Implementation Flashcards

1
Q

TFO has been implemented here…

A

1) The Linux 2.6.34 kernel

2) Chrome Browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

a key aspect to both the design and implementation

of TFO is that

A

It does not affect TCP congestion control.
That is, since congestion control only takes place after
TCP’s handshake completes, and TFO is only in use during
the handshake, the two are entirely separate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

TFO’s modifications included alterations

to incoming packet handling in the

A

LISTEN, SYN SENT,
and SYN RCVD states and to the routines that transmit TCP
packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TFO’s implementation uses

A

8 byte TFO cookie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The truncated result that is 8 bytes to generate

the cookie.

A

The 128-bit (16 byte) AES block cipher implementation
available in the Linux Kernel CryptoAPI is used to encrypt each client IP value… which is then truncated to the 8 byte cookie.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

We pad IPv4 client IP addresses with zeros
to create a 16 byte IP value while IPv6 addresses are used
in full.

A

The fixed size, 8 byte TFO cookie.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In order to validate the cookie contained within an incoming TFO request,

A

the server recomputes the 8 byte cookie value

based upon the incoming source IP address and compares it to the cookie included by the client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

For the cookie cache - which is used by clients hosts’ network stack

A

we implemented a simple LRU policy that
caches cookies, RTT, andMSS by server IP. While we found
that this policy worked well, this cache replacement policy
is not in any way tied to the protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Server side application changes

A

Server side applications need just a single additional line of
code: a call to setsockopt() to set the TFO socket option
for the listen socket

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Client side application changes

A

Client side applications must replace
connect() and the first send() call with a single
call to sendto() with the appropriate flags

How well did you know this?
1
Not at all
2
3
4
5
Perfectly