Presentation is loading. Please wait.

Presentation is loading. Please wait.

TCP Extended Option Space in the Payload of a Supplementary Segment

Published byBénédicte Bonneau Modified over 5 years ago

Similar presentations

Presentation on theme: "TCP Extended Option Space in the Payload of a Supplementary Segment"— Presentation transcript:

1 TCP Extended Option Space in the Payload of a Supplementary Segment
draft-touch-tcpm-tcp-syn-ext-opt-00 Jul’14, IETF 90 - Toronto Joe Touch, USC/ISI Bob Briscoe, BT (presenter) Ted Faber, USC/ISI 9/19/2018 7:21 PM 9/19/2018 1

2 Overview Two separate problems Extended data offset (EDO)
proposed as PS Simple option to extend the data offset post-SYN Easy to enable/disable system-wide or per-conn. SYN extended option space (SYN-EOS) proposed as Experimental More complex Independent mechanism Extends SYN using a supplemental segment Successful SYN-EOS implies EDO this doc 9/19/2018

3 (Similar) Motivation SYN option space use increasing Current use
More options Larger options (TCP-AO, MPTCP, TFO) Current desire to combine large options Current use SYN - typical total 19B SACK-ok (2), Timestamp (10), Window Scale (3), MSS (4) Combining new options as well won’t fit 40B limit TCP-AO (16), MPTCP (12), TFO (6-18) Negotiation Trivial after initial SYN Cannot extend SYN in a single, backward-compatible segment 9/19/2018

4 Key Components Two approaches in one doc Shared properties
WG to eventually decide which goes forward (or both) Both add a supplemental segment Extra option space in payload of supplemental segment Large amount of effective SYN option expansion Shared properties Initial SYN includes SYN-EOS request Upgraded servers delay SYN/ACK until both segments are received One SYN/ACK with SYN-EOS option ACKs both segments Backward compatible Robust to random loss, duplication, reordering 9/19/2018

5 Two solutions Out-of-Band (OOB) Dual-SYN (DS) Supplemental segment:
(!SYN && !ACK) flags Same ISN, addrs, ports Features Looks like out-of-band data RFC793 requires it be silently dropped Fate sharing with initial SYN for both port block and redirection Flaws Leaks through SYN-blockers Fails if first through NAT Supplemental segment: Second initial SYN (SYN-C) Same addrs & dest. port, but different source port Additional Conn. ID (CID) to match to initial SYN-D Features Client resets a 2nd SYN/ACK from legacy server Traverses firewalls Blocked by SYN-blockers Any NAT traversal order Could traverse split connections Flaws Lack of host & path fate sharing for port block or redirection 9/19/2018

6 Shared Issues Order of processing options Interaction with EDO
Some options MUST be in original space, processed before merging the segments (TCP-AO) MAY be a need to replicate some options (see draft for risks) Process merged segments and their option space in a specific order (see draft) Interaction with EDO SYN-EOS negotiation implies EDO is available after initial SYN If EDO fallback is desired when SYN-EOS fails, EDO request needs to occur in initial SYN option space Interaction with SYN Cookies Feasible – see draft Possible caching as an optimization OOB: MAY consider caching supplement received before initial SYN DS: SHOULD cache second SYN state if received before initial SYN Security issues with caching Meddleboxes ;-) Some issues that affect all options: NAT/NAPT (compatible) DPI (false positive or negative) – see draft for proposed partial solution Block or remove EOS (failsafe) 9/19/2018

7 Earlier Alternatives (focus on SYN)
LO/SLO (long options/SYN long options) SLO extends SYN Prolongs 3-way handshake (3WHS) for extra segments SYN/ACK can’t enter ESTABLISHED after 3WHS because later segment options may be rejected Either wait for 5WHS or add complex state management LOIC (long options by invalid checksum) Dual SYNs, the second with invalid checksum Second SYN won’t traverse a NAT checksum will fail or be revised as correct 4-way handshake (Borman 5/22 TCPM post) First SYN asks to support long options Server reply is a SYN using long options (reverses connection) Adds 1 RTT to client-side data latency Not compatible with directional options (TFO) or parameterized options Requires server expose entire option capability list to clients 9/19/2018

8 Current status Not posted for Toronto deadline
{to be submitted by end of July | just submitted } Request for feedback on draft-touch-tcpm-tcp-syn-ext-opt-00 Messy, but may be the only way out OOB vs. DS vs. both? Feedback on details and issues, please Open issues DS Distinguishing the two SYNs Length of CID field OOB Verification of NAT/firewall traversal Individual draft, intended as TCPM Experimental No known IPR Too early to consider call for adoption ;-) Adoption call on list soon? 9/19/2018

Download ppt "TCP Extended Option Space in the Payload of a Supplementary Segment"

Similar presentations

CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
A Test To Allow TCP Senders to Identify Receiver Non-Compliance Toby Moncaster †, Bob Briscoe*, Arnaud Jacquet* † University of Cambridge * BT draft-moncaster-tcpm-rcv-cheat-03.

A Test To Allow TCP Senders to Identify Receiver Non-Compliance Toby Moncaster †, Bob Briscoe*, Arnaud Jacquet* † University of Cambridge * BT draft-moncaster-tcpm-rcv-cheat-03.
1 Transport Protocols & TCP CSE 3213 Fall 2007 130 April 2015.

1 Transport Protocols & TCP CSE 3213 Fall April 2015.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Multipath.

Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Multipath.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.

UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
1 TCP - Part I Relates to Lab 5. First module on TCP which covers packet format, data transfer, and connection management.

1 TCP - Part I Relates to Lab 5. First module on TCP which covers packet format, data transfer, and connection management.
Chapter 7 – Transport Layer Protocols

Chapter 7 – Transport Layer Protocols
More Accurate ECN Feedback in TCP (AccECN) draft-kuehlewind-tcpm-accurate-ecn-03 Bob Briscoe, BT Richard Scheffenegger, NetApp Mirja Kühlewind, Stuttgart.

More Accurate ECN Feedback in TCP (AccECN) draft-kuehlewind-tcpm-accurate-ecn-03 Bob Briscoe, BT Richard Scheffenegger, NetApp Mirja Kühlewind, Stuttgart.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Inner Space Bob Briscoe Oct 2014 draft-briscoe-tcpm-inner-space-01.

Inner Space Bob Briscoe Oct 2014 draft-briscoe-tcpm-inner-space-01.
Tunnelling Through Inner Space Bob Briscoe Jan 2015 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through.

Tunnelling Through Inner Space Bob Briscoe Jan 2015 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through.
TCP/IP Essentials A Lab-Based Approach Shivendra Panwar, Shiwen Mao Jeong-dong Ryoo, and Yihan Li Chapter 5 UDP and Its Applications.

TCP/IP Essentials A Lab-Based Approach Shivendra Panwar, Shiwen Mao Jeong-dong Ryoo, and Yihan Li Chapter 5 UDP and Its Applications.
Quick-Start for TCP and IP draft-ietf-tsvwg-quickstart-02.txt A.Jain, S. Floyd, M. Allman, and P. Sarolahti TSVWG, March 2006 This and earlier presentations::

Quick-Start for TCP and IP draft-ietf-tsvwg-quickstart-02.txt A.Jain, S. Floyd, M. Allman, and P. Sarolahti TSVWG, March 2006 This and earlier presentations::
SELECTIVE ACKNOWLEDGEMENT (SACK) DUPLICATE SELECTIVE ACKNOWLEDGMENT

SELECTIVE ACKNOWLEDGEMENT (SACK) DUPLICATE SELECTIVE ACKNOWLEDGMENT
MPTCP – MULTIPATH TCP Interim meeting #3 20 th October 2011 audio Yoshifumi Nishida Philip Eardley.

MPTCP – MULTIPATH TCP Interim meeting #3 20 th October 2011 audio Yoshifumi Nishida Philip Eardley.
Quick-Start for TCP and IP draft-ietf-tsvwg-quickstart-01.txt A.Jain, S. Floyd, M. Allman, and P. Sarolahti TSVWG, November 2005 This and earlier presentations::

Quick-Start for TCP and IP draft-ietf-tsvwg-quickstart-01.txt A.Jain, S. Floyd, M. Allman, and P. Sarolahti TSVWG, November 2005 This and earlier presentations::
Tunnelling of Explicit Congestion Notification draft-briscoe-tsvwg-ecn-tunnel-03.txt draft-briscoe-tsvwg-ecn-tunnel-03.txt Bob Briscoe, BT IETF-75 saag.

Tunnelling of Explicit Congestion Notification draft-briscoe-tsvwg-ecn-tunnel-03.txt draft-briscoe-tsvwg-ecn-tunnel-03.txt Bob Briscoe, BT IETF-75 saag.
Echo Cookie TCP Option Bob Briscoe Nov 2014 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through the.

Echo Cookie TCP Option Bob Briscoe Nov 2014 Bob Briscoe’s work is part-funded by the European Community under its Seventh Framework Programme through the.
1 TCP Maintenance and Minor Extensions (TCPM) Working Group Pasi Sarolahti Michael Scharf Yoshifumi Nishida IETF 90 – Toronto, Canada July 2014.

1 TCP Maintenance and Minor Extensions (TCPM) Working Group Pasi Sarolahti Michael Scharf Yoshifumi Nishida IETF 90 – Toronto, Canada July 2014.

Similar presentations

Ads by Google