Tunnelling Through Inner Space Bob Briscoe Jan 2015 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through.

Slides:



Advertisements
Similar presentations
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
Advertisements

Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.
REVEALING MIDDLEBOXES INTERFERENCE WITH TRACEBOX Gregory Detal*, Benjamin Hesmans*, Olivier Bonaventure*, Yves Vanaubel° and Benoit Donnet°. *Université.
A Test To Allow TCP Senders to Identify Receiver Non-Compliance Toby Moncaster †, Bob Briscoe*, Arnaud Jacquet* † University of Cambridge * BT draft-moncaster-tcpm-rcv-cheat-03.
Inner Space Bob Briscoe Nov 2014 draft-briscoe-tcpm-inner-space-01 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
CS 471/571 Transport Layer 5 Slides from Kurose and Ross.
CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Computer Networks 2 Lecture 2 TCP – I - Transport Protocols: TCP Segments, Flow control and Connection Setup.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Chapter 3: Transport Layer
Midterm Reports of MPTCP-Related Middlebox Behavior Michio Honda, Keio University Yoshifumi Nishida, Dyyno.Inc / WIDE project Costin Raiciu, UCL Mark Handley,
EEC-484/584 Computer Networks Lecture 13 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Design and Implementation of a Server Director Project for the LCCN Lab at the Technion.
Some slides are in courtesy of J. Kurose and K. Ross Review of Previous Lecture Electronic Mail: SMTP, POP3, IMAP DNS Socket programming with TCP.
3-1 Transport services and protocols r provide logical communication between app processes running on different hosts r transport protocols run in end.
8-1 Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable data transfer m flow.
Gursharan Singh Tatla Transport Layer 16-May
Lecture 8 Modeling & Simulation of Communication Networks.
Inner Space Bob Briscoe Oct 2014 draft-briscoe-tcpm-inner-space-01.
Midterm Review - Network Layers. Computer 1Computer 2 2.
1 Guidelines for Adding Congestion Notification to Protocols that Encapsulate IP draft-ietf-tsvwg-ecn-encap-guidelines-01 Bob Briscoe, BT John Kaippallimalil,
Transport Layer 3-1 Chapter 3 Transport Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All.
3: Transport Layer3b-1 TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581 r full duplex data: m bi-directional data flow in same connection m MSS: maximum.
2: Transport Layer 21 Transport Layer 2. 2: Transport Layer 22 TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581 r full duplex data: m bi-directional data.
Security Assessment of the Transmission Control Protocol (TCP) (draft-ietf-tcpm-tcp-security-02.txt) Fernando Gont project carried out on behalf of UK.
Multipath TCP Signaling Options or Payload? Costin Raiciu
Transport Layer: TCP and UDP. Overview of TCP/IP protocols Comparing TCP and UDP TCP connection: establishment, data transfer, and termination Allocation.
Inner Space for tcpinc Bob Briscoe Nov 2014 draft-briscoe-tcpm-inner-space-01 Bob Briscoe's work is part-funded by the European Community under its Seventh.
Transport Layer3-1 Chapter 3: Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable.
3: Transport Layer3-1 Where we are in chapter 3 Last time: r TCP m Reliable transfer m Flow control m Connection management r principles of congestion.
CSE679: Computer Network Review r Review of the uncounted quiz r Computer network review.
Congestion exposure BoF candidate protocol: re-ECN Bob Briscoe Chief Researcher, BT Nov 2009 This work is partly funded by Trilogy, a research project.
CISC856 University of Delaware
Chapter 3: Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable data transfer.
1 Introduction to TCP/IP. 2 OSI and Protocol Stack OSI: Open Systems Interconnect OSI ModelTCP/IP HierarchyProtocols 7 th Application Layer 6 th Presentation.
Echo Cookie TCP Option Bob Briscoe Nov 2014 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through the.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
Individual Project 1 Sarah Pritchard. Fran, a customer of your company, would like to visit your company’s website from her home computer… How does your.
Multipath TCP ACM Queue, Volume 12 Issue 2, pp. 1-12, February 2014 Christoph Paasch and Olivier Bonaventure University College London 1.
Multipath TCP Signaling Options or Payload? Costin Raiciu
MULTIPLEXING/DEMULTIPLEXING, CONNECTIONLESS TRANSPORT.
Transport Protocols.
Enterprise Network Systems TCP Mark Clements. 3 March 2008ENS 2 Last Week – Client/ Server Cost effective way of providing more computing power High specs.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
NUS.SOC.CS2105 Ooi Wei Tsang Application Transport Network Link Physical you are still here.
Data Communications and Networks Chapter 6 – IP, UDP and TCP ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.
Introduction 1-1 source application transport network link physical HtHt HnHn M segment HtHt datagram destination application transport network link physical.
11 CS716 Advanced Computer Networks By Dr. Amir Qayyum.
Cryptography CSS 329 Lecture 13:SSL.
DMET 602: Networks and Media Lab Amr El Mougy Yasmeen EssamAlaa Tarek.
Ch 3. Transport Layer Myungchul Kim
Chapter 5 Network and Transport Layers
Introduction to TCP/IP
Chapter 5 Network and Transport Layers
5. End-to-end protocols (part 1)
Long-haul Transport Protocols
Layered Architectures
Extending Option Space Discussion Overview and its requirements
TCP Extended Option Space in the Payload of a Supplementary Segment
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
CS4470 Computer Networking Protocols
Transport Protocols: TCP Segments, Flow control and Connection Setup
Network Architecture Models: Layered Communications
Transport Protocols: TCP Segments, Flow control and Connection Setup
Process-to-Process Delivery: UDP, TCP
0-RTT Converter PoC over Real 5G
Presentation transcript:

Tunnelling Through Inner Space Bob Briscoe Jan 2015 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through the Trilogy 2 (ICT ) and the RITE (ICT ) projects

© British Telecommunications plc the old transport extensibility architecture Source: The dataset collected for: Honda, M., Nishida, Y., Raiciu, C., Greenhalgh, A., Handley, M., and H. Tokuda, "Is it Still Possible to Extend TCP?", Proc. ACM Internet Measurement Conference (IMC'11) , Nov 2011 (nn): No. of paths tested to ea. port 2 Unknown option stripped from TCP SYN ( 4B) MSS ( 2B) SACK-ok ( 3B) WS (10B) TS (12B) MPTCP (6-18B) TFO (shown as 12B) (3B) CRYPT-hello (bare min 84B) CRYPT-INIT-data (3B) CRYPT-INIT 0 TCP SYN TCP Data TCP Option 'Space'

© British Telecommunications plc Approach: Tunnel through Inner Space Why should an implementation walk a list of extensions for which it has no code? Extension can be coded to know where to look [Rob Hancock re. IPv6 extensions (Trilogy project, Feb 2010)] options:layer X extensions:layer X+1 * end-2-middle:layer X How to prevent legacy layer X passing corrupt payload to X+1? Examples (see position paper): (L4) Minion (L4) Inner Space (L3) ConEx (L3) Generic UDP tunnelling (GUT) 3 IP TCP Middle- box App IP Middle- box TCP Header & Outer Options Inner Options Within TCP Data TCP Payload Strawman principle: In a middlebox world, it is both more principled and more pragmatic to extend the layer X header within layer X+1 * * In Internet arithmetic, 4+1 = 7

© British Telecommunications plc Control Data Inner Space: in the TCP datastream robust to resegmentation Inner Options not prone to stripping in-order delivery of Inner Options out-of-order delivery also available InSpace Option Inner Options TCP Payload Magic No. A InSpace Option Inner Options TCP Payload InSpace Option Inner Options TCP Payload TCPTCP TCPTCP TCPTCP TCPTCP Segmentation when Sent Segmentation when Received 4 Sent Data Size (SDS)Inner Options Offset (InOO)Len 16b14b2b

© British Telecommunications plc middlebox domination strategy long term aim authenticated control channel if turned on option authentication today –up to 40% of connections would break –the ends break a working service middlebox domination strategy –Inner Space + option authentication (breaks 0%) then, if middleboxes move into the TCP data –the middleboxes break a working service why shoot yourself in the foot when you can make them shoot themselves in the foot? 5

© British Telecommunications plc Inner Space: Implications & Status Switchable transport semantics –Looks like vanilla TCP on the wire –switch inner semantics with TCP options e.g. ordering, encryption, compression –think "extensible Minion" Example: tcpcrypt decomposition cut from 18 to 9 CRYPT sub-options removed handshake latency can encrypt control options, and MAC pure ACKs Progress since Jul'14 –Default mode: Full spec as individual draft (5 revs, presented in tcpm & tcpinc) –TCPbis mode: Full spec available but not submitted –ad hoc team formed (~20 people on mailing list) –half-a-dozen doing or planning path traversal testing –2 or 3 planning to implement, including upstreaming 6 PayloadControl Options in-orderout-of-orderboth in-orderDefault(TCP)TCPbis out-of-order(UDP)UDPbis both(SCTP)'TCP2' draft-briscoe-tcpm-inner-space-01 draft-briscoe-tcpm-inner-space-sink-00c (splitting into sub-drafts - in progress) draft-briscoe-tcpm-inner-space-sink-00c (splitting into sub-drafts - in progress) Assessing whether 'TCP2' could satisfy HTTP2 reqs

© British Telecommunications plc dual handshake... and migration to single 1.different source ports, same dest. port 2.no co-ordination needed between server threads can be physically separate replicas 3.Can use single SYN-U handshake –when server is in cached white-list –once deployment is widespread (no need for white-list) Fall-back to SYN if no SYN-ACK-U Upgraded Client Legacy Server Threads Upgraded Client Upgraded Server Threads SYN-U SYN-ACK SYN RST ACK SYN-U SYN-ACK SYN-ACK-U SYN ACK RST -U = upgraded, i.e. magic no. at start of TCP Data 1 22 Cont... Upgraded Client Upgraded Server SYN-U SYN-ACK-U ACK Cont

© British Telecommunications plc 00ZZ InSpace Option Suffix Options TCP Payload Magic Suffix Options TCP Payload InSpace Option TCP Payload Prefix Options 00ZZ InSpace Option Suffix Options Prefix Options Control Data Out-of-Order In-Order TCPbis mode: 2 control channels in the datastream Rcvr can reconstruct sent segments - robust to resegmentation TCP has always processed Outer Options on arrival (out-of-order) Inner Space adds two types of Inner Option to avoid middlebox interference –In-order Suffix Options – for stream control –Out-of-order Prefix Options essential for a few ACK-related options* to avoid flow-control deadlock * SACK, MPTCP Data ACK, tcpcrypt MAC of ACK Prefix Options are processed on arrival 9 If this segment is delayed... Suffix Options wait

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.