session4 room69 pclo tcp optim - f5 networks · or networks • benefit from the ... proxy behavior...
TRANSCRIPT
F5 Agility 2014 2
The evolution of TCP
1997TCP slow start, congestion avoidance, fast retransmit and fast recovery algorithms RFC 2001
1988Congestion Avoidance and Control paper results in Tahoe algorithm.
2002First 3G network available commercially
1994TCP Vegas altered way in which set timeouts and RTT delays were measured.
1980’s 1990s 2000’s
1990Reno introduced in 4.3BSD-Reno AKA "Networking Release 2" or 4.4BSD-Lite
2006First 4G system deployed (South Korea)
1981TCP ratified (RFC793) for DARPA
F5 Agility 2014 3
TCP Performance challenges
EMEA - Mobile Connection Speeds
• Varying conditions based on connection• 3G limited bandwdith/high latency vs 4G High bandwidth and low latency • Loss & queuing
• Bursty transmissions • Delays when mobile device switches between wi-fi and carrier
F5 Agility 2014 5
Pure « FastL4 » config winthin TMOS
SaaS
Available everywhere
Application Services
Built for the application
ePVAControl
FastL4
• Some of the TCP Parameters are negotiated during 3-WAY Handshake (MSS for example)• No buffering done by TMOS
FPGA
ToS/QoSAdaptations
FRAGMgmt
TCP defaults (Timeout, MSS,
…)
F5 Agility 2014 6
• FastL4 Profile is attached at a VS level:• Helps use specific profile for specific applications
or networks• Benefit from the FPGA Acceleration (F5 ePVA
HW)• 27 parameters can be changed/modified
FastL4 config
F5 Agility 2014 7
• Reset on Timeout:• Helpful to properly reset connections from
stateful devices (or Routers XLAT tables)• Must be aligned with the other « timeouts »
in the network• Mostly enabled (default)
FastL4 : usual parameters tuned
F5 Agility 2014 8
• MSS Override:• Help enforce a different MSS (Ethernet
MTU(1500) – IP Hdrs(20)-TCP Hdrs(20))• IP Tunneling protocols carrying TCP
segments requires MSS changes
FastL4 : usual parameters tuned
F5 Agility 2014 9
• Loose Initiation/Loose Close:• Required when you want to handle
asymetric traffic (BigIP see only incomingtraffic)
• If you want the system to « reopen » connections that already timed out
• Main concern: SecurityAny TCP segment can open a new connection in the system
Is it also a good option to close a connection withthe first FIN ?
FastL4 : usual parameters tuned
F5 Agility 2014 10
• TCP Close Timeout, Handshake Timeout• Mainly for security reasons• they can be lowered to evict quickly half
open or half closed connections
-> can impact the normal traffic in high latency or congested networks
FastL4 : usual parameters tuned
F5 Agility 2014 11
• Hardware SYN Cookie Protection:• Useful for SYN Flood Attacks for example• Use the capacity of F5 FPGA Hardware
and not CPU cores
FastL4 : usual parameters tuned
Client FPGA TMOS Stack
1 – No Ack received2 – Ack received with no Cookie3 – Ack received with corresponding cookie
XX
F5 Agility 2014 12
ROADSMultiple path for a single
connection
LOSSReduce the throughput
APPLICATIONSExhaust network resources
CONGESTIONImpact QoE
Is it enough to make TCP optimum and efficient ?
DELAYIncrease number of packets
in flight
F5 Agility 2014 13
In the « Basic TCP »
• When a connection is opened (after 3WHS), Slow Start and cwnd are set.
• « Slow Start » defines how much packets can be sent in the network beforeexpecting a ACK. It increases exponentially with the ACKs received
• « cwnd » defines the transmit window at the sender end (in most cases it is a multiple of the MSS), controlled by slow-start
• « ssthresh » (slow start threshold) indicate when to leave Slow Start (thresholdreached)
Reminder: TCP Slow Start and cwnd
Between TCP RFC and now, networks have changed as well as the computers and stacks
F5 Agility 2014 14
Packet transmission behavior
0
10000
20000
30000
40000
50000
60000
70000
1 11 21 31 41
Normal TCP
• Stretch Acks• Exponential CWND growth• High latency • High bandwidth• Small buffers
What influences packet transmission
CWND : Congestion Window
F5 Agility 2014 15
Congestion Control
Congestion
Congestion Causes Packet Loss
Packet Loss
Congestion Control Algorithm
Poor ExperienceCaused by Packet
Loss
Congestion
Congestion Causes Packet Loss
Packet Loss
Monitors for packet loss & latencyslows transmission as needed
Without Congestion Control
With Congestion Control
F5 Agility 2014 16
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
ResourceManagement
Proxy Behavior
Congestion Control
Loss Detection
Quality of Service
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
AckBehavior
F5 Agility 2014 17
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
Proxy Behavior
Congestion Control
Loss Detection
Quality of Service
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
AckBehavior
ResourceManagement
• Drop packets under pressure*
• Timer management• Memory management
RESOURCE MANAGEMENT
*New in 11.5
F5 Agility 2014 18
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
ResourceManagement
Congestion Control
Loss Detection
Quality of Service
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
AckBehavior
• Multi-Path TCP (MPTCP)*
• Maximum Segment Size (MSS)*
• Full proxy
PROXY BEHAVIOR
Proxy Behavior
*New in 11.5
F5 Agility 2014 19
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
ResourceManagement
Proxy Behavior
Congestion Control
Loss Detection
Quality of Service
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
• Delayed Ack• Nagel’s Algorithm
ACKNOWLEDGEMENT
AckBehavior
F5 Agility 2014 20
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
ResourceManagement
Proxy Behavior
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
AckBehavior
Loss Detection
Quality of Service
• Mobile Optimized Profile
• New Algorithms• Woodside• Vegas• Illinois• H-TCP
• Initial Congestion Window Size
CONGESTION CONTROL
Congestion Control
*New in 11.5
F5 Agility 2014 21
Congestion Control Algorithms
TCP Woodside• F5 created algorithm.• Hybird loss and latency based algorithm.• Minimizes buffer bloat by constantly monitoring
network buffering.
TCP Vegas• Emphasizes packet delay rather than packet loss• Detects congestion based on increasing RTT
values of packets.
TCP Illinois
• Targeted at high speed long distance networks• Loss-delay based algorithm.• Primary congestion of packet loss determines
direction of window size change.• Secondary congestion of queuing delay
determines the pace of window size changes.
H-TCP • Targeted for high speed networks with high latency.• Loss-based algorithm.
F5 Agility 2014 22
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
ResourceManagement
Proxy Behavior
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
AckBehavior
Congestion Control
Quality of Service
• Rate Pacing• Forward Error
Correction (FEC)• Retransmission Timeout
LOSS DETECTION
Loss Detection
*New in 11.5
F5 Agility 2014 23
The New TCP Express
SaaS
Optimized for the device
Tailored to the location
Available everywhere
NetworkClient Data center
Application Services
Professional Services and Support
Built for the application
ResourceManagement
Proxy Behavior
Always on, always fast, and on any device
A network built for
innovationThe New TCP Express
Congestion Control
Loss Detection
AckBehavior
• ToS• QoS• MD5 Signature
QUALITY OF SERVICE
Quality of Service
F5 Agility 2014 24
Multipath TCPMobility
What’s New• The ability to connect and maintain a continuous
connection to the internet over multiple wired and wireless connections
Use Case• Device initially connects to site over mobile
network.• Device comes in range of wifi, associates with and
connects over Wifi• Congestion control favors high bandwidth Wifi
path• Device disconnects from Wifi but continues to use
3G network
Mobile Network3G/4G LTE
WiFi
Mobile User
BIG-IP Platform
Multipath TCP
F5 Agility 2014 25
Packet Loss
Event Driven Stack
Stretch ACKs
Exponential CWND Growth
High Latency
High Bandwidt
h
Small Buffers
Mobile Optimization: Rate Based TCP
What’s NewTCP Express with Rate Pacing• Rate Pacing prevents bursts
• Transmission is paced smoothly by the stack• Speed of transmission determined by
congestion controlMinimal overruns even in high BDP networks
BenefitImprove the user experience by altering how packets are sent based on feedback received from client.
F5 Agility 2014 26
Recent Advancements in TCP Profiles
• TCP-mobile-optimized• MPTCP-mobile-optimized• WAM-TCP-LAN-Optimized• WAM-TCP-WAN-
Optimized
Increase initial congestion window to
minimum of 16
• MPTCP-mobile-optimized
New Congestion Control Algorithms
Rate PacingMPTCP
Next Steps
TCP is a complex protocol, and tuning it is not as simple as clicking on a button.
F5 is porividing profiles for different network environments, to help our customers fine tune those profiles in their environment.
If I can be of further assistance please contact me:
[email protected] | +33.1.4144.8950