Re: [multipathtcp] potential MPTCP proxy charter item

Mirja Kühlewind <> Mon, 07 November 2016 15:42 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5BDDA1296A2 for <>; Mon, 7 Nov 2016 07:42:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.697
X-Spam-Status: No, score=-5.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6-nwY3sn3WtV for <>; Mon, 7 Nov 2016 07:42:38 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0DF4F1295B9 for <>; Mon, 7 Nov 2016 07:42:37 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id ED0D4D930D; Mon, 7 Nov 2016 16:42:35 +0100 (MET)
X-Virus-Scanned: by amavisd-new on
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with LMTP id GRnFGXMUbKIp; Mon, 7 Nov 2016 16:42:35 +0100 (MET)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: mirjak) by (Postfix) with ESMTPSA id A89DCD9309; Mon, 7 Nov 2016 16:42:35 +0100 (MET)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
From: Mirja Kühlewind <>
In-Reply-To: <>
Date: Mon, 07 Nov 2016 16:42:34 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <787AE7BB302AE849A7480A190F8B933009D9577B@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <22907_1476946228_58086934_22907_5464_1_a7bca8d2-7656-4ff0-9f01-cf307f017148@OPEXCLILM42.corporate.adroot.infra.ftgroup> <> <> <b8bfd5c6-21eb-4c4f-879a-851c3a71792a@OPEXCLILM31.corporate.adroot.infra.ftgroup> <> <787AE7BB302AE849A7480A190F8B933009D9CA84@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <> <787AE7BB302AE849A7480A190F8B933009DAAA88@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <> <> <>
X-Mailer: Apple Mail (2.3251)
Archived-At: <>
Cc: "" <>
Subject: Re: [multipathtcp] potential MPTCP proxy charter item
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multi-path extensions for TCP <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 07 Nov 2016 15:42:40 -0000

Hi Olivier,

a few comments/questions below.

> Am 06.11.2016 um 22:12 schrieb Olivier Bonaventure <>:
> Mirja,
>> first, I agree with Alan that such a signal does not need to/should not be part of the MPTCP protocol.
> Adding the signal inside MPTCP reduces the end-to-end delay compared with a pure application layer solution likes SOCKS and this is really important.
>> MPTCP (as TCP is) is an end2end protocol. If you have one (or two) proxies in the middle, you split up the connection into multiple new ‚end2end‘ connections. If you need additional signaling information on one of the new connections, that a question for a high-layer protocol that uses MPTCP (which is what you do, when you propose it to be part of the payload).
> SOCKS has been tried in some deployments with MPTCP and it increases the end-to-end delay given the additional rtt that are required.

I didn’t propose SOCKS. For me the solution could more or less be the same than you propose: you use TCP payload in the SYN for signal the needed information. I’m just saying this does not need to be part of the MPTCP protocol. I can simple be an own thing.

>> Second, I’m not a big fan of the a two side proxy scenario where one side simply assumes that the destination is not MPTCP-capable. This does not support MPTCP deployment but hinders native MPTCP deployment (basically ensuring that these proxies stay forever in the network and add additional complexity even if all endpoints are MPTCP-enabled one day). I guess a proxy should always first forward the MCTCP handshake and only if the reply does not support MPTCP, then termite the connection, reply the initiator accordingly and setup a new TCP to the destination. This might cause additional delay but it provides a big benefit if the destination is MPTCP-capable and supports native deployment.
> It's clear that the MCP should send the MP_CAPABLE option in the SYN towards the destination server and fallback to TCP is this fails. Since there are some middleboxes that continue to silently drop the MP_CAPABLE option, the MCP should be able to maintain a list of destination servers where it had to fallback to regular TCP (e.g. after n retransmissions of the SYN with MP_CAPABLE as suggested in RFC6824) and no attempt to use MPTCP for these destinations. This cache should be reset on a regular basis to probe again the destination servers.

Do you mean the MCP forwards the original SYN (and basically does nothing if the server supports MPTCP) or does the MCP terminate the TCP connection and start a new TCP connection with MP_CAPABLE towards the server?


> Olivier