Re: [multipathtcp] Consensus call on potential MPTCP proxy work

Jordan Melzer <> Wed, 19 April 2017 18:59 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5C772129BEE for <>; Wed, 19 Apr 2017 11:59:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.08
X-Spam-Status: No, score=-4.08 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); domainkeys=fail (1024-bit key) reason="fail (message has been altered)"
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Y17wxWcaRmpt for <>; Wed, 19 Apr 2017 11:59:25 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 7FDBD129B1D for <>; Wed, 19 Apr 2017 11:59:25 -0700 (PDT)
DomainKey-Signature: s=donder.nssi;; c=nofws; q=dns; h=X-IronPort-Anti-Spam-Filtered: X-IronPort-Anti-Spam-Result:X-IronPort-AV:Received: Received:Received:Received:From:To:Subject:Thread-Topic: Thread-Index:Date:Message-ID:References:In-Reply-To: Accept-Language:Content-Language:X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader:x-originating-ip: Content-Type:MIME-Version:Return-Path; b=vNtCLMo3Zeqde85EeErEE84lfJxccHcqCM575adrw4YHjqFI9BlSH6w4 9j9g/qfW0EdizkoHhdfa6VuPOD0LVBlAXfUT82/7Ls5fwBnY+boRhQ9A2 g1UJ8pflstj4lgzKc+gJ2rSR5wUUNPNwbOL/bJ8WRJ2GakpI5gh+jgwmI U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.37,222,1488844800"; d="p7s'?scan'208,217";a="630702717"
Received: from unknown (HELO ([]) by with ESMTP/TLS/AES128-SHA; 19 Apr 2017 18:59:20 +0000
Received: from ( by ( with Microsoft SMTP Server (TLS) id 8.3.348.2; Wed, 19 Apr 2017 12:59:20 -0600
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1236.3; Wed, 19 Apr 2017 11:59:19 -0700
Received: from ([fe80::3d29:ad33:93d3:ea45]) by ([fe80::3d29:ad33:93d3:ea45%14]) with mapi id 15.00.1236.000; Wed, 19 Apr 2017 11:59:18 -0700
From: Jordan Melzer <>
To: Joe Touch <>, "" <>, "" <>, "" <>
Thread-Topic: [multipathtcp] Consensus call on potential MPTCP proxy work
Date: Wed, 19 Apr 2017 18:59:18 +0000
Message-ID: <>
References: <> <> <787AE7BB302AE849A7480A190F8B933009E4FBB2@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <> <787AE7BB302AE849A7480A190F8B933009E503BE@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <>
In-Reply-To: <>
Accept-Language: en-CA, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0026_01D2B91D.849CE2B0"
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [multipathtcp] Consensus call on potential MPTCP proxy work
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 19 Apr 2017 18:59:28 -0000

It's a conventional proxy.  There are different sockets on each side of the
proxy, different RTTs, different congestion control.  The proposal is to
find a near-zero overhead way to do this when the proxy is off-path (ie,
when it's not a simple connection hijack).  This may be totally possible
without a new RFC - Christoph Paasch suggested that SOCKS + TFO could
basically become this, but I am not sure anyone who cared either caught it
or agreed.


Re b), it's off-topic, but what would you think of a multipath tunnel that
was basically MPTCP with the retransmissions gutted out?  I had thought this
would be what BANANA is doing, but I am not clear there are any two people
in BANANA who agree on what it is.



From: multipathtcp [] On Behalf Of Joe
Sent: April 19, 2017 02:17 PM
Subject: Re: [multipathtcp] Consensus call on potential MPTCP proxy work




On 4/18/2017 10:26 PM, wrote:

As explained in my previous message, there is no layered congestion control.
All packets are transported over plain TCP: no encap, no tunnel. 

I did say "if"; I now understand better what you're trying to do, but there
are plenty of parts still not addressed:

 I really reiterate my comment to read

Here's what those slides do not explain:

- is this system 1:1 per client TCP connection, or are you expecting a
single MPTCP between proxies to support multiples?
- what is the congestion control interaction? I.e., does the client think
the RTT is to the proxy (which will work), or to the TCP receiver past the
end of the MPTCP connection? 
    NOTE: if the latter, then you still end up with layered congestion
- what is the proxy relaying?
    is it TCP data, or is it somehow trying to tunnel and reconstitute the
entire packet?
    NOTE: if it reconstitutes the packet, what happens when you get an
option you don't understand? E.g., EDO?

There are still plenty of more concerns with this system. Overall, you
*still* appear to be doing one of two things:

    a) acting like a conventional application-layer proxy, which would be
fine but would not require any new RFCs
    b) tunneling - or acting exactly like you're tunneling, by
reconstituting packets on the other end - a TCP connection over TCP, which
is a bad idea

So which is it? Or is it something else?