
Network Support for TCP Fast Open [pdf] - jsnell
https://www.nanog.org/sites/default/files/Paasch_Network_Support.pdf
======
jsnell
So the headline number here is that 20% of clients are on networks where TCP
fast open doesn't work. TFO is just about the worst case when it comes to
this. It's not simply adding a TCP option that could be ignored by
middleboxes. It's essentially modifying the TCP state machine. It's also a
very fresh standard; networking equipment doesn't get replaced every 2 years.

(I happened to implement TFO for a middlebox just a couple of weeks ago. The
changes were much more invasive than for the average TCP extension).

Unfortunately there isn't a breakdown of that 20%. Is it just connections
where the SYN was dropped or the connection breaks after the SYN was let
through? Or does it also include cases where the TFO options get stripped
away? There's a huge difference in how serious these cases are.

~~~
Eridrus
I've been wanting TCPFO for a while, but I'm wondering seeing if QUIC will
arrive first and have fewer issues.

------
josephg
It'd be great if someone put together a test suite for networking equipment to
test for things like this. It could give a scorecard after checking that TCP
fast open, SCTP, Websockets-over-HTTP, IPv6, WebRTC and any other new
networking technologies work correctly.

I have no idea how to tell which routers and IDSes will silently make my
network / internet connectivity crappy.

~~~
justinsaccount
Not exactly what you are asking for, but
[http://netalyzr.icsi.berkeley.edu/](http://netalyzr.icsi.berkeley.edu/) comes
close.

------
mino
Talk is here: [https://youtu.be/Qo9rFpiLMWI](https://youtu.be/Qo9rFpiLMWI)

For the other talks in this edition of NANOG see:
[https://www.nanog.org/meetings/nanog67/agenda](https://www.nanog.org/meetings/nanog67/agenda)

------
wittedhaddock
We built a similar feature into
Caffeine—[http://www.caffei.net/](http://www.caffei.net/)

they're absolutely right about the affect on UX & revenue...

------
api
This is a special case example of why middle-boxes, especially those that
actually modify traffic rather than just scanning or prioritizing it, are
evil.

~~~
sigjuice
It is a miracle that things even work at all with each and every one of your
packets being molested every step of the way.

