Monday, December 9, 2013

CoNext HotMiddlebox: Are TCP Extensions Middlebox-proof?

Benjamin Hesmans, Fabien Duchene, Christoph Paasch, Gregory Detal, and Olivier Bonaventure (Universite catholique de Louvain)

Presenter: Benjamin Hesmans

The end to end principle does not work anymore, a middlebox will probably modify your segments. As a study conducted by J. Cherry shows, in today’s networks middleboxes are highly present especially in enterprise networks where there is as much middleboxes as routers or switches. By modifying the content of the packet, middleboxes can impact performances. The paper propose to evaluate the impact of middleboxes on TCP extensions’ performances.

The proposed methodology is cyclic and is bootstrapped from existing middleboxes in the literature. The main part of the methodology is to run TCP extensions against modelled middleboxes. To do this, the authors propose MBtest, which is a netkit (UML) based tool, composed of click elements modeling some middleboxes behaviors. The author show an example where he modeled a middlebox that randomize the TCP sequence numbers but not the sequence number present in the Selective Acknowledgment (SACK) option. Such middlebox has an important impact on the goodput of applications: with SACK the performances are worse than without which is counter intuitive.

The authors also evaluate the behavior of MPTCP which is the first extension designed with middleboxes in mind. They evaluate if MPTCP in different scenarios: NAT, remove option, randomization of the TCP sequence number, segment splitting and coalescing. In most cases, MPTCP works (It sometimes fallback which is normal). Only one corner case. The author also show a case, detect by deploying MPTCP on the wild, where FTP in active mode cause a fallback and adds a large delay.

Lessons learned:
- TCP options can not assume that the TCP header fields are unchanged during transit
- TCP options cannot assume that an option sent is always received
- Payload size modification is unsafe

Questions:

Q: The UCL had a measurement study, where TCP breaks in the wild (Is it Still Possible to Extend TCP? at IMC). Are the measurement conclusion the same?
A: The paper is more focused on MPTCP and based on modeled middleboxes.

Q: Are you planning to extend to more protocols or more middleboxes ?
A: New protocols is easy. For middleboxes we don’t know yet if we will pursue the work.