0-RTT TCP converters
Download as PPTX, PDF0 likes348 views
The document discusses the design of a new converter protocol aimed at enhancing Multipath TCP (MPTCP) interactions with middleboxes, allowing more clients to benefit from MPTCP without significantly increasing connection establishment delays. The protocol utilizes a TLV (Type-Length-Value) message format and supports 0-rtt and TFO (TCP Fast Open) to minimize overhead while maintaining extensibility for future TCP options. It emphasizes that clients can choose to bypass the converter when connecting to MPTCP-enabled servers and that the design is robust against various deployment scenarios.
![A Simplified example
@c @s
@t
SYN
SYN+ACK
SYN+ACK [ ]
TLV message
in SYN payload
TCP Options
TFO cookie (t) from
converter
SYN (TFO:t) [Connect @s:p]](https://image.slidesharecdn.com/converter-ietf99-final-170719081740/85/0-RTT-TCP-converters-7-320.jpg)
![MPTCP connection through converter
@c @s
@t
SYN(MPC)
SYN+ACK (MPC(Ks))
SYN+ACK(MPC(Kc))
[ ExtTCPH(MPC(Ks)) ]
SYN (TFO:t,MPC)
[Connect @s:p]
Copy of the extended
TCP header returned
by server](https://image.slidesharecdn.com/converter-ietf99-final-170719081740/85/0-RTT-TCP-converters-8-320.jpg)
![TFO connection through the converter
@c @s
@t
SYN(TFO)
SYN+ACK (TFO:sc)
SYN+ACK [ ExtTCPH(TFO:sc) ]
SYN (TFO:t)
[Connect @s:p
TCPOpt:TFO]
Empty TFO option Server cookie: sc
Client learns
server cookie
Empty TFO](https://image.slidesharecdn.com/converter-ietf99-final-170719081740/85/0-RTT-TCP-converters-9-320.jpg)
![TFO connection through the converter
second connection to server
@c @s
@t
SYN(TFO:sc) Data
SYN+ACKSYN+ACK [ ]
SYN (TFO:t)
[Connect @s:p
TCPOpt:TFO:sc]
Data
Server recognises
cookie sc and
accepts data](https://image.slidesharecdn.com/converter-ietf99-final-170719081740/85/0-RTT-TCP-converters-10-320.jpg)
![Bootstrap procedure
@c @s
@t
SYN+ACK (TFO:t) [ Supported TCP Options(MPTCP) ]
SYN (TFO)
[Bootstrap]
Empty TFO
TCP Extensions
supported by Converter
Converter
cookie](https://image.slidesharecdn.com/converter-ietf99-final-170719081740/85/0-RTT-TCP-converters-19-320.jpg)
0-RTT TCP converters
- 1. 0-RTT TCP Converters draft-bonaventure-mptcp-converters-01 IETF99, July 2017 O. Bonaventure M. Boucadair B. Peirens
- 2. Motivation • Instead of tuning MPTCP to cope with middleboxes, can we design middleboxes that would benefit to MPTCP ?
- 4. Converter • Motivation – Far more MPTCP enabled clients than MPTCP enabled servers – Clients want to benefit from MPTCP at least on a fraction of the end-to-end path
- 5. Key points of email discussion • Using the converter should not significantly increase the connection establishment delay – 0-RTT • Clients can decide to use a converter based on policies • Clients should be able to bypass the converter when the server supports MPTCP • TFO must be used if data is placed in SYN – For client-converter exchanges – Clients using converter should still be able to use TFO with servers • The design should be extensible and future-proof… • …and should avoid defining new TCP Options
- 6. A cleaner design • Converter Protocol is an application-level protocol listening on a specific TCP port • Client commands and converter responses are encoded as TLV messages – Ensures extensibility • Converter Protocol leverages TFO – Commands and responses can be sent inside SYNs • Clients can learn TCP options supported by servers – Allows clients to bypass the converter
- 7. A Simplified example @c @s @t SYN SYN+ACK SYN+ACK [ ] TLV message in SYN payload TCP Options TFO cookie (t) from converter SYN (TFO:t) [Connect @s:p]
- 8. MPTCP connection through converter @c @s @t SYN(MPC) SYN+ACK (MPC(Ks)) SYN+ACK(MPC(Kc)) [ ExtTCPH(MPC(Ks)) ] SYN (TFO:t,MPC) [Connect @s:p] Copy of the extended TCP header returned by server
- 9. TFO connection through the converter @c @s @t SYN(TFO) SYN+ACK (TFO:sc) SYN+ACK [ ExtTCPH(TFO:sc) ] SYN (TFO:t) [Connect @s:p TCPOpt:TFO] Empty TFO option Server cookie: sc Client learns server cookie Empty TFO
- 10. TFO connection through the converter second connection to server @c @s @t SYN(TFO:sc) Data SYN+ACKSYN+ACK [ ] SYN (TFO:t) [Connect @s:p TCPOpt:TFO:sc] Data Server recognises cookie sc and accepts data
- 11. About extensibility • Two dimensions were considered in the design – Extensibility of the Converter protocol • Version number and TLV format ensure that the protocol can be extended for different use cases – Evolution of TCP • Converter protocol is designed with MPTCP in mind, but other TCP extensions could benefit from it as well • Clients can detect which TCP options are supported by the server and decide to bypass the converter
- 12. Criteria Main criteria (email from Phil/Yoshi) • No changes to MPTCP (RFC6824bis) – Converter uses application layer protocol leveraging TFO • Proxy is simple to operate and deploy – Converter uses reserved service name/port – Leverages on existing BCPs • A session can be initiated from either end • The set-up time is minimized – 0-RTT leveraging TFO • The design minimises the amount of overhead on data – TLV messages appear only in SYN – No encapsulation • The solution works if end to end encryption is in use
- 13. Criteria • Criteria specific to solutions for the single-ended proxy scenario: – the proxy is unlikely to be on both default paths • No assumption is made about the location of the converter – clarify whether the proxy simply forwards • The Converter terminates TCP connections and maintains states as per IETF BCPs – allows hosts to have traffic that doesn’t get proxied • Clients can bypass the converter (policies or if server supports) – end host and proxy need to authenticate • Other authentication and authorization schemes can be used such as leveraging on the authentication required during network attachment • Not in draft-00 but can be added as new TLV messages
- 14. Conclusion • A NEW design which takes into account major comments raised during email discussions – Application level protocol • Service name/port to be reserved by IANA – Provides 0-RTT using TFO – Client can bypass converter if server supports option • We request WG adoption for charter item – Finally, the working group will explore whether an MPTCP-aware middlebox would be useful, where at least one end host is MPTCP-enabled.
- 15. Backup slides
- 16. Fixed Header • Sent by client and converter Current version=1 Length of all TLV messages in blocks of 32 bits
- 17. The Connect TLV IPv6 address
- 18. The Extended TCP Header TLV Copy of the Extended TCP header returned by server in SYN+ACK
- 19. Bootstrap procedure @c @s @t SYN+ACK (TFO:t) [ Supported TCP Options(MPTCP) ] SYN (TFO) [Bootstrap] Empty TFO TCP Extensions supported by Converter Converter cookie
- 20. Bootstrap