krb5_sendauth vs NAGLE vs DelayedAck

Ken Raeburn raeburn at MIT.EDU
Wed Jan 14 16:52:34 EST 2009


On Jan 14, 2009, at 15:22, John Hascall wrote:
> I don't recall having seen this discussed on this
> list and google doesn't seem to either, so...
>
> I just discovered that hard way that the way that
> krb5_sendauth/krb5_recvauth work tickles the nasty
> interaction between the TCP NAGLE and DelayedAck
> features which inserts two ~200ms delays into the
> process:

Ouch.  I ran into the same problem years ago with Emacs movemail's POP  
support.  Send "DELE 123", pause, send "\r\n", wait for response... a  
delay per message to be deleted off the server, and if you're fetching  
100 or so messages at a time, it adds up...

> My guess is that this occurs anywhere that the kerberos
> libs use krb5_write_message().

...which is fortunately not too many places, but that doesn't help you  
today.

> My solution was just to do:
>  int on = 1;
>  setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
> before calling krb5_sendauth() but a "better" approach might
> be for krb5_write_message to end up calling writev so it
> does one write instead of two, I think.

Yes, I think that's probably best -- maybe via a helper function to  
run a loop and manage the bookkeeping in case of short writes.

Ken



More information about the Kerberos mailing list