TCP/ICN: Carrying TCP over Content Centric and Named Data Networks - PowerPoint PPT Presentation

TCP/ICN: Carrying TCP over Content Centric and Named Data Networks Ilya Moiseenko Dave Oran Cisco Systems Cisco Systems

Outline I. Introduction II. Design Basic fetching proxy – Reliable prefetching proxy – Unreliable prefetching proxy – III. Evaluation IV. Conclusions 2

I. Introduction 3

Why Bother? You could just run Dual-Stack in ”Ships-in-the-night” mode. But… a major attraction of ICN is simplification and performance in environments not friendly to IP: • Mobile edge – eliminate tunnels, respond more quickly to mobility events, temporal caching at the edge for better error control • IoT – Much smaller code footprint, better integration with radio protocols, lower background chatter than IP 4

High-level goals 1. Unaltered TCP/IP stack and applications 2. Preserve TCP end-to-end semantics Split-TCP functionality can be added afterwards – 3. Pull data between proxies (i.e. don’t require data push in Interests) 4. Compatibility with both CCN and NDN 5. Minimize overhead 5

Non-goals 1. Support of UDP or other transport protocols 2. Heterogeneous addressing and routing Each proxy owns a routable name prefix – Do not propose IP addr <-> name prefix mapping – 3. Path MTU-discovery and fragmentation Assume standard 1500-byte TCP MSS and up to – 9000 bytes ICN Data messages 6

II. Design 7

Main challenges • How to reconcile the TCP/IP push model with the ICN pull model? • How to minimize inflation of message count and message sizes? • How much does the translation function need to understand the TCP state machine? • How to marry the ICN and TCP congestion and flow control models? 8

Design alternatives for TPC/ICN Proxies • We designed and evaluated three approaches: – Simple one-to-one mapping of TCP messages to ICN exchanges – Track the TCP state machine in the proxies to provide reliability over the ICN segment of the path – Map TCP Data to ICN Data using an unreliable inter-proxy channel • Connection state machine same for all three – differ only in the data phase 9

Shared parts /verizon FIN flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> SYN flag /verizon /att ACK flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> Interest: /<routable prefix>/<TCP/IP headers>/<nonce> /att SYN, ACK flags /att FIN flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> Interest: /<routable prefix>/<TCP/IP headers>/<nonce> /verizon ACK flag /verizon ACK flag Interest: /<routable prefix>/<TCP/IP headers>/<nonce> Interest: /<routable prefix>/<TCP/IP headers>/<nonce> TCP connection setup TCP connection teardown 10

Basic fetching 6" Interest with TCP/IP headers TCP$data$$ 3" 1" TCP$data$$ segment$ Interest pulling data segment$ 2" Data carrying TCP payload 4" 5" Data"cache" Interest with TCP/IP headers TCP$$ TCP$$ ACK$ ACK$ TCP sender Forward proxy Reverse proxy TCP receiver Unidirectional TCP flow • Data encapsulates a TCP segment carrying payload /[forward-proxy-prefix]/[TCP-4-tuple]/[TCP-sequence-number]/[Wraparound-number] • Interest encapsulates an empty TCP segment /[reverse-proxy-prefix]/[TCP-IP-headers]/[nonce] • Slow: 2x RTT, 2x packets 11

Reliable prefetching Data sequencing is independent from TCP sequencing – Impossible to predict TCP sequence number progression TCP 4 tuple 129 Interest: /<routable prefix>/<connection id>/<sequence#> TCP 4 tuple 130 Interest: /<routable prefix>/<connection id>/<sequence#> TCP/IP: SEQ # 122 3682 TCP 4 tuple 129 ACK # 376523 Data: /<routable prefix>/<connection id>/<sequence#> TCP/IP: SEQ # 122 5142 TCP 4 tuple 130 ACK # 376523 Data: /<routable prefix>/<connection id>/<sequence#> SEQ # 376523 ACK # 122 5 142 TCP/IP: SEQ # 376523 ACK # 122 5142 Interest: /<routable prefix>/<TCP/IP headers>/<nonce> Forward proxy Unidirectional TCP flow 12

Reliable prefetching 2" Interest per each RTT cwnd" 5" adver:ser" Interest pipelining w.r.t cwnd Reliable" TCP$data$$ consumer" segment$ Data carrying TCP segment 3" Interest" queue" 4" 1" TCP$data$$ Data"queue"+"cache" segment$ Interest with TCP/IP headers 6" TCP$$ TCP$$ ACK$ ACK$ TCP sender Forward proxy Reverse proxy TCP receiver Unidirectional TCP flow • Reverse proxy transmits an Interest prior to TCP segment arrival at the forward proxy – Enforces reliability • Forward proxy advertises approx. TCP cwnd size • Faster, but unstable. A lot of state in the proxy. Other issues. 13

Unreliable prefetching Time-delayed naming – Data names match TCP sequence numbers delivered one RTT ago SEQ # 376523 ACK # 1222222 TCP/IP: SEQ # 376523 Interest: /<routable prefix>/<TCP/IP headers>/<nonce> ACK # 1222222 TCP/IP: SEQ # 122 3682 ACK # 376523 SEQ # 376523 ACK # 122 2222 TCP/IP: SEQ # 122 5142 ACK # 376523 Data: /<routable prefix>/<TCP/IP headers>/<nonce> SEQ # 376523 ACK # 122 5 142 Interest: /<routable prefix>/<TCP/IP headers>/<nonce> Forward proxy Unidirectional TCP flow 14

Unreliable prefetching 3" 2" Interest with TCP/IP headers 1" TCP$$ Interest" TCP$$ ACK$ queue" ACK$ Data carrying multiple 5" TCP data segments 4" 6" TCP$data$$ TCP" TCP$data$$ segment$ queue" segment$ TCP sender Forward proxy Reverse proxy TCP receiver Unidirectional TCP flow • Interests encapsulating ACKs prefetch new TCP segments – Not enough ACKs due to delayed ACK TCP mechanism – Package multiple TCP segments in a single Data message • No additional reliability in ICN protocol • Fast. Comparable to TCP/IP (cubic). Scalable. 15

Unreliable prefetching A problem of full-duplex TCP connection: TCP piggybacks ACKs in the data segments --> no Interests are sent by the proxies • A proxy detects full-duplex by analyzing ACK # • Generates Interests on its own – Fixed probability (e.g. 50% = every 2 nd segment) – Function of ACK # progression 16

III. Evaluation 17

Evaluation TCP cubic over ICN vs. TCP cubic over IP TCP client IP forwarder IP forwarder IP forwarder TCP server ICN forwarder ICN forwarder TCP client ICN forwarder TCP server TCP/ICN proxy TCP/ICN proxy TCP firewall TCP firewall • NDNsim • Proof of concept *nix implementation – Unreliable prefetching 18

Flow completion time 0 Unreliable prefetching Basic fetching Unreliable prefetching TCP cubic Reliable prefetching is 10% slower than TCP/IP 4e+07 TCP sequence number 2e+07 Basic fetching a Reliable prefetching a TCP cubic a Unreliable prefetching a 0e+00 0 200 400 600 Time (ms) 19

TCP retransmissions 0 2000 Basic fetching Basic fetching a Total number of TCP retransmissions (packets) Reliable prefetching a TCP cubic a 1500 Unreliable prefetching a 1000 500 Reliable prefetching TCP cubic Unreliable prefetching 0 0 200 400 600 20 Time (ms)

TCP congestion window size 0 60000 Cwnd (bytes) 40000 Reliable prefetching TCP cubic Unreliable prefetching 20000 Basic fetching Basic fetching TCP cubic a a Reliable prefetching Unreliable prefetching a a 0 0 200 400 600 21 Time (ms)

TCP retransmission timeout 0 Basic fetching a 2000 Reliable prefetching a TCP cubic a 1500 Unreliable prefetching a RTO (ms) 1000 Reliable prefetching 500 Basic fetching Unreliable prefetching TCP cubic 0 200 400 600 22 Time (ms)

Flow fairness and completion time TCP/ICN • Unreliable 200 prefetching TCP/IP 150 • tcpperf tool + TCP flow completion time (sec) proxy PoC 100 • 10 competing unidirectional 50 flows • Within 5% difference with TCP/IP • Fair 1 10 100 500 23 TCP flow size (Mb)

Beyond synthetic tests ICN forwarder ICN forwarder Web ICN forwarder Web server TCP/ICN proxy TCP/ICN proxy browser TCP firewall TCP firewall TLS requires additional accommodations – Inject extra Interests at TCP connection setup phase to fetch TLS server hello messages 24

Conclusions • We can run many Internet applications without IP • TCP is highly optimized for IP – But it works surprisingly well over ICN! 25

Q/A 26