On 2025-05-16 at 17:56:07, Muhammad Nuzaihan wrote: > > Patch to enable the use of MPTCP on Linux (when available) > > IPPROTO_MPTCP v1 (not the old v0) has been improved to go about the > limitations of middleboxes. > > MPTCP protocol is an extension of vanilla TCP which enables multiple > IP to aggregate bandwidth at layer 4 of the OSI stack across > as said IP(s). > > Similar to link aggregation which works at layer 2. MPTCP works on top > of IP layer. > > Other than aggregating bandwidth, MPTCP also allows seamless failover > when one network path (not just link) is down (or having high latency) > by reinjecting the packets to a path that is available. > > This patch enables IPPROTO_MPTCP if IPPROTO_MPTCP is available and > uses plain TCP if the Linux system does not support it. What happens here if I compile this on a system that has a kernel that supports MPTCP but then switch to one that does not? The reason I ask is that I have worked at places where we shipped binaries, including Git, based on a standard CentOS or RHEL system, but then some people used our software on a system with a very stripped down kernel (in some cases, where IPv6 was not even compiled in) because doing so meant that they could make about $5 more per server per month. Do the operating systems which support MPTCP make it a compulsory part of the TCP stack, or could we end up with cases where we're unable to connect here? In addition, Wikipedia mentions that FreeBSD has only IPv4 support, but I don't know if that's up to date. What happens if we run on a system where MPTCP is used, but it doesn't work with IPv6 and the only remote IP is IPv6? Do we fall back properly, or do things fail? I ask these questions not because I'm opposed to this feature but because I want to be sure we don't accidentally break things for users. I know that for instance Go 1.24 enabled MPTCP and that ended up causing problems in some environments, so I would recommend that we make this a configurable option instead. We can definitely default to MPTCP, but we probably need an option to fall back. Of course, this code path is only used by the unauthenticated Git protocol usually run on port 9418, which practically nobody uses anymore (because it lacks the privacy, integrity, and authentication which are necessary and prudent on the modern Internet), so maybe nobody cares about edge cases there. My guess, though, is that the people most likely to be using something that isn't HTTPS or SSH are also the people most likely to be using odd or unusual configurations, so we may very well want to add an option for them. -- brian m. carlson (they/them) Toronto, Ontario, CA
Attachment:
signature.asc
Description: PGP signature
