TPOT Translucent Proxying of TCP

1
TPOTTranslucent Proxying of TCP

• Pablo Rodriguez, Sandeep Sibal, Oliver Spatscheck

ATT Labs - Research
2
The Problem
Destination
Split TCP flow !
Intermediate proxy
ACK
DATA
Router
SYN
Source proxy
3
The Solution
Destination
Intermediate proxy
IP Tunnel
ACK tunneling info
DATA
SYN
Router
Source proxy
4
The Protocol
Intermediate Translucent Proxy (P,P_p)
Destination (D,D_p)
Source Translucent Proxy (S,S_p)
SYN (S,S_p,D,D_p) (tcp_option SET)
ACK (D,D_p,S,S_p) (tcp_option P,P_p)
DATA (S,S_p,D,D_p) (IP-Tunneled via P, P_p)
5
TPOT Benefits

• Proxies can be placed and cascaded
• Anywhere in the network
• Without configuration
• Without additional signalling
• Graceful overload handling and fault tolerance
• Fall back to plain IP routing
• Late commitment Proxy decides to proxy a
  connection during connection establishment not
  during signaling
• Smaller RTTs and drop rates improve throughput
• TPOT enables connection pooling

6
TPOT Costs

• Enabling TPOT requires either
• Changing TCP/IP stack of client, or
• Using an explicit proxy on the client, or
• Placing the access proxy at a focal point
• Extra processing on TPOT machine
• Scales using TPARTY - farm of TPOT machines close
  to router
• Extra bandwidth for IP tunnel
• Decreased by header compression for inner headers
• TPOT-hierarchy fixed for the lifetime of a TCP
  connection
• Might lead to sub-optimal routing of
  traffic(unlikely for current rate of route
  changes)
• TPOT does not discover proxies not on the route
  to the original source

7
TPOT Example Cable Access

• Problem
• Provide caching for a cable access network
• Requirements
• Low investment
• Easy management
• Multiple routes
• Fault tolerant
• Low overhead
• Solution
• TPOT enabled cable access modem which allows the
  use of caches in aggregation points

8
TPOT Example Cable Access
Origin Server
Origin Server
Origin Server
PROXY
PROXY
PROXY
PROXY
PROXY
PROXY
Cable Modem
Cable Modem
Cable Modem
PROXY
Client
Client
Client
9
TPOT Example Cable Access - Benefits

• Low Investment
• Cable modem can be used to TPOT enable client
• Easy Management
• No client site configuration
• Multiple Routes
• Use of TPOT provides IP tunnel
• Fault Tolerance
• Failure of any cache in the network does not
  impact client
• Low Overhead
• No signaling overhead

10
Performance

• Measurement of TCP throughput
• different RTTs
• 10MBits/sec Ethernet
• with two TPOT machine or two Router
• TPOT has been implemented on Scout
• TPOT is currently being ported to Linux
• Extensive performance testing and analysis is
  reported in ATT TR 00.4.1

11
TPOT Related Work

• Transparent Proxies
• have to be on a focal point
• Active Networks
• require a new networking infrastructure
• are difficult to deploy incrementally
• Transformer Tunnels
• require additional signalling and/or
  configuration
• Proxy Autodiscovery Protocols
• requires additional signaling

12
Conclusion

• TPOT provides scalable proxy cache discovery
• without additional signaling
• without configuration
• with incremental deployment
• with fault tolerance