPEN

SteveMCSteveMC Member
edited January 2019 in Help

Hi,

Is there a way to know if TCP_FASTOPEN is effectively being used? I configured my server to enable it , for both client and server, and activated it in nginx. Then how can I know if it's really being used?

Thank you.

Comments

  • solairesolaire Member

    Tcpdump / Wireshark?

    Thanked by 1SteveMC
  • eoleol Member

    Good question.

    Thanked by 2SteveMC quick
  • SteveMCSteveMC Member

    I understand that only Chrome for Android / Linux has the TCP_FASTOPEN feature enabled. And apparently, "at a time", Edge had this option which could be turned on / off. But I can't find any more.

    Unrelated, but I just started using TLSv1.3 and I could see a slight and nice improvement. Still waiting for HTTP/3 (formally HTTP-over-QUIC).

  • rm_rm_ IPv6 Advocate, Veteran
    edited January 2019

    SteveMC said: Then how can I know if it's really being used?

    With tcpdump evidently, but to see if there's any improvement from it, just get two VPSes with a high ping between each other (such as Japan and Europe), run HTTP server on one, run time curl -I on another, both with FASTOPEN disabled and enabled.

    Thanked by 1SteveMC
  • zllovesukizllovesuki Member

    To be honest, nobody should use TCP_FASTOPEN in production environment. With current TLS 1.1/1.2 deployments, TFO is the enemy of firewalls. However, I do see the usefulness in TLS 1.3 false start with TFO. But as of right now, I personally don't see the applications of TFO.

    Thanked by 3SteveMC Letzien dedotatedwam
Sign In or Register to comment.