On Fri, 2009-05-15 20:55:12 +0200, Michal Trojnara wrote:
Gary Kuznitz wrote:
; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
IMHO it's not a good idea for non-interactive connections, e.g. pop3.
On the contrary, I think Stunnel should disable Nagle by default:
If the Nagle algorithm is enabled, the TCP layer delays sending of small chunks of data for some ms in the expectation of other small chunks to be fed to the socket. The small chunks are then combined and sent in one single IP packet.
This is reasonable for connections that transport larger amounts of data without waiting for an explicit acknowledge from the receiver (on the application level). For e.g. POP3, this allows the application to feed the mail body line-by-line to the TCP socket, without sending silly small 80-byte packets over the wire.
For interactive connections (or even during the protocol handshake of POP3) the Nagle algorithm adds an extra delay to each round-trip. This is why it's up to the application to decide for or against Nagle.
However, the stunnel sockets are not connected to the application. Stunnel just forwards data from one socket to another (besides encrypting, of course). For that, it reads as much data as available from one socket and immediately feeds it to the other one. Provided the original application configured Nagle appropriately, there are no silly small packets on the wire. Thus, the size of the data chunks Stunnel reads and writes are suitable for the protocol already. I don't see a reason for additional delays.
I can imagine one situation where it was reasonable to have Nagle enabled for Stunnel: If the tunnel end point is on the same box as the application, and the TCP layer is clever enough to skip Nagle for 'local' connections, then Stunnel may have Nagle enabled on the socket connected to the 'remote' host.
Disabling Nagle on sockets to localhost should always be a good idea.
Ludolf
P.S. @Gary: Don't worry too much about setting TCP_NODELAY or not. The effect of the Nagle algorithm may be measurable, but I don't expect you to feel a difference while fetching e-mails.