Try   HackMD

IPA Issue - Downlink Throughput Degradation

Problem

In the customer environment, the downlink throughput will drop to 30% after 8-12 hours.

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

The workaround to resolve this issue is to reboot or rescan.

Preliminary Observation

  • When the traffic is sent by TCP, IPA will learn the rule and send the traffic by this rule. (The maximum rule number for IPA is 500)
  • Ideally, this rule should be deleted shortly after the traffic is finished.
  • But in fact, the rule was not deleted and timeout showed five days, so the rule number will increase until it hits the limit.

Workaround

  • To mitigate this issue, we modify the timeout manually from five days to ten minutes.

Root Casue

  • The ipacm daemon will periodically update the timeout of the conntrack that it has recorded.
  • This action is used to prevent the conntrack from being removed because the Linux kernel is unaware of the traffic that go through IPA directly.

Solution

  • To resolve this race condition, the timeout of conntrack must be updated only when its state is ESTABLISHED.
  • And we found there are some fixes for this issue in qcom-opensource repositories.
    (The ipanat library has been separated into another repository in newer versions)
  • dataipa, data-ipa-cfg-mgr
  • The patch used to solve this problem is located at the ~/mojito-sdk/trunk/buildroot/external/package/SdxPkgs/meta-qti-data/data-ipa-cfg-mgr/LE.UM.4.4.2.r1-02200-SDX55/0006-check-redirect-flag-for-nat-entry.patch, which combines the above two fixes from qcom opensource repository.