Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

percent_expand for QoS in ControlPath

 

 

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


slovichon at gmail

Mar 29, 2012, 4:01 PM

Post #1 of 5 (436 views)
Permalink
percent_expand for QoS in ControlPath

Hi,

Not sure if this anyone else is interested in this but to me it seems to make
sense to use different control session multiplexer sockets for bulk and
interactive workloads.

Index: auth.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/auth.c,v
retrieving revision 1.94
diff -u -p -r1.94 auth.c
--- auth.c 23 May 2011 03:33:38 -0000 1.94
+++ auth.c 29 Mar 2012 23:00:06 -0000
@@ -326,7 +326,7 @@ check_key_in_hostfiles(struct passwd *pw
*
* XXX Should any specific check be done for sym links ?
*
- * Takes an open file descriptor, the file name, a uid and and
+ * Takes an open file descriptor, the file name, a uid and an
* error buffer plus max size as arguments.
*
* Returns 0 on success and -1 on failure
Index: ssh.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh.c,v
retrieving revision 1.368
diff -u -p -r1.368 ssh.c
--- ssh.c 24 Oct 2011 02:10:46 -0000 1.368
+++ ssh.c 29 Mar 2012 23:00:06 -0000
@@ -701,7 +701,7 @@ main(int ac, char **av)
options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT;
}

- /* preserve host name given on command line for %n expansion */
+ /* preserve host name given on command line for %h expansion */
host_arg = host;
if (options.hostname != NULL) {
host = percent_expand(options.hostname,
@@ -750,6 +750,8 @@ main(int ac, char **av)
options.control_path = percent_expand(cp, "h", host,
"l", thishost, "n", host_arg, "r", options.user,
"p", portstr, "u", pw->pw_name, "L", shorthost,
+ "Q", iptos2str(tty_flag ?
+ options.ip_qos_interactive : options.ip_qos_bulk),
(char *)NULL);
xfree(cp);
}
Index: ssh_config.5
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v
retrieving revision 1.154
diff -u -p -r1.154 ssh_config.5
--- ssh_config.5 9 Sep 2011 00:43:00 -0000 1.154
+++ ssh_config.5 29 Mar 2012 23:00:06 -0000
@@ -313,23 +313,30 @@ in the
section above or the string
.Dq none
to disable connection sharing.
-In the path,
-.Ql %L
-will be substituted by the first component of the local host name,
-.Ql %l
-will be substituted by the local host name (including any domain name),
-.Ql %h
-will be substituted by the target host name,
-.Ql %n
-will be substituted by the original target host name
-specified on the command line,
-.Ql %p
-the port,
-.Ql %r
-by the remote login username, and
-.Ql %u
-by the username of the user running
-.Xr ssh 1 .
+.Pp
+In the path, the following substitutions are recognized:
+.Pp
+.Bl -tag -width 3n -compact -offset 2n
+.It \&%h
+target host name
+.It \&%L
+first component of the local host name
+.It \&%l
+local host name (including any domain name)
+.It \&%n
+original target host name specified on the command line
+.It \&%p
+port
+.It \&%Q
+quality of service string
+.Pq e.g. Dq lowdelay
+.It \&%r
+remote login username
+.It \&%u
+username of the user running
+.Xr ssh 1
+.El
+.Pp
It is recommended that any
.Cm ControlPath
used for opportunistic connection sharing include
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


saku at ytti

Mar 29, 2012, 11:25 PM

Post #2 of 5 (404 views)
Permalink
Re: percent_expand for QoS in ControlPath [In reply to]

I'm not sure if I understand what is suggested here, but I think it
might be that in ControlMaster scenario some packets would be sent
with different TOS value than another.

But I don't think it actually matters, consider you're having
interactive ssh session to remote host from your PC behind ADSL, all
good. Then you upload large file from your PC to the same remote host.
Now without ControlMaster all is well, with proper TOS values in
packets, interactive session won't become laggy, but in ControlMaster
it will. And I don't understand how it could be solved, as TCP
guarantees at kernel level ordering of packets, so even if your ADSL
CPE reorders the packets and sends the high priority interactive ssh
packets first the remote host kernel will not give them to userland
until original order has restored, essentially rendering the
prioritization done in the ADSL CPE useless.

(This is practical example of problem I run into weekly, I workaround
it by setting ControlPath none for scp)

On 30 March 2012 02:01, Jared Yanovich <slovichon [at] gmail> wrote:
> Hi,
>
> Not sure if this anyone else is interested in this but to me it seems to make
> sense to use different control session multiplexer sockets for bulk and
> interactive workloads.
>
> Index: auth.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/auth.c,v
> retrieving revision 1.94
> diff -u -p -r1.94 auth.c
> --- auth.c      23 May 2011 03:33:38 -0000      1.94
> +++ auth.c      29 Mar 2012 23:00:06 -0000
> @@ -326,7 +326,7 @@ check_key_in_hostfiles(struct passwd *pw
>  *
>  * XXX Should any specific check be done for sym links ?
>  *
> - * Takes an open file descriptor, the file name, a uid and and
> + * Takes an open file descriptor, the file name, a uid and an
>  * error buffer plus max size as arguments.
>  *
>  * Returns 0 on success and -1 on failure
> Index: ssh.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/ssh.c,v
> retrieving revision 1.368
> diff -u -p -r1.368 ssh.c
> --- ssh.c       24 Oct 2011 02:10:46 -0000      1.368
> +++ ssh.c       29 Mar 2012 23:00:06 -0000
> @@ -701,7 +701,7 @@ main(int ac, char **av)
>                options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT;
>        }
>
> -       /* preserve host name given on command line for %n expansion */
> +       /* preserve host name given on command line for %h expansion */
>        host_arg = host;
>        if (options.hostname != NULL) {
>                host = percent_expand(options.hostname,
> @@ -750,6 +750,8 @@ main(int ac, char **av)
>                options.control_path = percent_expand(cp, "h", host,
>                    "l", thishost, "n", host_arg, "r", options.user,
>                    "p", portstr, "u", pw->pw_name, "L", shorthost,
> +                   "Q", iptos2str(tty_flag ?
> +                     options.ip_qos_interactive : options.ip_qos_bulk),
>                    (char *)NULL);
>                xfree(cp);
>        }
> Index: ssh_config.5
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v
> retrieving revision 1.154
> diff -u -p -r1.154 ssh_config.5
> --- ssh_config.5        9 Sep 2011 00:43:00 -0000       1.154
> +++ ssh_config.5        29 Mar 2012 23:00:06 -0000
> @@ -313,23 +313,30 @@ in the
>  section above or the string
>  .Dq none
>  to disable connection sharing.
> -In the path,
> -.Ql %L
> -will be substituted by the first component of the local host name,
> -.Ql %l
> -will be substituted by the local host name (including any domain name),
> -.Ql %h
> -will be substituted by the target host name,
> -.Ql %n
> -will be substituted by the original target host name
> -specified on the command line,
> -.Ql %p
> -the port,
> -.Ql %r
> -by the remote login username, and
> -.Ql %u
> -by the username of the user running
> -.Xr ssh 1 .
> +.Pp
> +In the path, the following substitutions are recognized:
> +.Pp
> +.Bl -tag -width 3n -compact -offset 2n
> +.It \&%h
> +target host name
> +.It \&%L
> +first component of the local host name
> +.It \&%l
> +local host name (including any domain name)
> +.It \&%n
> +original target host name specified on the command line
> +.It \&%p
> +port
> +.It \&%Q
> +quality of service string
> +.Pq e.g. Dq lowdelay
> +.It \&%r
> +remote login username
> +.It \&%u
> +username of the user running
> +.Xr ssh 1
> +.El
> +.Pp
>  It is recommended that any
>  .Cm ControlPath
>  used for opportunistic connection sharing include
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev [at] mindrot
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



--
  ++ytti
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


slovichon at gmail

Mar 30, 2012, 12:22 AM

Post #3 of 5 (410 views)
Permalink
Re: percent_expand for QoS in ControlPath [In reply to]

On Fri, Mar 30, 2012 at 09:25:10AM +0300, Saku Ytti wrote:

> packets, interactive session won't become laggy, but in ControlMaster
> it will. And I don't understand how it could be solved, as TCP
> guarantees at kernel level ordering of packets, so even if your ADSL
> CPE reorders the packets and sends the high priority interactive ssh
> packets first the remote host kernel will not give them to userland
> until original order has restored, essentially rendering the
> prioritization done in the ADSL CPE useless.

That is why I suggested two separate sockets.

This would mean ordering was maintained only down to the socket level, no?

Host host
ControlPath ~/.ssh/ctlsock/%h.%Q
----------------------------------------------------------------------
$ ssh host # this creates ~/.ssh/ctlsock/host.lowdelay
$ scp file host: # this creates ~/.ssh/ctlsock/host.throughput

All subsequent bulk transfers will use the 'throughput' socket, and likewise for
interactive to 'lowdelay'.

Am I mistaken?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


saku at ytti

Mar 30, 2012, 12:28 AM

Post #4 of 5 (407 views)
Permalink
Re: percent_expand for QoS in ControlPath [In reply to]

On 30 March 2012 10:22, Jared Yanovich <slovichon [at] gmail> wrote:

> That is why I suggested two separate sockets.
>
> This would mean ordering was maintained only down to the socket level, no?
>
>  Host host
>    ControlPath ~/.ssh/ctlsock/%h.%Q
> ----------------------------------------------------------------------
>  $ ssh host            # this creates ~/.ssh/ctlsock/host.lowdelay
>  $ scp file host:      # this creates ~/.ssh/ctlsock/host.throughput
>
> All subsequent bulk transfers will use the 'throughput' socket, and likewise for
> interactive to 'lowdelay'.
>
> Am I mistaken?

If it transits with different TCP ports, it'll work, if it transits in
same TCP port, I don't understand how it could work, but I'd love to
see it done.
If it's different TCP ports, you're losing benefits of the
ControlSocket, as you need to do new 3way handshake etc (or multiple,
if that SSH connection happens to traverse many devices)?

--
  ++ytti
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


slovichon at gmail

Mar 30, 2012, 2:47 AM

Post #5 of 5 (407 views)
Permalink
Re: percent_expand for QoS in ControlPath [In reply to]

On Fri, Mar 30, 2012 at 10:28:00AM +0300, Saku Ytti wrote:

> > That is why I suggested two separate sockets.
>
> If it's different TCP ports, you're losing benefits of the
> ControlSocket, as you need to do new 3way handshake etc (or multiple,
> if that SSH connection happens to traverse many devices)?

Yes, it's not perfect. It is a compromise between occasionally laggy
interactive sessions and entirely abandoning ControlPath, as well as hacking the
command line options to achieve a similar effect. And it's optional to use.

Some may consider it feature creep; I don't know. Just sharing for any one else
that may benefit from its use.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.