[e2e] TCP spoofing in overlay networks
Jon Crowcroft
Jon.Crowcroft at cl.cam.ac.uk
Wed Mar 2 04:55:57 PST 2005
you're making lots of assumptions about how the
software operates at the splice point. there are lots of ways to
mitigate the problems you describe - and papers about it
i think in fact we had rather more experience of this this side of the
pond than elsewhere with TCP/IP on 2Mbps X.25 nets in Europe, and, at
one point, the X.25 implemented between Cisco boxes over TCP:)
so we know the pitfalls
but a non-oblivious overlay can easily obviate this - there's ample
evidence that a p2p system is exactly that.
In missive <4225B132.60808 at reed.com>, "David P. Reed" typed:
>>Au contraire, there has been lots of experience running TCP over
>>"reliable links". Lots of experience in the field with using frame relay
>>as a "hop", and turning on end-to-end reliability by accident, suggests
>>that the underlay TCP will interact with the overlay in a disastrous
>>postive feedback control loop creating unstable end-to-end behavior.
>>It is *essential* that the underlay TCP *not* try to hide congestion,
>>which is signaled by packet drops. In other words if you are spoofing
>>IP with TCP-based links, you have to create a situation in which the
>>underlay does not allow its buffering to expand elasticly.
cheers
jon
More information about the end2end-interest
mailing list