[e2e] Is a non-TCP solution dead?
Cannara
cannara at attglobal.net
Thu Apr 24 21:08:54 PDT 2003
Now Spencer, you know the answer -- neither 1) or 2). :]
The key in making any deductions is to know what the measurement tools do and
how they might be fooled.
Alex
Spencer Dawkins wrote:
>
> OK, I'll byte (ha!).
>
> And the difference to the network between
>
> (1) a TCP flow and
>
> (2) a non-TCP flow tunneled over TCP
>
> is?
>
> (signed) curious
>
> Or are we saying "a non-TCP flow tagged as TCP to get through
> firewalls, but not conforming to TCP congestion avoidance"? I'd
> be thrilled to see that...
>
> It's interesting to look at the contents of tunneled packets for
> traffic analysis, but if you tunnel over TCP/HTTP to get through
> firewalls, the network thinks (correctly!) it's carrying
> TCP/HTTP, end of sentence.
>
> I would be interested in seeing references for "traffic that
> masquarades as TCP, and probably as HTTP as well (how else would
> you get through proxies?), but doesn't behave like TCP"...
>
> --- Cannara <cannara at attglobal.net> wrote:
> > John, I don't know enough about Inet2 to argue, but what you
> > say makes sense
> > from what my friends at Stanford, who manage parts of the SU
> > net, have to
> > say. I believe, as the other emails have pointed out, that
> > unless one
> > actually looks at pkt contents, one can't really get good
> > stats, due to the
> > mimicking of TCP to get through filters. This is likely why
> > tools used by
> > CAIDA, Sprint, etc. would have to be examined to see what
> > they're actually
> > looking at, if anything, other than simple port #s.
> >
> > Alex
More information about the end2end-interest
mailing list