Multipath TCP: an overview
Things have gotten rather more complicated in the years since TCP was first deployed. Connections to multiple networks, once the province of large server systems, are now ubiquitous; a smartphone, for example, can have separate, simultaneous interfaces to a cellular network, a WiFi network, and, possibly, other networks via Bluetooth or USB ports. Each of those networks provides a possible way to reach a remote host, but any given TCP session will use only one of them. That leads to obvious policy considerations (which interface should be used when) and operational difficulties: most handset users are familiar with how a WiFi-based TCP session will be broken if the device moves out of range of the access point, for example.
What if a TCP session could make use of all of the available paths between the two endpoints at any given time? There would be performance improvements, since each of the paths could carry data in parallel, and congested paths could be avoided in favor of faster paths at any given time. Sessions could also be more robust. Imagine a video stream that is established over both WiFi and cellular networks; if the watcher leaves the house (one hopes somebody else is driving), the stream would shift transparently to the cellular connection without interruption. Data centers, where multiple paths between systems and variable congestion are both common, could also make use of a multipath-capable transport protocol.
The problem is that TCP does not work that way. Enter MPTCP, which is designed to work that way.
How it works
A TCP session is normally set up by way of a three-way handshake. The initiating host sends a packet with the SYN flag set, the receiving host, if it is amenable to the connection, responds with a packet containing both the SYN and ACK flags. The final ACK packet sent by the initiator puts the connection into the "established" state; after that, data can be transferred in either direction.
An MPTCP session starts in the same way, with one change: the initiator adds the new MP_CAPABLE option to the SYN packet. If the receiving host supports MPTCP, it will add that option to its SYN-ACK reply; the two hosts will also include cryptographic keys in these packets for later use. The final ACK (which must also carry the MP_CAPABLE option) establishes a multipath session, albeit a session using a single path just like traditional TCP.
When MPTCP is in use, both sides recognize a distinction between the session itself and any specific "subflow" used by that session. So, at any point, either party to the session can initiate another TCP connection to the other side, with the proviso that the address and/or port at one end or the other of the connection must differ. So, if a smartphone has initiated an MPTCP connection to a server using its WiFi interface:
![[Cheesy diagram]](https://static.lwn.net/images/2013/mptcp1.png)
It can add another subflow at any time by connecting to the same server by way of its cellular interface:
![[Cheesy diagram]](https://static.lwn.net/images/2013/mptcp2.png)
That subflow is added by sending a SYN packet with the MP_JOIN option; it also includes information on which MPTCP session is to be joined. Needless to say, the protocol designers are concerned that a hostile party might try to join somebody else's session; the previously-exchanged cryptographic keys are used to prevent such attacks from succeeding. If the receiving server is amenable to adding the subflow, it will allow the establishment of the new TCP connection and add it to the MPTCP session.
Once a session has more than one subflow, it is up to the systems on each end to decide how to split traffic between them (though it is possible to mark a specific subflow for use only when any others no longer work). A single receive window applies to the session as a whole. Each subflow looks like a normal TCP connection, with its own sequence numbers, but the session as a whole has a separate sequence number; there is another TCP option (DSS, or "Data Sequence Signal") which is used to inform the other end how data on each subflow fits into the overall stream.
Subflows can come and go over the life of an MPTCP connection. They can be explicitly closed by either end, or they can simply vanish if one of the paths becomes unavailable. If the underlying machinery is working well, applications should not even notice these changes. Just like IP can hide routing changes, MPTCP can hide the details of which paths it is using at any given time. It should, from an application's point of view, just work.
Needless to say, there are vast numbers of details that have been glossed over here. Making a protocol extension like this work requires thinking about issues like congestion control, how to manage retransmissions over a different path, how one party can tell the other about additional addresses (paths) it could use, how to decide when setting up multiple subflows is worth the expense, and so on. The MPTCP designers have done much of that thinking; see RFC 6824 for the details.
The dreaded middlebox
One set of details merits a closer look, though. The designers of MPTCP are not interested in going through an idle academic exercise; they want to create a solution to real problems that will be deployed on the existing Internet. And that means designing something that will function with the net as it exists now. At one level, that means making things work transparently for TCP-based applications. But there is an entire section in the RFC that is concerned with "middleboxes" and how they can sabotage any attempt to introduce a new protocol.
Middleboxes are routers that impose some sort of constraint or transformation on network traffic passing through them. Network address translation (NAT) boxes are one example: they hide an entire network behind a translation layer that will change the address and port of a connection on its way through. NAT boxes can also insert data into a stream — adding commands to make FTP work, for example. Some boxes will acknowledge data on its way through, well before it arrives at the real destination, in an attempt to increase pipelining. Some routers will drop packets with unknown options; that behavior made the rollout of the selective acknowledgment (SACK) feature much harder than it needed to be. Firewalls will kill connections with holes in the sequence number stream; they will also, sometimes, transform sequence numbers on the way through. Splitting and coalescing of segments can cause options to be dropped or duplicated. And so on; the list of potential problems is impressive.
On top of that, anybody trying to introduce an entirely new transport-layer is likely to discover that it will not make it across the Internet at all. Much of the routing infrastructure on the net assumes that TCP and UDP are all there is; anything else has a poor chance of making it through.
Working around these issues drove the design of MPTCP at all levels. TCP was never designed for multiple subflows; rather than bolting that idea onto the protocol, it might well have been better to start over. One could have incorporated the lessons learned from TCP in all ways — including doing things entirely differently where it made sense. But the resulting protocol would not work on today's Internet, so the designers had no choice but to create a protocol that, to almost every middlebox out there, looks like plain old TCP.
So every subflow is an independent TCP connection in every respect. Since holes in sequence numbers can cause problems, each subflow has its own sequence and a mapping layer must be added on top. That mapping layer uses relative sequence numbers because some middlebox may have changed those numbers as they passed through. The two sides assign "address identifiers" to the IP addresses of their interfaces and use those identifiers to communicate about those interfaces, since the addresses themselves may be changed by a NAT box in the middle. When one side tells the other about an available interface, it adds an "address identifier" to be used in future messages because a NAT box might change the visible address of that interface. Special checks exist for subflows that corrupt data, insert preemptive acknowledgments, or strip unknown options; such subflows will not be used. And the whole thing is designed to fall back gracefully to ordinary TCP if the interference is too strong to overcome.
It is all a clever bit of design on the part of the MPTCP developers, but it also highlights an area of concern: the "dumb" Internet with end-to-end transparent routing of data is a thing of the distant past. What we have now is inflexible and somewhat hostile to the deployment of new technologies. The MPTCP developers have been able to work around these limitations, but the effort required was considerable. In the future, we may find that the net is broken in fundamental ways and it simply cannot be fixed; some might say that the difficulties in moving to IPv6 show that this has already happened.
Future directions
The current MPTCP code can be found at the MPTCP github repository; it adds a good 10,000 lines to the mainline kernel's networking subtree. While it has apparently been the subject of discussions with various networking developers, it has not, yet, been posted for public review or inclusion into the mainline. It does, however, seem to work: the MPTCP developers claim to have implemented the fastest TCP connection ever by transmitting at a rate of 51.8Gb/s over six 10Gb links.
MPTCP is still relatively young, so there is almost certainly quite a bit of work yet to be done before it is ready for mainline merging or production use. There is also some thinking to be done on the application side; it may be possible for MPTCP-aware applications to make better use of the available paths. Projects like this are arguably never finished (we are still refining TCP, after all), but MPTCP does seem to have reached the point where more users may want to start experimenting with it.
Anybody wanting to play with this code can grab the project's kernel
repository and build a custom kernel. For those who are not up to that
level of effort, the project offers a number of other
options, including a Debian repository, instructions for running MPTCP
on Amazon's EC2, and kernels for a handful of Android-based handsets.
Needless to say, the developers are highly interested in hearing bug
reports or other testing results.
| Index entries for this article | |
|---|---|
| Kernel | Networking/Protocols |
Posted Mar 26, 2013 23:17 UTC (Tue)
by marcH (subscriber, #57642)
[Link] (22 responses)
Other differences?
Posted Mar 27, 2013 0:09 UTC (Wed)
by nhorman (guest, #31658)
[Link] (17 responses)
I wonder if there would be value in a user library that remapped tcp streams on toof multihomed sctp streams? Not universally useful of course, but perhaps a nice alternate solution in some situations
Posted Mar 27, 2013 3:50 UTC (Wed)
by ebiederm (subscriber, #35028)
[Link] (2 responses)
But you can establish a MP-TCP connection using the existing socket APIs. As part of that connect establishment the MP-TCP stack can share all of your routable IP addresses and see which IPs on either side can connect to each other.
With those additional connections MP-TCP can with proper congestion control load-balance your traffic across those flows.
Additionally MP-TCP can add and drop subflows as your device meanders around and connects and disconnects from different networks.
API augmentation is only needed for the times when the defaults aren't optimal for some configuration.
Posted Apr 4, 2013 4:04 UTC (Thu)
by kevinm (guest, #69913)
[Link] (1 responses)
Posted Apr 4, 2013 6:24 UTC (Thu)
by christophpaasch (subscriber, #54567)
[Link]
So, even if the host has moved away (e.g., moved away from its WiFi access-point and MPTCP switched to 3G), the syscalls still return the old address of the WiFi interface.
Posted Mar 27, 2013 4:02 UTC (Wed)
by corbet (editor, #1)
[Link] (13 responses)
Posted Mar 27, 2013 13:58 UTC (Wed)
by nhorman (guest, #31658)
[Link] (12 responses)
Note, I'm not implying that this is a knock against the notion of MP-TCP, just pointing out that its not completely transparent. Nor should it necessecarily be so. I'm sure that applications will want some level of policy control over which path they take (i.e. phones connected to celular and wifi networks will want to prioritize the wifi as its likely a faster connection).
Posted Mar 27, 2013 14:07 UTC (Wed)
by corbet (editor, #1)
[Link] (7 responses)
Posted Mar 28, 2013 17:13 UTC (Thu)
by kov (subscriber, #7423)
[Link] (6 responses)
Posted Mar 30, 2013 21:12 UTC (Sat)
by roblucid (guest, #48964)
[Link] (5 responses)
Why should applications, worry & account for multi-homing an so on? You still end up adminstering firewalls to set a policy at a more feasible level.
Posted Mar 30, 2013 22:02 UTC (Sat)
by dlang (guest, #313)
[Link]
I also don't expect servers to expose multiple connections very frequently, they don't need to and if they are serving substantial numbers of clients, they probably don't want to have any one client be able to use a substantial amount of bandwidth.
I see two categories where multipath TCP makes lots of sense
1. multi-homed clients (wifi + cell, DSL + cable + cell backup, etc)
Here, only the client has multiple IP addresses
2. huge file transfers within one organization on specially setup paths
Here both the client and server may have multiple IP addresses, and even with just a single IP at both ends, they may want to use many subconnections to be more resistant to the effects of packet loss.
Posted Mar 31, 2013 7:43 UTC (Sun)
by paulj (subscriber, #341)
[Link] (3 responses)
Trying to make the network handle choosing these trade-offs would require either building lots of complex logic into it, to try dynamically second-guess the needs of each user, and/or lots of signalling, to allow the user to instruct the network what it wants (with attendant state overheads in the network).
Pushing these problems out to the edges of the network - ideally to the end-stations - avoids the need for complex, fragile networks. Complex networks also tend to have an ossifying effect on development of new applications. Have a read of "The rise of the stupid network", mirrored at, e.g,: http://www.rageboy.com/stupidnet.html .
Basically, the network should be as simple as it needs to be, but no simpler. ;)
Posted Apr 1, 2013 13:24 UTC (Mon)
by intgr (subscriber, #39733)
[Link] (2 responses)
Sorry to hijack this thread, but I wanted to stress this point. This is exactly what's wrong with NAT: it builds too much smarts into devices whose real purpose is just juggling packets around.
And you see the pains every time someone wants to add an extension to TCP (like MPTCP, ECN and others) or introduce a new transport protocol (SCTP, DCCP). In fact, even application developers suffer and have to come up with clever workarounds (STUN, TURN) or less clever (UPnP). People have to spend heroic amounts of time to work through all the potential issues these "smart" middleboxes introduce, with every vendor bringing their own quirks and bugs on the table.
In the end, innovation suffers and robustness of networks in general suffers due to all the workarounds that have to be employed.
It drives me nuts when people deploy IPv6 and still don't get it, "we're an enterprise, we need NAT". No you don't, you need a firewall.
</rant>
Posted Apr 1, 2013 13:44 UTC (Mon)
by paulj (subscriber, #341)
[Link] (1 responses)
While complexity generally should be pushed to the end-stations and kept out of the network, as much as possible, that does not mean *all* complexity should be kept out of the network. There are certain basic functions that *should* be kept in the network, along with whatever complexity is required to support those functions.
E.g. the original designers of TCPIP believed it was very important for the network to abstract away differences in MTUs. They argued that otherwise it would be difficult for end-stations to reliably work-around differences in MTU, so that it would become difficult for the network to make use of larger MTUs. This would block the use of techniques such encapsulation, extra-addressing, etc., by end-stations to solve problems such as mobility, etc. For this reason they made TCPIP support fragmentation at the network level.
Sadly, later implementors and stewards of IP concluded differently. They moved to deprecate fragmentation from IPv4, and excluded it completely from IPv6. Instead, it was left to the end-stations to negotiate the correct MTU. Unfortunately however the original designers of IP have been proven correct. End-station MTU discovery has been proven to be fragile, and often does not work, due to stupid intermediate nodes blocking the required signalling (which is out of band). At the best of times it probably adds more latency than network level fragmentation.
As a result, the Internet is crippled with a 1500 MTU. :( The success of IPv6 would likely set this in stone.
See my blog: http://pjakma.wordpress.com/2011/06/28/cerf-and-kahn-on-w...
Posted Apr 1, 2013 15:46 UTC (Mon)
by intgr (subscriber, #39733)
[Link]
Sounds like PMTU discovery has the same enemies: "smart" middleboxes (NAT) and enterprise admins (firewalls).
While I agree that protocol designers should have seen it coming, I still think the larger part of the blame lies with device vendors not implementing existing protocols to the specification and not releasing updates even when those problems are pointed out to them -- basically holding the whole industry hostage because the cost is externalized.
Which brings me to a crazy idea -- perhaps we need an "Acid test of consumer routers" -- following the model of acidtests.org, which pressured several browser vendors to improve on their standards conformance, because every savvy user could easily see how broken their choice was. Has anyone attempted something like this already?
Posted Mar 27, 2013 14:47 UTC (Wed)
by christophpaasch (subscriber, #54567)
[Link] (3 responses)
Yes, it could be useful for some applications to have better control on the paths being used. But, this assumes that applications actually know what they want... ;)
Right now, the implementation automatically creates a full mesh among the availabe IP-addresses on the client and the server.
Concerning your use-case where one wants to push more traffic on WiFi than 3G:
[1] https://datatracker.ietf.org/doc/draft-ietf-mptcp-api/
Posted Apr 1, 2013 20:55 UTC (Mon)
by cesarb (subscriber, #6266)
[Link] (2 responses)
Posted Apr 1, 2013 21:08 UTC (Mon)
by christophpaasch (subscriber, #54567)
[Link]
Or, it is also possible to simply not open up a subflow across 3G and only create it after the phone lost the WiFi connection. MPTCP supports break-before-make scenarios.
It is simply a question of instructing the kernel to do one or the other through some kind of configuration interface (may it be sockopts, sysctl,...)
Posted Apr 1, 2013 22:11 UTC (Mon)
by marcH (subscriber, #57642)
[Link]
Far from ideal, but less and less unusual:
https://www.google.ie/search?q=3g+hotspot
Posted Mar 27, 2013 0:09 UTC (Wed)
by butlerm (subscriber, #13312)
[Link] (3 responses)
The SCTP socket API is simple enough unless you want to communicate with multiple peers on the same socket or use multiple streams. Then it gets complicated.
Posted Mar 27, 2013 3:30 UTC (Wed)
by tterribe (guest, #66972)
[Link] (2 responses)
Those can be done on top of TCP, too. See Minion: http://arxiv.org/abs/1103.0463
Posted Mar 27, 2013 8:32 UTC (Wed)
by butlerm (subscriber, #13312)
[Link]
Posted Apr 4, 2013 7:45 UTC (Thu)
by eternaleye (guest, #67051)
[Link]
They also have a 'cross-layer negotiation' design, allowing the decision of *which* minion is used to be made on a per-connection basis.
Their general concept of splitting the Transport layer up is (in my view) a very useful one. Even though the IETF passed on codifying it into the literature, it's a very useful pattern in designing protocols - layer an endpoint layer, a congestion layer, an isolation layer, and a semantic layer.
By using UDP as the endpoint layer, you can (potentially) avoid some of the problems MPTCP had to engage in heroics to deal with.
By using (say) a portless variant of DCCP on top of that as congestion control, you have something that could still be within the kernel (after all, there are various protocols implemented in the kernel that go on top of UDP or TCP) but because of the benefits of using UDP as the endpoint layer you don't have the horrific barriers to deployment DCCP proper ran aground on. Plus, this makes per-link congestion control feasible without breaking end-to-end reliability - which has been a significant problem due to the absolutely atrocious interaction of TCP, wireless LAN, and multiple layers of retransmission latency.
Layering the isolation layer here (rather than on top of the semantics) is genius. Aside from that it means you only need a design for datagrams, and not streams (so you can use DTLS regardless of the application-level semantics), it also means that the (intelligent in braindead ways) middleboxes only know information that they might have a valid reason to touch. Beyond that, they basically get told to push off.
Finally, you can build just about any semantics you like on top, by using the resulting building block of secure, point-to-point, CC-friendly unreliable datagram channels.
Posted Mar 26, 2013 23:54 UTC (Tue)
by dankamongmen (subscriber, #35141)
[Link] (1 responses)
Posted Mar 26, 2013 23:55 UTC (Tue)
by dankamongmen (subscriber, #35141)
[Link]
Posted Mar 27, 2013 5:20 UTC (Wed)
by dlang (guest, #313)
[Link] (1 responses)
It is also going to matter a lot on how the subflows are handled at each end (both ends have to work well)
If every application ends up having to implement this logic themselves, I don't think it has a chance of working outside of niche cases.
The question is if this logic belongs in a common library or in the kernel.
For now we are at the experimental stage where it should be done in userspace to allow for more experimentation. It will be interesting to see how the experiments settle out, especially in terms of catastrophic interactions between different strategies on the two ends.
Posted Mar 27, 2013 9:07 UTC (Wed)
by Lennie (subscriber, #49641)
[Link]
It is just the standard existing socket API, if the other side supports it, it will automatically use multiple TCP-connections (subflows).
It also just looks like standard TCP-connections (with some extra option fields filled in) and it automaticalled falls back to regular TCP if something does not work. That means it also works when it encounters NAT.
There is no need to create any userspace code. It can even automatically use IPv6 when you already have connected to an IPv4 address.
It can also handle loss of the first connection.
It's working code, other than that this is a out of tree kernel patch you can run it in a production environment right now (I'm not a developer on this project, just an observer, so don't take my word from it). The RFC is done, the code was developed in parallel to writing the RFC.
As I see it most of work now is trying to shape the patch in such a way that it is ready for mainline. Yes, it can still use some tweaking, but there was already years of evaluating solution and performance testing done.
I really doubt there will be any large changes other then lots and lots of refactoring to get it into mainline.
One thing 'missing' might be an API extension for an application to ask for which IP-addresses/port-numbers it is using right now. Currently you can only use the existing API, which reports the original IP-address/port-numbers that were involved to create the connection.
And it looks like the developers are trying to make it easier to setup the needed routing (when you want to use 2 Internet connections, you'll need two network connections, so: 2 sets of IP-addresses and 2 default gateways).
Here are the demos:
Posted Mar 27, 2013 7:04 UTC (Wed)
by dilinger (subscriber, #2867)
[Link] (3 responses)
Some of us leave the house without driving, you know. :)
Posted Mar 27, 2013 8:48 UTC (Wed)
by marcH (subscriber, #57642)
[Link]
Posted Apr 2, 2013 14:09 UTC (Tue)
by wookey (guest, #5501)
[Link] (1 responses)
But one has to make allowances for Americans, even ones as well-adjusted as our esteemed editor.
Posted Apr 6, 2013 10:37 UTC (Sat)
by Duncan (guest, #6647)
[Link]
Posted Mar 27, 2013 7:23 UTC (Wed)
by gylle (guest, #15057)
[Link] (4 responses)
Posted Mar 27, 2013 9:03 UTC (Wed)
by christophpaasch (subscriber, #54567)
[Link] (3 responses)
You can have a look at the scientific paper, which describes this mechanism:
(Section 4.2)
Posted Mar 27, 2013 11:46 UTC (Wed)
by gylle (guest, #15057)
[Link] (2 responses)
Posted Mar 27, 2013 12:43 UTC (Wed)
by christophpaasch (subscriber, #54567)
[Link] (1 responses)
Posted Mar 27, 2013 12:45 UTC (Wed)
by christophpaasch (subscriber, #54567)
[Link]
But there won't ever be more than one reinjection per RTT of the fast subflow.
Posted Mar 27, 2013 8:31 UTC (Wed)
by jezuch (subscriber, #52988)
[Link] (24 responses)
Posted Mar 27, 2013 8:35 UTC (Wed)
by dlang (guest, #313)
[Link] (6 responses)
I'm actually a bit surprised that they didn't layer it on top of UDP.
Posted Mar 27, 2013 8:54 UTC (Wed)
by marcH (subscriber, #57642)
[Link]
I guess this saves them re-implementing congestion control, which is insanely complicated http://lwn.net/Articles/128681/
Multipath TCP is not really "layered" in the usual sense since it needs one native TCP connection for every stream. It looks a bit like... a "plugin" :-)
Posted Mar 28, 2013 2:30 UTC (Thu)
by martinfick (subscriber, #4455)
[Link] (4 responses)
Posted Apr 1, 2013 21:57 UTC (Mon)
by marcH (subscriber, #57642)
[Link] (2 responses)
Of course any intermediate kind of network crippling is possible in theory.
Posted Apr 1, 2013 23:31 UTC (Mon)
by martinfick (subscriber, #4455)
[Link] (1 responses)
Posted Apr 20, 2013 0:32 UTC (Sat)
by vr000m (guest, #90483)
[Link]
Posted Apr 20, 2013 0:27 UTC (Sat)
by vr000m (guest, #90483)
[Link]
See:
Posted Mar 27, 2013 17:23 UTC (Wed)
by robert_s (subscriber, #42402)
[Link]
But I think I understand the reasons why this is not so simple, even if we're assuming widespread IPv6 adoption. Namely it would probably require widespread use of dynamic mesh routing protocols.
If you start with the assumption that the IP layer would need a consistent way of "addressing" a single node moving across connections - a single "IP Address" if you will, you've then got to remember that traditional internet routing works through the majority of IP address structure being hierarchical with respect to routing. This allows most nodes to keep their routing tables fairly small and static.
Essentially, you'd need a routing protocol that could deal with what was your broadband provider's IP suddenly coming under the hierarchy of your mobile provider's network. And the currently used routing protocols simply can't deal with that.
Posted Mar 28, 2013 9:54 UTC (Thu)
by ebiederm (subscriber, #35028)
[Link] (14 responses)
Most of the multipath work in IP is limited by the data structures used to represent routes, and so solutions like ILNP[1] and LISP[2] have been played with to solve the data structure problems, and in similar thinking IPv6 was built with the concept of interfaces having multiple addresses.
However if you want to use more than one of your available paths at once TCP must be changed. From a 10,000 foot view it looks like MP-TCP is making those deep changes to TCP that are needed to do a good job using multiple paths across the network at once.
[1] http://ilnp.cs.st-andrews.ac.uk/
Posted Mar 28, 2013 16:33 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Posted Mar 29, 2013 20:22 UTC (Fri)
by giraffedata (guest, #1954)
[Link] (12 responses)
I believe that is the question that some of us have. Why does TCP have to change? The IP I learned long ago has multipath routing built in and the TCP driver couldn't stop it if it wanted to. If TCP has to be involved in routing, then is part of MPTCP giving the layer above IP the ability to constrain how IP routes the packets?
I don't know anything about route advertisement protocols, but assuming there isn't one today that lets the handset merely tell the server that it can reach 1.2.3.4 via 4.3.2.1 (two of the handset's IP addresses), would it be harder to add that than to add the ability for the server to recognize two TCP destinations as the same place (MPTCP)?
Posted Mar 30, 2013 10:26 UTC (Sat)
by paulj (subscriber, #341)
[Link] (11 responses)
However, some hosts have multiple network connections. E.g., a common case today is having both a 3G and a wifi connection, each to a completely different network.
There is no way in IP to treat multiple IP addresses as one logical IP, and have IP handle the routing between them. Well, there are some ways (Mobile IP). Unfortunately these solutions rely on tunnelling packets, and the lack of foresight of IP designers and network operators in crippling the Internet to a fixed MTU means tunnelling is not generally practical with the Internet today. (And, sadly, IPv6 makes things worse in this regard :( ).
So, if you want to make use of multiple, disparate, network attachments, you need to do this above IP. Either you must modify TCP, or you must insert another protocol between IP and TCP (e.g. a shim, see shim6). Unfortunately, again down to lack of foresight and (most of all) stupidity of network operators, new IP protocols are not generally practical with the Internet today - too many idiotic middle-boxes will filter it out. So at the TCP level it has to be.
(There's a recurring theme here. If IPv6 fails - and it might - the next generation IP protocol will have to have a fixed preamble that looks exactly like the beginning of an IPv4 + TCP + HTTP packet. Sigh).
Posted Mar 30, 2013 20:25 UTC (Sat)
by giraffedata (guest, #1954)
[Link] (4 responses)
The MPTCP alternative I'm thinking about wouldn't do that. The client would use one IP address and the overall IP network would route via either the 3G or wifi network based on its own policies.
For example, the handset has IP address 1.2.3.4 on the wifi network and 4.3.2.1 on the 3G network. All outgoing packets from the handset bear source IP address 1.2.3.4. All packets the server sends to the handset bear destination IP address 1.2.3.4. The server's routing table (or the routing table in its default router) shows that in addition to the normal routes, 4.3.2.1 is a route to 1.2.3.4.
Does that work?
Posted Mar 30, 2013 20:39 UTC (Sat)
by dlang (guest, #313)
[Link] (2 responses)
every router along the way will have one best path to get to 1.2.3.4, and so all the traffic will go down that path.
It's this best path priority routing that lets the Internet work as well as it does, but it means that if you have two completely different connections, and you want to use them both, you have to split the traffic between two different IP addresses, one for each connection, so that the traffic to you will get split between those connections.
The nice thing with multipath TCP is that it can do this under the covers (in a library or in the kernel).
With multipath TCP widely available, you could even have this implemented in a router. The router would have multiple connections, and proxy the TCP connection into multipath TCP, utilizing the multiple connections that it has completely transparently to the endpoint machine.
Posted Mar 30, 2013 20:42 UTC (Sat)
by dlang (guest, #313)
[Link] (1 responses)
Routing on the Internet is done one hop at a time.
your default routers don't talk directly to the server, they talk to other routers that talk to other routers.... that talk to the server.
It's common to have 10-20 routers in the path for some connections (do a traceroute to the server to see the routers that your traffic to the server goes through, and keep in mind that the traffic from the server back to you may go through a different series of routers)
Posted Mar 31, 2013 1:01 UTC (Sun)
by giraffedata (guest, #1954)
[Link]
Posted Mar 30, 2013 22:30 UTC (Sat)
by paulj (subscriber, #341)
[Link]
Is this more efficient than just letting the end-stations create additional flows between any additional IP addresses? If yes, how?
Posted Apr 1, 2013 22:41 UTC (Mon)
by marcH (subscriber, #57642)
[Link] (5 responses)
The original sin is actually quite simple: it's the lack of layering in TCP/IP. TCP should not "steal" and rely on IP addresses directly. Just like every other layer, the TCP layer should have a its own "host address" and some indirection logic to resolve it to IP layer address(es). This indirection logic would be the most natural place to implement mobility and all the other features Multipath TCP is offering. I'm sure there are a few good research papers explaining this.
Now of course it's way too late for such a dramatic change but keeping in mind the core shortcoming and the very theoretical but "correct" design helps understand all the numerous and more complex workarounds that keep being offered. I find.
Posted Apr 1, 2013 23:14 UTC (Mon)
by dlang (guest, #313)
[Link]
In practice it just doesn't scale, the overhead of letting the routing tables get that large just doesn't work at acceptable speeds.
Someday this may change.
It has changed for phones. It used to be that the area code and first three digits of the number routed you to specific buildings and then the last digits routed you out from that. so while there are still large chunks of landlines that mostly follow this model, phone number portability and cell phones make it so that any phone number can appear anywhere on the network.
now, the phone system only needs to find this to setup the conversation, not for each packet. This is the "smart network vs dumb network" discussion from above.
Given that the "smart network" of the phone system now tends to run on top of the "dumb network" of the Internet, I think it's pretty clear that the Internet has shows itself to be far superior
If you think about it, the Internet already has the layer of indirection you are talking about, DNS. The problem is that looking things up in DNS is far too slow and updates far too infrequently for it to be used in routing decisions for every packet.
Posted Apr 2, 2013 2:44 UTC (Tue)
by giraffedata (guest, #1954)
[Link] (3 responses)
Layering doesn't require TCP to have endpoint addressing that doesn't involve IP addresses, because it isn't that kind of layer.
Now if TCP were a network topology layer, then it would need its own addressing and could easily do the kind of routing we're talking about. But I would not expect anyone to have designed TCP that way, because it would be redundant. The basic architecture of the Internet says routing packets to whatever ephemeral link happens to be up now is what the IP layer is for. A TCP driver is supposed to be blissfully ignorant of paths and concentrate on turning a blizzard of packets into an ordered, ungranular, reliable stream.
The problem as I see it is just that IP hasn't evolved in a way that its routing protocols are sufficent for the needs of millions of handsets hopping from one wireless network to another. Considering that the original routing protocols were hardcoded files on each node, that's not surprising.
Posted Apr 2, 2013 7:25 UTC (Tue)
by marcH (subscriber, #57642)
[Link] (2 responses)
You don't ask the entire Post office to update ZIP codes when you move house.
It's not me saying it but the whole research community. Look at M-TCP, HIP, GTP (GPRS tunnelling), dynamic load balancing,... they are all try to somehow retrofit this separation in a backward, half-compatible way. Because it's too late it tends not to be pretty.
"As simple as possible, but not simpler" - too simple this time.
Posted Apr 2, 2013 12:17 UTC (Tue)
by paulj (subscriber, #341)
[Link]
Sadly, the designers and implementors that followed chose to prioritise short-term performance concerns over the long-term flexibility of IP. It became effectively impossible to insert new protocols between IP and TCP (in the sense of it having an IP protocol number != TCP).
It might still be possible to insert an identity layer. The lower 64 bits of the IPv6 address could be used for this. Unfortunately though:
a) There's no guarantee IPv6 will succeed
b) Even if it does, there are (as usual) short-sighted people out there pushing to abolish the split in IPv6 addresses between network and host ID portions ("Why should we limit the hierarchical network space to 64 bits? Why do we need 64 bits for a host?").
So we shall see if this is possible. Otherwise, it has to be done in TCP.
Identity is a very complex issue. It can mean different things to different people/processes at different times. Think about the identity for an email address, or an SSL cert, or a web page - you can surely think of many different scenarios and distinct issues for each. At the network layer, it is very hard to come up with a universal meaning of identity other than "the location in the network". Identity is an issue that really can't be solved at the network layer, other than equating it with location. Even a shim protocol between TCP and IP can't really say more than "these 2 network locations appear to be controlled by the same entity, around this time".
Anyway... :)
Posted Apr 2, 2013 16:15 UTC (Tue)
by giraffedata (guest, #1954)
[Link]
I'm with you on there being a need to separate location and identity, and to do it by layers, but it looks like all part of layer 3 (network layer) to me. One should be able to direct any IP packet to an identity, not just a TCP stream.
That's just speaking of ideals, of course. I'm not saying that's the direction we should be going now.
There is a layering issue between TCP and IP in that the TCP port address shouldn't be in the IP packet header. I wouldn't want to confuse that with this.
Posted Mar 30, 2013 8:28 UTC (Sat)
by gdt (subscriber, #6284)
[Link]
Posted Mar 27, 2013 9:27 UTC (Wed)
by osma (subscriber, #6912)
[Link] (3 responses)
Posted Mar 28, 2013 17:31 UTC (Thu)
by jnareb (subscriber, #46500)
[Link] (2 responses)
MPTCP is to be completely transparent.
Posted Mar 31, 2013 16:35 UTC (Sun)
by martinfick (subscriber, #4455)
[Link] (1 responses)
Posted Mar 31, 2013 21:20 UTC (Sun)
by dlang (guest, #313)
[Link]
Posted Mar 27, 2013 9:45 UTC (Wed)
by marcH (subscriber, #57642)
[Link] (2 responses)
The only problem is the lack of error reporting. For almost every other IT problem you can google error messages, extract log files,... on the other hand, the network is a complete black hole. The only way to fix this is a new name-and-shame technique or tool (let's call it "libMTR++").
The end-to-end principle cannot fight back in the dark, it has to KNOW where to hit in the first place.
Examples:
- My Linux laptop had poor battery life. I ran PowerTOP. I reported "power bugs" and stopped using the wrong applications. Problem solved.
- My connection was bufferbloated (I could not video conference on it). I used MTR which pointed the problem at my mobile ISP. I switched to a different ISP. problem solved. (This is a *real story*!)
In the future:
- Gnutello5 (the new piece of software I want to use) depends on SCTP for some reason. Gnutello5 is not just using SCTP but also linked to "libMTR++". When connections time out the software does NOT just throw a generic and very poor "connection failed" message like it is doing now. Instead it offers the option to ask libMTR++ to perform a quick network trace/scan. Half of the time libMTR++ is able to return an informative error message pointing at *which subnet drops the packets*. Gnutello5 forums are flooded with messages saying "don't use this ISP". All Gnutello5 users switch ISP and other ISPs have to get their act together. Problem solved.
In the next few years IPv6 will be a great opportunity to test this "name-and-shame" approach. libMTR++ will not even be required for IPv6, "whatismyaddress.com" will be enough.
http://www.google.com/ipv6/statistics.html#tab=per-countr...
Posted Mar 27, 2013 11:50 UTC (Wed)
by paulj (subscriber, #341)
[Link] (1 responses)
Posted Apr 1, 2013 22:03 UTC (Mon)
by marcH (subscriber, #57642)
[Link]
I know at least Skype and AnyConnect which already have _some_ of the abilities of my fictional libMTR++.
However they are only designed for internal use, i.e.: working around network limitations and barely reporting them.
Posted Mar 28, 2013 16:53 UTC (Thu)
by raven667 (subscriber, #5198)
[Link] (3 responses)
Posted Mar 28, 2013 17:44 UTC (Thu)
by christophpaasch (subscriber, #54567)
[Link]
MPTCP has no issues with head-of-line blocking, because the receive-window is not on a per-subflow level but rather on the data-level [1].
I don't see, how MPTCP could cause extreme congestion, because the coupled congestion control makes sure that MPTCP is fair to other flows across shared bottlenecks [2].
Cheers,
[1] https://datatracker.ietf.org/doc/rfc6824/
Posted Mar 29, 2013 13:51 UTC (Fri)
by paulj (subscriber, #341)
[Link]
Not vouching for their success in this, but they do appear to have thought about congestion control.
Posted Mar 30, 2013 8:37 UTC (Sat)
by gdt (subscriber, #6284)
[Link]
MPTCP is the idea implemented well. That's a good thing, as it gives us a place to point users who think they might do better implementing this idea themselves.
Posted Apr 15, 2016 14:38 UTC (Fri)
by msobo (guest, #108251)
[Link]
thanks a lot.
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
The whole idea behind MPTCP is that applications don't need to be changed. It just looks like another TCP connection; the establishment of multiple subflows happens transparently.
Multipath TCP: an overview
Multipath TCP: an overview
It seems to me that you are saying that an application doing explicit multipathing now will continue to need to be explicit about it in the future. And yes, when the ability to control MPTCP at the application level becomes available, such an application may well want to avail itself of those controls. But such applications are relatively rare. The vast majority of applications just make "a TCP connection" to somewhere; they will be able to benefit from multiple subflows (if their traffic is of the type that benefits, of course) without any changes at all.
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
More heuristics on when to create and destroy additional subflows are still under research.
The coupled congestion control RFC 6356 [2] takes care about the congestion-windows of each subflow. In such a way, that traffic is pushed away from congested links to the non-congested ones. Additionally, it makes sure that MPTCP is fair to regular TCP flows across shared bottleneck links.
[2] https://datatracker.ietf.org/doc/rfc6356/
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
> independent message streams are the big differences.
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Personal transit options: US
Multipath TCP: an overview
Multipath TCP: an overview
http://inl.info.ucl.ac.be/publications/how-hard-can-it-be...
Multipath TCP: an overview
Multipath TCP: an overview
Because we reinject the data on another subflow and thus use its bandwidth?
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
[IETF] https://tools.ietf.org/html/draft-singh-avtcore-mprtp
[Scheduling] http://www.netlab.tkk.fi/~varun/2013_MMSYS_Singh_MPRTP.pdf
Multipath TCP: an overview
Fundamentally modifications to TCP are necessary
[2] http://datatracker.ietf.org/wg/lisp/
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
However if you want to use more than one of your available paths at once TCP must be changed.
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
There is no way in IP to treat multiple IP addresses as one logical IP [address]
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Thanks; that explains it. I forgot that every router along the way would be independently choosing a route to the destination.
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
Fundamentally modifications to TCP are necessary
An IP address conflates two things that should be separate: location (where) and identity (who). The latter should be in layer 4.
Multipath TCP: an overview
This is a bit similar (but obviously much more generic) to what mosh does today with ssh connections, though mosh uses UDP. I've been a happy user of mosh on my smartphone (Nokia N9) since I discovered it, as it makes shell sessions much more bearable even with intermittent WiFi and 3G connectivity.
Multipath TCP: an overview
But mosh requires that you have mosh-server installed on remote server, isn't it?
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
Christoph
[2] https://datatracker.ietf.org/doc/rfc6356/
Multipath TCP: an overview
Multipath TCP: an overview
Multipath TCP: an overview
secondly i wonder that who buffer the tcp traffic ? when we use mptcp for a giga lte network over the wifi path or cellular network path.