Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Mar 2003 00:18:11 -0800
From:      Terry Lambert <tlambert2@mindspring.com>
To:        Dan Nelson <dnelson@allantgroup.com>
Cc:        current@freebsd.org
Subject:   Re: [Re: NFS -current
Message-ID:  <3E816243.AED1CB4F@mindspring.com>
References:  <200303260034.aa92057@salmon.maths.tcd.ie> <3E81160B.E5406C60@mindspring.com> <20030326035938.GF1713@dan.emsphone.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Dan Nelson wrote:
> UDP works just fine on a switched network.  On my NFS servers I use an
> 8k rsize/wsize and UDP mounts on everything and have relatively few
> dropped fragments.

I'm not sure Ian's network is as reliable.  8-).

Nevertheless, you really do not want to use UDP for NFS with
a packet size larger than the MTU, relying on the fragment
reassembly, if you can avoid it.

The first problem is that the only NAK mechanism require that
the entire set of datagrams be discarded, and there is no
proactive discard for the datagrams in the reassembly queue
for the partial set that was received previously, prior to
an explicit request for retransmission.

Even assuming a perfect delivery media, such as in a switched
network in an area without electrical interference, and no
overloading to result in dropped packets, UDP is less efficient,
with an overdriven window, than TCP.

The main reason for this is that the TCP window is generally
larger than the commonly used rsize/wsize of 8K.  In addition,
with UDP, the transactions are all request/response, which
means you can't go onto the next 8K until the prior 8K was
received, whereas with TCP, you can have a full windowsize of
data in the pipe.

Server based predictive read-ahead works with TCP.

UDP packets are much easier for an attacker to spoof.

UDP packets are harder to get through firewalls.

UDP is not stateful, so it renders stateful firewalls vulnerable,
if it's allowed through.

In fact, the only legitimate argument I have ever heard for UDP
has been "I have an old Linux install that can't talk TCP, as
only UDP was implemented at the time I installed it".

I can't really understand the attraction to UDP.  Maybe it has
to do with the people involved being netrek players from way
back...

-- Terry



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E816243.AED1CB4F>