With CVE-2019-11477, a string of TCP SACK responses will cause the Linux kernel to unexpectedly hit an internal data structure limit, triggering a fatal panic. The others affecting Linux will force the system to consume resources, thus slowing it down, as Red Hat explained in its technical summary today.
You can measure packet retransmits from the client to the server by counting the number of duplicate sequence numbers.
Packet retransmits from the server to the client can be measured by counting duplicate Ack numbers.
Note that a retransmit is triggered by more than just total loss (= timeout); if the remote machine rejects the packet, or the packet is corrupted, the local machine must also retransmit.
I needed a way to measure this on a wifi network where packet loss can be very high and bursty. This answer seems relatively simple to implement — just store off ACK sequence numbers into an array of limited size and count how many times every new ACK matches in that array. By monitoring this count I can determine where and when certain areas are getting bad and perhaps alert or alarm based upon a certain threshold.
The tweaked version of TCP being honed by the MIT group and colleagues instead sends mathematical functions describing multiple packets so that a receiving device, such as a satellite terminal, can solve for missing ones without having to refetch them. “You transfer more packets than what you normally would, but you don’t have to retransmit,” Khan says.
This is a problem streaming in wifi networks with sketchy coverage as well. This is similar to a snippet I posted here on 10/25/2012 in reference to this article also from the MIT Technology Review A Bandwidth Breakthrough
Apparently they’re still working on this TCP retransmission problem.
Remy is a computer program that figures out how computers can best cooperate to share a network.
Remy creates end-to-end congestion-control algorithms that plug into the Transmission Control Protocol (TCP). These computer-generated algorithms can achieve higher performance and greater fairness than the most sophisticated human-designed schemes.
via TCP ex Machina.
MultiPath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/interfaces by a modification of TCP that presents a regular TCP interface to applications, while in fact spreading data across several subflows. Benefits of this include better resource utilization, better throughput and smoother reaction to failures. Slides – explaining MultiPath TCP – are available in .pdf and .pptx format. You can also have a look at our Google Techtalk about MPTCP.
On the surface, ants and the Internet don’t seem to have much in common. But two Stanford researchers have discovered that a species of harvester ants determine how many foragers to send out of the nest in much the same way that Internet protocols discover how much bandwidth is available for the transfer of data. The researchers are calling it the “anternet.”
This site was also a good reference when I tried to find out what common services used port 9000.
CCN directly routes and delivers named pieces of content at the packet level of the network, enabling automatic and application-neutral caching in memory wherever it’s located in the network. The result? Efficient and effective delivery of content wherever and whenever it is needed. Since the architecture enables these caching effects as an automatic side effect of packet delivery, memory can be used without building expensive application-level caching services.
Google’s focus is on reducing latency between client machines and servers, and in particular, reducing the number of round trips (either client to server and back to client, or vice versa) required. When data is sent over a TCP connection, its receipt must be acknowledged by the receiving end. The sending end can only send a certain number of packets before it must wait for an acknowledgement. The time taken to receive an acknowledged is governed by the round-trip time (RTT). With high bandwidth, high latency connections, clients and servers can end up spending most of their time waiting for acknowledgements, rather than sending packets.
More far-reaching than these SSL tweaks is Google’s proposed alternative to the HTTP protocol that underpins the Web: SPDY.
Part of the Transmission Control Protocol TCP specification RFC 1122 allows a receiver to advertise a zero byte window, instructing the sender to maintain the connection but not send additional TCP payload data. The sender should then probe the receiver to check if the receiver is ready to accept data. Narrow interpretation of this part of the specification can create a denial-of-service vulnerability. By advertising a zero receive window and acknowledging probes, a malicious receiver can cause a sender to consume resources TCP state, buffers, and application memory, preventing the targeted service or system from handling legitimate connections.