Measuring TCP Round-Trip Time in the Data Plane

We present a data-plane algorithm that passively and continuously monitors the Round-Trip Time of TCP traffic, by matching data packets with their associated acknowledgments and calculating a time difference. Compared with traditional measurement systems based on active probing or measuring only SYN/ACK packets, our algorithm passively produces many samples for long-running connections. This enables network operators to observe abnormal RTT increases, which signal possible security or performance issues in the network, in real-time. To satisfy the stringent memory size and access constraints of programmable switches, our algorithm uses a multi-stage hash table data structure to maintain records for in-flight packets; the records not receiving their acknowledgments are lazily expired and overwritten. We implement our algorithm on a Barefoot Tofino programmable switch. Evaluation using a real-world traffic trace from a 10 Gbps campus network link demonstrates that our solution can accurately capture 99% of available RTT samples, using only 4 MB of data-plane memory.

[1]  Al Morton,et al.  Adding Explicit Passive Measurability of Two-Way Latency to the QUIC Transport Protocol , 2018 .

[2]  Y. Raghu Reddy,et al.  Web100: extended TCP instrumentation for research, education and diagnosis , 2003, CCRV.

[3]  Kevin Jeffay,et al.  Variability in TCP round-trip times , 2003, IMC '03.

[4]  Andrew Hiles Service Level Agreements , 1994 .

[5]  Brian Tierney,et al.  perfSONAR : Instantiating a Global Network Measurement Framework , 2009 .

[6]  Minlan Yu,et al.  Profiling Network Performance for Multi-tier Data Center Applications , 2011, NSDI.

[7]  Haitao Wu,et al.  NetBouncer: Active Device and Link Failure Localization in Data Center Networks , 2019, NSDI.

[8]  Ran Ben Basat,et al.  Efficient Measurement on Programmable Switches Using Probabilistic Recirculation , 2018, 2018 IEEE 26th International Conference on Network Protocols (ICNP).

[9]  S. Muthukrishnan,et al.  Heavy-Hitter Detection Entirely in the Data Plane , 2016 .

[10]  Brian Trammell,et al.  The QUIC Latency Spin Bit , 2018 .

[11]  Hua Chen,et al.  Pingmesh: A Large-Scale System for Data Center Network Latency Measurement and Analysis , 2015, SIGCOMM.

[12]  Graham Cormode,et al.  An improved data stream summary: the count-min sketch and its applications , 2004, J. Algorithms.

[13]  C. Rama Krishna,et al.  Defending network system against IP spoofing based distributed DoS attacks using DPHCF-RTT packet filtering technique , 2014, 2014 International Conference on Issues and Challenges in Intelligent Computing Techniques (ICICT).

[14]  A. Mukaddam,et al.  Round trip time to improve hop count filtering , 2012, 2012 Symposium on Broadband Networks and Fast Internet (RELABIRA).

[15]  Jennifer Rexford,et al.  Dapper: Data Plane Performance Diagnosis of TCP , 2016, SOSR.

[16]  Prateek Mittal,et al.  RAPTOR: Routing Attacks on Privacy in Tor , 2015, USENIX Security Symposium.

[17]  Luca De Cicco,et al.  HTTP over UDP: an experimental investigation of QUIC , 2015, SAC.

[18]  Jennifer Rexford,et al.  SICO: Surgical Interception Attacks by Manipulating BGP Communities , 2019, CCS.

[19]  Vern Paxson,et al.  Measurements and analysis of end-to-end Internet dynamics , 1997 .

[20]  Fernando A. Kuipers,et al.  Detecting Heavy Hitters in the Data-plane , 2019, ArXiv.

[21]  Nick Feamster,et al.  Lightweight, General Inference of Streaming Video Quality from Encrypted Traffic , 2019, ArXiv.

[22]  Walter Willinger,et al.  Sonata: query-driven streaming network telemetry , 2018, SIGCOMM.

[23]  Matt Mathis,et al.  TCP Extended Statistics MIB , 2007, RFC.

[24]  Aleksandar Kuzmanovic,et al.  Measurement lab: overview and an invitation to the research community , 2010, CCRV.

[25]  Vaibhav Bajpai,et al.  Inferring persistent interdomain congestion , 2018, SIGCOMM.

[26]  Dimitrios P. Pezaros,et al.  Ruru: High-speed, Flow-level Latency Measurement and Visualization of Live Internet Traffic , 2017, SIGCOMM Posters and Demos.

[27]  Kang Li,et al.  New Methods for Passive Estimation of TCP Round-Trip Times , 2005, PAM.

[28]  Nick Feamster,et al.  Inferring Streaming Video Quality from Encrypted Traffic: Practical Models and Deployment Experience , 2019, SIGMETRICS Perform. Evaluation Rev..

[29]  Michael Rabinovich,et al.  TCP Stretch Acknowledgements and Timestamps: Findings and Implications for Passive RTT Measurement , 2015, CCRV.