fir3net
PPS-Firenetbanner-780.5x190-30-03-17

Brocade ADX - How to tune/configure the TCP stack

Introduction

There are 2 main methods for configuring the TCP stack on an ADX, globally or via a tcp profile. Within this article we will look at the main configuration settings available, such as how to configure Nagle, SACK and Window Scaling. 

TCP Profiles

TCP profiles allow you to modify the TCP parameters on a specific port at a virtual server level.
Both client-side and server-side profiles are defined and assigned. There are 4 main methods of assignment, as shown below.

ADX(config)# server VIP_192.168.1.100 192.168.1.100
ADX(config-vs-192.168.1.100)# port ssl ssl-proxy <clientprofile> <serverprofile>

ADX(config)# server VIP_192.168.1.100 192.168.1.100
ADX(config-vs-192.168.1.100)# port ssl ssl-terminate <clientprofile> <serverprofile>

ADX(config)# ssl profile myprofile
ADX(config-ssl-profile-myprofile)# tcp-profile client-profile
ADX(config)# server VIP_192.168.1.100 192.168.1.100
ADX(config-vs-192.168.1.100)# port ssl ssl-terminate sslprofile myprofile

ADX(config)# server VIP_192.168.1.100 192.168.1.100
ADX(config-vs-192.168.1.100)# port http tcp-proxy <clientprofile> <serverprofile>

Note :

  • As you can see above, there are 2 methods for assigning a tcp profile to a SSL terminated port, within the ssl profile and directly to the virtual server.
  • At the point tcp profiles are assigned to http, traffic is proxied when passed through the virtual server. This is worth mentioning due to the fact that by default http traffic is not proxied when passing via a virtual server.

Selective ACK

Selective ACK is TCP feature that allows the receiver to ACK only certain packets within the TCP window. This then allows the sender to only resend the lost segments rather then the whole window.

By default, the ADX removes this option from the TCP header during the 3 way handshake, resulting in SACK being disabled. To enable SACK (i.e prevent the SACK option from being removed) it must be enabled from within a tcp profile.

ADX(config)# tcp profile client-profile
ADX(config-client-profile)# tcp-sack on

Note : This feature was added within 12.4u.

Window Scaling

Window Scaling is an extension to the TCP Windowing feature. Window Scaling allows the window size to exceed the standard size of 65,535 bytes.

Pre version 12.4f the Window Scale option was not supported. This meant during the 3 way handshake, the WS (Window Scale) option was not propagated to the server. In turn disabling the us of Window Scaling by either side.

To enable the Window Scaling (in 12.4f and higher) a TCP profile can be configured specifying the WS value.

ADX(config)# tcp profile client-profile
ADX(config-client-profile)# tcp-wnd-scale 1

ADX(config)# tcp profile server-profile
ADX(config-server-profile)# tcp-wnd-scale 1

TX/RX Buffers

Both the TX (send)/RX(receive) buffers can be configured within the TCP profile(s). The maximum buffer size is 3145278, the default is 0.

ADX(config)# tcp profile client-profile
ADX(config-client-profile)# rxbuf-size <0 to 3145278>
ADX(config-client-profile)# txbuf-size <0 to 3145278>

Nagle

The Nagle algorithm is a method to alleviate network overhead by combining a number of smaller packets into one.
To disable nagle the following syntax is used,

ADX(config)# tcp profile client-profile
ADX(config-tcp-profile-client-profile)# nagle off

Delayed ACK

Delayed ACK is a technique to prevent the receiver having to acknowledge every data segment.
To disable delayed ACK the following syntax is used,

ADX(config)# tcp profile client-profile
ADX(config-tcp-profile-client-profile)# delayed-ack off

Push-Bit Off

By default all egress data packets are set with the PUSH flag. This can be disabled by the following syntax,

ADX(config)# tcp profile client-profile
ADX(config-tcp-profile-client-profile)# push-bit off

 

 

Tags: Brocade, ADX, TCP, Nagle, SACK

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001