Improving TCP/IP performance over wireless networks
MobiCom '95 Proceedings of the 1st annual international conference on Mobile computing and networking
End-to-end Internet packet dynamics
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
TCP congestion control with a misbehaving receiver
ACM SIGCOMM Computer Communication Review
I-TCP: indirect TCP for mobile hosts
ICDCS '95 Proceedings of the 15th International Conference on Distributed Computing Systems
On the performance of middleboxes
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Protocol scrubbing: network security through transparent flow modification
IEEE/ACM Transactions on Networking (TON)
Measuring the evolution of transport protocols in the internet
ACM SIGCOMM Computer Communication Review
Peer-to-peer communication across network address translators
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Sting: a TCP-based network measurement tool
USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2
HTTP as the narrow waist of the future internet
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
An experimental study of home gateway characteristics
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
The case for ubiquitous transport-level encryption
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Design, implementation and evaluation of congestion control for multipath TCP
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Design and implementation of a consolidated middlebox architecture
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Fitting square pegs through round pipes: unordered delivery wire-compatible with TCP and TLS
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
How hard can it be? designing and implementing a deployable multipath TCP
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Multi-resource fair queueing for packet processing
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Signposts: end-to-end networking in a world of middleboxes
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Efficiently migrating stateful middleboxes
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Enabling dynamic network processing with clickOS
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Multi-resource fair queueing for packet processing
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Signposts: end-to-end networking in a world of middleboxes
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Efficiently migrating stateful middleboxes
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Enabling dynamic network processing with clickOS
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
On flow concurrency in the internet and its implications for capacity sharing
Proceedings of the 2012 ACM workshop on Capacity sharing
Evolving TCP.: how hard can it be?
Proceedings of the 2012 ACM conference on CoNEXT student workshop
On the state of ECN and TCP options on the internet
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
Reducing web latency: the virtue of gentle aggression
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Enabling fast, dynamic network processing with clickOS
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
Revealing middlebox interference with tracebox
Proceedings of the 2013 conference on Internet measurement conference
Network fingerprinting: TTL-based router signatures
Proceedings of the 2013 conference on Internet measurement conference
Measuring the practical impact of DNSSEC deployment
SEC'13 Proceedings of the 22nd USENIX conference on Security
Proceedings of the 2013 workshop on Hot topics in middleboxes and network function virtualization
Are TCP extensions middlebox-proof?
Proceedings of the 2013 workshop on Hot topics in middleboxes and network function virtualization
Evolving the internet with connection acrobatics
Proceedings of the 2013 workshop on Hot topics in middleboxes and network function virtualization
Communications of the ACM
Always Best Connected Heterogeneous Network Concept
Wireless Personal Communications: An International Journal
Queue - The Internet
Recursively cautious congestion control
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
ClickOS and the art of network function virtualization
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.02 |
We've known for a while that the Internet has ossified as a result of the race to optimize existing applications or enhance security. NATs, performance-enhancing-proxies,firewalls and traffic normalizers are only a few of the middleboxes that are deployed in the network and look beyond the IP header to do their job. IP itself can't be extended because "IP options are not an option". Is the same true for TCP? In this paper we develop a measurement methodology for evaluating middlebox behavior relating to TCP extensions and present the results of measurements conducted from multiple vantage points. The short answer is that we can still extend TCP, but extensions' design is very constrained as it needs to take into account prevalent middlebox behaviors. For instance, absolute sequence numbers cannot be embedded in options, as middleboxes can rewrite ISN and preserve undefined options. Sequence numbering also must be consistent for a TCP connection, because many middleboxes only allow through contiguous flows. We used these findings to analyze three proposed extensions to TCP. We find that MPTCP is likely to work correctly in the Internet or fallback to regular TCP. TcpCrypt seems ready to be deployed, however it is fragile if resegmentation does happen---for instance with hardware offload. Finally, TCP extended options in its current form is not safe to deploy.