future of enterprise mobility with spdy ......enterprise mobility landscape enterprise mobility...

of 13 /13
FUTURE OF ENTERPRISE MOBILITY WITH SPDY & MULTIPATH TCP Ashish Bijawat Principal Architect Dell Technologies [email protected] Barun Pandey Principal Architect Dell Technologies [email protected]

Author: others

Post on 23-Jul-2020

2 views

Category:

Documents


0 download

Embed Size (px)

TRANSCRIPT

  • FUTURE OF ENTERPRISE MOBILITY WITH SPDY & MULTIPATH TCP

    Ashish BijawatPrincipal ArchitectDell [email protected]

    Barun PandeyPrincipal ArchitectDell [email protected]

  • 2016 EMC Proven Professional Knowledge Sharing 2

    Table of Contents

    Abstract ............................................................................................................................................................................. 3

    Introduction ...................................................................................................................................................................... 3

    Application Mobile Enablement ....................................................................................................................................... 3

    Multipath TCP ................................................................................................................................................................... 3

    SPDY .................................................................................................................................................................................. 4

    Enterprise Mobility Landscape ......................................................................................................................................... 5

    Enterprise Mobility with SPDY & Multipath TCP .............................................................................................................. 6

    SPDY implementation options: ................................................................................................................................... 10

    Conclusion ...................................................................................................................................................................... 11

    References ...................................................................................................................................................................... 12

    Disclaimer: The views, processes or methodologies published in this article are those of the authors. They do not necessarily reflect Dell EMC’s views, processes or methodologies.

  • 2016 EMC Proven Professional Knowledge Sharing 3

    Abstract

    While Enterprises are constantly designing mobile applications to provide easy access to their workforce,

    impediments are seamless connectivity and bandwidth availability for the mobile workforce. There is need for a

    solution, which provides seamless access to Enterprise applications with fast response without hampering user

    productivity.

    Utilize protocols like SPDY & Multipath TCP to enable faster and seamless access to enterprise application. These

    two protocols can be used with Mobile Device Management (MDM)/Mobile Application Management (MAM)

    solution to solve this challenge.

    Introduction

    Today, most enterprises are in the process of their digital transformation journey. Mobile is a key enabler in the

    Digital Transformation. To make applications mobile-enabled enterprises either convert existing enterprise

    applications to responsive web application and enable them via custom-browsers or they create native mobile

    application accessible though mobile apps. Unfortunately, responsive web experience and mobile apps do not

    provide an excellent user experience on mobile due to intermittent network connection.

    Application Mobile Enablement

    Historically enterprises created huge monolithic applications, which are very difficult to scale and adapt to the fast

    changing technological and business landscape. Organizations are trying to solve it with approaches like SOA and

    Micro-services but still a large number of systems are very difficult to consume via mobile devices. The quickest

    approach is to enable backend systems on Mobile through a secure custom browser but there are several challenges

    related to scalability, security, network, infrastructure, and so on. These challenges are leading to several innovations

    and new protocols such as SPDY and Multipath TCP, which can be part of future mobility infrastructure. Existing

    Enterprise Mobility solutions successfully provide device-level and app-level control but does not solve network

    latency challenges faced by mobile users. SPDY Gateway can address this challenge.

    Another challenge is data loss while switching Mobile network mode like from 3G /4G to Wi-Fi or vice-versa

    depending on the availability of the network. Implementing Multipath TCP gateway can eliminate it.

    This paper first explains SPDY and Multipath TCP protocol followed by a case study on how it can fit with existing

    Enterprise Mobility infrastructure (MDM/MAM) to provide a future-proof solution for different Enterprise Mobility

    solutions.

    Multipath TCP

    Multipath TCP (MPTCP) allows Transmission Control Protocol (TCP) connection to use multiple paths to maximize

    resource usage and increase redundancy. This resolves the problem of losing the TCP connections during the change

    of IP address in case a user shifts from one network to another. Enterprise Mobility can benefit from MPTCP by using

    both Wi-Fi and 3G/4G interfaces for their data traffic, potentially improving the performance, eliminating data loss,

    and allowing mobility through vertical handover.

  • 2016 EMC Proven Professional Knowledge Sharing 4

    Figure -1 Multipath TCP vs Single Path TCP Flow

    SPDY

    SPDY – an acronym similar to the word “speedy” – is a new protocol invented by Google to make web browsers

    faster. SPDY helps download web pages faster. It sits between HTTP and TCP layer.

    Figure 2- SPDY works between HTTP and TLS layer

    Generally web page requests are served by making a single connection to web server and requesting one resource

    at a time. However, if we have HTML page, script, and the graphics in one part of page it will slow the response due

    to having multiple HTTP calls between client and server.

    To retrieve a web page, the browser generally makes a single connection to the web server and requests the

    resources one at a time. Web server may take a long time to generate parts of the web page which contains HTML

    page, scripts, and graphics. In this case it will be able to serve other parts immediately but if the browser happens to

    request the slow parts first, all of the other resources next on the web page will have to wait. This is where protocols

    like SPDY will help.

    SPDY protocol sends different resources on the same connection, in parallel. SPDY has added several speed-related

    features to reduce page load time.

    It allows client and server to compress request and response headers to cut down on bandwidth usage

    when the similar headers (e.g. cookies) are sent over and over for multiple requests.

    It allows multiple, simultaneously multiplexed requests over a single connection, saving on round trips

    between client and server, and preventing low-priority resources from blocking higher-priority requests.

  • 2016 EMC Proven Professional Knowledge Sharing 5

    It allows the server to actively push resources to the client that it knows the client will need (e.g. JavaScript

    and CSS files) without waiting for the client to request them, allowing the server to make efficient use of

    unutilized bandwidth.

    Interestingly, SPDY requires no changes to a web application; only the web browser and web server need to know

    about it.

    Enterprise Mobility Landscape

    Enterprise Mobility solution uses MAM (Mobile Access Management) / MDM (Mobile Device Management) from

    different vendors like VMware AirWatch, Citrix XenMobile, and Microsoft Intune. These come both as on-premises

    and cloud offering. Figure illustrates what a typical enterprise mobility architecture looks like.

    Figure 3 – Enterprise MDM & MAM setup

    Mobile devices are enrolled through the MDM enrollment process and it enforces corporate enterprise policies on

    user devices, push certificates on mobile devices to access enterprise resources.

    Mobile application gateway (MAG) from MAM plays a key role in providing access to Enterprise resources by

    validating enrolled device identity with MDM.

    While the architecture type shown above provides security for mobile-based access and is widely accepted across

    the industry, it has significant challenges in terms of:

    Data Loss – during network switch from Wi-Fi to cellular or vice versa a new network connection needs to be

    established which leads to loss of data and breaks seamless connectivity. This is an unsolved problem at this

    time and no significant effort has been taken to solve this challenge.

    Performance is a big concern for mobile based applications. A web page with JavaScript, CSS, images, etc.

    requires multiple networks hops and increases latency time due to intermittent and low bandwidth

    network. This concern is mainly eliminated by implementing caching solution but it has not solved the

    problem to extend that is required. Caching helps page rendering for the already cached resources and does

    not work for first-time access. Moreover, mobile devices have limitations in terms of cache memory.

  • 2016 EMC Proven Professional Knowledge Sharing 6

    We propose a new Enterprise Mobility Landscape with Multipath TCP and SPDY Gateway to solve the challenges

    mentioned above.

    Enterprise Mobility with SPDY & Multipath TCP

    Figure 4 – Enterprise Mobility with Multipath TCP

    Architecture could help address the data loss problem mentioned above. The architecture above introduced

    Multipath TCP Gateway in front of Mobile application gateway. As explained earlier, Multipath TCP is a new network

    protocol, which adds major modification in existing TCP protocol. Multipath TCP Gateway will transparently convert

    MPTCP from MPTCP-enabled clients to regular TCP. Multipath TCP Gateway in front of Mobile Application Gateway

    will provide seamless mobile user experience even with multiple network hops between Wi-Fi and cellular 3G/4G

    network without application data loss.

    MPTCP Gateway does not modify the application layer. The proposed architecture uses a new TCP option – Dst Opt

    – to allow the client to announce the server address. Dst Opt provides the server’s IP address to the MPTCP

    Gateway. When client establishes a new connection, the Dst Opt inside the SYN segment and the destination

    address for the connection is MPTCP Gateway’s address. This allows the latter to forward the connection

    establishment to the server by rewriting the segment’s IP addresses. By using its own IP address, all the reply

    segments will be sent via the MPTCP Gateway. The Dst Opt is added by the MPTCP/TCP stack and is thus transparent

    for the application. [2]

    Figure 5 depicts how the new connection is established via a MPTCP Gateway.

  • 2016 EMC Proven Professional Knowledge Sharing 7

    Figure 5 – Multipath TCP Gateway

    MPTCP Gateway data segments translation can be viewed as a pipe, channeling segments from TCP to MPTCP and

    vice versa. Incoming segments on the MPTCP side contain MPTCP options inside the TCP header. MPTCP Gateway

    handles the options’ operation (e.g. new subflow establishment, etc.) and strip these options before forwarding

    them. MPTCP uses a separate sequence number space than the TCP sequence numbers. Upon forwarding, MPTCP

    Gateway translates the MPTCP-level sequence numbers to the TCP sequence numbers on the server-side and vice

    versa.

    Figure 6 – Multipath TCP to TCP conversion

    Figure 7– Enterprise Mobility with MPTCP & SPDY Gateway

  • 2016 EMC Proven Professional Knowledge Sharing 8

    We are introducing SPDY Gateway behind Mobile application gateway to help address network latency challenges

    mentioned in the prior section. As explained earlier SPDY protocol is simply a way to allow different resources to be

    sent over the same connection, in parallel. The sections below explain the mechanism behind SPDY.

    SPDY is packet-oriented. Add the binary structure, and it is more like TCP than HTTP, even though it preserves HTTP’s

    semantics.

    The SPDY equivalent of an HTTP request / response is a stream. Each stream has a unique ID, and handles a single

    request/response. A stream is split into frames. A control frame contains the HTTP headers. A data frame contains

    the data. In a response, the data might be an image or zipped HTML.

  • 2016 EMC Proven Professional Knowledge Sharing 9

    If webapp needs 10 images, the table compares how both work [11]:

    HTTPS SPDY

    Browser opens

    6 TCP connections

    to the server, and

    request an image

    in each.

    It waits on each of

    those connections

    for an answer from

    the server.

    Then it requests the next

    four.

    The browser opens a

    single TCP connection,

    and sends

    10 SYN_STREAM requ

    ests down it, opening

    one stream for each

    image.

    The server sends

    10 SYN_REPLY respons

    es, one for each

    stream (image). It can

    start sending

    SYN_REPLY after the

    first SYN_STREAM is

    received; it does not

    wait for the client to

    finish.

    The server sends 10 or

    more DATA frames.

    The data for each

    image will take at

    least one DATA frame,

    but may be be split

    over any number.

    Each DATA frame has

    the id of the stream

    (request) it belongs to.

    The DATA frames for

    the images can be

    interleaved. The

    content of

    a DATA frame can

    always be gzipped,

    even if the client

    doesn’t advertise

    support; gzip is

    required by the

    protocol.

  • 2016 EMC Proven Professional Knowledge Sharing 10

    The client can send

    more SYN_STREAM fr

    ames (open more

    requests) whilst it is

    receiving data for

    previous requests. The

    communication is

    asynchronous.

    By reusing a single TCP connection, SPDY plays better with TCP’s congestion window management and avoids

    the slow start problem.

    Figure 8 – Standard HTTP v/s SPDY Server

    SPDY implementation options:

    The best way to prepare for SPDY is to switch site to HTTPS only. SPDY only exists inside a TLS (SSL) connection.

    There are two options for using SPDY today:

    App with a SPDY-to-HTTP reverse proxy in front. That will give most of the benefits of SPDY without any

    change at backend.

    Serve static media from a SPDY-enabled server. Static media is usually the bulk of the requests on a webapp,

    so it would benefit the most.

    http://en.wikipedia.org/wiki/Slow-start

  • 2016 EMC Proven Professional Knowledge Sharing 11

    We propose the first option for the proposed architecture. SPDY Gateway can be implemented without changing

    application server. Figure 9 explains how SPDY Gateway plays a key role without modifying the existing application

    landscape.

    Figure 9 – Without SPDY Gateway v/s with SPDY Gateway

    Conclusion

    SPDY and Multipath TCP will change the Enterprise technology landscape. We have presented just a few situations

    in the Enterprise where it is applicable but it can be expanded in many more areas where network and bandwidth is

    an issue. These will be very useful in emerging areas like Internet of Things, Cloud and Big Data, which is being

    explored by many enterprise and research institutions.

  • 2016 EMC Proven Professional Knowledge Sharing 12

    References

    [1] Bo Han, Feng Qian, Bo Han and Feng Qian, “An Anatomy of Mobile Web Performance over Multipath TCP”

    (http://conferences2.sigcomm.org/co-next/2015/img/papers/conext15-final42.pdf)

    [2] Gregory Detal, Christoph Paasch and Olivier Bonaventure, "Multipath in the Middle(Box)”

    (http://conferences.sigcomm.org/co-next/2013/workshops/HotMiddlebox/program/p1.pdf)

    [3] Olivier Bonaventure, “Decoupling TCP from IP with Multipath TCP”

    (http://multipath-tcp.org/data/MultipathTCP-netsys.pdf)

    [4] Olivier Bonaventure, Christoph Paasch,” Experience with Multipath TCP”

    (https://www.ietf.org/proceedings/90/slides/slides-90-mptcp-2.pdf)

    [5] Christoph Paasch and Olivier Bonaventure, “Multipath TCP- Decoupled from IP, TCP is at last able to support multihomed hosts”.

    (http://queue.acm.org/detail.cfm?id=2591369)

    [6] Ronald van der Pol, Michael Bredel, Artur Barczyk, Benno Overeinder, Niels van Adrichem, Fernando Kuipers, “Experiences with MPTCP in an intercontinental OpenFlow network”

    (https://tnc2013.terena.org/getfile/878)

    [7] Jonathan Corbet, “Multipath TCP: an overview”.

    (https://lwn.net/Articles/544399/)

    [8] A. Ford, C. Raiciu, M. Handley, O. Bonaventure January 2013, “TCP Extensions for Multipath Operation with Multiple Addresses”

    (https://tools.ietf.org/html/rfc6824)

    [9] Multipath TCP Wikipedia (https://en.wikipedia.org/wiki/Multipath_TCP)

    [10] Xiao Sophia Wang, Aruna Balasubramanian, Arvind Krishnamurthy, and David Wetherall, ”How Speedy is SPDY?”

    (https://www.usenix.org/system/files/conference/nsdi14/nsdi14-paper-wang_xiao_sophia.pdf)

    [11] Jesus Diaz,“SPDY: faster and safer?”

    (https://www.incibe.es/blogs/post/Seguridad/BlogSeguridad/Articulo_y_comentarios/SPDY_rapido_seguro)

    [12] SPDY: An experimental protocol for a faster web.

    (https://www.chromium.org/spdy/spdy-whitepaper)

    [13] Bryce Thomas, Raja Jurdak and Ian Atkinson,”SPDYing Up the Web”. (http://cacm.acm.org/magazines/2012/12/157870-spdying-up-the-web/fulltext)

    [14] M. Belshe, Twist, R. Peon, Google Inc Feb 2012, “SPDY Protocol”.

    (https://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00)

    [15] SPDY Wikipedia (https://en.wikipedia.org/wiki/SPDY)

    [16] M. Belshe, Twist, R. Peon, Google Inc Feb 2012, “SPDY Protocol”.

    (https://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00)

    http://conferences2.sigcomm.org/co-next/2015/img/papers/conext15-final42.pdfhttp://conferences.sigcomm.org/co-next/2013/workshops/HotMiddlebox/program/p1.pdfhttps://www.ietf.org/proceedings/90/slides/slides-90-mptcp-2.pdfhttp://queue.acm.org/detail.cfm?id=2591369https://tnc2013.terena.org/getfile/878https://lwn.net/Articles/544399/https://tools.ietf.org/html/rfc6824https://en.wikipedia.org/wiki/Multipath_TCPhttps://www.usenix.org/system/files/conference/nsdi14/nsdi14-paper-wang_xiao_sophia.pdfhttps://www.incibe.es/blogs/post/Seguridad/BlogSeguridad/Articulo_y_comentarios/SPDY_rapido_segurohttps://www.chromium.org/spdy/spdy-whitepaperhttp://cacm.acm.org/magazines/2012/12/157870-spdying-up-the-web/fulltexthttps://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00https://en.wikipedia.org/wiki/SPDYhttps://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00

  • 2016 EMC Proven Professional Knowledge Sharing 13

    Dell EMC believes the information in this publication is accurate as of its publication date. The information is subject

    to change without notice.

    THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS IS.” DELL EMC MAKES NO RESPRESENTATIONS OR

    WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY

    DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

    Use, copying and distribution of any Dell EMC software described in this publication requires an applicable software

    license.

    [17] Dell, EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries.

    Future of Enterprise_1Future_of_Enterprise_Mobility_with_SPDY__Multipath_TCP