Lecture 12: TCP Friendliness, DCCP, NATs, and STUN

Similar documents
Lecture 10: TCP Friendliness, DCCP, NATs, and STUN

Congestion Control. Lecture 12: TCP Friendliness, DCCP, NATs, and STUN. Chiu Jain Phase Plots. Fair A=B. Responding to Loss. Flow B rate (bps) t 1 t 3

Lecture 4: Congestion Control

Datagram Congestion Control Protocol (DCCP)

Reliable Transport II: TCP and Congestion Control

Transmission Control Protocol. ITS 413 Internet Technologies and Applications

Reliable Transport II: TCP and Congestion Control

TCP Congestion Control

TCP Congestion Control

Transport Layer. Application / Transport Interface. Transport Layer Services. Transport Layer Connections

Lecture 11. Transport Layer (cont d) Transport Layer 1

CS519: Computer Networks. Lecture 5, Part 4: Mar 29, 2004 Transport: TCP congestion control

CS 43: Computer Networks. 19: TCP Flow and Congestion Control October 31, Nov 2, 2018

TCP so far Computer Networking Outline. How Was TCP Able to Evolve

Flow and Congestion Control Marcos Vieira

Review problems (for no credit): Transport and Network Layer

ECE 610: Homework 4 Problems are taken from Kurose and Ross.

Chapter 3 outline. 3.5 Connection-oriented transport: TCP. 3.6 Principles of congestion control 3.7 TCP congestion control

Answers to Sample Questions on Transport Layer

CSCI-1680 Transport Layer II Data over TCP Rodrigo Fonseca

Outline. TCP: Overview RFCs: 793, 1122, 1323, 2018, Development of reliable protocol Sliding window protocols

Lecture 21: Congestion Control" CSE 123: Computer Networks Alex C. Snoeren

Outline Computer Networking. TCP slow start. TCP modeling. TCP details AIMD. Congestion Avoidance. Lecture 18 TCP Performance Peter Steenkiste

CNT 6885 Network Review on Transport Layer

Internet Networking recitation #

Outline. TCP: Overview RFCs: 793, 1122, 1323, 2018, steam: r Development of reliable protocol r Sliding window protocols

Congestion Control. Daniel Zappala. CS 460 Computer Networking Brigham Young University

Network Address Translators (NATs) and NAT Traversal

Computer Networks Spring 2017 Homework 2 Due by 3/2/2017, 10:30am

Chapter III: Transport Layer

cs/ee 143 Communication Networks

Overview. TCP & router queuing Computer Networking. TCP details. Workloads. TCP Performance. TCP Performance. Lecture 10 TCP & Routers

CSCD 330 Network Programming Winter 2015

CSC 4900 Computer Networks: TCP

Adding Acknowledgement Congestion Control to TCP draft-floyd-tcpm-ackcc-05.txt. Status of this Memo

COMP/ELEC 429/556 Introduction to Computer Networks

Correcting mistakes. TCP: Overview RFCs: 793, 1122, 1323, 2018, TCP seq. # s and ACKs. GBN in action. TCP segment structure

Recap. TCP connection setup/teardown Sliding window, flow control Retransmission timeouts Fairness, max-min fairness AIMD achieves max-min fairness

Lecture 22: TCP & NAT. CSE 123: Computer Networks Alex C. Snoeren

Bandwidth Allocation & TCP

9th Slide Set Computer Networks

Adding Acknowledgement Congestion Control to TCP draft-floyd-tcpm-ackcc-03a.txt. Status of this Memo

Lecture 8. TCP/IP Transport Layer (2)

Transport layer. UDP: User Datagram Protocol [RFC 768] Review principles: Instantiation in the Internet UDP TCP

6.1 Internet Transport Layer Architecture 6.2 UDP (User Datagram Protocol) 6.3 TCP (Transmission Control Protocol) 6. Transport Layer 6-1

The aim of this unit is to review the main concepts related to TCP and UDP transport protocols, as well as application protocols. These concepts are

Transport layer. Review principles: Instantiation in the Internet UDP TCP. Reliable data transfer Flow control Congestion control

Wireless TCP Performance Issues

TCP : Fundamentals of Computer Networks Bill Nace

Problem Set 7 Due: Start of Class, November 2

Computer Networking Introduction

Lecture 14: Congestion Control"

TSIN02 - Internetworking

Transport Over IP. CSCI 690 Michael Hutt New York Institute of Technology

Transport Layer Chapter 6

Congestion Control In The Internet Part 2: How it is implemented in TCP. JY Le Boudec 2014

The Present and Future of Congestion Control. Mark Handley

15-744: Computer Networking TCP

CS 356: Introduction to Computer Networks. Lecture 16: Transmission Control Protocol (TCP) Chap. 5.2, 6.3. Xiaowei Yang

TSIN02 - Internetworking

ETSF05/ETSF10 Internet Protocols Transport Layer Protocols

Page 1. Review: Internet Protocol Stack. Transport Layer Services EEC173B/ECS152C. Review: TCP. Transport Layer: Connectionless Service

TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581

TSIN02 - Internetworking

Chapter 3- parte B outline

CSE 123A Computer Networks

TSIN02 - Internetworking

Congestion Control End Hosts. CSE 561 Lecture 7, Spring David Wetherall. How fast should the sender transmit data?

Transport Layer Congestion Control

ECE 435 Network Engineering Lecture 10

This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79.

Mid Term Exam Results

Quick-Start for TCP and IP

CSC 8560 Computer Networks: TCP

Congestion Control. Principles of Congestion Control. Network-assisted Congestion Control: ATM. Congestion Control. Computer Networks 10/21/2009

MPTCP: Design and Deployment. Day 11

ECE 333: Introduction to Communication Networks Fall 2001

Chapter 3 outline. 3.5 Connection-oriented transport: TCP. 3.6 Principles of congestion control 3.7 TCP congestion control

CSCI Topics: Internet Programming Fall 2008

Page 1. Review: Internet Protocol Stack. Transport Layer Services. Design Issue EEC173B/ECS152C. Review: TCP

Department of Computer and IT Engineering University of Kurdistan. Transport Layer. By: Dr. Alireza Abdollahpouri

Transport Layer (Congestion Control)

CMSC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. October 25, 2018

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 10

Lecture 20 Overview. Last Lecture. This Lecture. Next Lecture. Transport Control Protocol (1) Transport Control Protocol (2) Source: chapters 23, 24

Congestion Control In The Internet Part 2: How it is implemented in TCP. JY Le Boudec 2014

Principles of congestion control

NAT (NAPT/PAT), STUN, and ICE

8. TCP Congestion Control

Congestion Collapse in the 1980s

CS 5520/ECE 5590NA: Network Architecture I Spring Lecture 13: UDP and TCP

Transport Protocols and TCP

Chapter 3 Transport Layer

TCP reliable data transfer. Chapter 3 outline. TCP sender events: TCP sender (simplified) TCP: retransmission scenarios. TCP: retransmission scenarios

Transport Layer PREPARED BY AHMED ABDEL-RAOUF

CMSC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. October 30, 2018

UDP and TCP. Introduction. So far we have studied some data link layer protocols such as PPP which are responsible for getting data

Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking

TCP Congestion Control : Computer Networking. Introduction to TCP. Key Things You Should Know Already. Congestion Control RED

UNIT IV -- TRANSPORT LAYER

Transcription:

Lecture 12: TCP Friendliness, DCCP, NATs, and STUN

Congestion Control TCP dynamically adapts its rate in response to congestion AIMD causes flows to converge to fair goodput But how do losses (e.g., bit errors) affect goodput? What about UDP?

Chiu Jain Phase Plots t 2 Fair A=B Flow B rate (bps) t 1 t 3 t 5 t 4 t 6 overload underload Efficient A+B=C Flow A rate (bps)

Set threshold to cwnd 2 On timeout - Set cwnd to 1 Responding to Loss - Causes TCP to enter slow start On triple duplicate ACK (Reno) - Set cwnd to cwnd 2 - Retransmit missing segment - Causes TCP to stay in congestion avoidance

Analyzing TCP Simply Assume all segments are MSS long Assume a packet loss rate p Assume a constant RTT Assume p is small (no timeouts)

Analysis Window size W cuts to W 2 after a loss Grows to W after W 2 RTTs Goodput = 3 4 W MT U 1 RT T

p = 1 ( W 2 +( W 2 +1)+...+W ) p 1 3 8 W 2 W 8 3 p Window Size Goodput = 3 4 8 3 p MT U 1 RT T Goodput = 1.22 MT U RT T p Constant factor changes based on delayed acks, etc.

TCP Friendliness Don t want other protocols to disrupt TCP UDP happily shuts down TCP flows TCP friendliness: obeying TCP congestion control as per prior goodput equation - Does not imply acting like TCP - E.g., does not require abrupt window changes

ledbat WG The LEDBAT WG is chartered to standardize a congestion control mechanism that should saturate the bottleneck, maintain low delay, and yield to standard TCP. TCP-friendliness is insufficient for modern P2P applications - Flow fairness, not application fairness - TCP fills queues Elastic workloads vs. inelastic workloads

DCCP Datagram Congestion Control Protocol (DCCP) provides congestion control for unreliable datagrams (RFC 4340) Connection-oriented protocol - Request-response-ack establishment - Close-reset or CloseReq-Close-reset teardown Counts packets, not bytes

DCCP Segment

Sequence Numbers Every DCCP packet uses a new sequence number - Data - Acknowledgements - Control traffic Acknowledgements are for last packet received - Not cumulative acknowledgements - Does not succinctly describe connection history - Options can give packet vectors

Synchronization DCCP uses sequence number windows to protect from attacks Large bursts of losses cause packets to fall past windows Need to resynchronize

Synchronization Exchange

Synchronization on Reset Problem

Synchronization on Reset Solution

Congestion Control Defines Congestion Control IDs (CCIDs) Negotiated with change/confirm L/R options Each half-connection can have different congestion control CCID 2: TCP congestion control (AIMD) (RFC 4941) CCID 3: TCP-friendly congestion control (RFC 4942)

CCID 2 Uses TCP congestion control - Maintains a cwnd, slow-start, etc. Adds congestion control to acks - Sender specifies an AckRatio, R - Ratio of data to ack packets (TCP with delayed ACKs is 2) - On detecting ack losses, double R - After cwnd R 2 R lossless congestion windows, decrement R

CCID 3 Uses TCP-friendly congestion control Uses a sending rate, rather than a congestion window Receiver sends feedback once per RTT, reporting loss rate If sender hears no feedback, halves sending rate Security issue with loss rate reporting: report loss intervals, rather than just a loss rate, verifiable with ECN nonces

DCCP Today Numerous implementations IETF Standards Track Well suited to VoIP, Internet Gaming, etc. Sees very little use

2-minute stretch

NAT Network Address Translator Session A-S 128.34.22.8:6101 18.181.0.31:22 Server (18.181.0.31) Session B-S 76.18.117.20:10001 18.181.0.31:22 Session A-S 10.0.0.101:1234 18.181.0.31:22 NAT (128.34.22.8) Client A (10.0.0.101) NAT (76.18.117.20) Client B (10.1.1.9) Session B-S 10.1.1.9:5411 18.181.0.31:22

Motivations and Complications There are only 2 32 IP addresses Firewalls for security Breaks end-to-end (node does not know its external IP) Node might not even know if it s behind a NAT NAT needs to be able to dynamically assign mappings

How a NAT Works Maps between global and local (IP,port) pairs Requires knowledge of transport packet format UDP datagram, TCP SYN - Can shut down TCP mapping on FIN+ACK - UDP requires timeouts (> 2 minutes, unless IANA says otherwise) RFC 4787/BCP 127 defines recommended behaviors

NAT Example, Step 1 Client A (10.1.1.18) Server (18.181.0.31) NAT (128.34.22.8) Client B (10.1.1.9)

NAT Example, Step 2 Client A (10.1.1.18) Client A tries to open a connection to Server port 80 from port 4512 Server (18.181.0.31) 10.1.1.18 18.181.0.31 4512 80 NAT (128.34.22.8) Client B (10.1.1.9)

NAT Example, Step 3 Client A (10.1.1.18) NAT rewrites the source address and port so it seems it is the source Server (18.181.0.31) 10.1.1.18 18.181.0.31 4512 80 NAT (128.34.22.8) 128.34.22.8 18.181.0.31 6641 80 Client B (10.1.1.9)

NAT Example, Step 4 Client A (10.1.1.18) NAT also creates a mapping so it can transform future packets correctly Server (18.181.0.31) NAT (128.34.22.8) Client B (10.1.1.9) 18.181.0.31 10.1.1.18 4512 80 128.34.22.8 6641

NAT Example, Step 5 Client A (10.1.1.18) Server responds to SYN with SYN+ACK and NAT rewrites it Server (18.181.0.31) 18.181.0.31 10.1.1.18 80 4512 Client B (10.1.1.9) 10.1.1.18 4512 NAT (128.34.22.8) 18.181.0.31 80 128.34.22.8 6641 18.181.0.31 128.34.22.8 80 6641

NAT Example, Step 6 Client A (10.1.1.18) Client B can also open a connection, and the NAT creates a mapping for it too Server (18.181.0.31) 18.181.0.31 10.1.1.19 80 9967 Client B (10.1.1.9) 10.1.1.19 9967 NAT (128.34.22.8) 18.181.0.31 80 128.34.22.8 4050 18.181.0.31 128.34.22.8 80 4050

NAT Example, Step 7 Client A (10.1.1.18) In the case of TCP, NAT can discard the mapping on close or RST Server (18.181.0.31) RST 18.181.0.31 10.1.1.18 80 4512 Client B (10.1.1.9) 10.1.1.18 4512 NAT (128.34.22.8) 18.181.0.31 80 128.34.22.8 6641 RST 18.181.0.31 128.34.22.8 80 6641

Types of NAT (RFC 3849) Full Cone: no ingress filter (single local-external mapping) Restricted Cone: ingress filter on address Port Restricted: ingress filter on address/port Symmetric: different mappings for different external destinations Teminology is imperfect (static port mappings, etc.)

NAT Problems Incoming TCP connections E.g., Skype call bootstrap super node clients super nodes relay

TCP Through NATs Server socket doesn t initiate traffic: NAT can t set up mapping Rendezvous servers (as in Skype) Connection reversal through rendezvous if only one is behind a NAT (rendezvous server asks un-nat node to open a port so NAT node can connect)

TCP Reversal

More NAT Problems Port mapping: 0-1023 should map to 0-1023 Port parity: even port even port, odd port odd port (RFC 3550: RTP uses even, RTCP uses odd)) Hairpinning: packet from inside NAT can send packets to external (NAT) address and have portmap work

RFC 4787 and Hairpinning NAT UDP Unicast Requirements - F. Audet and C. Jennings (guest lecture last year) More formally, a NAT that supports hairpinning forwards packets originating from an internal address, X1:x1, destined for an external address X2 :x2 that has an active mapping to an internal address X2:x2, back to that internal address, X2:x2. Note that typically X1 is the same as X2. Furthermore, the NAT may present the hairpinned packet with either an internal (X1:x1) or an external (X1 :x1 ) source IP address and port. Therefore, the hairpinning NAT behavior can be either "External source IP address and port" or "Internal source IP address and port". "Internal source IP address and port" may cause problems by confusing implementations that expect an external IP address and port.

Example confusion Two nodes (A, B) share a switch behind a NAT A sends TCP SYN to an external address for B B responds with SYN+ACK What can happen if NAT did not rewrite A s SYN to have an external address and port? Will B s packet traverse the NAT?

STUN (RFC 3849) Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) Enables a node to - Determine if it is behind a NAT, and if so, what kind - Obtain a public IP address/port pair Client-server protocol, requires no changes to NATs STUN server coordinates

STUN Binding Requests Node sends BR to STUN server STUN sends a response that has the address and port it sees - If different than node s local address and port, it s behind a NAT Node can probe to see what kind of NAT - Ask STUN server to respond from different address: no response, address restricted; different response, symmetric - Ask STUN server to respond from different port: no response, port restricted When does STUN not work?

NAT Hole-Punching STUN doesn t work when - A or B are behind symmetric NAT - A and B are behind same NAT without hairpinning - What about restricted cone, port-restricted NATs? Parallel approaches - A and B report their local IP address to server Sx - Server tells the other the address/port pair (L, G) - A tries to send UDP packets to (L B, G B ) using L A - B tries to send UDP packets to (L A, G A ) using L B

NAT Hole-Punching Example Server (18.181.0.31) NAT (128.34.22.8) NAT (76.18.117.20) Client A (10.0.0.101) Client B (10.1.1.9)

NAT Hole-Punching Example 1. Request connection to B Server (18.181.0.31) NAT (128.34.22.8) NAT (76.18.117.20) Client A (10.0.0.101) Client B (10.1.1.9)

NAT Hole-Punching Example 2a. S sends L B and G B to A Server (18.181.0.31) 2b. S sends L A and G A to B NAT (128.34.22.8) NAT (76.18.117.20) Client A (10.0.0.101) Client B (10.1.1.9)

NAT Hole-Punching Example 3a. A sends to L B and G B Server (18.181.0.31) 3b. B sends to L A and G A NAT (128.34.22.8) NAT (76.18.117.20) Client A (10.0.0.101) Client B (10.1.1.9)

NAT Hole-Punching Example Server (18.181.0.31) NAT (128.34.22.8) NAT (76.18.117.20) 4. Session A-B established Client A (10.0.0.101) Client B (10.1.1.9)

Multiple NAT Layers Common for consumer Internet: ISP has internal NAT, end user places another NAT Requires hairpinning at ISP NAT Internet ISP NAT (18.181.0.31) ISP Network User NAT (192.168.4.1) UserNAT (192.168.3.7) Client A (10.0.0.101) Client B (10.1.1.9)

The New Hourglass Layers 5-7 TCP UDP ICMP IP Layers 1-2

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback