Skip to content

[th/mptcp-2] support configuring MPTCP endpoint addresses

Thomas Haller requested to merge th/mptcp-2 into main

https://bugzilla.redhat.com/show_bug.cgi?id=2029636 See also: #819 (closed)


what this MR implements, and the current plan:

  • NetworkManage won't change the limits or toggle /proc/sys/net/mptcp/enabled. At least, that's the plan. Instead, your distro (or the admin) should setup reasonable defaults that make sense. All that NetworkManager is planned to be doing, is adding endpoints.

  • NM gets a new connection.mptcp-flags property. See the code (and man nm-settings) for possible values for the flag. If you leave the property unset (0x0, the default), then NM will automatically enable MPTCP handling depending on whether /proc/sys/net/mptcp/enabled is on. So, in most cases this should require no configuration. Your distro ships with /proc/sys/net/mptcp/enabled enabled, and NM will configure endpoints.

  • one problem is strict rp_filter which breaks MPTCP use cases. So, there is a flag "rp-filter-relax" to loosen the filter. If you leave connection.mptcp-flags at 0x0, then "rp-filter-relax" will be automatically used (if /proc/sys/net/mptcp/enabled is on).

  • kernel currently has a small limit for how many MPTCP endpoints can be configured (MPTCP_PM_ADDR_MAX). NetworkManager doesn't really care about it, it just ignores failures to configure an endpoint. However, it will try to add endpoints in a consistent order, so it will add them, until the limit is reached. Unclear how to improve that. Maybe it's good enough.


One unsolved problem is that a user might have mptcpd running and update NetworkManager to a new version that supports MPTCP handling. Since we want that MPTCP handling works out of the box, NetworkManager will start competing with mptcpd about adding the addresses. That's a problem, unclear how to avoid. Maybe just document the problem and the user is supposed to either disable MPTCP handling in NetworkManager or mptcpd.


Edit: 20240509: "So, there is a flag "rp-filter-relax" to loosen the filter.". This flag was never added. NetworkManager always relaxes rp_filter on interfaces where it configures MPTCP. A flag for opting-out from that to not touch rp_filter could be added, but it may not be useful (why would you want that?).

Edited by Thomas Haller

Merge request reports