[e2e] TCP spoofing in overlay networks
David Borman
david.borman at windriver.com
Thu Mar 3 11:50:45 PST 2005
It's been done and shipping for several years with all Cray X1 systems.
The CNS (Cray Network Server) proxies TCP connections between the Cray
and the outside world. This allows the Cray <-> CNS connection to use
64K MTUs and larger TCP windows over the fibre channel connection, and
the CNS then deals with all the small 1500 byte packets coming from the
outside world. Yes, this does break the end-to-end model. You have
two TCP connections, one between the Cray and the CNS, and another
between the CNS and the remote host. The CNS mainly passes data
between the two endpoints, and uses NAT internally so to the Cray and
the remote host, they think they are talking directly to each other,
when in reality they are both talking to the CNS. Cray has done a
good job over the years of making the CNS as transparent as possible.
The performance benefit outweighs any issues of the corner cases that
occasionally pop up. You can find documentation on the CNS by going to
the CrayDoc website:
http://www.cray.com/cgi-bin/swpubs/craydoc30/craydoc.cgi
and searching for "CNS".
-David Borman
On Mar 1, 2005, at 9:31 PM, Jonathan Shapiro wrote:
> I recently had occaision to read a few papers about the practice of
> "TCP spoofing" over satellite links---i.e inserting a proxy prior to
> the satellite link to provide TCP feedback to the sender, effectively
> splitting into two TCP sessions connected in tandem. I was wondering
> if anyone had ever proposed a similar idea to improve TCP throughput
> in overlay networks over terestrial links.
>
> /jonathan shapiro
More information about the end2end-interest
mailing list