SlideShare a Scribd company logo
1 of 59
Download to read offline
Beyond TCP: The evolution of
Internet transport protocols
Olivier Bonaventure
UCL
http://inl.info.ucl.ac.be
CNSM'15, November10th, 2015
Agenda
• Internet transport protocols
– TCP
– SCTP
• Multipath TCP
– Basic principles
– Use cases
• What's next ?
– QUIC
The origins of TCP
Source : http://spectrum.ieee.org/computing/software/the-strange-birth-and-long-life-of-unix
The Unix pipe model
echo wc
1234 abbsbbbs
The TCP bytestream model
Client Server
ABCDEF...111232
0988989 ... XYZZ
IP:1.2.3.4 IP:4.5.6.7
TCP
More than 30 years old!
Congestion collapse
JACOBSON, V. Congestion avoidance and control. In Proceedings of SIGCOMM ’88 (Stanford,
CA, Aug. 1988), ACM.
Performance issues
• TCP considered to be too complex by many
– Software implementation cannot cope with
increasing network bandwidth
• For high performance, transport should be
implemented in hardware
– Transputers
– Simpler transport protocols
More limitations of TCP
• Issues with the TCP pipe model
– Only supports a single bytestream
• Some applications need several streams with priorities
– No support for messages
– Connections are attached to one IP address on
client and one IP address on server
• No failover even if hosts have multiple interfaces
• No support for mobility
• No load balancing for multihomed hosts
SCTP : An alternative to TCP
SCTP in two slides
• Modern transport protocol
– Cleaner connection establishment
• Four-way handshake to counter SYN flooding attacks
– Cleaner protocol
• Flexible TLV packet format that is easy to extend
• Selective acknowledgements from the start
– Richer semantics
• Messages, multiple streams, unreliable delivery
• Advanced API to replace socket API
– Failover support
• Connection can move from one IP address to another one
SCTP connection establishment
INIT,Itag=1234
INIT-ACK,cookie,ITag=5678
COOKIE-Echo,Vtag=5678, cookie
COOKIE-ACK,Vtag=1234
Encrypt state in cookie,
Does not store it
Decrypts cookie,
Recover info to create state
What went wrong with SCTP ?
• Replacing a transport protocol
Physical
Datalink
Network
TCP
Application
SCTP
Applications must be
rewritten with new API
IP protocol=132
For SCTP packets
Deploying SCTP
• Applications developers will invest in SCTP as
soon as SCTP is implemented on
– Clients
– Servers
The Internet architecture
that we explain to our students
Physical
Datalink
Network
Transport
Application
O. Bonaventure, Computer networking : Principles, Protocols and Practice, open ebook, http://inl.info.ucl.ac.be/cnp3
Physical
Physical
Datalink
Physical
Datalink
Network
In reality
– almost as many middleboxes as routers
– various types of middleboxes are deployed
Sherry, Justine, et al. "Making middleboxes someone else's problem: Network processing as a cloud service."
Proceedings of the ACM SIGCOMM 2012 conference. ACM, 2012.
Internet devices according to Cisco
http://www.cisco.com/web/about/ac50/ac47/2.html
Web Security
Appliance
NAC Appliance
ACE XML
Gateway
Streamer
VPN Concentrator
SSL
Terminator
Cisco IOS Firewall
IP Telephony
Router
PIX Firewall
Right and Left
Voice
GatewayVVVV
Content
Engine
NAT
Middleboxes in the architecture
• In the official architecture, they do not exist
• In reality...
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
TCP
Physical
Datalink
Network
Transport
Application
TCP segments processed by a router
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
IP
TCP
TCP segments processed by a NAT
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
© O. Bonaventure, 2011
How transparent is the Internet ?
• 25th September 2010
to 30th April 2011
• 142 access networks
• 24 countries
• Sent specific TCP
segments from client
to a server in Japan
Honda, Michio, et al. "Is it still possible to extend TCP?" Proceedings of the 2011 ACM
SIGCOMM conference on Internet measurement conference. ACM, 2011.
End-to-end transparency today
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
Middleboxes don't change
the Protocol field, but
some discard packets with a
Protocol field different than
TCP or UDP
Agenda
• Internet transport protocols
– TCP
– SCTP
• Multipath TCP
– Basic principles
– Use cases
• What's next ?
– QUIC
Multipath TCP
• How can we efficiently use the multiple
interfaces that are available on today's hosts?
Design objectives
• Multipath TCP is an evolution of TCP
• Design objectives
– Support unmodified applications
– Work over today’s networks (IPv4 and IPv6)
– Works in all networks where regular TCP works
The Multipath TCP bytestream model
29
Client Server
ABCDEF...111232
0988989 ... XYZZ
IP:1.2.3.4
IP:4.5.6.7
IP:2.3.4.5 IP:6.7.8.9
BCD A
The Multipath TCP protocol
• Control plane
– How to manage a Multipath TCP connection that
uses several paths ?
• Data plane
– How to transport data ?
• Congestion control
– How to control congestion over multiple paths ?
A naïve Multipath TCP
SYN+ACK+Option
ACK
seq=123, "abc"
seq=126, "def"
SYN+Option
A naïve Multipath TCP
In today's Internet ?
SYN+Option
SYN+ACK+Option
ACK
seq=123, "abc"
seq=126, "def"
There is no
corresponding
TCP connection
Design decision
– A Multipath TCP connection is composed of one or
more regular TCP subflows that are combined
• Each host maintains state that glues the TCP subflows
that compose a Multipath TCP connection together
• Each TCP subflow is sent over a single path and appears
like a regular TCP connection along this path
Multipath TCP and the architecture
Physical
Datalink
Network
Transport
Application Multipath TCP
TCP1
socket
TCP2 TCPn...
Application
A. Ford, C. Raiciu, M. Handley, S. Barre, and J. Iyengar, “Architectural guidelines for multipath TCP
development", RFC6182 2011.
No modification
to ease deployment
Multiple subflows
to cope with
middleboxes
A regular TCP connection
• What is a regular TCP connection ?
– It starts with a three-way handshake
• SYN segments may contain special options
– All data segments are sent in sequence
• There is no gap in the sequence numbers
– It is terminated by using FIN or RST
Multipath TCP
SYN+Option
SYN+ACK+Option
ACK
SYN+OtherOption
SYN+ACK+OtherOption
ACK
How to combine two TCP subflows ?
SYN+Option
SYN+ACK+Option
ACK
SYN+OtherOption
SYN+ACK+OtherOption
ACK
How to link with
blue subflow ?
TCP 101
Identification of a TCP connection
Four tuple
– IPsource
– IPdest
– Portsource
– Portdest
All TCP segments
contain the four
tuple
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
IP
TCP
How to link TCP subflows ?
SYN, Portsrc=1234,Portdst=80+Option
SYN+ACK[...]
ACK
SYN, Portsrc=1235,Portdst=80
+Option[link Portsrc=1234,Portdst=80]
A NAT could change
addresses and
port numbers
How to link TCP subflows ?
SYN, Portsrc=1234,Portdst=80
+Option[Token=5678]
SYN+ACK+Option[Token=6543]
ACK
SYN, Portsrc=1235,Portdst=80
+Option[Token=6543]
MyToken=5678
YourToken=6543
MyToken=6543
YourToken=5678
TCP subflows in practice
• Multipath TCP supports subflow agility
– Client/server can add subflows at any time
– Client/server can remove subflows at any time
The Multipath TCP protocol
• Control plane
– How to manage a Multipath TCP connection that
uses several paths ?
• Data plane
– How to transport data ?
• Congestion control
– How to control congestion over multiple paths ?
How to transfer data ?
seq=123,"a"
seq=124,"b"
seq=125,"c"
seq=126,"d"
ack=124
ack=126
ack=125
ack=127
How to transfer data
in today's Internet ?
seq=123,"a"
seq=124,"b"
seq=125,"c"
ack=124
ack=126
ack=125
Gap in sequence numbering space
Some DPI will not allow this !
Multipath TCP Data transfer
• Two levels of sequence numbers
Multipath TCP
TCP1
socket
TCP2
Multipath TCP
TCP1
socket
TCP2
ABCDEF
Data sequence #
TCP1 sequence #
TCP2 sequence #
Multipath TCP
Data transfer
Dseq=0,seq=123,"a"
DSeq=1, seq=456,"b"
DSeq=2, seq=124,"c"
DAck=1,ack=124
DAck=3, ack=125
DAck=2,ack=457
Multipath TCP
How to deal with losses ?
• Data losses over one TCP subflow
– Fast retransmit and timeout as in regular TCP
Dseq=0,seq=123,"a"
DAck=1,ack=12
4Dseq=0,seq=123,"a"
DAck=1,ack=124
Multipath TCP
• What happens when a TCP subflow fails ?
Dseq=0,seq=123,"a"
DSeq=1, seq=456,"b"
DAck=0,ack=457
Dseq=0,seq=457,"a"
DAck=2,ack=458
The Multipath TCP protocol
• Control plane
– How to manage a Multipath TCP connection that uses
several paths ?
• Data plane
– How to transport data ?
• Congestion control
– How to control congestion over multiple paths ?
– Congestion windows on subflows MUST be coupled to
ensure that TCP remains fair with regular TCP
Multipath TCP use cases
The beast
Multipath TCP use cases
Low latency for Siri
• Long-lived TLS connections
WiFi
3G/LTE
Voice samples
Voice samples
Multipath TCP use cases
High bandwidth on smartphones
• Koreans want 800+ Mbps on smartphones
WiFi
4G/LTE
Multipath TCP Regular TCP
SOCKS
Faster broadband networks ?
Multipath TCP use cases
Hybrid Access Networks
DSL
4G/LTE
Multipath TCP Regular TCP
Hybrid Access
Gateway
TCP
TCP
Agenda
• Internet transport protocols
– TCP
– SCTP
• Multipath TCP
– Basic principles
– Use cases
• What's next ?
– QUIC
Issues with the current stack
Physical
Datalink
IPv4/IPv6
TCP
HTTP1.1
ASCII difficult to
parse, no priority
Unsecure
Wait for three way
handshake before
data transfer
Physical
Datalink
IPv4/IPv6
TCP
HTTP/2
TLS
Secure,
But adds more delay
Physical
Datalink
IPv4/IPv6
UDP
QUICFirst bytes
After 2 RTTs
First bytes
After 3-4 RTTs First bytes
After 0 RTT
QUIC in a nutshell
• First connection attempt
CHLO [SNI, VER]
CHLO[Token, Crypto info]
ServerName and Version
Rejected
REJ[Config, Token, Certificate]
DATA[Encrypted]
SHLO[Config, Token, Certificate]
DATA[Encrypted]
QUIC features
• Congestion control
– Leverages TCP's long history (CUBIC)
• Retransmissions
– Better than with regular TCP
– Each segment has a different seqnum
• Avoids retransmission ambiguities
• Selective acknowledgements
– Cleaner than in TCP
QUIC usage at google
QUIC handshakes fail when RTTs are greater than 2.5 seconds or
when UDP is blocked
Source : J. Iyengar, QUIC Overview, IETF93, July 2015, Prague
Why running QUIC over UDP ?
• Simplest transport protocol
– Supported correctly by all operating systems
– Supported correctly by all middleboxes
• Application can entirely control everything
– Same version of QUIC runs on all platforms
– QUIC can be upgraded as frequently as the application
– Application developer does not need to coordinate
with IETF or anyone
How to cope with middleboxes ?
• Very few middleboxes interfere with UDP
– Some middleboxes drop UDP segments
• Applications will detect and fallback to TCP
– Some middleboxes rate limit UDP
• Applications will detect and fallback to TCP
• What about middleboxes optimising QUIC/UDP
– Nightmare for google
– Everything in QUIC (payload and headers) is
encrypted
Internet transport layer
• Still lots of innovation for an old layer…
– TCP extensions
• Initial window, TCP Fast Open, …
– Multipath TCP is getting deployed
• RFC6824 was published in January 2013
– But Middleboxes have ossified the Internet
• Other protocols
– QUIC
• Pushed by google for web applications
– TCPINC
• Support encryption inside transport layer
– TLS 1.3
• Faster handshake and lower delays

More Related Content

What's hot

Part 8 : TCP and Congestion control
Part 8 : TCP and Congestion controlPart 8 : TCP and Congestion control
Part 8 : TCP and Congestion controlOlivier Bonaventure
 
IPv6 Segment Routing : an end-to-end solution ?
IPv6 Segment Routing : an end-to-end solution ?IPv6 Segment Routing : an end-to-end solution ?
IPv6 Segment Routing : an end-to-end solution ?Olivier Bonaventure
 
Computer Networking : Principles, Protocols and Practice - lesson 1
Computer Networking : Principles, Protocols and Practice - lesson 1Computer Networking : Principles, Protocols and Practice - lesson 1
Computer Networking : Principles, Protocols and Practice - lesson 1Olivier Bonaventure
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThomas Graf
 
Technical Overview of QUIC
Technical  Overview of QUICTechnical  Overview of QUIC
Technical Overview of QUICshigeki_ohtsu
 
Part 5 : Sharing resources, security principles and protocols
Part 5 : Sharing resources, security principles and protocolsPart 5 : Sharing resources, security principles and protocols
Part 5 : Sharing resources, security principles and protocolsOlivier Bonaventure
 
Surviving The Stump The Chump Interview Questions
Surviving The Stump The Chump Interview QuestionsSurviving The Stump The Chump Interview Questions
Surviving The Stump The Chump Interview QuestionsDuane Bodle
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATThomas Graf
 

What's hot (20)

9 ipv6-routing
9 ipv6-routing9 ipv6-routing
9 ipv6-routing
 
Part 8 : TCP and Congestion control
Part 8 : TCP and Congestion controlPart 8 : TCP and Congestion control
Part 8 : TCP and Congestion control
 
Part 1 : reliable transmission
Part 1 : reliable transmissionPart 1 : reliable transmission
Part 1 : reliable transmission
 
TCPLS presentation @ietf 109
TCPLS presentation @ietf 109TCPLS presentation @ietf 109
TCPLS presentation @ietf 109
 
6 app-tcp
6 app-tcp6 app-tcp
6 app-tcp
 
IPv6 Segment Routing : an end-to-end solution ?
IPv6 Segment Routing : an end-to-end solution ?IPv6 Segment Routing : an end-to-end solution ?
IPv6 Segment Routing : an end-to-end solution ?
 
5 sharing-app
5 sharing-app5 sharing-app
5 sharing-app
 
4 transport-sharing
4 transport-sharing4 transport-sharing
4 transport-sharing
 
7 tcp-congestion
7 tcp-congestion7 tcp-congestion
7 tcp-congestion
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifi
 
Multipath TCP & practical usage
Multipath TCP & practical usageMultipath TCP & practical usage
Multipath TCP & practical usage
 
Part 7 : HTTP/2, UDP and TCP
Part 7 : HTTP/2, UDP and TCPPart 7 : HTTP/2, UDP and TCP
Part 7 : HTTP/2, UDP and TCP
 
Computer Networking : Principles, Protocols and Practice - lesson 1
Computer Networking : Principles, Protocols and Practice - lesson 1Computer Networking : Principles, Protocols and Practice - lesson 1
Computer Networking : Principles, Protocols and Practice - lesson 1
 
0-RTT TCP converters
0-RTT TCP converters0-RTT TCP converters
0-RTT TCP converters
 
10 routing-bgp
10 routing-bgp10 routing-bgp
10 routing-bgp
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
 
Technical Overview of QUIC
Technical  Overview of QUICTechnical  Overview of QUIC
Technical Overview of QUIC
 
Part 5 : Sharing resources, security principles and protocols
Part 5 : Sharing resources, security principles and protocolsPart 5 : Sharing resources, security principles and protocols
Part 5 : Sharing resources, security principles and protocols
 
Surviving The Stump The Chump Interview Questions
Surviving The Stump The Chump Interview QuestionsSurviving The Stump The Chump Interview Questions
Surviving The Stump The Chump Interview Questions
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NAT
 

Similar to Beyond TCP: The evolution of Internet transport protocols

Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layersOlivier Bonaventure
 
Primer to Browser Netwroking
Primer to Browser NetwrokingPrimer to Browser Netwroking
Primer to Browser NetwrokingShuya Osaki
 
Master Class : TCP/IP Mechanics from Scratch to Expert
Master Class : TCP/IP Mechanics from Scratch to ExpertMaster Class : TCP/IP Mechanics from Scratch to Expert
Master Class : TCP/IP Mechanics from Scratch to ExpertAbhishek Sagar
 
Comptia Security + Chapter 1 501
Comptia Security           + Chapter 1 501Comptia Security           + Chapter 1 501
Comptia Security + Chapter 1 501AbdulalimBhnsawy
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9Waqas Ahmed Nawaz
 
Get into Networking by Clearing Comptia Network+ Test
Get into Networking by Clearing Comptia Network+ TestGet into Networking by Clearing Comptia Network+ Test
Get into Networking by Clearing Comptia Network+ Testcertblaster
 
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2Adam Dunkels
 
Networking essentials lect3
Networking essentials lect3Networking essentials lect3
Networking essentials lect3Roman Brovko
 
Chapter 3 - Transport Layer for VN Students
Chapter 3 - Transport Layer for VN StudentsChapter 3 - Transport Layer for VN Students
Chapter 3 - Transport Layer for VN Studentsalberttochiro
 
Transport layer
Transport layer   Transport layer
Transport layer AnusuaBasu
 
Final networks lab manual
Final networks lab manualFinal networks lab manual
Final networks lab manualJaya Prasanna
 
02 coms 525 tcpip - introduction to tcpip
02   coms 525 tcpip -  introduction to tcpip02   coms 525 tcpip -  introduction to tcpip
02 coms 525 tcpip - introduction to tcpipPalanivel Kuppusamy
 
Datacom_Section_2_-_Protocols.ppt
Datacom_Section_2_-_Protocols.pptDatacom_Section_2_-_Protocols.ppt
Datacom_Section_2_-_Protocols.pptKristopher Hefner
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)Jeff Green
 
CCNA v6.0 ITN - Chapter 09
CCNA v6.0 ITN - Chapter 09CCNA v6.0 ITN - Chapter 09
CCNA v6.0 ITN - Chapter 09Irsandi Hasan
 

Similar to Beyond TCP: The evolution of Internet transport protocols (20)

Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layers
 
Primer to Browser Netwroking
Primer to Browser NetwrokingPrimer to Browser Netwroking
Primer to Browser Netwroking
 
Master Class : TCP/IP Mechanics from Scratch to Expert
Master Class : TCP/IP Mechanics from Scratch to ExpertMaster Class : TCP/IP Mechanics from Scratch to Expert
Master Class : TCP/IP Mechanics from Scratch to Expert
 
Comptia Security + Chapter 1 501
Comptia Security           + Chapter 1 501Comptia Security           + Chapter 1 501
Comptia Security + Chapter 1 501
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 9
 
Get into Networking by Clearing Comptia Network+ Test
Get into Networking by Clearing Comptia Network+ TestGet into Networking by Clearing Comptia Network+ Test
Get into Networking by Clearing Comptia Network+ Test
 
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
 
Networking essentials lect3
Networking essentials lect3Networking essentials lect3
Networking essentials lect3
 
Lecture set 7
Lecture set 7Lecture set 7
Lecture set 7
 
Chapter 3 - Transport Layer for VN Students
Chapter 3 - Transport Layer for VN StudentsChapter 3 - Transport Layer for VN Students
Chapter 3 - Transport Layer for VN Students
 
Transport layer
Transport layer   Transport layer
Transport layer
 
User Datagram Protocol
User Datagram ProtocolUser Datagram Protocol
User Datagram Protocol
 
Final networks lab manual
Final networks lab manualFinal networks lab manual
Final networks lab manual
 
02 coms 525 tcpip - introduction to tcpip
02   coms 525 tcpip -  introduction to tcpip02   coms 525 tcpip -  introduction to tcpip
02 coms 525 tcpip - introduction to tcpip
 
Module 1 slides
Module 1 slidesModule 1 slides
Module 1 slides
 
Datacom_Section_2_-_Protocols.ppt
Datacom_Section_2_-_Protocols.pptDatacom_Section_2_-_Protocols.ppt
Datacom_Section_2_-_Protocols.ppt
 
computerNetworkSecurity.ppt
computerNetworkSecurity.pptcomputerNetworkSecurity.ppt
computerNetworkSecurity.ppt
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IP
 
CCNA v6.0 ITN - Chapter 09
CCNA v6.0 ITN - Chapter 09CCNA v6.0 ITN - Chapter 09
CCNA v6.0 ITN - Chapter 09
 

More from Olivier Bonaventure

A personal journey towards more reproducible networking research
A personal journey towards more reproducible networking researchA personal journey towards more reproducible networking research
A personal journey towards more reproducible networking researchOlivier Bonaventure
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPOlivier Bonaventure
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPOlivier Bonaventure
 

More from Olivier Bonaventure (20)

Part3-reliable.pptx
Part3-reliable.pptxPart3-reliable.pptx
Part3-reliable.pptx
 
Part10-router.pptx
Part10-router.pptxPart10-router.pptx
Part10-router.pptx
 
Part1-Intro-Apps.pptx
Part1-Intro-Apps.pptxPart1-Intro-Apps.pptx
Part1-Intro-Apps.pptx
 
Part9-congestion.pptx
Part9-congestion.pptxPart9-congestion.pptx
Part9-congestion.pptx
 
Part2-Apps-Security.pptx
Part2-Apps-Security.pptxPart2-Apps-Security.pptx
Part2-Apps-Security.pptx
 
Part11-lan.pptx
Part11-lan.pptxPart11-lan.pptx
Part11-lan.pptx
 
Part5-tcp-improvements.pptx
Part5-tcp-improvements.pptxPart5-tcp-improvements.pptx
Part5-tcp-improvements.pptx
 
Part8-ibgp.pptx
Part8-ibgp.pptxPart8-ibgp.pptx
Part8-ibgp.pptx
 
Part4-reliable-tcp.pptx
Part4-reliable-tcp.pptxPart4-reliable-tcp.pptx
Part4-reliable-tcp.pptx
 
Part7-routing.pptx
Part7-routing.pptxPart7-routing.pptx
Part7-routing.pptx
 
Part6-network-routing.pptx
Part6-network-routing.pptxPart6-network-routing.pptx
Part6-network-routing.pptx
 
Part1-Intro-Apps.pptx
Part1-Intro-Apps.pptxPart1-Intro-Apps.pptx
Part1-Intro-Apps.pptx
 
Part2-Apps-Security.pptx
Part2-Apps-Security.pptxPart2-Apps-Security.pptx
Part2-Apps-Security.pptx
 
Part4-reliable-tcp.pptx
Part4-reliable-tcp.pptxPart4-reliable-tcp.pptx
Part4-reliable-tcp.pptx
 
Part3-reliable.pptx
Part3-reliable.pptxPart3-reliable.pptx
Part3-reliable.pptx
 
A personal journey towards more reproducible networking research
A personal journey towards more reproducible networking researchA personal journey towards more reproducible networking research
A personal journey towards more reproducible networking research
 
Part 12 : Local Area Networks
Part 12 : Local Area Networks Part 12 : Local Area Networks
Part 12 : Local Area Networks
 
Part 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGPPart 11 : Interdomain routing with BGP
Part 11 : Interdomain routing with BGP
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGP
 
Part 6 : Internet applications
Part 6 : Internet applicationsPart 6 : Internet applications
Part 6 : Internet applications
 

Recently uploaded

Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 

Recently uploaded (20)

Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 

Beyond TCP: The evolution of Internet transport protocols

  • 1. Beyond TCP: The evolution of Internet transport protocols Olivier Bonaventure UCL http://inl.info.ucl.ac.be CNSM'15, November10th, 2015
  • 2. Agenda • Internet transport protocols – TCP – SCTP • Multipath TCP – Basic principles – Use cases • What's next ? – QUIC
  • 3. The origins of TCP Source : http://spectrum.ieee.org/computing/software/the-strange-birth-and-long-life-of-unix
  • 4. The Unix pipe model echo wc 1234 abbsbbbs
  • 5. The TCP bytestream model Client Server ABCDEF...111232 0988989 ... XYZZ IP:1.2.3.4 IP:4.5.6.7
  • 6. TCP More than 30 years old!
  • 7. Congestion collapse JACOBSON, V. Congestion avoidance and control. In Proceedings of SIGCOMM ’88 (Stanford, CA, Aug. 1988), ACM.
  • 8. Performance issues • TCP considered to be too complex by many – Software implementation cannot cope with increasing network bandwidth • For high performance, transport should be implemented in hardware – Transputers – Simpler transport protocols
  • 9. More limitations of TCP • Issues with the TCP pipe model – Only supports a single bytestream • Some applications need several streams with priorities – No support for messages – Connections are attached to one IP address on client and one IP address on server • No failover even if hosts have multiple interfaces • No support for mobility • No load balancing for multihomed hosts
  • 10. SCTP : An alternative to TCP
  • 11. SCTP in two slides • Modern transport protocol – Cleaner connection establishment • Four-way handshake to counter SYN flooding attacks – Cleaner protocol • Flexible TLV packet format that is easy to extend • Selective acknowledgements from the start – Richer semantics • Messages, multiple streams, unreliable delivery • Advanced API to replace socket API – Failover support • Connection can move from one IP address to another one
  • 12. SCTP connection establishment INIT,Itag=1234 INIT-ACK,cookie,ITag=5678 COOKIE-Echo,Vtag=5678, cookie COOKIE-ACK,Vtag=1234 Encrypt state in cookie, Does not store it Decrypts cookie, Recover info to create state
  • 13. What went wrong with SCTP ? • Replacing a transport protocol Physical Datalink Network TCP Application SCTP Applications must be rewritten with new API IP protocol=132 For SCTP packets
  • 14. Deploying SCTP • Applications developers will invest in SCTP as soon as SCTP is implemented on – Clients – Servers
  • 15. The Internet architecture that we explain to our students Physical Datalink Network Transport Application O. Bonaventure, Computer networking : Principles, Protocols and Practice, open ebook, http://inl.info.ucl.ac.be/cnp3 Physical Physical Datalink Physical Datalink Network
  • 16. In reality – almost as many middleboxes as routers – various types of middleboxes are deployed Sherry, Justine, et al. "Making middleboxes someone else's problem: Network processing as a cloud service." Proceedings of the ACM SIGCOMM 2012 conference. ACM, 2012.
  • 17. Internet devices according to Cisco http://www.cisco.com/web/about/ac50/ac47/2.html Web Security Appliance NAC Appliance ACE XML Gateway Streamer VPN Concentrator SSL Terminator Cisco IOS Firewall IP Telephony Router PIX Firewall Right and Left Voice GatewayVVVV Content Engine NAT
  • 18. Middleboxes in the architecture • In the official architecture, they do not exist • In reality... Physical Datalink Network Transport Application Physical Datalink Network Transport Application Physical Datalink Network TCP Physical Datalink Network Transport Application
  • 19. TCP segments processed by a router Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options IP TCP
  • 20. TCP segments processed by a NAT Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options
  • 21. © O. Bonaventure, 2011 How transparent is the Internet ? • 25th September 2010 to 30th April 2011 • 142 access networks • 24 countries • Sent specific TCP segments from client to a server in Japan Honda, Michio, et al. "Is it still possible to extend TCP?" Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference. ACM, 2011.
  • 22. End-to-end transparency today Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options Middleboxes don't change the Protocol field, but some discard packets with a Protocol field different than TCP or UDP
  • 23. Agenda • Internet transport protocols – TCP – SCTP • Multipath TCP – Basic principles – Use cases • What's next ? – QUIC
  • 24. Multipath TCP • How can we efficiently use the multiple interfaces that are available on today's hosts?
  • 25. Design objectives • Multipath TCP is an evolution of TCP • Design objectives – Support unmodified applications – Work over today’s networks (IPv4 and IPv6) – Works in all networks where regular TCP works
  • 26. The Multipath TCP bytestream model 29 Client Server ABCDEF...111232 0988989 ... XYZZ IP:1.2.3.4 IP:4.5.6.7 IP:2.3.4.5 IP:6.7.8.9 BCD A
  • 27. The Multipath TCP protocol • Control plane – How to manage a Multipath TCP connection that uses several paths ? • Data plane – How to transport data ? • Congestion control – How to control congestion over multiple paths ?
  • 28. A naïve Multipath TCP SYN+ACK+Option ACK seq=123, "abc" seq=126, "def" SYN+Option
  • 29. A naïve Multipath TCP In today's Internet ? SYN+Option SYN+ACK+Option ACK seq=123, "abc" seq=126, "def" There is no corresponding TCP connection
  • 30. Design decision – A Multipath TCP connection is composed of one or more regular TCP subflows that are combined • Each host maintains state that glues the TCP subflows that compose a Multipath TCP connection together • Each TCP subflow is sent over a single path and appears like a regular TCP connection along this path
  • 31. Multipath TCP and the architecture Physical Datalink Network Transport Application Multipath TCP TCP1 socket TCP2 TCPn... Application A. Ford, C. Raiciu, M. Handley, S. Barre, and J. Iyengar, “Architectural guidelines for multipath TCP development", RFC6182 2011. No modification to ease deployment Multiple subflows to cope with middleboxes
  • 32. A regular TCP connection • What is a regular TCP connection ? – It starts with a three-way handshake • SYN segments may contain special options – All data segments are sent in sequence • There is no gap in the sequence numbers – It is terminated by using FIN or RST
  • 34. How to combine two TCP subflows ? SYN+Option SYN+ACK+Option ACK SYN+OtherOption SYN+ACK+OtherOption ACK How to link with blue subflow ?
  • 35. TCP 101 Identification of a TCP connection Four tuple – IPsource – IPdest – Portsource – Portdest All TCP segments contain the four tuple Source port Destination port Checksum Urgent pointer THL Reserved Flags Acknowledgment number Sequence number Window Ver IHL ToS Total length ChecksumTTL Protocol Flags Frag. Offset Source IP address Identification Destination IP address Payload Options IP TCP
  • 36. How to link TCP subflows ? SYN, Portsrc=1234,Portdst=80+Option SYN+ACK[...] ACK SYN, Portsrc=1235,Portdst=80 +Option[link Portsrc=1234,Portdst=80] A NAT could change addresses and port numbers
  • 37. How to link TCP subflows ? SYN, Portsrc=1234,Portdst=80 +Option[Token=5678] SYN+ACK+Option[Token=6543] ACK SYN, Portsrc=1235,Portdst=80 +Option[Token=6543] MyToken=5678 YourToken=6543 MyToken=6543 YourToken=5678
  • 38. TCP subflows in practice • Multipath TCP supports subflow agility – Client/server can add subflows at any time – Client/server can remove subflows at any time
  • 39. The Multipath TCP protocol • Control plane – How to manage a Multipath TCP connection that uses several paths ? • Data plane – How to transport data ? • Congestion control – How to control congestion over multiple paths ?
  • 40. How to transfer data ? seq=123,"a" seq=124,"b" seq=125,"c" seq=126,"d" ack=124 ack=126 ack=125 ack=127
  • 41. How to transfer data in today's Internet ? seq=123,"a" seq=124,"b" seq=125,"c" ack=124 ack=126 ack=125 Gap in sequence numbering space Some DPI will not allow this !
  • 42. Multipath TCP Data transfer • Two levels of sequence numbers Multipath TCP TCP1 socket TCP2 Multipath TCP TCP1 socket TCP2 ABCDEF Data sequence # TCP1 sequence # TCP2 sequence #
  • 43. Multipath TCP Data transfer Dseq=0,seq=123,"a" DSeq=1, seq=456,"b" DSeq=2, seq=124,"c" DAck=1,ack=124 DAck=3, ack=125 DAck=2,ack=457
  • 44. Multipath TCP How to deal with losses ? • Data losses over one TCP subflow – Fast retransmit and timeout as in regular TCP Dseq=0,seq=123,"a" DAck=1,ack=12 4Dseq=0,seq=123,"a" DAck=1,ack=124
  • 45. Multipath TCP • What happens when a TCP subflow fails ? Dseq=0,seq=123,"a" DSeq=1, seq=456,"b" DAck=0,ack=457 Dseq=0,seq=457,"a" DAck=2,ack=458
  • 46. The Multipath TCP protocol • Control plane – How to manage a Multipath TCP connection that uses several paths ? • Data plane – How to transport data ? • Congestion control – How to control congestion over multiple paths ? – Congestion windows on subflows MUST be coupled to ensure that TCP remains fair with regular TCP
  • 47. Multipath TCP use cases The beast
  • 48. Multipath TCP use cases Low latency for Siri • Long-lived TLS connections WiFi 3G/LTE Voice samples Voice samples
  • 49. Multipath TCP use cases High bandwidth on smartphones • Koreans want 800+ Mbps on smartphones WiFi 4G/LTE Multipath TCP Regular TCP SOCKS
  • 51. Multipath TCP use cases Hybrid Access Networks DSL 4G/LTE Multipath TCP Regular TCP Hybrid Access Gateway TCP TCP
  • 52. Agenda • Internet transport protocols – TCP – SCTP • Multipath TCP – Basic principles – Use cases • What's next ? – QUIC
  • 53. Issues with the current stack Physical Datalink IPv4/IPv6 TCP HTTP1.1 ASCII difficult to parse, no priority Unsecure Wait for three way handshake before data transfer Physical Datalink IPv4/IPv6 TCP HTTP/2 TLS Secure, But adds more delay Physical Datalink IPv4/IPv6 UDP QUICFirst bytes After 2 RTTs First bytes After 3-4 RTTs First bytes After 0 RTT
  • 54. QUIC in a nutshell • First connection attempt CHLO [SNI, VER] CHLO[Token, Crypto info] ServerName and Version Rejected REJ[Config, Token, Certificate] DATA[Encrypted] SHLO[Config, Token, Certificate] DATA[Encrypted]
  • 55. QUIC features • Congestion control – Leverages TCP's long history (CUBIC) • Retransmissions – Better than with regular TCP – Each segment has a different seqnum • Avoids retransmission ambiguities • Selective acknowledgements – Cleaner than in TCP
  • 56. QUIC usage at google QUIC handshakes fail when RTTs are greater than 2.5 seconds or when UDP is blocked Source : J. Iyengar, QUIC Overview, IETF93, July 2015, Prague
  • 57. Why running QUIC over UDP ? • Simplest transport protocol – Supported correctly by all operating systems – Supported correctly by all middleboxes • Application can entirely control everything – Same version of QUIC runs on all platforms – QUIC can be upgraded as frequently as the application – Application developer does not need to coordinate with IETF or anyone
  • 58. How to cope with middleboxes ? • Very few middleboxes interfere with UDP – Some middleboxes drop UDP segments • Applications will detect and fallback to TCP – Some middleboxes rate limit UDP • Applications will detect and fallback to TCP • What about middleboxes optimising QUIC/UDP – Nightmare for google – Everything in QUIC (payload and headers) is encrypted
  • 59. Internet transport layer • Still lots of innovation for an old layer… – TCP extensions • Initial window, TCP Fast Open, … – Multipath TCP is getting deployed • RFC6824 was published in January 2013 – But Middleboxes have ossified the Internet • Other protocols – QUIC • Pushed by google for web applications – TCPINC • Support encryption inside transport layer – TLS 1.3 • Faster handshake and lower delays

Editor's Notes

  1. Mention coverage, performance, range, etc.
  2. c
  3. arrive fort tard