fixup review comment

gangj · gangj · commit 65433e140914 · 2026-01-11T14:54:14.000+08:00
CA-384228: Enable TCP Path MTU Discovery by default Fixes slave xapi hang during pool join when jumbo frames are configured but the network path doesn't support them. Problem: When MTU mismatch occurs (interface configured for 9000 but path supports only 1500), RPC connections hang on large requests (~1613 bytes). The hanging connection holds a database lock, blocking all other DB operations and causing the entire slave xapi to become unresponsive during pool join. Root cause: Without Path MTU Discovery, TCP cannot detect when the path MTU is smaller than the configured interface MTU. When ICMP "Fragmentation Needed" messages are blocked by firewalls, TCP has no feedback mechanism to reduce packet size. Packets exceeding the path MTU are silently dropped by network infrastructure, leading to connection timeouts. The application-level retry logic (in master_connection.ml) attempts reconnection, but each retry encounters the same issue while holding a database lock, causing extended hangs. Solution: Enable TCP PMTUD to allow automatic MTU detection and adaptation. Configuration: - net.ipv4.tcp_mtu_probing=1: Enable automatic MTU detection when ICMP blackhole is detected (recommended setting) - net.ipv4.tcp_base_mss=1024: Base MSS for MTU probing With PMTUD enabled, TCP detects packet loss patterns indicating MTU issues and proactively reduces packet size to find a working MTU. This works even when ICMP Fragmentation Needed messages are blocked by firewalls, allowing connections to succeed and preventing database lock contention. Files: - scripts/92-xapi-tcp-mtu.conf: New sysctl configuration file - scripts/Makefile: Install sysctl config to /usr/lib/sysctl.d/ The file is installed to /usr/lib/sysctl.d/ (package-owned location) rather than /etc/sysctl.d/ (user config space). The "92" prefix ensures this loads after basic network configuration (91-*), and admins can override with files in /etc/sysctl.d/ if needed. Reference: https://blog.cloudflare.com/path-mtu-discovery-in-practice/ Signed-off-by: Gang Ji <gang.ji@cloud.com>
diff --git a/scripts/Makefile b/scripts/Makefile
@@ -20,9 +20,9 @@ install:
 	mkdir -p $(DESTDIR)/usr/lib/yum-plugins
 	mkdir -p $(DESTDIR)$(OPTDIR)/packages/post-install-scripts
 	mkdir -p $(DESTDIR)/etc/systemd/system/stunnel@xapi.service.d/
-	mkdir -p $(DESTDIR)/etc/sysctl.d
+	mkdir -p $(DESTDIR)/usr/lib/sysctl.d
 	$(IPROG) base-path $(DESTDIR)/etc/xapi.d
-	$(IDATA) 92-xapi-tcp-mtu.conf $(DESTDIR)/etc/sysctl.d/92-xapi-tcp-mtu.conf
+	$(IDATA) 92-xapi-tcp-mtu.conf $(DESTDIR)/usr/lib/sysctl.d/92-xapi-tcp-mtu.conf
 	$(IPROG) sm_diagnostics $(DESTDIR)$(LIBEXECDIR)
 	$(IPROG) xn_diagnostics $(DESTDIR)$(LIBEXECDIR)
 	$(IPROG) thread_diagnostics $(DESTDIR)$(LIBEXECDIR)
