My first approach to this was to condition the use of SO_PEEK_OFF with tcpv4, e.g., basically a test like if (v4 && peek_offset_cap) {...} everywhere, but then I made an interesting discovery. It turns out that, unless the ´-4' option is explicitly given on the command line, all sockets are v6, even those that are later used as v4 sockets. So, the set_peek_off() call failed even for supposedly v4 sockets. I checked this by adding a printout to the tcp_listen_handler(), and noticed that all returns from the accept4() call goes into the AF_INET6 branch, even when the client (iperf3) call is using an IPv4 address. During traffic, the very same socket is marked as v4 in the tcp_tap_conn structure, and this seems to have worked just fine until I added the set_peek_offset call(). I believe this is an issue that has been introduced during the last months, since I didn't start using the ´-4' option consistently until some months ago, and then it worked. Happy summer ///jon On 2024-07-20 09:54, Jon Maloy wrote:

The recently added socket option SO_PEEK_OFF is not supported for TCP/IPv6 sockets. Until we get that support into the kernel we need to test for support in both protocols to set the global 'peek_offset_cap´ to true.

Signed-off-by: Jon Maloy --- tcp.c | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-)

diff --git a/tcp.c b/tcp.c index c5431f1..32026ca 100644 --- a/tcp.c +++ b/tcp.c @@ -2717,6 +2717,28 @@ static void tcp_sock_refill_init(const struct ctx *c) } }

+/** + * tcp_probe_peek_offset_cap() - Check if SO_PEEK_OFF is supported by kernel + * @af: Address family, IPv4 or IPv6 + * + * Return: true if supported, false otherwise + */ +bool tcp_probe_peek_offset_cap(int af) +{ + bool ret = false; + int s, optv = 0; + + s = socket(af, SOCK_STREAM | SOCK_CLOEXEC, IPPROTO_TCP); + if (s < 0) { + warn_perror("Temporary TCP socket creation failed"); + } else { + if (!setsockopt(s, SOL_SOCKET, SO_PEEK_OFF, &optv, sizeof(int))) + ret = true; + close(s); + } + return ret; +} + /** * tcp_init() - Get initial sequence, hash secret, initialise per-socket data * @c: Execution context @@ -2725,8 +2747,7 @@ static void tcp_sock_refill_init(const struct ctx *c) */ int tcp_init(struct ctx *c) { - unsigned int b, optv = 0; - int s; + unsigned int b;

ASSERT(!c->no_tcp);

@@ -2752,15 +2773,8 @@ int tcp_init(struct ctx *c) NS_CALL(tcp_ns_socks_init, c); }

- /* Probe for SO_PEEK_OFF support */ - s = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, IPPROTO_TCP); - if (s < 0) { - warn_perror("Temporary TCP socket creation failed"); - } else { - if (!setsockopt(s, SOL_SOCKET, SO_PEEK_OFF, &optv, sizeof(int))) - peek_offset_cap = true; - close(s); - } + peek_offset_cap = tcp_probe_peek_offset_cap(AF_INET) && + tcp_probe_peek_offset_cap(AF_INET6); info("SO_PEEK_OFF%ssupported", peek_offset_cap ? " " : " not ");

return 0;