From 5819c6af28239b973958a8d197f9e39926e7b9f1 Mon Sep 17 00:00:00 2001 From: Jordan Whited Date: Thu, 9 Mar 2023 11:06:01 -0800 Subject: [PATCH] tun/netstack: enable TCP Selective Acknowledgements Enable TCP SACK for the gVisor Stack used in tun/netstack. This can improve throughput by an order of magnitude in the presence of packet loss. Reviewed-by: James Tucker Signed-off-by: Jordan Whited Signed-off-by: Jason A. Donenfeld --- tun/netstack/tun.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tun/netstack/tun.go b/tun/netstack/tun.go index a0b212a74..fa15f5361 100644 --- a/tun/netstack/tun.go +++ b/tun/netstack/tun.go @@ -65,8 +65,13 @@ func CreateNetTUN(localAddresses, dnsServers []netip.Addr, mtu int) (tun.Device, dnsServers: dnsServers, mtu: mtu, } + sackEnabledOpt := tcpip.TCPSACKEnabled(true) // TCP SACK is disabled by default + tcpipErr := dev.stack.SetTransportProtocolOption(tcp.ProtocolNumber, &sackEnabledOpt) + if tcpipErr != nil { + return nil, nil, fmt.Errorf("could not enable TCP SACK: %v", tcpipErr) + } dev.ep.AddNotify(dev) - tcpipErr := dev.stack.CreateNIC(1, dev.ep) + tcpipErr = dev.stack.CreateNIC(1, dev.ep) if tcpipErr != nil { return nil, nil, fmt.Errorf("CreateNIC: %v", tcpipErr) }