TCP/ICN: Carrying TCP over Content Centric and Named Data Networks - - PowerPoint PPT Presentation

TCP/ICN: Carrying TCP over Content Centric and Named Data Networks

Ilya Moiseenko Cisco Systems Dave Oran Cisco Systems

Outline

I. Introduction

• II. Design

– Basic fetching proxy – Reliable prefetching proxy – Unreliable prefetching proxy

• III. Evaluation
• IV. Conclusions

2

3

• I. Introduction

Why Bother?

You could just run Dual-Stack in ”Ships-in-the-night” mode. But… a major attraction of ICN is simplification and performance in environments not friendly to IP:

• Mobile edge – eliminate tunnels, respond more

quickly to mobility events, temporal caching at the edge for better error control

• IoT – Much smaller code footprint, better integration

with radio protocols, lower background chatter than IP

4

High-level goals

• 1. Unaltered TCP/IP stack and applications
• 2. Preserve TCP end-to-end semantics

– Split-TCP functionality can be added afterwards

• 3. Pull data between proxies (i.e. don’t require

data push in Interests)

• 4. Compatibility with both CCN and NDN
• 5. Minimize overhead

5

Non-goals

• 1. Support of UDP or other transport protocols
• 2. Heterogeneous addressing and routing

– Each proxy owns a routable name prefix – Do not propose IP addr <-> name prefix mapping

• 3. Path MTU-discovery and fragmentation

– Assume standard 1500-byte TCP MSS and up to 9000 bytes ICN Data messages

6

• II. Design

7

Main challenges

• How to reconcile the TCP/IP push model with the ICN

pull model?

• How to minimize inflation of message count and

message sizes?

• How much does the translation function need to

understand the TCP state machine?

• How to marry the ICN and TCP congestion and flow

control models?

8

Design alternatives for TPC/ICN Proxies

• We designed and evaluated three approaches:

– Simple one-to-one mapping of TCP messages to ICN exchanges – Track the TCP state machine in the proxies to provide reliability over the ICN segment of the path – Map TCP Data to ICN Data using an unreliable inter-proxy channel

• Connection state machine same for all three –

differ only in the data phase

9

Shared parts

10

TCP connection setup

Interest: /<routable prefix>/<TCP/IP headers>/<nonce> SYN flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> SYN, ACK flags Interest: /<routable prefix>/<TCP/IP headers>/<nonce> ACK flag /verizon /att /verizon Interest: /<routable prefix>/<TCP/IP headers>/<nonce> FIN flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> ACK flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> ACK flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> FIN flag /verizon /att /att /verizon

TCP connection teardown

Basic fetching

• Data encapsulates a TCP segment carrying payload

/[forward-proxy-prefix]/[TCP-4-tuple]/[TCP-sequence-number]/[Wraparound-number]

• Interest encapsulates an empty TCP segment

/[reverse-proxy-prefix]/[TCP-IP-headers]/[nonce]

• Slow: 2x RTT, 2x packets

11 Forward proxy Interest with TCP/IP headers Reverse proxy Data carrying TCP payload 1" 2" 3" 4" Interest pulling data 5" 6" Data"cache" Unidirectional TCP flow TCP$data$$ segment$ TCP$data$$ segment$ TCP$$ ACK$ TCP$$ ACK$ Interest with TCP/IP headers TCP receiver TCP sender

Reliable prefetching

Data sequencing is independent from TCP sequencing

– Impossible to predict TCP sequence number progression

12

Interest: /<routable prefix>/<connection id>/<sequence#> TCP 4 tuple Interest: /<routable prefix>/<TCP/IP headers>/<nonce> SEQ # 376523 ACK # 1225142 TCP/IP: SEQ # 376523 ACK # 1225142 TCP/IP: SEQ # 1223682 ACK # 376523 TCP/IP: SEQ # 1225142 ACK # 376523 Forward proxy Unidirectional TCP flow 130 Interest: /<routable prefix>/<connection id>/<sequence#> TCP 4 tuple 129 Data: /<routable prefix>/<connection id>/<sequence#> TCP 4 tuple 129 Data: /<routable prefix>/<connection id>/<sequence#> TCP 4 tuple 130

Reliable prefetching

• Reverse proxy transmits an Interest prior to TCP segment

arrival at the forward proxy

– Enforces reliability

• Forward proxy advertises approx. TCP cwnd size
• Faster, but unstable. A lot of state in the proxy. Other issues.

13

Forward proxy Reverse proxy 1" 2" 3" 4" 6" Reliable" consumer" Interest" queue" cwnd" adver:ser" Data"queue"+"cache" TCP$data$$ segment$ TCP$data$$ segment$ 5" TCP$$ ACK$ TCP$$ ACK$ Interest per each RTT Interest pipelining w.r.t cwnd Data carrying TCP segment Unidirectional TCP flow Interest with TCP/IP headers TCP sender TCP receiver

Unreliable prefetching

Time-delayed naming

– Data names match TCP sequence numbers delivered one RTT ago

14 Interest: /<routable prefix>/<TCP/IP headers>/<nonce> SEQ # 376523 ACK # 1222222 Interest: /<routable prefix>/<TCP/IP headers>/<nonce> SEQ # 376523 ACK # 1225142 TCP/IP: SEQ # 376523 ACK # 1222222 TCP/IP: SEQ # 1223682 ACK # 376523 TCP/IP: SEQ # 1225142 ACK # 376523 Data: /<routable prefix>/<TCP/IP headers>/<nonce> SEQ # 376523 ACK # 1222222 Forward proxy Unidirectional TCP flow

Unreliable prefetching

• Interests encapsulating ACKs prefetch new TCP segments

– Not enough ACKs due to delayed ACK TCP mechanism – Package multiple TCP segments in a single Data message

• No additional reliability in ICN protocol
• Fast. Comparable to TCP/IP (cubic). Scalable.

15

Forward proxy Reverse proxy 1" 2" 3" 4" 6" Interest" queue" TCP" queue" TCP$data$$ segment$ TCP$data$$ segment$ 5" TCP$$ ACK$ TCP$$ ACK$ Interest with TCP/IP headers Data carrying multiple TCP data segments Unidirectional TCP flow TCP sender TCP receiver

Unreliable prefetching

A problem of full-duplex TCP connection: TCP piggybacks ACKs in the data segments

• -> no Interests are sent by the proxies
• A proxy detects full-duplex by analyzing ACK #
• Generates Interests on its own

– Fixed probability (e.g. 50% = every 2nd segment) – Function of ACK # progression

16

17

• III. Evaluation

Evaluation

TCP cubic over ICN vs. TCP cubic over IP

• NDNsim
• Proof of concept *nix implementation

– Unreliable prefetching

18

TCP client IP forwarder IP forwarder IP forwarder TCP server TCP client TCP server ICN forwarder TCP/ICN proxy TCP firewall ICN forwarder ICN forwarder TCP/ICN proxy TCP firewall

Flow completion time

19

TCP cubic Unreliable prefetching Reliable prefetching Basic fetching

0e+00 2e+07 4e+07 200 400 600

Time (ms) TCP sequence number

a a a a

Basic fetching Reliable prefetching TCP cubic Unreliable prefetching

Unreliable prefetching is 10% slower than TCP/IP

TCP retransmissions

20

TCP cubic Unreliable prefetching Reliable prefetching Basic fetching

500 1000 1500 2000 200 400 600

Time (ms) Total number of TCP retransmissions (packets)

a a a a

Basic fetching Reliable prefetching TCP cubic Unreliable prefetching

TCP congestion window size

21

TCP cubic Unreliable prefetching Reliable prefetching Basic fetching

20000 40000 60000 200 400 600

Time (ms) Cwnd (bytes)

a a a a

Basic fetching Reliable prefetching TCP cubic Unreliable prefetching

TCP retransmission timeout

22

TCP cubic Unreliable prefetching Reliable prefetching Basic fetching

500 1000 1500 2000 200 400 600

Time (ms) RTO (ms)

a a a a

Basic fetching Reliable prefetching TCP cubic Unreliable prefetching

Flow fairness and completion time

23

50 100 150 200 1 10 100 500

TCP flow size (Mb) TCP flow completion time (sec)

TCP/ICN TCP/IP

• Unreliable

prefetching

• tcpperf tool +

proxy PoC

• 10 competing

unidirectional flows

• Within 5%

difference with TCP/IP

• Fair

Beyond synthetic tests

TLS requires additional accommodations

– Inject extra Interests at TCP connection setup phase to fetch TLS server hello messages

24

Web browser Web server ICN forwarder TCP/ICN proxy TCP firewall ICN forwarder ICN forwarder TCP/ICN proxy TCP firewall

Conclusions

• We can run many Internet applications

without IP

• TCP is highly optimized for IP

– But it works surprisingly well over ICN!

25

Q/A

26