TCP Maintenance and Minor A. Zimmermann
Extensions (TCPM) WG A. Hannemann
Internet-Draft RWTH Aachen University
Intended status: Experimental November 17, 2009
Expires: May 21, 2010
Making TCP more Robust to Long Connectivity Disruptions (TCP-LCD)
draft-ietf-tcpm-tcp-lcd-00
Abstract
Disruptions in end-to-end path connectivity, which last longer than
one retransmission timeout cause suboptimal TCP performance. The
reason for the performance degradation is that TCP interprets segment
loss induced by long connectivity disruptions as a sign of
congestion, resulting in repeated retransmission timer backoffs.
This leads in turn to a deferred detection of the re-establishment of
the connection since TCP waits until the next retransmission timeout
occurs before attempting the retransmission.
This document proposes a algorithm for making TCP more robust to long
connectivity disruptions (TCP-LCD). The memo describes how standard
ICMP messages can be exploited during timeout-based loss recovery to
disambiguate true congestion loss from non-congestion loss caused by
connectivity disruptions. Moreover, a revert strategy of the
retransmission timer is specified that enables a more prompt
detection of whether the connectivity to a previously disconnected
peer node has been restored or not. TCP-LCD is a TCP sender-only
modification that effectively improves TCP performance in presence of
connectivity disruptions.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
Zimmermann & Hannemann Expires May 21, 2010 [Page 1]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on May 21, 2010.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the BSD License.
Zimmermann & Hannemann Expires May 21, 2010 [Page 2]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Connectivity Disruption Indication . . . . . . . . . . . . . . 6
4. Connectivity Disruption Reaction . . . . . . . . . . . . . . . 8
4.1. Basic Idea . . . . . . . . . . . . . . . . . . . . . . . . 8
4.2. Algorithm Details . . . . . . . . . . . . . . . . . . . . 8
5. Discussion of TCP-LCD . . . . . . . . . . . . . . . . . . . . 11
5.1. Retransmission Ambiguity . . . . . . . . . . . . . . . . . 12
5.2. Wrapped Sequence Numbers . . . . . . . . . . . . . . . . . 13
5.3. Packet Duplication . . . . . . . . . . . . . . . . . . . . 14
5.4. Probing Frequency . . . . . . . . . . . . . . . . . . . . 14
5.5. Reaction in Steady-State . . . . . . . . . . . . . . . . . 14
6. Dissolving Ambiguity Issues (the Safe Variant) . . . . . . . . 15
7. Interoperability Issues . . . . . . . . . . . . . . . . . . . 17
7.1. Detection of TCP Connection Failures . . . . . . . . . . . 17
7.2. Explicit Congestion Notification . . . . . . . . . . . . . 17
7.3. ICMP for IP version 6 . . . . . . . . . . . . . . . . . . 17
7.4. TCP-LCD and IP Tunnels . . . . . . . . . . . . . . . . . . 18
8. Related Work . . . . . . . . . . . . . . . . . . . . . . . . . 18
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20
10. Security Considerations . . . . . . . . . . . . . . . . . . . 20
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 20
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
12.1. Normative References . . . . . . . . . . . . . . . . . . . 21
12.2. Informative References . . . . . . . . . . . . . . . . . . 21
Appendix A. Changes from previous versions of the draft . . . . . 23
A.1. Changes from draft-zimmermann-tcp-lcd-02 . . . . . . . . . 23
A.2. Changes from draft-zimmermann-tcp-lcd-01 . . . . . . . . . 24
A.3. Changes from draft-zimmermann-tcp-lcd-00 . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 25
Zimmermann & Hannemann Expires May 21, 2010 [Page 3]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
The reader should be familiar with the algorithm and terminology from
[RFC2988], which defines the standard algorithm Transmission Control
Protocol (TCP) senders are required to use to compute and manage
their retransmission timer. In this document the terms
"retransmission timer" and "retransmission timeout" are used as
defined in [RFC2988]. The retransmission timer ensures data delivery
in the absence of any feedback from the receiver. The duration of
this timer is referred to as retransmission timeout (RTO).
As defined in [RFC0793], the term "acceptable acknowledgment (ACK)"
refers to a TCP segment that acknowledges previously unacknowledged
data. The TCP sender state variable "SND.UNA" and the current
segment variable "SEG.SEQ" are used as defined in [RFC0793]. SND.UNA
holds the segment sequence number of earliest segment that has not
been acknowledged by the TCP receiver (the oldest outstanding
segment). SEG.SEQ is the segment sequence number of a given segment.
For the purposes of this specification we define the term "timeout-
based loss recovery" that refers to the state, which a TCP sender
enters upon the first timeout of the oldest outstanding segment
(SND.UNA) and leaves upon the arrival of the *first* acceptable ACK.
It is important to note that other documents use a different
interpretation of the term "timeout-based loss recovery". For
example the NewReno modification to TCP's Fast Recovery algorithm
[RFC3782] extents the period a TCP sender remains in timeout-based
loss recovery compared to the one defined in this document. This is
because [RFC3782] attempts to avoid unnecessary multiple Fast
Retransmits that can occur after an RTO.
2. Introduction
Connectivity disruptions can occur in many different situations. The
frequency of the connectivity disruptions depends thereby on the
property of the end-to-end path between the communicating hosts.
While connectivity disruptions can occur in traditional wired
networks too, e.g., simply due to an unplugged network cable, the
likelihood of occurrence is significantly higher in wireless (multi-
hop) networks. Especially, end-host mobility, network topology
changes and wireless interferences are crucial factors. In the case
of the Transmission Control Protocol (TCP) [RFC0793], the performance
of the connection can exhibit a significant reduction compared to a
Zimmermann & Hannemann Expires May 21, 2010 [Page 4]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
permanently connected path [SESB05]. This is because TCP, which was
originally designed to operate in fixed and wired networks, generally
assumes that the end-to-end path connectivity is relatively stable
over the connection's lifetime.
Depending on their duration connectivity disruptions can be
classified into two groups [I-D.schuetz-tcpm-tcp-rlci]: "short" and
"long" connectivity disruptions. A connectivity disruption is
"short" if connectivity returns before the retransmission timer fires
for the first time. In this case, TCP recovers lost data segments
through Fast Retransmit and lost acknowledgments (ACK) through
successfully delivered later ACKs. Connectivity disruptions are
declared as "long" for a given TCP connection, if the retransmission
timer fires at least once before connectivity returns. Whether or
not path characteristics, like the round trip time (RTT) or the
available bandwidth have changed when the connectivity returns after
a disruption is another important aspect for TCP's retransmission
scheme [I-D.schuetz-tcpm-tcp-rlci].
This document improves TCP's behavior in case of "long connectivity
disruptions". In particular, it focuses on the period "prior" to the
re-establishment of the connectivity to a previously disconnected
peer node. The document does not describe any additional
modification to detect whenever the path characteristics remain
unchanged in order to improve TCP's behavior once connectivity has
been restored. Hence, TCP's basic congestion control mechanisms
[RFC5681] will be unchanged.
When a long connectivity disruption occurs on a TCP connection, the
TCP sender stops receiving acknowledgments. After the retransmission
timer expires, the TCP sender enters the timeout-based loss recovery
and declares the oldest outstanding segment (SND.UNA) as lost. Since
TCP tightly couples reliability and congestion control, the
retransmission of SND.UNA is triggered together with the reduction of
sending rate, which is based on the assumption that segment loss is
indication of congestion [RFC5681]. As long as the connectivity
disruption persists, TCP will repeat this procedure until the oldest
outstanding segment is successfully acknowledged, or the connection
times out. TCP implementations that follow the recommended
retransmission timeout (RTO) management of RFC 2988 [RFC2988] double
the RTO after each retransmission attempt. However, the RTO growth
may be bounded by an upper limit, the maximum RTO, which is at least
60s, but may be longer: Linux for example uses 120s. If the
connectivity is restored between two retransmission attempts, TCP
still has to wait until the retransmission timer expires before
resuming transmission, since it simply does not have any means to
know when the connectivity is re-established. Therefore, depending
on when connectivity becomes available again, this can waste up to
Zimmermann & Hannemann Expires May 21, 2010 [Page 5]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
maximum RTO of possible transmission time.
This retransmission behavior is not efficient, especially in
scenarios where long connectivity disruptions are frequent. In the
ideal case, a TCP would attempt a retransmission as soon as
connectivity to its peer is re-established. In this document, we
specify a TCP sender-only modification to provide robustness to long
connectivity disruptions (TCP-LCD). The memo describes how the
standard Internet Control Message Protocol (ICMP) can be exploited
during timeout-based loss recovery to identify non-congestion loss
caused by long connectivity disruptions. TCP-LCD's revert strategy
of the retransmission timer enables, due to higher-frequency
retransmissions, a prompt detection when the connectivity to a
previously disconnected peer node has been restored. In the case the
network allows, i.e., no congestion is present, TCP-LCD approaches
the ideal behavior.
3. Connectivity Disruption Indication
As long as the queue of an intermediate router experiencing a link
outage is deep enough, i.e., it can buffer all incoming packets, a
connectivity disruption will only cause variation in delay, which is
handled well by contemporary TCP implementations with the help of
Eifel [RFC3522], [RFC4015] or Forward RTO-Recovery (F-RTO) [RFC5682].
However, if the link outage lasts too long, the router experiencing
the link outage is forced to drop packets and finally to discard the
according route. Means to detect such link outages comprise reacting
on failed address resolution protocol (ARP) [RFC0826] queries,
unsuccessful link sensing, and the like. However, this is solely in
the responsibility of the respective router.
Note: The focus of this memo is on introducing a method how ICMP
messages may be exploited to improve TCP's performance; how
different physical and link layer mechanisms underneath the
network layer may trigger ICMP destination unreachable messages
are out of scope of this memo.
Provided that no other route (including no default route) to the
specific destination exists, the removal of the route goes along with
a notification to the corresponding sending host about the dropped
packets via ICMP destination unreachable messages of code 0 (net
unreachable) or code 1 (host unreachable) [RFC1812]. Therefore,
since the reception of ICMP destination unreachable messages of these
codes provide evidence that packets were dropped due to a link
outage, the sending host can use them as an indication for a
connectivity disruption.
Zimmermann & Hannemann Expires May 21, 2010 [Page 6]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
Note that there are also other ICMP destination unreachable messages
with different codes. Some of them are candidates for connectivity
disruption indications too, but need further investigation. For
example ICMP destination unreachable messages with code 5 (source
route failed), code 11 (net unreachable for TOS), or code 12 (host
unreachable for TOS) [RFC1812]. On the other hand codes that flag
hard errors are of no use for the proposed scheme, since TCP should
abort the connection when those are received [RFC1122]. In the
following, the term "ICMP unreachable message" is used as synonym for
ICMP destination unreachable messages of code 0 or code 1.
The accurate interpretation of ICMP unreachable messages as a
connectivity disruption indication is complicated by the following
two peculiarities of ICMP messages. Firstly, they do not necessarily
operate on the same timescale as the packets, i.e., in the given case
TCP segments that elicited them. When a router drops a packet due to
a missing route it will not necessarily send an ICMP unreachable
message immediately, but rather queues it for later delivery.
Secondly, ICMP messages are subject to rate limiting, e.g., when a
router drops a whole window of data due to a link outage, it will
hardly send as many ICMP unreachable messages as it dropped TCP
segments. Depending on the load of the router it may even send no
ICMP unreachable messages at all. Both peculiarities originate from
[RFC1812].
Fortunately, according to [RFC0792] ICMP unreachable messages are
obliged to contain in their body the entire Internet Protocol (IP)
header [RFC0791] of the datagram eliciting the ICMP unreachable
messages plus the first 64 bits of the payload of that datagram.
This allows the sending host to match the ICMP error message to the
transport that elicited it. RFC 1812 [RFC1812] augments the
requirements and states that ICMP messages should contain as much of
the original datagram as possible without the length of the ICMP
datagram exceeding 576 bytes. Therefore, in case of TCP, at least
the source port number, the destination port number, and the 32-bit
TCP sequence number are included. Thus, this allows the originating
TCP to demultiplex the received ICMP message and to identify the
connection which an ICMP unreachable message is reporting an error
about. Moreover, it can identify which segment of the respective
connection triggered the ICMP unreachable message, provided that
there are not several segments in-flight with the same sequence
number (see Section 5.1).
A connectivity disruption indication in form of an ICMP unreachable
message associated with a presumably lost TCP segment provides strong
evidence that the segment was not dropped due to congestion but
instead was successfully delivered to the temporary end-point of the
employed path, i.e., the reporting router. It therefore did not
Zimmermann & Hannemann Expires May 21, 2010 [Page 7]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
witness any congestion at least on that very part of the path that
was traveled by both, the TCP segment eliciting the ICMP unreachable
message as well as the ICMP unreachable message itself.
4. Connectivity Disruption Reaction
Section 4.1 gives the basic idea of TCP-LCD. The complete algorithm
is specified in Section 4.2.
4.1. Basic Idea
The goal of the algorithm is the prompt detection when the
connectivity to a previously disconnected peer node has been restored
after a long connectivity disruption while retaining appropriate
behavior in case of congestion. TCP-LCD exploits standard ICMP
unreachable messages during timeout-based loss recovery to increase
the TCP's retransmission frequency by undoing one retransmission
timer backoff whenever an ICMP unreachable message reports on the
sequence number of a presumably lost retransmission.
This approach has the advantage of appropriately reducing the probing
rate in case of congestion. If either the retransmission itself, or
the corresponding ICMP message is dropped the previously performed
retransmission timer backoff is not undone, which effectively halves
the probing rate.
4.2. Algorithm Details
A TCP sender using RFC 2988 [RFC2988] to compute TCP's retransmission
timer MAY employ the following scheme to avoid over-conservative
retransmission timer backoffs in case of long connectivity
disruptions. If a TCP sender does implement the following steps, the
algorithm MUST be initiated upon the first timeout of the oldest
outstanding segment (SND.UNA) and MUST be stopped upon the arrival of
the first acceptable ACK. The algorithm MUST NOT be re-initiated
upon subsequent timeouts for the same segment.
A TCP sender that does not employ RFC 2988 [RFC2988] to compute TCP's
retransmission timer SHOULD NOT use TCP-LCD. We envision that the
scheme could be easily adapted to other algorithms than RFC 2988.
However, we leave this as future work.
In rule (2.5) RFC 2988 [RFC2988] provides the option to place a
maximum value on the RTO. When a TCP implements this rule to provide
an upper bound for the RTO, the rule SHOULD also be used in the
following algorithm. In particular, if the RTO is bounded by an
upper limit (maximum RTO), the "MAX_RTO" variable used in this scheme
Zimmermann & Hannemann Expires May 21, 2010 [Page 8]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
SHOULD be initialized with this upper limit. Otherwise, if the RTO
is unbounded, the "MAX_RTO" variable SHOULD be set to infinity.
The scheme specified in this document uses the "BACKOFF_CNT"
variable, whose initial value is zero. The variable is used to count
the number of performed retransmission timer backoffs during one
timeout-based loss recovery. Moreover, the "RTO_BASE" variable is
used to recover the previous RTO in case the retransmission timer
backoff was unnecessary. The variable is initialized with the RTO
upon initiation of timeout-based loss recovery.
(1) Before TCP updates the variable "RTO" when it initiates timeout-
based loss recovery, set the variables "BACKOFF_CNT" and
"RTO_BASE" as follows:
BACKOFF_CNT := 0;
RTO_BASE := RTO.
Proceed to step (R).
(R) This is a placeholder for the behavior that a standard TCP must
execute at this point in case the retransmission timer is
expired. In particular if RFC 2988 [RFC2988] is used, steps
(5.4) - (5.6) of that algorithm go here. Proceed to step (2).
(2) To account for the expiration of the retransmission timer in the
previous step (R), increment the "BACKOFF_CNT" variable by one:
BACKOFF_CNT := BACKOFF_CNT + 1.
(3) Wait either
for the expiration of the retransmission timer. When the
retransmission timer expires, proceed to step (R);
or for the arrival of an acceptable ACK. When an acceptable
ACK arrives, proceed to step (A);
or for the arrival of an ICMP unreachable message. When the
ICMP unreachable message "ICMP_DU" arrives, proceed to step
(4).
(4) If "BACKOFF_CNT > 0", i.e., if at least one retransmission timer
backoff can be undone, then
proceed to step (5);
else
Zimmermann & Hannemann Expires May 21, 2010 [Page 9]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
proceed to step (3).
(5) Extract the TCP segment header included in the ICMP unreachable
message "ICMP_DU":
SEG := Extract(ICMP_DU).
(6) If "SEG.SEQ == SND.UNA", i.e., if the TCP segment "SEG"
eliciting the ICMP unreachable message "ICMP_DU" carries the
sequence number of a retransmission, then
proceed to step (7);
else
proceed to step (3).
(7) Undo the last retransmission timer backoff:
BACKOFF_CNT := BACKOFF_CNT - 1;
RTO := min(RTO_BASE * 2^(BACKOFF_CNT), MAX_RTO).
(8) If the retransmission timer expires due to the undoing in the
previous step (7), then
proceed to step (R);
else
proceed to step (3).
(A) This is a placeholder for the standard TCP behavior that must be
executed at this point in the case an acceptable ACK has
arrived. No further processing.
When a TCP in steady-state detects a segment loss using the
retransmission timer it enters the timeout-based loss recovery and
initiates the algorithm (step 1). It adjusts the slow start
threshold (ssthresh), sets the congestion window (CWND) to one
segment, backs off the retransmission timer and retransmits the first
unacknowledged segment (step R) [RFC5681], [RFC2988]. To account for
the expiration of the retransmission timer the TCP sender increments
the "BACKOFF_CNT" variable by one (step 2).
In case the retransmission timer expires again (step 3a) a TCP will
repeat the retransmission of the first unacknowledged segment and
back off the retransmission timer once more (step R) [RFC2988] as
well as increment the "BACKOFF_CNT" variable by one (step 2). Note
Zimmermann & Hannemann Expires May 21, 2010 [Page 10]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
that a TCP may implement RFC 2988's [RFC2988] option to place a
maximum value on the RTO that may result in not performing the
retransmission timer backoff. However, step (2) MUST always and
unconditionally be applied, no matter whether the retransmission
timer is actually backed off or not. In other words, each time the
retransmission timer expires, the "BACKOFF_CNT" variable MUST be
incremented by one.
If the first received packet after the retransmission(s) is an
acceptable ACK (step 3b), a TCP will proceed as normal, i.e., slow
start the connection and terminate the algorithm (step A). Later
ICMP unreachable messages from the just terminated timeout-based loss
recovery are of no use and therefore ignored since the ACK clock is
already restarting due to the successful retransmission.
On the other hand, if the first received packet after the
retransmission(s) is an ICMP unreachable message (step 3c) and if
step (4) allows, a TCP SHOULD undo one backoff for each ICMP
unreachable message reporting an error on a retransmission. To
decide if an ICMP unreachable message reports on a retransmission,
the sequence number therein is exploited (step 5, step 6). The undo
is performed by re-calculating the RTO with the decremented
"BACKOFF_CNT" variable (step 7). This calculation explicitly matches
the (bounded) exponential backoff specified in rule (5.5) of
[RFC2988].
Upon receipt of an ICMP unreachable message that legitimately undoes
one backoff there is the possibility that the shortened
retransmission timer has expired already (step 8). Then, a TCP
SHOULD retransmit immediately, i.e., an ICMP message clocked
retransmission. In case the shortened retransmission timer has not
expired yet, TCP MUST wait accordingly.
5. Discussion of TCP-LCD
TCP-LCD takes caution to only react to connectivity disruption
indications in form of ICMP unreachable messages during timeout-based
loss recovery. Therefore, TCP's behavior is not altered when either
no ICMP unreachable messages are received, or the retransmission
timer of the TCP sender did not yet expire since the last received
acceptable ACK. Thereby, the algorithm triggers by definition only
in the case of long connectivity disruptions.
Only such ICMP unreachable messages that report on the sequence
number of a retransmission, i.e., report on SND.UNA, are evaluated by
TCP-LCD. All other ICMP unreachable messages are ignored. The
arrival of those ICMP unreachable messages provides strong evidence
Zimmermann & Hannemann Expires May 21, 2010 [Page 11]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
that the retransmissions were not dropped due to congestion but
instead were successfully delivered to the temporary end-point of the
employed path, i.e., the reporting router. In other words, there is
no witness for any congestion at least on that very part of the path
that was traveled by both, the TCP segment eliciting the ICMP
unreachable message as well as the ICMP unreachable message itself.
However, there are some situations where TCP-LCD makes a false
decision and undoes a retransmission timer backoff wrongly. This can
happen, albeit the received ICMP unreachable message reports on the
segment number of a retransmission (SND.UNA), because the TCP segment
that elicited the ICMP unreachable message may either not be a
retransmission (Section 5.1), or does not belong to the current
timeout-based loss recovery (Section 5.2). Finally, packet
duplication (Section 5.3) can also spuriously trigger the algorithm.
Section 5.4 discusses possible probing frequencies, while Section 5.5
describes the motivation for not reacting on ICMP unreachable
messages while TCP is in steady-state.
5.1. Retransmission Ambiguity
Historically, the retransmission ambiguity problem [Zh86], [KP87] is
the TCP sender's inability to distinguish whether the first
acceptable ACK after a retransmission refers to the original
transmission or the retransmission. This problem occurs after both a
Fast Retransmit and a timeout-based retransmit. However, modern TCP
implementations can eliminate the retransmission ambiguity with
either the help of Eifel [RFC3522], [RFC4015] or Forward RTO-Recovery
(F-RTO) [RFC5682].
The revert strategy of the given algorithm suffers from a form of
retransmission ambiguity, too. In contrast to the aforementioned
case, TCP suffers from ambiguity regarding ICMP unreachable messages
received during timeout-based loss recovery. With the TCP segment
number included in the ICMP unreachable message, a TCP sender is not
able to determine if the ICMP unreachable message refers to the
original transmission or to any of the timeout-based retransmissions.
That is, there is an ambiguity which TCP segment, i.e., the original
transmission or any of the retransmissions an ICMP unreachable
message reports on.
However, for the algorithm the ambiguity is not considered to be a
problem. The assumption that a received ICMP message provides
evidence that one non-congestion loss caused by the connectivity
disruption was wrongly considered a congestion loss still holds,
regardless to which TCP segment, transmission or retransmission the
message refers.
Zimmermann & Hannemann Expires May 21, 2010 [Page 12]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
5.2. Wrapped Sequence Numbers
Besides the ambiguity if a received ICMP unreachable message refers
to the original transmission or to any of the retransmissions, there
is another source of ambiguity about the TCP sequence numbers
contained in ICMP unreachable messages. For high bandwidth paths
like modern gigabit links the sequence space may wrap rather quickly,
thereby allowing the possibility that delayed ICMP unreachable
messages - a router dropping packets due to a link outage is not
obliged to send ICMP unreachable messages in a timely manner
[RFC1812] - may coincidentally fit as valid input in the proposed
scheme. As a result, the scheme may undo retransmission timer
backoffs wrongly. Chances for this to happen are minuscule, since a
particular ICMP message would need to contain the exact sequence
number of the current oldest outstanding segment (SND.UNA), while at
the same time TCP is in timeout-based loss recovery. However, two
"worst case" scenarios for the algorithm are possible:
For instance, consider a steady state TCP connection, which will be
disrupted at an intermediate router R due to a link outage. Upon the
expiration of the RTO, the TCP sender enters the timeout-based loss
recovery and starts to retransmit the earliest segment that has not
been acknowledged (SND.UNA). For any reason, router R delays all
corresponding ICMP unreachable messages, so that the TCP sender
backoffs the retransmission timer normally without any undoing. At
the end of the connectivity disruption, the TCP sender eventually
detects the re-establishment, leaves the scheme and finally the
timeout-based loss recovery, too. A sequence number wrap-around
later, the connectivity between the two peers is disrupted again, but
this time due to congestion and exactly at the time at which the
current SND.UNA matches the SND.UNA from the previous cycle. If
router R emits the delayed ICMP unreachable messages now, the TCP
sender would undo retransmission timer backoffs wrongly. As the TCP
sequence number contains 32 bits, the probability of this scenario is
at most 1/2^32. Given sufficiently many retransmissions in the first
timeout-based loss recovery, the corresponding ICMP unreachable
messages could reduce the RTO in the second recovery at most to
"RTO_BASE". However, once the ICMP unreachable messages are
depleted, the standard exponential backoff will be performed. Thus,
the congestion response will only be delayed by some false
retransmissions.
Similar to the above, consider the case where a steady state TCP
connection with n segments in-flight will be disrupted at some point
by an intermediate router R due to a link outage. For each segment
in-flight, router R may generates an ICMP unreachable message,
however due to some reason it delays them. Once the link outage is
over and the connection is re-established, the TCP sender leaves the
Zimmermann & Hannemann Expires May 21, 2010 [Page 13]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
scheme and slow-starts the connection. Following a sequence number
wrap-around, a retransmission timeout occurs, just at the moment the
TCP sender's current window of data reaches the previous range of the
sequence number space again. In case router R emits the delayed ICMP
unreachable messages now, one spurious undoing of the retransmission
timer backoff is possible, if firstly the TCP segment number
contained in ICMP unreachable messages matches the current SND.UNA,
and secondly the timeout was a result of congestion. In the case of
another connectivity disruption, the additional undoing of the
retransmission timer backoff has no impact. The probability of this
scenario is at most n/2^32.
5.3. Packet Duplication
In the case an intermediate router duplicates packets, a TCP sender
may receive more ICMP unreachable messages during timeout-based loss
recovery than it actually has sent timeout-based retransmissions.
However, since TCP-LCD keeps track of the number of performed
retransmission timer backoffs in the "BACKOFF_CNT" variable, it will
not undo more retransmission timer backoffs than were actually
performed. Nevertheless, if packet duplication and congestion
coincide on the path between the two communicating hosts, duplicated
ICMP messages could hide the congestion loss of some retransmissions
or ICMP messages and the algorithm may undo retransmission timer
backoffs wrongly. Considering the overall impact of a router that
duplicates packets, the additional load induced by some spurious
timeout-based retransmits can probably be neglected.
5.4. Probing Frequency
One could argue that if an ICMP unreachable message arrives for a
timeout-based retransmission, the RTO should be reset or recalculated
similar to what is done when an ACK arrives during timeout-based loss
recovery (see Karn's algorithm [KP87], [RFC2988]), and a new
retransmission should be sent immediately. Generally, this would
allow for a much higher probing frequency based on the round trip
time up to the router where the connectivity is disrupted. However,
we believe the current scheme provides a good trade-off between
conservative behavior and fast detection of connectivity re-
establishment.
5.5. Reaction in Steady-State
Another exploitation of ICMP unreachable messages in the context of
TCP congestion control might seem appropriate in case the ICMP
unreachable message is received while TCP is in steady-state and the
message refers to a segment from within the current window of data.
As the RTT up to the router, which generates the ICMP unreachable
Zimmermann & Hannemann Expires May 21, 2010 [Page 14]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
message is likely to be substantially shorter than the overall RTT to
the destination, the ICMP unreachable message may very well reach the
originating TCP while it is transmitting the current window of data.
In case the remaining window is large, it might seem appropriate to
refrain from transmitting the remaining window as there is timely
evidence that it will only trigger further ICMP unreachable messages
at the very router. Although this promises improvement from a
wastage perspective, it may be counterproductive from a security
perspective. An attacker could forge such ICMP messages, thereby
forcing the originating TCP to stop sending data, very similar to the
blind throughput-reduction attack mentioned in
[I-D.ietf-tcpm-icmp-attacks].
An additional consideration is the following: in the presence of
multi-path routing even the receipt of a legitimate ICMP unreachable
message cannot be exploited accurately because there is the option
that only one of the multiple paths to the destination is suffering
from a connectivity disruption, which causes ICMP unreachable
messages to be sent. Then however, there is the possibility that the
path along which the connectivity disruption occurred contributed
considerably to the overall bandwidth, such that a congestion
response is very well reasonable. However, this is not necessarily
the case. Therefore, a TCP has no means except for its inherent
congestion control to decide on this matter. All in all, it seems
that for a connection in steady-state, i.e., not in timeout-based
loss recovery, reacting on ICMP unreachable messages in regard to
congestion control is not appropriate. For the case of timeout-based
retransmissions, however, there is a reasonable congestion response,
which is skipping further retransmission timer backoffs because there
is no congestion indication - as described above.
6. Dissolving Ambiguity Issues (the Safe Variant)
Given that the TCP Timestamps option [I-D.ietf-tcpm-1323bis] is
enabled for a connection, a TCP sender MAY use the following
algorithm to dissolve the ambiguity issues mentioned in Sections 5.1,
5.2, and 5.3. In particular both the retransmission ambiguity and
the packet duplication problems are prevented by the following TCP-
LCD variant. On the other hand, the false positives caused by
wrapped sequence numbers can not be completely avoided, but the
likelihood is further reduced by a factor of 1/2^32 since the
Timestamp Value field (TSval) of the TCP Timestamps Option contains
32 bits.
Hence, implementers may choose to implement the TCP-LCD with the
following modifications.
Zimmermann & Hannemann Expires May 21, 2010 [Page 15]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
Step (1) is replaced by step (1'):
(1') Before TCP updates the variable "RTO" when it initiates
timeout-based loss recovery, set the variables "BACKOFF_CNT"
and "RTO_BASE" and the data structure "RETRANS_TS" as follows:
BACKOFF_CNT := 0;
RTO_BASE := RTO.
RETRANS_TS := [];
Proceed to step (R).
Step (2) is extended by step (2b):
(2b) Store the value of the Timestamp Value field (TSval) of the TCP
Timestamps option included in the retransmission "RET" sent in
step (R) into the "RETRANS_TS" data structure:
RETRANS_TS.add(RET.TSval)
Step (6) is replaced by step (6'):
(6') If "SEG.SEQ == SND.UNA && RETRANS_TS.exists(SEQ.TSval)", i.e.,
if the TCP segment "SEG" eliciting the ICMP unreachable message
"ICMP_DU" carries the sequence number of a retransmission and
the value in its Timestamp Value field (TSval) is valid, then
proceed to step (7');
else
proceed to step (3).
Step (7) is replaced by step (7'):
(7') Undo the last retransmission timer backoff:
RETRANS_TS.remove(SEQ.TSval);
BACKOFF_CNT := BACKOFF_CNT - 1;
RTO := min(RTO_BASE * 2^(BACKOFF_CNT), MAX_RTO).
The downside of the safe variant is twofold. Firstly, the
modifications come at a cost: the TCP sender is required to store the
timestamps of all retransmissions sent during one timeout-based loss
recovery. Secondly, the safe variant can only undo a retransmission
timer backoff, if the intermediate router experiencing the link
outage implements [RFC1812] and chooses to include as many more than
the first 64 bits of the payload of the triggering datagram, as are
Zimmermann & Hannemann Expires May 21, 2010 [Page 16]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
needed to include the TCP Timestamps option in the ICMP unreachable
message.
7. Interoperability Issues
This section discusses interoperability issues related to introducing
TCP-LCD.
7.1. Detection of TCP Connection Failures
TCP-LCD may have side-effects on TCP implementations, which attempt
to detect TCP connection failures by counting timeout-based
retransmissions. RFC 1122 [RFC1122] states in Section 4.2.3.5 that a
TCP host must handle excessive retransmissions of data segments with
two thresholds R1 and R2 measuring the amount of retransmission that
has occurred for the same segment. Both thresholds might either be
measured in time units or as a count of retransmissions.
Due to TCP-LCD's revert strategy of the retransmission timer, the
assumption that a certain number of retransmissions corresponds to a
specific time interval no longer holds true, as additional
retransmissions may be performed during timeout-based-loss recovery
to detect the end of the connectivity disruption. Therefore, a TCP
employing TCP-LCD either SHOULD measure the thresholds R1 and R2 in
time units or in case R1 and R2 are counters of retransmissions
SHOULD convert them into time intervals, which correspond to the time
an unmodified TCP would need to reach the specified number of
retransmissions.
7.2. Explicit Congestion Notification
By the use of Explicit Congestion Notification (ECN) [RFC3168] ECN-
capable routers are no longer limited to dropping packets as
congestion indication. Instead they can set the Congestion
Experienced (CE) codepoint in the IP header of packets to indicate
congestion. Concerning TCP-LCD there is the option that during a
connectivity disruption a received ICMP unreachable message has been
elicited by a timeout-based retransmission that was marked with the
CE codepoint before reaching the router experiencing the link outage.
In such a case, we suggest in the case the algorithm undoes a
retransmission timer backoff, the TCP sender SHOULD additionally
reset the retransmission timer.
7.3. ICMP for IP version 6
RFC 4443 [RFC4443] specifies the Internet Control Message Protocol
(ICMPv6) to be used with the Internet Protocol version 6 (IPv6)
Zimmermann & Hannemann Expires May 21, 2010 [Page 17]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
[RFC2460]. From TCP-LCD's point of view, it is important to notice
that for IPv6, the payload of an ICMPv6 error messages has to include
as many bytes from the IPv6 datagram that elicited the ICMPv6 error
message as possible without making the error message exceed the
minimum IPv6 MTU (1280 bytes) [RFC4443]. Thus, more information is
available for TCP-LCD as in the case of IPv4.
The counterpart of the ICMPv4 destination unreachable message of code
0 (net unreachable) and of code 1 (host unreachable) is the ICMPv6
destination unreachable message of code 0 (no route to destination)
[RFC4443]. Like the IPv4 case, a router should generate an ICMPv6
destination unreachable message of code 0 in response to a packet
that cannot be delivered to its destination address because it lacks
a matching entry in its routing table. As a result, TCP-LCD can
employ this ICMPv6 error messages as connectivity disruption
indication, too.
7.4. TCP-LCD and IP Tunnels
It is worth noting that IP tunnels, including IPsec [RFC4301], IP in
IP [RFC2003], Generic Routing Encapsulation (GRE) [RFC2784], and
others are compatible with TCP-LCD, as long as the received ICMP
unreachable messages can be demultiplexed and extracted appropriately
by the TCP sender during timeout-based loss recovery.
If for example end-to-end tunnels like IPSec in transport mode
[RFC4301] are employed, a TCP sender may receive ICMP unreachable
messages, where additional steps, e.g., decrypting in step (5) of the
algorithm is needed to extract the TCP header from these ICMP
messages. Provided that the received ICMP unreachable message
contains enough information, i.e., SEQ.SEG is extractable, these
information MAY still be used as a valid input for the proposed
algorithm.
Likewise, if IP encapsulation like [RFC2003] is used in some part of
the path between the communicating hosts, instead of the TCP sender,
the tunnel ingress node may receive the ICMP unreachable messages
from an intermediate router experiencing the link outage.
Nevertheless, the tunnel ingress node may replay the ICMP unreachable
messages in order to inform the TCP sender. If enough information is
preserved to extract SEQ.SEG, the replayed ICMP unreachable messages
MAY still be used in TCP-LCD.
8. Related Work
In literature there are several methods that address TCP's problems
in the presence of connectivity disruptions. Some of them try to
Zimmermann & Hannemann Expires May 21, 2010 [Page 18]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
improve TCP's performance by modifying lower layers. For example
[SM03] introduces a "smart link layer", which buffers one segment for
each active connection and replaying these segments on connectivity
re-establishment. This approach has a serious drawback: previously
stateless intermediate routers have to be modified in order to
inspect TCP headers, to track the end-to-end connection and to
provide additional buffer space. These lead all in all to an
additional need of memory and processing power.
On the other hand stateless link layer schemes, like proposed in
[RFC3819], which unconditionally buffer some small number of packets
may have another problem: if a packet is buffered longer than the
maximum segment lifetime (MSL) of 2 min [RFC0793], i.e., the
disconnection lasts longer than MSL, TCP's assumption that such
segments will never be received will no longer be true, violating
TCP's semantics [I-D.eggert-tcpm-tcp-retransmit-now].
Other approaches like TCP-F [CRVP01] or the Explicit Link Failure
Notification (ELFN) [HV02] inform a TCP sender about a disrupted path
by special messages generated and sent from intermediate routers. In
case of a link failure the TCP sender stops sending segments and
freezes its retransmission timers. TCP-F stays in this state and
remains silent until either a "route establishment notification" is
received or an internal timer expires. In contrast, ELFN
periodically probes the network to detect connectivity re-
establishment. Both proposals rely on changes to intermediate
routers, whereas the scheme proposed in this document is a sender-
only modification. Moreover, ELFN does not consider congestion and
may impose serious additional load on the network, depending on the
probe interval.
The authors of ATCP [LS01] propose enhancements to identify different
types of packet loss by introducing a layer between TCP and IP. They
utilize ICMP destination unreachable messages to set TCP's receiver
advertised window to zero and thus forcing the TCP sender to perform
zero window probing with a exponential backoff. ICMP destination
unreachable messages, which arrive during this probing period, are
ignored. This approach is nearly orthogonal to this document, which
exploits ICMP messages to undo a retransmission timer backoff when
TCP is already probing. In principle both mechanisms could be
combined, however, due to security considerations it does not seem
appropriate to adopt ATCP's reaction as discussed in Section 5.5.
Schuetz et al. describe in [I-D.schuetz-tcpm-tcp-rlci] a set of TCP
extensions that improve TCP's behavior when transmitting over paths
whose characteristics can change on short time-scales. Their
proposed extensions modify the local behavior of TCP and introduce a
new TCP option to signal locally received connectivity-change
Zimmermann & Hannemann Expires May 21, 2010 [Page 19]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
indications (CCIs) to remote peers. Upon reception of a CCI, they
re-probe the path characteristics either by performing a speculative
retransmission or by sending a single segment of new data, depending
on whether the connection is currently stalled in exponential backoff
or transmitting in steady-state, respectively. The authors focus on
specifying TCP response mechanisms, nevertheless underlying layers
would have to be modified to explicitly send CCIs to make these
immediate responses possible.
9. IANA Considerations
This memo includes no request to IANA.
10. Security Considerations
The algorithm proposed in this document is considered to be secure.
For example an attacker, who already guessed the correct four-tuple
(i.e., Source IP Address, Source TCP port, Destination IP Address,
and Destination TCP port), can still not make a TCP modified with
TCP-LCD to flood the network just by sending forged ICMP unreachable
messages in an attempt to maliciously shorten the retransmission
timer. The attacker additionally would need to guess the correct
segment sequence number of the current timeout-based retransmission,
with a probability of at most 1/2^32. Even in the case of man-in-
the-middle attacks, i.e., attacks performed in scenarios in which the
attacker can sniff the retransmissions, the impact on network load is
considered to be low, since the retransmission frequency is limited
by the RTO that was computed before TCP has entered the timeout-based
loss recovery. Hence, the highest probing frequency is expected to
be even lower than once per minimum RTO, i.e. 1s as specified by
[RFC2988].
11. Acknowledgments
We would like to thank Ilpo Jarvinen, Pasi Sarolahti, Timothy
Shepard, Joe Touch and Carsten Wolff for feedback on earlier versions
of this document. We also thank Michael Faber, Daniel Schaffrath,
and Damian Lukowski for implementing and testing the algorithm in
Linux. Special thanks go to Ilpo Jarvinen for giving valuable
feedback regarding the Linux implementation.
This work has been supported by the German National Science
Foundation (DFG) within the research excellence cluster Ultra High-
Speed Mobile Information and Communication (UMIC), RWTH Aachen
University.
Zimmermann & Hannemann Expires May 21, 2010 [Page 20]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
12. References
12.1. Normative References
[I-D.ietf-tcpm-1323bis]
Borman, D., Braden, R., and V. Jacobson, "TCP Extensions
for High Performance", draft-ietf-tcpm-1323bis-01 (work in
progress), March 2009.
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5,
RFC 792, September 1981.
[RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
RFC 793, September 1981.
[RFC1812] Baker, F., "Requirements for IP Version 4 Routers",
RFC 1812, June 1995.
[RFC2988] Paxson, V. and M. Allman, "Computing TCP's Retransmission
Timer", RFC 2988, November 2000.
[RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion
Control", RFC 5681, September 2009.
12.2. Informative References
[CRVP01] Chandran, K., Raghunathan, S., Venkatesan, S., and R.
Prakash, "A feedback-based scheme for improving TCP
performance in ad hoc wireless networks", IEEE Personal
Communications vol. 8, no. 1, pp. 34-39, February 2001.
[HV02] Holland, G. and N. Vaidya, "Analysis of TCP performance
over mobile ad hoc networks", Wireless Networks vol. 8,
no. 2-3, pp. 275-288, March 2002.
[I-D.eggert-tcpm-tcp-retransmit-now]
Eggert, L., "TCP Extensions for Immediate
Retransmissions", draft-eggert-tcpm-tcp-retransmit-now-02
(work in progress), June 2005.
[I-D.ietf-tcpm-icmp-attacks]
Gont, F., "ICMP attacks against TCP",
draft-ietf-tcpm-icmp-attacks-06 (work in progress),
August 2009.
[I-D.schuetz-tcpm-tcp-rlci]
Schuetz, S., Koutsianas, N., Eggert, L., Eddy, W., Swami,
Y., and K. Le, "TCP Response to Lower-Layer Connectivity-
Zimmermann & Hannemann Expires May 21, 2010 [Page 21]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
Change Indications", draft-schuetz-tcpm-tcp-rlci-03 (work
in progress), February 2008.
[KP87] Karn, P. and C. Partridge, "Improving Round-Trip Time
Estimates in Reliable Transport Protocols", Proceedings of
the Conference on Applications, Technologies,
Architectures, and Protocols for Computer Communication
(SIGCOMM'87) pp. 2-7, August 1987.
[LS01] Liu, J. and S. Singh, "ATCP: TCP for mobile ad hoc
networks", IEEE Journal on Selected Areas in
Communications vol. 19, no. 7, pp. 1300-1315, 2001 July.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
September 1981.
[RFC0826] Plummer, D., "Ethernet Address Resolution Protocol: Or
converting network protocol addresses to 48.bit Ethernet
address for transmission on Ethernet hardware", STD 37,
RFC 826, November 1982.
[RFC1122] Braden, R., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122, October 1989.
[RFC2003] Perkins, C., "IP Encapsulation within IP", RFC 2003,
October 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998.
[RFC2784] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P.
Traina, "Generic Routing Encapsulation (GRE)", RFC 2784,
March 2000.
[RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
of Explicit Congestion Notification (ECN) to IP",
RFC 3168, September 2001.
[RFC3522] Ludwig, R. and M. Meyer, "The Eifel Detection Algorithm
for TCP", RFC 3522, April 2003.
[RFC3782] Floyd, S., Henderson, T., and A. Gurtov, "The NewReno
Modification to TCP's Fast Recovery Algorithm", RFC 3782,
April 2004.
Zimmermann & Hannemann Expires May 21, 2010 [Page 22]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
[RFC3819] Karn, P., Bormann, C., Fairhurst, G., Grossman, D.,
Ludwig, R., Mahdavi, J., Montenegro, G., Touch, J., and L.
Wood, "Advice for Internet Subnetwork Designers", BCP 89,
RFC 3819, July 2004.
[RFC4015] Ludwig, R. and A. Gurtov, "The Eifel Response Algorithm
for TCP", RFC 4015, February 2005.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, December 2005.
[RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control
Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification", RFC 4443, March 2006.
[RFC5682] Sarolahti, P., Kojo, M., Yamamoto, K., and M. Hata,
"Forward RTO-Recovery (F-RTO): An Algorithm for Detecting
Spurious Retransmission Timeouts with TCP", RFC 5682,
September 2009.
[SESB05] Schuetz, S., Eggert, L., Schmid, S., and M. Brunner,
"Protocol enhancements for intermittently connected
hosts", SIGCOMM Computer Communication Review vol. 35, no.
3, pp. 5-18, December 2005.
[SM03] Scott, J. and G. Mapp, "Link layer-based TCP optimisation
for disconnecting networks", SIGCOMM Computer
Communication Review vol. 33, no. 5, pp. 31-42,
October 2003.
[Zh86] Zhang, L., "Why TCP Timers Don't Work Well", Proceedings
of the Conference on Applications, Technologies,
Architectures, and Protocols for Computer Communication
(SIGCOMM'86) pp. 397-405, August 1986.
Appendix A. Changes from previous versions of the draft
A.1. Changes from draft-zimmermann-tcp-lcd-02
o Incorporated feedback submitted by Ilpo Jarvinen.
<http://www.ietf.org/mail-archive/web/tcpm/current/msg04841.html>
o Incorporated feedback submitted by Pasi Sarolahti.
<http://www.ietf.org/mail-archive/web/tcpm/current/msg04870.html>
o Incorporated feedback submitted by Joe Touch.
<http://www.ietf.org/mail-archive/web/tcpm/current/msg04895.html>
Zimmermann & Hannemann Expires May 21, 2010 [Page 23]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
<http://www.ietf.org/mail-archive/web/tcpm/current/msg04900.html>
o Extended and reorganized the discussion (Section 5):
* Every discussion item got its own title, so that we have a
better overview.
* Extended Retransmission Ambiguity section. Added also some
references to the historical retransmission ambiguity problem.
* Heavily extended discussion about wrapped sequence numbers (see
Joe's comments).
* Described the influence of packet duplication on the algorithm
(Thanks to Ilpo).
* The section "Protecting Against Misbehaving Routers" is not a
subsection anymore. Moreover, the section was renamed to
"Dissolving Ambiguity Issues" and has now real content.
o An interoperability issues section (Section 7) was added. In
particular comments to ECN, ICMPv6, and to the two thresholds R1
and R2 of [RFC1122] (Section 4.2.3.5) were added.
o Miscellaneous editorial changes. In particular, the algorithm has
a name now: TCP-LCD.
A.2. Changes from draft-zimmermann-tcp-lcd-01
o The algorithm in Section 4.2 was slightly changed. Instead of
reverting the last retransmission timer backoff by halving the
RTO, the RTO is recalculated with help of the "BACKOFF_CNT"
variable. This fixes an issue that occurred when the
retransmission timer was backed off but bounded by a maximum
value. The algorithm in the previous version of the draft, would
have "reverted" to half of that maximum value, instead of using
the value, before the RTO was doubled (and then bounded).
o Miscellaneous editorial changes.
A.3. Changes from draft-zimmermann-tcp-lcd-00
o Miscellaneous editorial changes in Section 1, 2 and 3.
o The document was restructured in Section 1, 2 and 3 for easier
reading. The motivation for the algorithm is changed according
TCP's problem to disambiguate congestion from non-congestion loss.
Zimmermann & Hannemann Expires May 21, 2010 [Page 24]
�
Internet-Draft Making TCP more Robust to LCDs November 2009
o Added Section 4.1.
o The algorithm in Section 4.2 was restructured and simplified:
* The special case of the first received ICMP destination
unreachable message after an RTO was removed.
* The "BACKOFF_CNT" variable was introduced so it is no longer
possible to perform more reverts than backoffs.
o The discussion in Section 5 was improved and expanded according to
the algorithm changes.
Authors' Addresses
Alexander Zimmermann
RWTH Aachen University
Ahornstrasse 55
Aachen, 52074
Germany
Phone: +49 241 80 21422
Email: zimmermann@cs.rwth-aachen.de
Arnd Hannemann
RWTH Aachen University
Ahornstrasse 55
Aachen, 52074
Germany
Phone: +49 241 80 21423
Email: hannemann@nets.rwth-aachen.de
Zimmermann & Hannemann Expires May 21, 2010 [Page 25]
�