From 6c3899e6eea8d6c460625b2c41d4e5cc17d3201d Mon Sep 17 00:00:00 2001
From: James Tucker <james@tailscale.com>
Date: Fri, 16 Feb 2024 14:36:20 -0800
Subject: [PATCH] logpolicy: allow longer idle log upload connections

From a packet trace we have seen log connections being closed
prematurely by the client, resulting in unnecessary extra TLS setup
traffic.

Updates #3363
Updates tailscale/corp#9230
Updates tailscale/corp#8564

Signed-off-by: James Tucker <james@tailscale.com>
---
 logpolicy/logpolicy.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/logpolicy/logpolicy.go b/logpolicy/logpolicy.go
index 75885d8e0..2f2f48131 100644
--- a/logpolicy/logpolicy.go
+++ b/logpolicy/logpolicy.go
@@ -769,6 +769,11 @@ func NewLogtailTransport(host string, netMon *netmon.Monitor, logf logger.Logf)
 	}
 	tr.DialContext = MakeDialFunc(netMon, logf)
 
+	// We're uploading logs ideally infrequently, with specific timing that will
+	// change over time. Try to keep the connection open, to avoid repeatedly
+	// paying the cost of TLS setup.
+	tr.IdleConnTimeout = time.Hour
+
 	// We're contacting exactly 1 hostname, so the default's 100
 	// max idle conns is very high for our needs. Even 2 is
 	// probably double what we need: