NANOG Meeting Presentation Abstract

Network Support for TCP Fast Open
Meeting:	NANOG67
Date / Time:	2016-06-13 1:30pm - 2:00pm
Room:	Imperial Ballroom (B2 Level)
Presenters:	Speakers: Christoph Paasch, Apple Christoph Paasch is a software engineer at Apple, working in the networking team. Prior to joining Apple, he obtained his PhD, titled "Improving Multipath TCP", at the UCLouvain, under the supervision of Prof. Olivier Bonaventure. His work focused on improving Multipath TCP and its Linux Kernel implementation in real world scenarios. He is passionate on all aspect of transport layer protocols and how they can be modified to improve the user-experience over the Internet.
Abstract:	Latency is the dominant factor for the user-experience of the Internet users. TCP, the most widely used transport protocol involves a handshake before any data can be sent over the connection. As round-trip-times between client and server are often in the order of hundreds of milliseconds, TCP's handshake introduces a significant delay until data can be sent. TCP Fast Open (TFO) is a novel extension to TCP that allows to shortcut TCP's handshake, by sending data on the SYN-segment and allowing the server to reply before the handshake finished. The benefits are a much better user-experience as the data reaches the client much faster. We at Apple have deployed TCP Fast Open for a particular service, sending 100000 requests per second at peak times. While TFO provides a huge benefit significantly improving the user-experience, we also observed some major issues. Many middleboxes and firewalls in the operator networks interfere with TCP Fast Open. In some cases, we have observed that middleboxes are blacklisting clients that use TFO. In this talk we give a detailed explanation of the behavior and benefits of TCP Fast Open. We continue by providing examples of how firewalls interfere with TFO according to our experience with its deployment. Our talk finishes with a call to network operators and firewall vendors to take TFO into account in the configuration of their equipment, so as TFO can operate efficiently and provide the latency benefit to the end-users.
Files:	Network Support for TCP Fast Open(PDF) Network Support for TCP Fast Open
Sponsors:	None.

Back to NANOG67 agenda.

NANOG67 Abstracts

• Show All

• Conference Opening
  Moderators:
  Daniel Golding, NANOG Board, Google; Speakers:
  Peter JacobyRCN; .
  L Sean Kennedy, XO Communications; Don MacNeilJay Borkenhagen.
  

• Conference Opening
  Moderators:
  Daniel Golding, NANOG Board, Google; Speakers:
  Peter JacobyRCN; .
  L Sean Kennedy, XO Communications; Don MacNeilJay Borkenhagen.
  

• Conference Opening
  Moderators:
  Daniel Golding, NANOG Board, Google; Speakers:
  Peter JacobyRCN; .
  L Sean Kennedy, XO Communications; Don MacNeilJay Borkenhagen.
  

• Conference Opening
  Moderators:
  Daniel Golding, NANOG Board, Google; Speakers:
  Peter JacobyRCN; .
  L Sean Kennedy, XO Communications; Don MacNeilJay Borkenhagen.
  

• Conference Opening
  Moderators:
  Daniel Golding, NANOG Board, Google; Speakers:
  Peter JacobyRCN; .
  L Sean Kennedy, XO Communications; Don MacNeilJay Borkenhagen.
  

• The Real Cost of Public IXPs
  Speakers:
  David Temkin, Netflix;

• NANOG 67 Hackathon team black hole route monitor
  Speakers:
  John Kristoff, DePaul University;

• NANOG 67 Hackathon team take-off
  Speakers:
  Chris WoodfieldTwitter; .
  Peter Hoose, Facebook, Inc.;

• NANOG 67 Hackathon team take-off
  Speakers:
  Chris WoodfieldTwitter; .
  Peter Hoose, Facebook, Inc.;

• NCI TNG: NANOG, The Next Generation
  Moderators:
  David Temkin, Netflix; Panelists:
  Daniel Golding, NANOG Board, Google; Jesse Sowell, Stanford; Kevin Epperson.
  Ronald Kovac

• NCI TNG: NANOG, The Next Generation
  Moderators:
  David Temkin, Netflix; Panelists:
  Daniel Golding, NANOG Board, Google; Jesse Sowell, Stanford; Kevin Epperson.
  Ronald Kovac

• NCI TNG: NANOG, The Next Generation
  Moderators:
  David Temkin, Netflix; Panelists:
  Daniel Golding, NANOG Board, Google; Jesse Sowell, Stanford; Kevin Epperson.
  Ronald Kovac

• NCI TNG: NANOG, The Next Generation
  Moderators:
  David Temkin, Netflix; Panelists:
  Daniel Golding, NANOG Board, Google; Jesse Sowell, Stanford; Kevin Epperson.
  Ronald Kovac

• NCI TNG: NANOG, The Next Generation
  Moderators:
  David Temkin, Netflix; Panelists:
  Daniel Golding, NANOG Board, Google; Jesse Sowell, Stanford; Kevin Epperson.
  Ronald Kovac

• Network Support for TCP Fast Open
  Speakers:
  Christoph Paasch, Apple;

• Elliptic curves to the rescue: tackling availability and attack potential in DNSSEC
  Speakers:
  Roland van Rijswijk-Deij, SURFnet;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Tutorial Everything You Always Wanted to Know About Optical Networking
  Speakers:
  Richard A Steenbergen, PacketFabric;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• Track: Practical BGP Origin Validation using RPKI: Vendor Support, Signing and Validation Services, and Operational Experience
  Moderators:
  Sandra Murphy, Parsons, Inc.; Doug Montgomery, National Institute of Standards and Technologies (NIST); Panelists:
  Tony Tauber, Comcast; Rick Mayberry, Microsoft; John Scudder, Juniper Networks; Thomas KingHenk Steenman, AMS-IX; Greg Hankins, Nokia; Mark Kosters, ARIN; Arjun SreekantiahCisco; .
  Keyur Patel, Cisco; Matthias Wählisch, Freie Universitaet Berlin;

• DNS Track
  Speakers:
  edward lewisICANN; .
  Duane Wessels, Verisign; Kazunori FujiwaraJPRS; .
  Casey Deccio, Verisign Labs; Yacin Nadji.
  

• DNS Track
  Speakers:
  edward lewisICANN; .
  Duane Wessels, Verisign; Kazunori FujiwaraJPRS; .
  Casey Deccio, Verisign Labs; Yacin Nadji.
  

• DNS Track
  Speakers:
  edward lewisICANN; .
  Duane Wessels, Verisign; Kazunori FujiwaraJPRS; .
  Casey Deccio, Verisign Labs; Yacin Nadji.
  

• DNS Track
  Speakers:
  edward lewisICANN; .
  Duane Wessels, Verisign; Kazunori FujiwaraJPRS; .
  Casey Deccio, Verisign Labs; Yacin Nadji.
  

• DNS Track
  Speakers:
  edward lewisICANN; .
  Duane Wessels, Verisign; Kazunori FujiwaraJPRS; .
  Casey Deccio, Verisign Labs; Yacin Nadji.
  

• Security Track
  Speakers:
  John Kristoff, DePaul University; Christoph Dietzel.
  Ryan Haley.
  Jelena Mirkovic.
  

• DNSSEC Tutorial
  Speakers:
  Eddy Winstead, Internet Systems Consortium;

• Security Track
  Speakers:
  John Kristoff, DePaul University; Christoph Dietzel.
  Ryan Haley.
  Jelena Mirkovic.
  

• Security Track
  Speakers:
  John Kristoff, DePaul University; Christoph Dietzel.
  Ryan Haley.
  Jelena Mirkovic.
  

• Security Track
  Speakers:
  John Kristoff, DePaul University; Christoph Dietzel.
  Ryan Haley.
  Jelena Mirkovic.
  

• NANOG 67 Hackathon team PiCon
  Speakers:
  Brandon Bennett.
  

• Avoiding Nation-State Surveillance
  Speakers:
  Roya EnsafiNick Feamster.
  Annie Edmundson, Princeton University; Jennifer Rexford.
  

• Avoiding Nation-State Surveillance
  Speakers:
  Roya EnsafiNick Feamster.
  Annie Edmundson, Princeton University; Jennifer Rexford.
  

• Avoiding Nation-State Surveillance
  Speakers:
  Roya EnsafiNick Feamster.
  Annie Edmundson, Princeton University; Jennifer Rexford.
  

• Avoiding Nation-State Surveillance
  Speakers:
  Roya EnsafiNick Feamster.
  Annie Edmundson, Princeton University; Jennifer Rexford.
  

• Everyday practical BGP filtering
  Speakers:
  Job Snijders, NTT;

• Peering Security and Resiliency
  Speakers:
  Greg Hankins, Nokia; Job Snijders, NTT;

• Peering Security and Resiliency
  Speakers:
  Greg Hankins, Nokia; Job Snijders, NTT;

• DNS-based censorship: theory and measurements
  Speakers:
  Stphane Bortzmeyer, AFNIC;

• Blackholing at IXPs: On the Effectiveness of DDoS Mitigation in the Wild
  Speakers:
  Christoph Dietzel, DE-CIX / TU Berlin;

• TCP over IP Anycast - Pipe dream or Reality?
  Speakers:
  Shawn Zandi, LinkedIn; Ritesh Maheshwari, LinkedIn;

• TCP over IP Anycast - Pipe dream or Reality?
  Speakers:
  Shawn Zandi, LinkedIn; Ritesh Maheshwari, LinkedIn;

• Suffering Withdrawal; an automated approach to connectivity evaluation
  Speakers:
  Tim Hoffman, Twitter; Bruce McDougall, Cisco Systems; Nick Slabakov, Juniper Networks; Micah Croff, GitHub;

• Suffering Withdrawal; an automated approach to connectivity evaluation
  Speakers:
  Tim Hoffman, Twitter; Bruce McDougall, Cisco Systems; Nick Slabakov, Juniper Networks; Micah Croff, GitHub;

• Suffering Withdrawal; an automated approach to connectivity evaluation
  Speakers:
  Tim Hoffman, Twitter; Bruce McDougall, Cisco Systems; Nick Slabakov, Juniper Networks; Micah Croff, GitHub;

• Suffering Withdrawal; an automated approach to connectivity evaluation
  Speakers:
  Tim Hoffman, Twitter; Bruce McDougall, Cisco Systems; Nick Slabakov, Juniper Networks; Micah Croff, GitHub;

• Measurement based inter-domain traffic engineering
  Speakers:
  WENQIN SHAO, Telecom ParisTech;

• Utilizing Kea hook points for modern IP addressing
  Speakers:
  Eddy Winstead, Internet Systems Consortium;

• Ten Lessons From Telemetry
  Speakers:
  Shelly Cadora, Cisco Systems;

• Automating Maintenance Notifications
  Speakers:
  Erik Klavon, Box; Francisco HidalgoFacebook; .
  

• Automating Maintenance Notifications
  Speakers:
  Erik Klavon, Box; Francisco HidalgoFacebook; .
  

• Post IPv4 Depletion Trends
  Speakers:
  Leslie Nobile

• Experiences with network automation at Dyn
  Speakers:
  Carlos Vicente, Dyn Inc.;

• Closing Session
  Speakers:
  Betty Burke, NANOG;