Multipath transport for virtual private networks
Loading...
Authors
Lukaszewski, Daniel
Xie, Geoffrey G.
Subjects
Advisors
Date of Issue
2017
Date
Publisher
USENIX
Language
Abstract
An important class of virtual private networks (VPNs) builds secure tunnels at the transport layer leveraging TCP or UDP. Multipath TCP (MPTCP), an ongoing IETF effort that has been adopted into Linux and iOS, extends TCP to allow data to be delivered over multiple network interfaces and paths simultaneously. In this paper, using a testbed that can emulate a range of path characteristics between the VPN end points, we first empirically quantify the potential of using MPTCP tunnels to increase the goodput of VPN communications when multiple data paths are available. We further design and implement a preliminary version of Multipath UDP (MPUDP) to address the adverse effect of the duplicated congestion control actions that is known with a TCP-in-TCP tunnel. We observe that a severe asymmetry of path delays may cause an excessive amount of packet reordering at the receiving end and consequently degrade the overall performance of TCP-in-MPUDP tunnels. Moreover, we find that a packet scheduler capable of tracking path delays and allocating more packets to path(s) with shorter delay(s) to be an effective and relatively lightweight solution for MPUDP, instead of an elaborate data sequencing mechanism like the one used by MPTCP.
Type
Conference Paper
Description
The article of record as published may be found at http://www.usenix.org/node/205862
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
8 p.
Citation
Lukaszewski, Daniel, and Geoffrey Xie. "Multipath transport for virtual private networks." 10th {USENIX} Workshop on Cyber Security Experimentation and Test ({CSET} 17). USENIX} Association}, 2017.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.