From: Jordan Whited <jordan@tailscale.com>
Date: Thu, 9 Mar 2023 19:06:01 +0000 (-0800)
Subject: tun/netstack: enable TCP Selective Acknowledgements
X-Git-Tag: 0.0.20250515~52
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5819c6af28239b973958a8d197f9e39926e7b9f1;p=thirdparty%2Fwireguard-go.git

tun/netstack: enable TCP Selective Acknowledgements

Enable TCP SACK for the gVisor Stack used in tun/netstack. This can
improve throughput by an order of magnitude in the presence of packet
loss.

Reviewed-by: James Tucker <james@tailscale.com>
Signed-off-by: Jordan Whited <jordan@tailscale.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---

diff --git a/tun/netstack/tun.go b/tun/netstack/tun.go
index a0b212a..fa15f53 100644
--- a/tun/netstack/tun.go
+++ b/tun/netstack/tun.go
@@ -65,8 +65,13 @@ func CreateNetTUN(localAddresses, dnsServers []netip.Addr, mtu int) (tun.Device,
 		dnsServers:     dnsServers,
 		mtu:            mtu,
 	}
+	sackEnabledOpt := tcpip.TCPSACKEnabled(true) // TCP SACK is disabled by default
+	tcpipErr := dev.stack.SetTransportProtocolOption(tcp.ProtocolNumber, &sackEnabledOpt)
+	if tcpipErr != nil {
+		return nil, nil, fmt.Errorf("could not enable TCP SACK: %v", tcpipErr)
+	}
 	dev.ep.AddNotify(dev)
-	tcpipErr := dev.stack.CreateNIC(1, dev.ep)
+	tcpipErr = dev.stack.CreateNIC(1, dev.ep)
 	if tcpipErr != nil {
 		return nil, nil, fmt.Errorf("CreateNIC: %v", tcpipErr)
 	}