idnits 2.17.1 draft-touch-tcpm-2140bis-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 220 has weird spacing: '... varies old_o...' == Line 222 has weird spacing: '...sthresh old_...' == Line 224 has weird spacing: '...nd_cwnd old_...' == Line 278 has weird spacing: '... MSSopt curr_...' == Line 286 has weird spacing: '... varies old_o...' == (6 more instances...) == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (January 12, 2017) is 2633 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 1981 (Obsoleted by RFC 8201) -- Obsolete informational reference (is this intentional?): RFC 1644 (Obsoleted by RFC 6247) -- Obsolete informational reference (is this intentional?): RFC 1379 (Obsoleted by RFC 6247) -- Obsolete informational reference (is this intentional?): RFC 7231 (Obsoleted by RFC 9110) -- Obsolete informational reference (is this intentional?): RFC 4960 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 6824 (Obsoleted by RFC 8684) -- Obsolete informational reference (is this intentional?): RFC 7540 (Obsoleted by RFC 9113) Summary: 2 errors (**), 0 flaws (~~), 8 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 TCPM WG J. Touch 2 Internet Draft USC/ISI 3 Intended status: Informational M. Welzl 4 Expires: July 2017 S. Islam 5 University of Oslo 6 J. You 7 Huawei 8 January 12, 2017 10 TCP Control Block Interdependence 11 draft-touch-tcpm-2140bis-02.txt 13 Status of this Memo 15 This Internet-Draft is submitted in full conformance with the 16 provisions of BCP 78 and BCP 79. 18 This document may contain material from IETF Documents or IETF 19 Contributions published or made publicly available before November 20 10, 2008. The person(s) controlling the copyright in some of this 21 material may not have granted the IETF Trust the right to allow 22 modifications of such material outside the IETF Standards Process. 23 Without obtaining an adequate license from the person(s) controlling 24 the copyright in such materials, this document may not be modified 25 outside the IETF Standards Process, and derivative works of it may 26 not be created outside the IETF Standards Process, except to format 27 it for publication as an RFC or to translate it into languages other 28 than English. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF), its areas, and its working groups. Note that 32 other groups may also distribute working documents as Internet- 33 Drafts. 35 Internet-Drafts are draft documents valid for a maximum of six 36 months and may be updated, replaced, or obsoleted by other documents 37 at any time. It is inappropriate to use Internet-Drafts as 38 reference material or to cite them other than as "work in progress." 40 The list of current Internet-Drafts can be accessed at 41 http://www.ietf.org/ietf/1id-abstracts.txt 43 The list of Internet-Draft Shadow Directories can be accessed at 44 http://www.ietf.org/shadow.html 45 This Internet-Draft will expire on July 12, 2017. 47 Copyright Notice 49 Copyright (c) 2017 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (http://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with 57 respect to this document. 59 Abstract 61 This memo describes interdependent TCP control blocks, where part of 62 the TCP state is shared among similar concurrent or consecutive 63 connections. TCP state includes a combination of parameters, such as 64 connection state, current round-trip time estimates, congestion 65 control information, and process information. Most of this state is 66 maintained on a per-connection basis in the TCP Control Block (TCB), 67 but implementations can (and do) share certain TCB information 68 across connections to the same host. Such sharing is intended to 69 improve overall transient transport performance, while maintaining 70 backward-compatibility with existing implementations. The sharing 71 described herein is limited to only the TCB initialization and so 72 has no effect on the long-term behavior of TCP after a connection 73 has been established. 75 Table of Contents 77 1. Introduction...................................................3 78 2. Conventions used in this document..............................3 79 3. Terminology....................................................4 80 4. The TCP Control Block (TCB)....................................4 81 5. TCB Interdependence............................................5 82 6. An Example of Temporal Sharing.................................5 83 7. An Example of Ensemble Sharing.................................8 84 8. Compatibility Issues..........................................10 85 9. Implications..................................................12 86 10. Implementation Observations..................................14 87 11. Security Considerations......................................15 88 12. IANA Considerations..........................................16 89 13. References...................................................17 90 13.1. Normative References....................................17 91 13.2. Informative References..................................17 92 14. Acknowledgments..............................................19 94 1. Introduction 96 TCP is a connection-oriented reliable transport protocol layered 97 over IP [RFC793]. Each TCP connection maintains state, usually in a 98 data structure called the TCP Control Block (TCB). The TCB contains 99 information about the connection state, its associated local 100 process, and feedback parameters about the connection's transmission 101 properties. As originally specified and usually implemented, most 102 TCB information is maintained on a per-connection basis. Some 103 implementations can (and now do) share certain TCB information 104 across connections to the same host. Such sharing is intended to 105 lead to better overall transient performance, especially for 106 numerous short-lived and simultaneous connections, as often used in 107 the World-Wide Web [Be94],[Br02]. 109 This document discusses TCB state sharing that affects only the TCB 110 initialization, and so has no effect on the long-term behavior of 111 TCP after a connection has been established. Path information shared 112 across SYN destination port numbers assumes that TCP segments having 113 the same host-pair experience the same path properties, irrespective 114 of TCP port numbers. The observations about TCB sharing in this 115 document apply similarly to any protocol with congestion state, 116 including SCTP [RFC4960] and DCCP [RFC4340], as well as for 117 individual subflows in Multipath TCP [RFC6824]. 119 2. Conventions used in this document 121 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 122 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 123 document are to be interpreted as described in RFC 2119 [RFC2119]. 125 In this document, these words will appear with that interpretation 126 only when in ALL CAPS. Lower case uses of these words are not to be 127 interpreted as carrying significance described in RFC 2119. 129 In this document, the characters ">>" preceding an indented line(s) 130 indicates a statement using the key words listed above. This 131 convention aids reviewers in quickly identifying or finding the 132 portions of this RFC covered by these keywords. 134 3. Terminology 136 Host - a source or sink of TCP segments associated with a single IP 137 address 139 Host-pair - a pair of hosts and their corresponding IP addresses 141 Path - an Internet path between the IP addresses of two hosts 143 4. The TCP Control Block (TCB) 145 A TCB describes the data associated with each connection, i.e., with 146 each association of a pair of applications across the network. The 147 TCB contains at least the following information [RFC793]: 149 Local process state 150 pointers to send and receive buffers 151 pointers to retransmission queue and current segment 152 pointers to Internet Protocol (IP) PCB 153 Per-connection shared state 154 macro-state 155 connection state 156 timers 157 flags 158 local and remote host numbers and ports 159 TCP option state 160 micro-state 161 send and receive window state (size*, current number) 162 round-trip time and variance 163 cong. window size (snd_cwnd)* 164 cong. window size threshold (ssthresh)* 165 max window size seen* 166 sendMSS# 167 MMS_S# 168 MMS_R# 169 PMTU# 170 round-trip time and variance# 172 The per-connection information is shown as split into macro-state 173 and micro-state, terminology borrowed from [Co91]. Macro-state 174 describes the finite state machine; we include the endpoint numbers 175 and components (timers, flags) used to help maintain that state. 176 Macro-state describes the protocol for establishing and maintaining 177 shared state about the connection. Micro-state describes the 178 protocol after a connection has been established, to maintain the 179 reliability and congestion control of the data transferred in the 180 connection. 182 We further distinguish two other classes of shared micro-state that 183 are associated more with host-pairs than with application pairs. One 184 class is clearly host-pair dependent (#, e.g., MSS, MMS, PMTU, RTT), 185 and the other is host-pair dependent in its aggregate (*, e.g., 186 congestion window information, current window sizes, etc.). 188 5. TCB Interdependence 190 There are two cases of TCB interdependence. Temporal sharing occurs 191 when the TCB of an earlier (now CLOSED) connection to a host is used 192 to initialize some parameters of a new connection to that same host, 193 i.e., in sequence. Ensemble sharing occurs when a currently active 194 connection to a host is used to initialize another (concurrent) 195 connection to that host. 197 6. An Example of Temporal Sharing 199 The TCB data cache is accessed in two ways: it is read to initialize 200 new TCBs and written when more current per-host state is available. 201 New TCBs are initialized using context from past connections as 202 follows: 204 TEMPORAL SHARING - TCB Initialization 206 Safe? Cached TCB New TCB 207 ---------------------------------------------- 208 yes old_MMS_S old_MMS_S or not cached 210 yes old_MMS_R old_MMS_R or not cached 212 yes old_sendMSS old_sendMSS 214 yes old_PMTU old_PMTU 216 TBD old_RTT old_RTT 218 TBD old_RTTvar old_RTTvar 220 varies old_option (option specific) 222 TBD old_ssthresh old_ssthresh 224 TBD old_snd_cwnd old_snd_cwnd 226 Table entries indicate which are considered to be safe to share 227 temporally. The other entries are discussed in section 8. 229 Most cached TCB values are updated when a connection closes. The 230 exceptions are MMS_R and MMS_S, which are reported by IP [RFC1122], 231 PMTU which is updated after Path MTU Discovery 232 [RFC1191][RFC1981][RFC4821], and sendMSS, which is updated if the 233 MSS option is received in the TCP SYN header. 235 Sharing sendMSS information affects only data in the SYN of the next 236 connection, because sendMSS information is typically included in 237 most TCP SYN segments. Caching PMTU can accelerate the efficiency of 238 PMTUD, but can also result in black-holing until corrected if in 239 error. Caching MMS_R and MMS_S may be of little direct value as they 240 are reported by the local IP stack anyway. 242 [TBD - complete this section with details for TFO and other options 243 whose state may, must, or must not be shared] The way in which other 244 TCP option state can be shared depends on the details of that 245 option. E.g., TFO state includes the TCP Fast Open Cookie [RFC7413] 246 or, in case TFO fails, a negative TCP Fast Open response (from [RFC 247 7413]: "The client MUST cache negative responses from the server in 248 order to avoid potential connection failures. Negative responses 249 include the server not acknowledging the data in the SYN, ICMP error 250 messages, and (most importantly) no response (SYN-ACK) from the 251 server at all, i.e., connection timeout."). TFOinfo is cached when a 252 connection is established. 254 Other TCP option state might not be as readily cached. E.g., TCP-AO 255 [RFC5925] success or failure between a host pair for a single SYN 256 destination port might be usefully cached. TCP-AO success or failure 257 to other SYN destination ports on that host pair is never useful to 258 cache because TCP-AO security parameters can vary per service. 260 The table below gives an overview of option-specific information 261 that is considered safe to share. 263 TEMPORAL SHARING - Option info 265 Cached New 266 ---------------------------------------- 267 old_TFO_Cookie old_TFO_Cookie 269 old_TFO_Failure old_TFO_Failure 270 TEMPORAL SHARING - Cache Updates 272 Safe? Cached TCB Current TCB when? New Cached TCB 273 ----------------------------------------------------------------- 274 yes old_MMS_S curr_ MMS_S OPEN curr MMS_S 276 yes old_MMS_R curr_ MMS_R OPEN curr_MMS_R 278 yes old_sendMSS curr_sendMSS MSSopt curr_sendMSS 280 yes old_PMTU curr_PMTU PMTUD curr_PMTU 282 TBD old_RTT curr_RTT CLOSE merge(curr,old) 284 TBD old_RTTvar curr_RTTvar CLOSE merge(curr,old) 286 varies old_option curr option ESTAB (depends on option) 288 TBD old_ssthresh curr_ssthresh CLOSE merge(curr,old) 290 TBD old_snd_cwnd curr_snd_cwnd CLOSE merge(curr,old) 292 Caching PMTU and sendMSS is trivial; reported values are cached, and 293 the most recent values are used. The cache is updated when the MSS 294 option is received in a SYN or after PMTUD (i.e., when an ICMPv4 295 Fraqmentation Needed [RFC1191] or ICMPv6 Packet Too Big message is 296 received [RFC1981] or the equivalent is inferred, e.g. as from 297 PLPMTUD [RFC4821]), respectively, so the cache always has the most 298 recent values from any connection. For sendMSS, the cache is 299 consulted only at connection establishment and not otherwise 300 updated, which means that MSS options do not affect current 301 connections. The default sendMSS is never saved; only reported MSS 302 values update the cache, so an explicit override is required to 303 reduce the sendMSS. There is no particular benefit to caching MMS_S 304 and MMS_R as these are reported by the local IP stack. 306 TCP options are copied or merged depending on the details of each 307 option. E.g., TFO state is updated when a connection is established 308 and read before establishing a new connection. 310 RTT values are updated by a more complicated mechanism 311 [RFC1644][Ja86]. Dynamic RTT estimation requires a sequence of RTT 312 measurements. As a result, the cached RTT (and its variance) is an 313 average of its previous value with the contents of the currently 314 active TCB for that host, when a TCB is closed. RTT values are 315 updated only when a connection is closed. The method for merging old 316 and current values needs to attempt to reduce the transient for new 317 connections. [THESE MERGE FUNCTIONS NEED TO BE SPECIFIED, 318 considering e.g. [DM16] - TBD]. 320 The updates for RTT, RTTvar and ssthresh rely on existing 321 information, i.e., old values. Should no such values exist, the 322 current values are cached instead. 324 TEMPORAL SHARING - Option info Updates 326 Cached Current when? New Cached 327 ---------------------------------------------------------------- 328 old_TFO_Cookie old_TFO_Cookie ESTAB old_TFO_Cookie 330 old_TFO_Failure old_TFO_Failure ESTAB old_TFO_Failure 332 7. An Example of Ensemble Sharing 334 Sharing cached TCB data across concurrent connections requires 335 attention to the aggregate nature of some of the shared state. For 336 example, although MSS and RTT values can be shared by copying, it 337 may not be appropriate to copy congestion window or ssthresh 338 information (see section 8 for a discussion of congestion window or 339 ssthresh sharing). 341 ENSEMBLE SHARING - TCB Initialization 343 Safe? Cached TCB New TCB 344 ----------------------------------------- 345 yes old_MMS_S old_MMS_S 347 yes old_MMS_R old_MMS_R 349 yes old_sendMSS old_sendMSS 351 yes old_PMTU old_PMTU 353 TBD old_RTT old_RTT 355 TBD old_RTTvar old_RTTvar 357 TBD old_option (option-specific) 359 Table entries indicate which are considered to be safe to share 360 across an ensemble. The other entries are discussed in section 8. 362 The table below gives an overview of option-specific information 363 that is considered safe to share. 365 ENSEMBLE SHARING - Option info 367 Cached New 368 ---------------------------------------- 369 old_TFO_Cookie old_TFO_Cookie 371 old_TFO_Failure old_TFO_Failure 373 ENSEMBLE SHARING - Cache Updates 375 Safe? Cached TCB Current TCB when? New Cached TCB 376 -------------------------------------------------------------- 377 yes old_MMS_S curr_MMS_S OPEN curr_MMS_S 379 yes old_MMS_R curr_MMS_R OPEN curr_MMS_R 381 yes old_sendMSS curr_sendMSS MSSopt curr_sendMSS 383 yes old_PMTU curr_PMTU PMTUD curr_PMTU 384 /PLPMTUD 386 TBD old_RTT curr_RTT update rtt_update(old,cur) 388 TBD old_RTTvar curr_RTTvar update rtt_update(old,cur) 390 varies old_option curr option (depends) (option specific) 392 For ensemble sharing, TCB information should be cached as early as 393 possible, sometimes before a connection is closed. Otherwise, 394 opening multiple concurrent connections may not result in TCB data 395 sharing if no connection closes before others open. The amount of 396 work involved in updating the aggregate average should be minimized, 397 but the resulting value should be equivalent to having all values 398 measured within a single connection. The function "rtt_update" in 399 the ensemble sharing table indicates this operation, which occurs 400 whenever the RTT would have been updated in the individual TCP 401 connection. As a result, the cache contains the shared RTT 402 variables, which no longer need to reside in the TCB [Ja86]. 404 Congestion window size and ssthresh aggregation are more complicated 405 in the concurrent case. When there is an ensemble of connections, we 406 need to decide how that ensemble would have shared these variables, 407 in order to derive initial values for new TCBs. 409 ENSEMBLE SHARING - Option info Updates 411 Cached Current when? New Cached 412 ---------------------------------------------------------------- 413 old_TFO_Cookie old_TFO_Cookie ESTAB old_TFO_Cookie 415 old_TFO_Failure old_TFO_Failure ESTAB old_TFO_Failure 417 Any assumption of this sharing can be incorrect, including this one, 418 because identical endpoint address pairs may not share network 419 paths. In current implementations, new congestion windows are set at 420 an initial value of 4-10 segments [RFC3390][RFC6928], so that the 421 sum of the current windows is increased for any new connection. This 422 can have detrimental consequences where several connections share a 423 highly congested link. 425 There are several ways to initialize the congestion window in a new 426 TCB among an ensemble of current connections to a host, as shown 427 below. Current TCP implementations initialize it to four segments as 428 standard [rfc3390] and 10 segments experimentally [RFC6928] and 429 T/TCP hinted that it should be initialized to the old window size 430 [RFC1644]. In the former cases, the assumption is that new 431 connections should behave as conservatively as possible. In the 432 latter T/TCP case, no accommodation is made for concurrent aggregate 433 behavior. 435 In either case, the sum of window sizes can increase, rather than 436 remain constant. A different approach is to give each pending 437 connection its "fair share" of the available congestion window, and 438 let the connections balance from there. The assumption we make here 439 is that new connections are implicit requests for an equal share of 440 available link bandwidth, which should be granted at the expense of 441 current connections. [TBD - a new method for safe congestion sharing 442 will be described] 444 8. Compatibility Issues 446 For the congestion and current window information, the initial 447 values computed by TCB interdependence may not be consistent with 448 the long-term aggregate behavior of a set of concurrent connections 449 between the same endpoints. Under conventional TCP congestion 450 control, if a single existing connection has converged to a 451 congestion window of 40 segments, two newly joining concurrent 452 connections assume initial windows of 10 segments [RFC6928], and the 453 current connection's window doesn't decrease to accommodate this 454 additional load and connections can mutually interfere. One example 455 of this is seen on low-bandwidth, high-delay links, where concurrent 456 connections supporting Web traffic can collide because their initial 457 windows were too large, even when set at one segment. 459 [TBD - this paragraph needs to be revised based on new 460 recommendations] Under TCB interdependence, all three connections 461 could change to use a congestion window of 12 (rounded down to an 462 even number from 13.33, i.e., 40/3). This would include both 463 increasing the initial window of the new connections (vs. current 464 recommendations [RFC6928]) and decreasing the congestion window of 465 the current connection (from 40 down to 12). This gives the new 466 connections a larger initial window than allowed by [RFC6928], but 467 maintains the aggregate. Depending on whether the previous 468 connections were in steady-state, this can result in more bursty 469 behavior, e.g., when previous connections are idle and new 470 connections commence with a large amount of available data to 471 transmit. Additionally, reducing the congestion window of an 472 existing connection needs to account for the number of packets that 473 are already in flight. 475 Because this proposal attempts to anticipate the aggregate steady- 476 state values of TCB state among a group or over time, it should 477 avoid the transient effects of new connections. In addition, because 478 it considers the ensemble and temporal properties of those 479 aggregates, it should also prevent the transients of short-lived or 480 multiple concurrent connections from adversely affecting the overall 481 network performance. There have been ongoing analysis and 482 experiments to validate these assumptions. For example, [Ph12] 483 recommends to only cache ssthresh for temporal sharing when flows 484 are long. Sharing ssthresh between short flows can deteriorate the 485 overall performance of individual connections[Ph12, Nd16], although 486 this may benefit overall network performance. [TBD - the details of 487 this issue need to be summarized and clarified herein]. 489 [TBD - placeholder for corresponding RTT discussion] 491 Due to mechanisms like ECMP and LAG [RFC7424], TCP connections 492 sharing the same host-pair may not always share the same path. This 493 does not matter for host-specific information such as RWIN and TCP 494 option state, such as TFOinfo. When TCB information is shared across 495 different SYN destination ports, path-related information can be 496 incorrect; however, the impact of this error is potentially 497 diminished if (as discussed here) TCB sharing affects only the 498 transient event of a connection start or if TCB information is 499 shared only within connections to the same SYN destination port. In 500 case of Temporal Sharing, TCB information could also become invalid 501 over time. Because this is similar to the case when a connection 502 becomes idle, mechanisms that address idle TCP connections (e.g., 503 [RFC7661]) could also be applied to TCB cache management. 505 There may be additional considerations to the way in which TCB 506 interdependence rebalances congestion feedback among the current 507 connections, e.g., it may be appropriate to consider the impact of a 508 connection being in Fast Recovery [RFC5861] or some other similar 509 unusual feedback state, e.g., as inhibiting or affecting the 510 calculations described herein. 512 TCP is sometimes used in situations where packets of the same host- 513 pair always take the same path. Because ECMP and LAG examine TCP 514 port numbers, they may not be supported when TCP segments are 515 encapsulated, encrypted, or altered - for example, some Virtual 516 Private Networks (VPNs) are known to use proprietary UDP 517 encapsulation methods. Similarly, they cannot operate when the TCP 518 header is encrypted, e.g., when using IPsec ESP. TCB interdependence 519 among the entire set sharing the same endpoint IP addresses should 520 work without problems under these circumstances. Moreover, measures 521 to increase the probability that connections use the same path could 522 be applied: e.g., the connections could be given the same IPv6 flow 523 label. TCB interdependence can also be extended to sets of host IP 524 address pairs that share the same network path conditions, such as 525 when a group of addresses is on the same LAN (see Section 9). 527 It can be wrong to share TCB information between TCP connections on 528 the same host as identified by the IP address if an IP address is 529 assigned to a new host (e.g., IP address spinning, as is used by 530 ISPs to inhibit running servers). It can be wrong if Network Address 531 (and Port) Translation (NA(P)T) [RFC2663] or any other IP sharing 532 mechanism is used. Such mechanisms are less likely to be used with 533 IPv6. Other methods to identify a host could also be considered to 534 make correct TCB sharing more likely. Moreover, some TCB information 535 is about dominant path properties rather than the specific host. IP 536 addresses may differ, yet the relevant part of the path may be the 537 same. 539 9. Implications 541 There are several implications to incorporating TCB interdependence 542 in TCP implementations. First, it may reduce the need for 543 application-layer multiplexing for performance enhancement 544 [RFC7231]. Protocols like HTTP/2 [RFC7540] avoid connection 545 reestablishment costs by serializing or multiplexing a set of per- 546 host connections across a single TCP connection. This avoids TCP's 547 per-connection OPEN handshake and also avoids recomputing MSS, RTT, 548 and congestion windows. By avoiding the so-called, "slow-start 549 restart," performance can be optimized. TCB interdependece can 550 provide the "slow-start restart avoidance" of multiplexing, without 551 requiring a multiplexing mechanism at the application layer. 553 TCB interdependence pushes some of the TCP implementation from the 554 traditional transport layer (in the ISO model), to the network 555 layer. This acknowledges that some state is in fact per-host-pair or 556 can be per-path as indicated solely by that host-pair. Transport 557 protocols typically manage per-application-pair associations (per 558 stream), and network protocols manage per-host-pair and path 559 associations (routing). Round-trip time, MSS, and congestion 560 information could be more appropriately handled in a network-layer 561 fashion, aggregated among concurrent connections, and shared across 562 connection instances [RFC3124]. 564 An earlier version of RTT sharing suggested implementing RTT state 565 at the IP layer, rather than at the TCP layer [Ja86]. Our 566 observations are for sharing state among TCP connections, which 567 avoids some of the difficulties in an IP-layer solution. One such 568 problem is determining the associated prior outgoing packet for an 569 incoming packet, to infer RTT from the exchange. Because RTTs are 570 still determined inside the TCP layer, this is simpler than at the 571 IP layer. This is a case where information should be computed at the 572 transport layer, but could be shared at the network layer. 574 Per-host-pair associations are not the limit of these techniques. It 575 is possible that TCBs could be similarly shared between hosts on a 576 subnet or within a cluster, because the predominant path can be 577 subnet-subnet, rather than host-host. Additionally, TCB 578 interdependence can be applied to any protocol with congestion 579 state, including SCTP [RFC4960] and DCCP [RFC4340], as well as for 580 individual subflows in Multipath TCP [RFC6824]. 582 There may be other information that can be shared between concurrent 583 connections. For example, knowing that another connection has just 584 tried to expand its window size and failed, a connection may not 585 attempt to do the same for some period. The idea is that existing 586 TCP implementations infer the behavior of all competing connections, 587 including those within the same host or subnet. One possible 588 optimization is to make that implicit feedback explicit, via 589 extended information associated with the endpoint IP address and its 590 TCP implementation, rather than per-connection state in the TCB. 592 Like its initial version in 1997, this document's approach to TCB 593 interdependence focuses on sharing a set of TCBs by updating the TCB 594 state to reduce the impact of transients when connections begin or 595 end. Other mechanisms have since been proposed to continuously share 596 information between all ongoing communication (including 597 connectionless protocols), updating the congestion state during any 598 congestion-related event (e.g., timeout, loss confirmation, etc.) 599 [RFC3124]. By dealing exclusively with transients, TCB 600 interdependence is more likely to exhibit the same behavior as 601 unmodified, independent TCP connections. 603 10. Implementation Observations 605 The observation that some TCB state is host-pair specific rather 606 than application-pair dependent is not new and is a common 607 engineering decision in layered protocol implementations. A 608 discussion of sharing RTT information among protocols layered over 609 IP, including UDP and TCP, occurred in [Ja86]. Although now 610 deprecated, T/TCP was the first to propose using caches in order to 611 maintain TCB states (see Appendix A for more information). 613 The table below describes the current implementation status for some 614 TCB information in Linux kernel version 4.6, FreeBSD 10 and Windows 615 (as of October 2016). In the table, "shared" only refers to temporal 616 sharing. 618 TCB data Status 619 ----------------------------------------------------------- 620 old MMS_S Not shared 622 old MMS_R Not shared 624 old_sendMSS Cached and shared in Linux (MSS) 626 old PMTU Cached and shared in FreeBSD and Windows (PMTU) 628 old_RTT Cached and shared in FreeBSD and Linux 630 old_RTTvar Cached and shared in FreeBSD 632 old TFOinfo Cached and shared in Linux and Windows 634 old_snd_cwnd Not shared 636 old_ssthresh Cached and shared in FreeBSD and Linux: 637 FreeBSD: arithmetic 638 mean of ssthresh and previous value if 639 a previous value exists; 640 Linux: depending on state, 641 max(cwnd/2, ssthresh) in most cases 643 11. Security Considerations 645 These suggested implementation enhancements do not have additional 646 ramifications for explicit attacks. These enhancements may be 647 susceptible to denial-of-service attacks if not otherwise secured. 648 For example, an application can open a connection and set its window 649 size to zero, denying service to any other subsequent connection 650 between those hosts. 652 TCB sharing may be susceptible to denial-of-service attacks, 653 wherever the TCB is shared, between connections in a single host, or 654 between hosts if TCB sharing is implemented within a subnet (see 655 Implications section). Some shared TCB parameters are used only to 656 create new TCBs, others are shared among the TCBs of ongoing 657 connections. New connections can join the ongoing set, e.g., to 658 optimize send window size among a set of connections to the same 659 host. 661 Attacks on parameters used only for initialization affect only the 662 transient performance of a TCP connection. For short connections, 663 the performance ramification can approach that of a denial-of- 664 service attack. E.g., if an application changes its TCB to have a 665 false and small window size, subsequent connections would experience 666 performance degradation until their window grew appropriately. 668 The solution is to limit the effect of compromised TCB values. TCBs 669 are compromised when they are modified directly by an application or 670 transmitted between hosts via unauthenticated means (e.g., by using 671 a dirty flag). TCBs that are not compromised by application 672 modification do not have any unique security ramifications. Note 673 that the proposed parameters for TCB sharing are not currently 674 modifiable by an application. 676 All shared TCBs MUST be validated against default minimum parameters 677 before used for new connections. This validation would not impact 678 performance, because it occurs only at TCB initialization. This 679 limits the effect of attacks on new connections to reducing the 680 benefit of TCB sharing, resulting in the current default TCP 681 performance. For ongoing connections, the effect of incoming packets 682 on shared information should be both limited and validated against 683 constraints before use. This is a beneficial precaution for existing 684 TCP implementations as well. 686 TCBs modified by an application SHOULD NOT be shared, unless the new 687 connection sharing the compromised information has been given 688 explicit permission to use such information by the connection API. 689 No mechanism for that indication currently exists, but it could be 690 supported by an augmented API. This sharing restriction SHOULD be 691 implemented in both the host and the subnet. Sharing on a subnet 692 SHOULD utilize authentication to prevent undetected tampering of 693 shared TCB parameters. These restrictions limit the security impact 694 of modified TCBs both for connection initialization and for ongoing 695 connections. 697 Finally, shared values MUST be limited to performance factors only. 698 Other information, such as TCP sequence numbers, when shared, are 699 already known to compromise security. 701 12. IANA Considerations 703 There are no IANA implications or requests in this document. 705 This section should be removed upon final publication as an RFC. 707 13. References 709 13.1. Normative References 711 [RFC793] Postel, Jon, "Transmission Control Protocol," Network 712 Working Group RFC-793/STD-7, ISI, Sept. 1981. 714 [RFC1191] Mogul, J., Deering, S., "Path MTU Discovery," RFC 1191, 715 Nov. 1990. 717 [RFC1981] McCann, J., Deering. S., Mogul, J., "Path MTU Discovery 718 for IP version 6," RFC 1981, Aug. 1996. 720 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 721 Requirement Levels", BCP 14, RFC 2119, March 1997. 723 [RFC4821] Mathis, M., Heffner, J., "Packetization Layer Path MTU 724 Discovery," RFC 4821, Mar. 2007. 726 [RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., Jain, A., "TCP Fast 727 Open", RFC 7413, Dec. 2014. 729 13.2. Informative References 731 [Br02] Brownlee, N. and K. Claffy, "Understanding Internet 732 Traffic Streams: Dragonflies and Tortoises", IEEE 733 Communications Magazine p110-117, 2002. 735 [Be94] Berners-Lee, T., et al., "The World-Wide Web," 736 Communications of the ACM, V37, Aug. 1994, pp. 76-82. 738 [Br94] Braden, B., "T/TCP -- Transaction TCP: Source Changes for 739 Sun OS 4.1.3,", Release 1.0, USC/ISI, September 14, 1994. 741 [Co91] Comer, D., Stevens, D., Internetworking with TCP/IP, V2, 742 Prentice-Hall, NJ, 1991. 744 [FreeBSD] FreeBSD source code, Release 2.10, http://www.freebsd.org/ 746 [Ja86] Jacobson, V., (mail to public list "tcp-ip", no archive 747 found), 1986. 749 [Nd16] Dukkipati, N., Yuchung C., and Amin V., "Research 750 Impacting the Practice of Congestion Control." ACM SIGCOMM 751 CCR (editorial). 753 [DM16] Matz, D., "Optimize TCP's Minimum Retransmission Timeout 754 for Low Latency Environments", Master's thesis, Technical 755 University Munich, 2016. 757 [Ph12] Hurtig, P., Brunstrom, A., "Enhanced metric caching for 758 short TCP flows," 2012 IEEE International Conference on 759 Communications (ICC), Ottawa, ON, 2012, pp. 1209-1213. 761 [RFC1122] Braden, R. (ed), "Requirements for Internet Hosts -- 762 Communication Layers", RFC-1122, Oct. 1989. 764 [RFC1644] Braden, R., "T/TCP -- TCP Extensions for Transactions 765 Functional Specification," RFC-1644, July 1994. 767 [RFC1379] Braden, R., "Transaction TCP -- Concepts," RFC-1379, 768 September 1992. 770 [RFC2663] Srisuresh, P., Holdrege, M., "IP Network Address 771 Translator (NAT) Terminology and Considerations", RFC- 772 2663, August 1999. 774 [RFC3390] Allman, M., Floyd, S., Partridge, C., "Increasing TCP's 775 Initial Window," RFC 3390, Oct. 2002. 777 [RFC7231] Fielding, R., J. Reshke, Eds., "HTTP/1.1 Semantics and 778 Content," RFC-7231, June 2014. 780 [RFC3124] Balakrishnan, H., Seshan, S., "The Congestion Manager," 781 RFC 3124, June 2001. 783 [RFC4340] Kohler, E., Handley, M., Floyd, S., "Datagram Congestion 784 Control Protocol (DCCP)," RFC 4340, Mar. 2006. 786 [RFC4960] Stewart, R., (Ed.), "Stream Control Transmission 787 Protocol," RFC4960, Sept. 2007. 789 [RFC5861] Allman, M., Paxson, V., Blanton, E., "TCP Congestion 790 Control," RFC 5861, Sept. 2009. 792 [RFC5925] Touch, J., Mankin, A., Bonica, R., "The TCP Authentication 793 Option," RFC 5925, June 2010. 795 [RFC6824] Ford, A., Raiciu, C., Handley, M., Bonaventure, O., "TCP 796 Extensions for Multipath Operation with Multiple 797 Addresses," RFC 6824, Jan. 2013. 799 [RFC6928] Chu, J., Dukkipati, N., Cheng, Y., Mathis, M., "Increasing 800 TCP's Initial Window," RFC 6928, Apr. 2013. 802 [RFC7424] Krishnan, R., Yong, L., Ghanwani, A., So, N., Khasnabish, 803 B., "Mechanisms for Optimizing Link Aggregation Group 804 (LAG) and Equal-Cost Multipath (ECMP) Component Link 805 Utilization in Networks", RFC 7424, Jan. 2015 807 [RFC7540] Belshe, M., Peon, R., Thomson, M., "Hypertext Transfer 808 Protocol Version 2 (HTTP/2)", RFC 7540, May 2015. 810 [RFC7661] Fairhurst, G., Sathiaseelan, A., Secchi, R., "Updating TCP 811 to Support Rate-Limited Traffic", RFC 7661, Oct. 2015 813 14. Acknowledgments 815 The authors would like to thank for Praveen Balasubramanian for 816 information regarding TCB sharing in Windows, and Yuchung Cheng, 817 Lars Eggert, Ilpo Jarvinen and Michael Scharf for comments on 818 earlier versions of the draft. This work has received funding from a 819 collaborative research project between the University of Oslo and 820 Huawei Technologies Co., Ltd., and is partly supported by USC/ISI's 821 Postel Center. 823 This document was prepared using 2-Word-v2.0.template.dot. 825 15. Change log 827 from -01 to -02: 829 - Stated that our OS implementation overview table only covers 830 temporal sharing. 832 - Correctly reflected sharing of old_RTT in Linux in the 833 implementation overview table. 835 - Marked entries that are considered safe to share with an 836 asterisk (suggestion was to split the table) 838 - Discussed correct host identification: NATs may make IP 839 addresses the wrong input, could e.g. use HTTP cookie. 841 - Included MMS_S and MMS_R from RFC1122; fixed the use of MSS and 842 MTU 843 - Added information about option sharing, listed options in the 844 appendix 846 Authors' Addresses 848 Joe Touch 849 USC/ISI 850 4676 Admiralty Way 851 Marina del Rey, CA 90292-6695 852 USA 854 Phone: +1 (310) 448-9151 855 Email: touch@isi.edu 857 Michael Welzl 858 University of Oslo 859 PO Box 1080 Blindern 860 Oslo N-0316 861 Norway 863 Phone: +47 22 85 24 20 864 Email: michawe@ifi.uio.no 866 Safiqul Islam 867 University of Oslo 868 PO Box 1080 Blindern 869 Oslo N-0316 870 Norway 872 Phone: +47 22 84 08 37 873 Email: safiquli@ifi.uio.no 874 Jianjie You 875 Huawei 876 101 Software Avenue, Yuhua District 877 Nanjing 210012 878 China 880 Email: youjianjie@huawei.com 882 16. Appendix A: TCB sharing history 884 T/TCP proposed using caches to maintain TCB information across 885 instances (temporal sharing), e.g., smoothed RTT, RTT variance, 886 congestion avoidance threshold, and MSS [RFC1644]. These values were 887 in addition to connection counts used by T/TCP to accelerate data 888 delivery prior to the full three-way handshake during an OPEN. The 889 goal was to aggregate TCB components where they reflect one 890 association - that of the host-pair, rather than artificially 891 separating those components by connection. 893 At least one T/TCP implementation saved the MSS and aggregated the 894 RTT parameters across multiple connections, but omitted caching the 895 congestion window information [Br94], as originally specified in 896 [RFC1379]. Some T/TCP implementations immediately updated MSS when 897 the TCP MSS header option was received [Br94], although this was not 898 addressed specifically in the concepts or functional specification 899 [RFC1379][RFC1644]. In later T/TCP implementations, RTT values were 900 updated only after a CLOSE, which does not benefit concurrent 901 sessions. 903 Temporal sharing of cached TCB data was originally implemented in 904 the SunOS 4.1.3 T/TCP extensions [Br94] and the FreeBSD port of same 905 [FreeBSD]. As mentioned before, only the MSS and RTT parameters were 906 cached, as originally specified in [RFC1379]. Later discussion of 907 T/TCP suggested including congestion control parameters in this 908 cache [RFC1644]. 910 17. Appendix B: Options 912 In addition to the options that can be cached and shared, this memo 913 also lists all options for which state should *not* be kept. This 914 list is meant to avoid work duplication and should be removed upon 915 publication. 917 Obsolete (MUST NOT keep state): 919 ECHO 921 ECHO REPLY 923 PO Conn permitted 925 PO service profile 927 CC 929 CC.NEW 931 CC.ECHO 933 Alt CS req 935 Alt CS data 937 No state to keep: 939 EOL 941 NOP 943 WS 945 SACK 947 TS 949 MD5 951 TCP-AO 953 EXP1 955 EXP2 957 MUST NOT keep state: 959 Skeeter (DH exchange - might be obsolete, though) 961 Bubba (DH exchange - might really be obsolete, though) 963 Trailer CS 965 SCPS capabilities 967 S-NACK 969 Records boundaries 971 Corruption experienced 973 SNAP 975 TCP Compression 977 Quickstart response 979 UTO 981 MPTCP (can we cache when this fails?) 983 TFO success 985 MAY keep state: 987 MSS 989 TFO failure (so we don't try again, since it's optional) 991 MUST keep state: 993 TFP cookie (if TFO succeeded in the past)