An Untold Story of Middleboxes in Cellular Networks

Size: px
Start display at page:

Download "An Untold Story of Middleboxes in Cellular Networks"

Transcription

1 An Untold Story of Middleboxes in Cellular Networks Zhaoguang Wang 1 Zhiyun Qian 1, Qiang Xu 1, Z. Morley Mao 1, Ming Zhang 2 1 University of Michigan 2 Microsoft Research

2 Background on cellular network Cellular Core Network Internet 2

3 Why carriers deploy middleboxes? Private IP Public IP Cellular Core Network Internet IP address 3

4 Problems with middleboxes P2P? Smartphone energy cost? Cellular Core Network Application performance? Internet Policies? 4

5 Challenges and solutions Policies can be complex and proprietary Design a suite of end-to-end probes Cellular carriers are diverse Publicly available client Android app Implications of policies are not obvious Conduct controlled experiments 5

6 Related work Internet middleboxes study [Allman, IMC 03], [Medina, IMC 04] NAT characterization and traversal STUN[MacDonald et al.], [Guha and Francis, IMC 05] Cellular network security [Serror et al., WiSe 06], [Traynor et al., Usenix Security 07] Cellular data network measurement WindRider, [Huang et al., MobiSys 10] 6

7 Goals Develop a tool that accurately infers the NAT and firewall policies in cellular networks Understand the impact and implications Application performance Energy consumption Network security 7

8 The NetPiculet measurement system NetPiculet Client NetPiculet Client Cellular Core Network Internet NetPiculet Server NetPiculet Client NetPiculet Client Policies 8

9 Target policies in NetPiculet Firewall NAT IP spoofing TCP connection timeout Out-of-order packet buffering NAT mapping type Endpoint filtering TCP state tracking Filtering response Packet mangling 9

10 Target policies in NetPiculet Firewall NAT IP spoofing TCP connection timeout Out-of-order packet buffering NAT mapping type Endpoint filtering TCP state tracking Filtering response Packet mangling 10

11 Key findings Some carriers allow IP spoofing Create network vulnerability Firewall Some carriers time out idle connections aggressively Drain batteries of smartphones Some firewalls buffer out-of-order packet Degrade TCP performance NAT One NAT mapping linearly increases port # with time Classified as random in previous work 11

12 Diverse carriers studied NetPiculet released in Jan users from 107 cellular carriers in two weeks 2% 2% 9% UMTS EVDO 19% 10% 43% Europe Asia North America South America 91% 24% Australia Africa Technology Continent 12

13 Outline IP spoofing 1 TCP connection timeout 2 TCP out-of-order buffering 3 NAT mapping 4 13

14 Outline IP spoofing 1 TCP connection timeout 2 TCP out-of-order buffering 3 NAT mapping 4 14

15 Why allowing IP spoofing is bad? DST_IP = Cellular Core Network SRC_IP = Internet

16 Test whether IP spoofing is allowed NetPiculet Client SRC_IP Cellular = Core Network PAYLOAD = Internet NetPiculet Server Allow IP spoofing! 16

17 4 out of 60 carriers allow IP spoofing IP spoofing should be disabled 7% Allow Disallow 93% 17

18 Outline IP spoofing 1 TCP connection timeout 2 TCP out-of-order buffering 3 NAT mapping 4 18

19 Why short TCP timeout timers are bad? Cellular Core Network Internet KEEP-ALIVE Terminate Idle TCP Connection 19

20 Measure the TCP timeout timer Time = min NetPiculet Client Is Is alive? alive? Cellular Core Network Internet Yes! NetPiculet Server 5min 5min < Timer < < Timer 10min 20

21 Short timers identified in a few carriers 4 carriers set timers less than 5 minutes < 5 min 5% 5-10 min 10% min 8% > 30 min 66% min 11% 21

22 Short timers drain your batteries Assume a long-lived TCP connection, a battery of 1350mAh How much battery on keep-alive messages in one day? 20% 5 min 22

23 Outline IP spoofing 1 TCP connection timeout 2 TCP out-of-order buffering 3 NAT mapping 4 23

24 TCP out-of-order packet buffering NetPiculet Client Cellular Core Network Packet Internet NetPiculet Server Buffering out-of-order packets 24

25 Fast Retransmit cannot be triggered Degrade TCP performance! 1 2 RTO 25

26 TCP performance degradation Evaluation methodology Emulate 3G environment using WiFi 400 ms RTT, loss rate 1% Longer downloading time +44% More energy consumption 26

27 Outline IP spoofing 1 TCP connection timeout 2 TCP out-of-order buffering 3 NAT mapping 4 27

28 NAT mapping is critical for NAT traversal P2P Use NAT mapping type for port prediction A NAT 1 NAT 2 B 28

29 What is NAT mapping type? NAT mapping type defines how the NAT assign external port to each connection 12 TCP connections NAT 29

30 Behavior of a new NAT mapping type Creates TCP connections to the server with random intervals Record the observed source port on server Treated as random by NOT existing random! traversal techniques Thus impossible to predict port Port prediction is feasible 30

31 Lessons learned IP spoofing creates security vulnerability IP spoofing should be disabled Firewall Small TCP timeout timers waste user device energy Timer should be longer than 30 minutes Out-of-order packet buffering hurts TCP performance Consider interaction with application carefully NAT One NAT mapping linearly increases port # with time Port prediction is feasible 31

32 Conclusion We built NetPiculet, a tool that can accurately infer NAT and firewall policies in the cellular networks NetPiculet has been wildly deployed in hundreds of carriers around the world We demonstrated the negative impact of the network policies and make improvement suggestions 32

33 33

A Measurement of NAT & Firewall Characteristics in Peer to Peer Systems

A Measurement of NAT & Firewall Characteristics in Peer to Peer Systems A Measurement of NAT & Firewall Characteristics in Peer to Peer Systems L. D Acunto, J.A. Pouwelse, and H.J. Sips Department of Computer Science Delft University of Technology, The Netherlands l.dacunto@tudelft.nl

More information

Silent TCP Connection Closure for Cellular Networks

Silent TCP Connection Closure for Cellular Networks Silent TCP Connection Closure for Cellular Networks Feng Qian, Subhabrata Sen, and Oliver Spatscheck AT&T Labs Research, Bedminster, New Jersey, USA {fengqian,sen,spatsch}@research.att.com ABSTRACT FIN

More information

Multipath TCP in Practice (Work in Progress) Mark Handley Damon Wischik Costin Raiciu Alan Ford

Multipath TCP in Practice (Work in Progress) Mark Handley Damon Wischik Costin Raiciu Alan Ford Multipath TCP in Practice (Work in Progress) Mark Handley Damon Wischik Costin Raiciu Alan Ford The difference between theory and practice is in theory somewhat smaller than in practice. In theory, this

More information

Detecting MS Initiated Signaling DDoS Attacks in 3G/4G Wireless Networks

Detecting MS Initiated Signaling DDoS Attacks in 3G/4G Wireless Networks Detecting MS Initiated Signaling DDoS Attacks in 3G/4G Wireless Networks Aman Gupta*, Tanmay Verma*, Soshant Bali, Sanjit Kaul IIIT Delhi, India Abstract The hierarchical architecture of present day cellular

More information

Protecting Mobile Devices From TCP Flooding Attacks

Protecting Mobile Devices From TCP Flooding Attacks Protecting Mobile Devices From TCP Flooding Attacks Yogesh Swami % and Hannes Tschofenig* % Nokia Research Center, Palo Alto, CA, USA. * Siemens Corporate Technology, Munich, DE. 1 Motivation Anatomy of

More information

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP)

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP) TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) *Slides adapted from a talk given by Nitin Vaidya. Wireless Computing and Network Systems Page

More information

Screen-Off Traffic Characterization and Optimization in 3G/4G Networks

Screen-Off Traffic Characterization and Optimization in 3G/4G Networks Screen-Off Traffic Characterization and Optimization in 3G/4G Networks Z. Morley Mao University of Michigan Junxian Huang University of Michigan Subhabrata Sen AT&T Labs - Research Feng Qian University

More information

How To Configure Virtual Host with Load Balancing and Health Checking

How To Configure Virtual Host with Load Balancing and Health Checking How To Configure Virtual Host with Load How To Configure Virtual Host with Load Balancing and Health Checking Balancing and Health Checking Applicable Version: 10.02.0 Build 473 onwards Overview This article

More information

Cellular Data Network Infrastructure Characterization and Implication on Mobile Content Placement

Cellular Data Network Infrastructure Characterization and Implication on Mobile Content Placement Cellular Data Network Infrastructure Characterization and Implication on Mobile Content Placement Qiang Xu University of Michigan qiangxu@eecs.umich.edu Feng Qian University of Michigan fengqian@eecs.umich.edu

More information

TCP in Wireless Mobile Networks

TCP in Wireless Mobile Networks TCP in Wireless Mobile Networks 1 Outline Introduction to transport layer Introduction to TCP (Internet) congestion control Congestion control in wireless networks 2 Transport Layer v.s. Network Layer

More information

Optimizing Background Email Sync on Smartphones

Optimizing Background Email Sync on Smartphones Optimizing Background Email Sync on Smartphones Fengyuan Xu 1,3, Yunxin Liu 1, Thomas Moscibroda 1, Ranveer Chandra 2, Long Jin 1,4, Yongguang Zhang 1, Qun Li 3 1 Microsoft Research Asia, Beijing, China

More information

A Passive Method for Estimating End-to-End TCP Packet Loss

A Passive Method for Estimating End-to-End TCP Packet Loss A Passive Method for Estimating End-to-End TCP Packet Loss Peter Benko and Andras Veres Traffic Analysis and Network Performance Laboratory, Ericsson Research, Budapest, Hungary {Peter.Benko, Andras.Veres}@eth.ericsson.se

More information

Comparison of Battery Life Performance of VoLTE Capable Devices

Comparison of Battery Life Performance of VoLTE Capable Devices Comparison of Battery Life Performance of VoLTE Capable Devices Date: 02/11/2013 Document Version Number: 1.0 Author: Ardeshir Ghanbarzadeh Manager, Product Management SPIRENT 7340 Executive Way, Suite

More information

Mobile Computing/ Mobile Networks

Mobile Computing/ Mobile Networks Mobile Computing/ Mobile Networks TCP in Mobile Networks Prof. Chansu Yu Contents Physical layer issues Communication frequency Signal propagation Modulation and Demodulation Channel access issues Multiple

More information

Behavior Analysis of Smartphone. version 1.1

Behavior Analysis of Smartphone. version 1.1 Behavior Analysis of Smartphone version 1.1 Behavior Analysis of Smartphone 1 Background...1 2 Always-on-line application...2 3 Always-on-line PDP context...4 4 Fast Dormancy...7 5 Summary...9 Background

More information

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection

More information

NAT Traversal for VoIP. Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University

NAT Traversal for VoIP. Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University 1 What is NAT NAT - Network Address Translation RFC 3022

More information

In the Trenches of a Globally Spanning SIP Network

In the Trenches of a Globally Spanning SIP Network In the Trenches of a Globally Spanning SIP Network & the days spent firefighting AGENDA - Our SIP Network at a glance - Loops - Failover strategies - Connection Management - Registration - Misc INTRO

More information

Anatomizing Application Performance Differences on Smartphones

Anatomizing Application Performance Differences on Smartphones Anatomizing Application Performance Differences on Smartphones Junxian Huang University of Michigan hjx@eecs.umich.edu Z. Morley Mao University of Michigan zmao@eecs.umich.edu Qiang Xu University of Michigan

More information

STANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT

STANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT STANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT 1. TIMING ACCURACY The accurate multi-point measurements require accurate synchronization of clocks of the measurement devices. If for example time stamps

More information

Chapter 15. Transmission Control Protocol (TCP) TCP/IP Protocol Suite 1

Chapter 15. Transmission Control Protocol (TCP) TCP/IP Protocol Suite 1 Chapter 15 Transmission Control Protocol (TCP) TCP/IP Protocol Suite 1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter Outline TCP/IP Protocol Suite 2

More information

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi 1. Introduction Ad hoc wireless networks pose a big challenge for transport layer protocol and transport layer protocols

More information

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE Microsoft Office Communications Server 2007 & Coyote Point Equalizer DEPLOYMENT GUIDE Table of Contents Unified Communications Application Delivery...2 General Requirements...6 Equalizer Configuration...7

More information

Managing Mobile Devices Over Cellular Data Networks

Managing Mobile Devices Over Cellular Data Networks Managing Mobile Devices Over Cellular Data Networks Best Practices Document Best Practices Document www.soti.net We Manage Mobility TABLE OF CONTENTS UNIQUE CHALLENGES OF MANAGING DEVICES OVER CELLULAR

More information

VoIP Impairment, Failure, and Restrictions

VoIP Impairment, Failure, and Restrictions VoIP Impairment, Failure, and Restrictions A BROADBAND INTERNET TECHNICAL ADVISORY GROUP TECHNICAL WORKING GROUP REPORT A Uniform Agreement Report Issued: May 2014 Copyright / Legal Notice Copyright Broadband

More information

Digi Cellular Application Guide Using Digi Surelink

Digi Cellular Application Guide Using Digi Surelink Introduction Digi s SureLink is a mechanism to help maintain persistent wireless connections. It contains four main components: 1. Mobile Link Rx Inactivity Timer 2. SureLink Settings - Hardware Reset

More information

Wharf T&T Limited DDoS Mitigation Service Customer Portal User Guide

Wharf T&T Limited DDoS Mitigation Service Customer Portal User Guide Table of Content I. Note... 1 II. Login... 1 III. Real-time, Daily and Monthly Report... 3 Part A: Real-time Report... 3 Part 1: Traffic Details... 4 Part 2: Protocol Details... 5 Part B: Daily Report...

More information

MAUI: Dynamically Splitting Apps Between the Smartphone and Cloud

MAUI: Dynamically Splitting Apps Between the Smartphone and Cloud MAUI: Dynamically Splitting Apps Between the Smartphone and Cloud Brad Karp UCL Computer Science CS M038 / GZ06 28 th February 2012 Limited Smartphone Battery Capacity iphone 4 battery: 1420 mah (@ 3.7

More information

Efficient Transport of VoIP Firewall Control Signaling

Efficient Transport of VoIP Firewall Control Signaling Universität Stuttgart INSTITUT FÜR NACHRICHTENVERMITTLUNG UND DATENVERARBEITUNG Prof. Dr.-Ing. Dr. h. c. mult. P. J. Kühn INSTITUT FÜR KOMMUNIKATIONSNETZE UND RECHNERSYSTEME Prof. Dr.-Ing. Dr. h. c. mult.

More information

Good Ideas So Far Computer Networking. Outline. Sequence Number Space. Lecture 18 More TCP & Congestion Control. The devilish details of TCP

Good Ideas So Far Computer Networking. Outline. Sequence Number Space. Lecture 18 More TCP & Congestion Control. The devilish details of TCP Good Ideas So Far 15-441 Computer Networking Lecture 18 More TCP & Congestion Control Flow control Stop & wait Parallel stop & wait Sliding window (e.g., advertised windows) Loss recovery outs Acknowledgement-driven

More information

Sapphire/Slammer Worm. Code Red v2. Sapphire/Slammer Worm. Sapphire/Slammer Worm. Sapphire/Slammer Worm. Why Was Slammer So Fast?

Sapphire/Slammer Worm. Code Red v2. Sapphire/Slammer Worm. Sapphire/Slammer Worm. Sapphire/Slammer Worm. Why Was Slammer So Fast? First Worm Ever Morris Worm Robert Morris, a PhD student at Cornell, was interested in network security He created the first worm with a goal to have a program live on the Internet in November 9 Worm was

More information

Low-rate TCP-targeted Denial of Service Attack Defense

Low-rate TCP-targeted Denial of Service Attack Defense Low-rate TCP-targeted Denial of Service Attack Defense Johnny Tsao Petros Efstathopoulos University of California, Los Angeles, Computer Science Department Los Angeles, CA E-mail: {johnny5t, pefstath}@cs.ucla.edu

More information

A Survey on Congestion Control Mechanisms for Performance Improvement of TCP

A Survey on Congestion Control Mechanisms for Performance Improvement of TCP A Survey on Congestion Control Mechanisms for Performance Improvement of TCP Shital N. Karande Department of Computer Science Engineering, VIT, Pune, Maharashtra, India Sanjesh S. Pawale Department of

More information

Network Probe. Figure 1.1 Cacti Utilization Graph

Network Probe. Figure 1.1 Cacti Utilization Graph Network Probe Description The MCNC Client Network Engineering group will install several open source network performance management tools on a computer provided by the LEA or charter school to build a

More information

kp2padm: An In-kernel Gateway Architecture for Managing P2P Traffic

kp2padm: An In-kernel Gateway Architecture for Managing P2P Traffic kp2padm: An In-kernel Gateway Architecture for Managing P2P Traffic Ying-Dar Lin 1, Po-Ching Lin 1, Meng-Fu Tsai 1, Tsao-Jiang Chang 1, and Yuan-Cheng Lai 2 1 National Chiao Tung University 2 National

More information

Invariant Preserving Middlebox Traversal

Invariant Preserving Middlebox Traversal Invariant Preserving Middlebox Traversal Ahmed Abujoda and Panagiotis Papadimitriou Institute of Communications Technology, Leibniz Universität Hannover, Germany {first.last}@ikt.uni-hannover.de Abstract.

More information

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment TrueSpeed VNF provides network operators and enterprise users with repeatable, standards-based testing to resolve complaints about

More information

Setting up a reflector-reflector interconnection using Alkit Reflex RTP reflector/mixer

Setting up a reflector-reflector interconnection using Alkit Reflex RTP reflector/mixer Setting up a reflector-reflector interconnection using Alkit Reflex RTP reflector/mixer Mathias Johanson Alkit Communications AB Introduction The Alkit Reflex reflector/mixer system can be set-up to interconnect

More information

PlanetSeer: Internet Path Failure Monitoring and Characterization in Wide-Area Services

PlanetSeer: Internet Path Failure Monitoring and Characterization in Wide-Area Services PlanetSeer: Internet Path Failure Monitoring and Characterization in Wide-Area Services Ming Zhang, Chi Zhang Vivek Pai, Larry Peterson, Randy Wang Princeton University Motivation Routing anomalies are

More information

Magnet Voice Windows PC Softphone Installation

Magnet Voice Windows PC Softphone Installation Magnet Voice Windows PC Softphone Installation Contents 1. Introduction 3 2. Installation 3 Step 1: Install the Software on your PC 4 Step 2: Input your registration details 4 3. Connected State 6 6. Port

More information

DeltaV System Health Monitoring Networking and Security

DeltaV System Health Monitoring Networking and Security DeltaV Distributed Control System White Paper DeltaV System Health Monitoring Networking and Security Introduction Emerson Process Management s DeltaV System Health Monitoring service enables you to proactively

More information

Firewall Testing Methodology W H I T E P A P E R

Firewall Testing Methodology W H I T E P A P E R Firewall ing W H I T E P A P E R Introduction With the deployment of application-aware firewalls, UTMs, and DPI engines, the network is becoming more intelligent at the application level With this awareness

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

How To: Diagnose Poor VoIP Calls through diagnostics.

How To: Diagnose Poor VoIP Calls through diagnostics. How To: Diagnose Poor VoIP Calls through diagnostics. When problems arise with poor VoIP phone calls, where do you start looking to troubleshoot the issue? This is one of the many challenges of managing

More information

Guide to TCP/IP, Third Edition. Chapter 5: Transport Layer TCP/IP Protocols

Guide to TCP/IP, Third Edition. Chapter 5: Transport Layer TCP/IP Protocols Guide to TCP/IP, Third Edition Chapter 5: Transport Layer TCP/IP Protocols Objectives Understand the key features and functions of the User Datagram Protocol Explain the mechanisms that drive segmentation,

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions 1. Q: What is the Network Data Tunnel? A: Network Data Tunnel (NDT) is a software-based solution that accelerates data transfer in point-to-point or point-to-multipoint network

More information

Internet Protocol Stack. TCP: Transmission Control Protocol

Internet Protocol Stack. TCP: Transmission Control Protocol Internet Protocol tack application: supporting network applications HTTP, MTP, FTP, etc transport: endhost-endhost data transfer TCP, UP network: routing of datagrams from source to destination IP, routing

More information

Table of Contents. Cisco Cisco VPN Client FAQ

Table of Contents. Cisco Cisco VPN Client FAQ Table of Contents Cisco VPN Client FAQ...1 Questions...1 Introduction...2 Q. Why does the VPN Client disconnect after 30 minutes? Can I extend this time period?...2 Q. I upgraded to Mac OS X 10.3 (known

More information

Identifying Traffic Differentiation on Cellular Data Networks!

Identifying Traffic Differentiation on Cellular Data Networks! Identifying Traffic Differentiation on Cellular Data Networks Arash Molavi Kakhki, Abbas Razaghpanah, Rajesh Golani, David Choffnes, Phillipa Gill, Alan Mislove Northeastern University, Stony Brook University

More information

TalkShow Advanced Network Tips

TalkShow Advanced Network Tips TalkShow Advanced Network Tips NewTek Workflow Team TalkShow is a powerful tool to expand a live production. While connecting in a TalkShow unit is as simple as plugging in a network cord and an SDI cable,

More information

Carrier Grade NAT. Requirements and Challenges in the Real World. Amir Tabdili Cypress Consulting amir@cypressconsult.net

Carrier Grade NAT. Requirements and Challenges in the Real World. Amir Tabdili Cypress Consulting amir@cypressconsult.net Carrier Grade NAT Requirements and Challenges in the Real World Amir Tabdili Cypress Consulting amir@cypressconsult.net Agenda 1 NAT, CG-NAT: Functionality Highlights 2 CPE NAT vs. CG-NAT 3 CGN Requirements

More information

Converged Communication and IPv6. John Loughney

Converged Communication and IPv6. John Loughney Converged Communication and IPv6 John Loughney 2008 Nokia Converged Communication and IPv6 John Loughney 4 June 2008 The Mobile Internet is here Global Mobile Internet Usage and Access 2 2008 Nokia Converged

More information

Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network

Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network 作 者 :Daiqin Yang, Ka-Cheong Leung, and Victor O. K. Li 出 處 :Wireless Communications and Networking Conference, 2007.WCNC

More information

TCP/IP Optimization for Wide Area Storage Networks. Dr. Joseph L White Juniper Networks

TCP/IP Optimization for Wide Area Storage Networks. Dr. Joseph L White Juniper Networks TCP/IP Optimization for Wide Area Storage Networks Dr. Joseph L White Juniper Networks SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals

More information

WHITE PAPER. Mobility Services Platform (MSP) Using MSP in Wide Area Networks (Carriers)

WHITE PAPER. Mobility Services Platform (MSP) Using MSP in Wide Area Networks (Carriers) WHITE PAPER Mobility Services Platform (MSP) Using MSP in Wide Area Networks (Carriers) Table of Contents About This Document... 1 Chapter 1 Wireless Data Technologies... 2 Wireless Data Technology Overview...

More information

BLOOMBERG ANYWHERE FOR MOBILE CUSTOMERS

BLOOMBERG ANYWHERE FOR MOBILE CUSTOMERS BLOOMBERG ANYWHERE FOR MOBILE CUSTOMERS Software & Connectivity Requirements 11 March 2014 Version: 1.03 BLOOMBERG ANYWHERE users have access to their information on a variety of mobile platforms including

More information

High-Speed TCP Performance Characterization under Various Operating Systems

High-Speed TCP Performance Characterization under Various Operating Systems High-Speed TCP Performance Characterization under Various Operating Systems Y. Iwanaga, K. Kumazoe, D. Cavendish, M.Tsuru and Y. Oie Kyushu Institute of Technology 68-4, Kawazu, Iizuka-shi, Fukuoka, 82-852,

More information

Network Security 2. Module 2 Configure Network Intrusion Detection and Prevention

Network Security 2. Module 2 Configure Network Intrusion Detection and Prevention 1 1 Network Security 2 Module 2 Configure Network Intrusion Detection and Prevention 2 Learning Objectives 2.1 Cisco IOS Intrusion Prevention System 2.2 Configure Attack Guards on the PIX Security Appliance

More information

Jamvee conferencing. Technical Note. Enterprise Firewall Solutions for Jamvee Desktop, Mobile Applications & Internal Video Endpoints.

Jamvee conferencing. Technical Note. Enterprise Firewall Solutions for Jamvee Desktop, Mobile Applications & Internal Video Endpoints. Jamvee conferencing Technical Note Enterprise Firewall Solutions for Jamvee Desktop, Mobile Applications & Internal Video Endpoints June 10 2014 v5 Table of Contents Jamvee Conferencing... 3 Enterprise

More information

TamoSoft Throughput Test

TamoSoft Throughput Test TAKE CONTROL IT'S YOUR SECURITY TAMOSOFT df TamoSoft Throughput Test Help Documentation Version 1.0 Copyright 2011-2014 TamoSoft Contents Contents... 2 Introduction... 3 Overview... 3 System Requirements...

More information

TCP and Wireless Networks Classical Approaches Optimizations TCP for 2.5G/3G Systems. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

TCP and Wireless Networks Classical Approaches Optimizations TCP for 2.5G/3G Systems. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Chapter 2 Technical Basics: Layer 1 Methods for Medium Access: Layer 2 Chapter 3 Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Networks: GSM, GPRS, UMTS Chapter 4 Mobility on the

More information

Monitoring Android Apps using the logcat and iperf tools. 22 May 2015

Monitoring Android Apps using the logcat and iperf tools. 22 May 2015 Monitoring Android Apps using the logcat and iperf tools Michalis Katsarakis katsarakis@csd.uoc.gr Tutorial: HY-439 22 May 2015 http://www.csd.uoc.gr/~hy439/ Outline Introduction Monitoring the Android

More information

Firewalls P+S Linux Router & Firewall 2013

Firewalls P+S Linux Router & Firewall 2013 Firewalls P+S Linux Router & Firewall 2013 Firewall Techniques What is a firewall? A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network

More information

Overcoming the Performance Limitations of Conventional SSL VPN April 26, 2006

Overcoming the Performance Limitations of Conventional SSL VPN April 26, 2006 Overcoming the Performance Limitations of Conventional SSL VPN April 26, 2006 NeoAccel, Inc. 2055 Gateway Place, Suite 240 San Jose, CA 95110 Tel: +1 (408) 274 8000 Fax: +1 (408) 274 8044 Web: www.neoaccel.com

More information

Nokia Siemens Networks Smart Labs Smart networks for smart devices

Nokia Siemens Networks Smart Labs Smart networks for smart devices Nokia Siemens Networks Smart Labs Smart networks for smart devices Marko Hokkanen NSN Smart Labs, Silicon Valley, California 1 Nokia Siemens Networks Agenda NSN Smart Labs NSN Smart Lab Measurements (Messaging,

More information

Networking for Caribbean Development

Networking for Caribbean Development Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n

More information

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation R.Navaneethakrishnan Assistant Professor (SG) Bharathiyar College of Engineering and Technology, Karaikal, India.

More information

TCP - Introduction. Features of TCP

TCP - Introduction. Features of TCP TCP - Introduction The Internet Protocol (IP) provides unreliable datagram service between hosts The Transmission Control Protocol (TCP) provides reliable data delivery It uses IP for datagram delivery

More information

Yahoo Attack. Is DDoS a Real Problem?

Yahoo Attack. Is DDoS a Real Problem? Is DDoS a Real Problem? Yes, attacks happen every day One study reported ~4,000 per week 1 On a wide variety of targets Tend to be highly successful There are few good existing mechanisms to stop them

More information

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Wireless Networks 6 (2000) 375 379 375 An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Jian Ma a, Jussi Ruutu b and Jing Wu c a Nokia China R&D Center, No. 10, He Ping Li Dong Jie,

More information

Requirements for Simulation and Modeling Tools. Sally Floyd NSF Workshop August 2005

Requirements for Simulation and Modeling Tools. Sally Floyd NSF Workshop August 2005 Requirements for Simulation and Modeling Tools Sally Floyd NSF Workshop August 2005 Outline for talk: Requested topic: the requirements for simulation and modeling tools that allow one to study, design,

More information

TCP Service Model. Announcements. TCP: Reliable, In-Order Delivery. Today s Lecture. TCP Header. TCP Support for Reliable Delivery

TCP Service Model. Announcements. TCP: Reliable, In-Order Delivery. Today s Lecture. TCP Header. TCP Support for Reliable Delivery Announcements Sukun is away this week. Dilip will cover his section and office hours. TCP: Reliable, In-Order Delivery EE 122: Intro to Communication Networks Fall 2006 (MW 4-5:30 in Donner 155) Vern Paxson

More information

Visualizations and Correlations in Troubleshooting

Visualizations and Correlations in Troubleshooting Visualizations and Correlations in Troubleshooting Kevin Burns Comcast kevin_burns@cable.comcast.com 1 Comcast Technology Groups Cable CMTS, Modem, Edge Services Backbone Transport, Routing Converged Regional

More information

Inference and Performance Evaluation of Cellular Data Networks through End-to-End Measurements

Inference and Performance Evaluation of Cellular Data Networks through End-to-End Measurements Inference and Performance Evaluation of Cellular Data Networks through End-to-End Measurements Wei Wei, Chun Zhang, Hui Zang, Jim Kurose, Don Towsley Department of Computer Science University of Massachusetts,

More information

athenahealth Interface Connectivity SSH Implementation Guide

athenahealth Interface Connectivity SSH Implementation Guide athenahealth Interface Connectivity SSH Implementation Guide 1. OVERVIEW... 2 2. INTERFACE LOGICAL SCHEMATIC... 3 3. INTERFACE PHYSICAL SCHEMATIC... 4 4. SECURE SHELL... 5 5. NETWORK CONFIGURATION... 6

More information

Network support for TCP Fast Open. Christoph Paasch

Network support for TCP Fast Open. Christoph Paasch <cpaasch@apple.com> Network support for TCP Fast Open Christoph Paasch Outline TCP Fast Open allows to reduce latency and significantly improve user-experience However, naive firewalls and bad Intrusion

More information

Geolocating IP Addresses in Cellular Data Networks

Geolocating IP Addresses in Cellular Data Networks Geolocating IP Addresses in Cellular Data Networks Sipat Triukose, Sebastien Ardon, Anirban Mahanti, Aaditeshwar Seth NICTA, Locked Bag 9013, Alexandria, NSW, Australia {sipat.triukose,sebastien.ardon,anirban.mahanti}@nicta.com.au

More information

VIA CONNECT PRO Deployment Guide

VIA CONNECT PRO Deployment Guide VIA CONNECT PRO Deployment Guide www.true-collaboration.com Infinite Ways to Collaborate CONTENTS Introduction... 3 User Experience... 3 Pre-Deployment Planning... 3 Connectivity... 3 Network Addressing...

More information

CS551 End-to-End Internet Packet Dynamics [Paxson99b]

CS551 End-to-End Internet Packet Dynamics [Paxson99b] CS551 End-to-End Internet Packet Dynamics [Paxson99b] Bill Cheng http://merlot.usc.edu/cs551-f12 1 End-to-end Packet Dynamics How do you measure Internet performance? Why do people want to know? Are ISPs

More information

Research of TCP ssthresh Dynamical Adjustment Algorithm Based on Available Bandwidth in Mixed Networks

Research of TCP ssthresh Dynamical Adjustment Algorithm Based on Available Bandwidth in Mixed Networks Research of TCP ssthresh Dynamical Adjustment Algorithm Based on Available Bandwidth in Mixed Networks 1 Wang Zhanjie, 2 Zhang Yunyang 1, First Author Department of Computer Science,Dalian University of

More information

Switchboard: A Matchmaking System for Multiplayer Mobile Games

Switchboard: A Matchmaking System for Multiplayer Mobile Games Battling demons and vampires on your lunch break Switchboard: A Matchmaking System for Multiplayer Mobile Games Justin Manweiler, Sharad Agarwal, Ming Zhang, Romit Roy Choudhury, Paramvir Bahl ACM MobiSys

More information

ipecs Communicator Installation and Operation Guide Please read this manual carefully before operating your set. Retain it for future reference.

ipecs Communicator Installation and Operation Guide Please read this manual carefully before operating your set. Retain it for future reference. ipecs Communicator Installation and Operation Guide ipecs is an Ericsson-LG Brand Please read this manual carefully before operating your set. Retain it for future reference. Revision History Issue Date

More information

Guide to TCP/IP Fourth Edition. Chapter 9: TCP/IP Transport Layer Protocols

Guide to TCP/IP Fourth Edition. Chapter 9: TCP/IP Transport Layer Protocols Guide to TCP/IP Fourth Edition Chapter 9: TCP/IP Transport Layer Protocols Objectives Explain the key features and functions of the User Datagram Protocol and the Transmission Control Protocol Explain,

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 3 Firewalls Specific Instructional Objectives On completion of this lesson, the students will be able to answer: What a firewall is? What are the design goals of Firewalls

More information

NAT and Firewall Traversal with STUN / TURN / ICE

NAT and Firewall Traversal with STUN / TURN / ICE NAT and Firewall Traversal with STUN / TURN / ICE Simon Perreault Viagénie {mailto sip}:simon.perreault@viagenie.ca http://www.viagenie.ca Credentials Consultant in IP networking and VoIP at Viagénie.

More information

High-Performance Automated Trading Network Architectures

High-Performance Automated Trading Network Architectures High-Performance Automated Trading Network Architectures Performance Without Loss Performance When It Counts Introduction Firms in the automated trading business recognize that having a low-latency infrastructure

More information

Network Infrastructure Security in Cellular Data Networks: An Initial Investigation

Network Infrastructure Security in Cellular Data Networks: An Initial Investigation Network Infrastructure Security in Cellular Data Networks: An Initial Investigation Kavita Barapatre, Nirlesh Koshta, Vishal Sharma IIT Bombay, Mumbai, India and Fabio Ricciato Forschungszentrum Telekommunikation

More information

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1) Lecture Objectives Wireless and Mobile Systems Design Lecture 07 Mobile Networks: TCP in Wireless Networks Describe TCP s flow control mechanism Describe operation of TCP Reno and TCP Vegas, including

More information

D. SamKnows Methodology 20 Each deployed Whitebox performs the following tests: Primary measure(s)

D. SamKnows Methodology 20 Each deployed Whitebox performs the following tests: Primary measure(s) v. Test Node Selection Having a geographically diverse set of test nodes would be of little use if the Whiteboxes running the test did not have a suitable mechanism to determine which node was the best

More information

TECHNICAL CHALLENGES OF VoIP BYPASS

TECHNICAL CHALLENGES OF VoIP BYPASS TECHNICAL CHALLENGES OF VoIP BYPASS Presented by Monica Cultrera VP Software Development Bitek International Inc 23 rd TELELCOMMUNICATION CONFERENCE Agenda 1. Defining VoIP What is VoIP? How to establish

More information

Can you GET Me Now? Estimating the Time-to-First-Byte of HTTP Transactions with Passive Measurements

Can you GET Me Now? Estimating the Time-to-First-Byte of HTTP Transactions with Passive Measurements Can you GET Me Now? Estimating the Time-to-First-Byte of HTTP Transactions with Passive Measurements Emir Halepovic, Jeffrey Pang, Oliver Spatscheck AT&T Labs - Research 180 Park Avenue Florham Park, NJ,

More information

Exploiting Delay Patterns for User IPs Identification in Cellular Networks

Exploiting Delay Patterns for User IPs Identification in Cellular Networks Exploiting Delay Patterns for User IPs Identification in Cellular Networks Vasile C. Perta, Marco V. Barbera, and Alessandro Mei Sapienza University, Rome, Italy {perta,barbera,mei}@di.uniroma1.it Abstract.

More information

Are TCP Extensions Middlebox-proof?

Are TCP Extensions Middlebox-proof? Are TCP Extensions Middlebox-proof? Benjamin Hesmans, Fabien Duchene, Christoph Paasch, Gregory Detal and Olivier Bonaventure ICTEAM, Université Catholique de Louvain Louvain-La-Neuve Belgium firstname.name@uclouvain.be

More information

Wireshark Developer and User Conference

Wireshark Developer and User Conference Wireshark Developer and User Conference Using NetFlow to Analyze Your Network June 15 th, 2011 Christopher J. White Manager Applica6ons and Analy6cs, Cascade Riverbed Technology cwhite@riverbed.com SHARKFEST

More information

A super-aggregation strategy for multi-homed mobile hosts with heterogeneous wireless interfaces

A super-aggregation strategy for multi-homed mobile hosts with heterogeneous wireless interfaces DOI 10.1007/s11276-014-0794-y A super-aggregation strategy for multi-homed mobile hosts with heterogeneous wireless interfaces Cheng-Lin Tsao Shruti Sanadhya Raghupathy Sivakumar Ó Springer Science+Business

More information

Realizing the Full Potential of PSM using Proxying

Realizing the Full Potential of PSM using Proxying Realizing the Full Potential of PSM using Proxying Ning Ding, Abhinav Pathak, Dimitrios Koutsonikolas 2, Clay Shepard 3, Y. Charlie Hu, Lin Zhong 3 Purdue University, 2 University at Buffalo, SUNY, 3 Rice

More information

Skype characteristics

Skype characteristics Advanced Networking Skype Renato Lo Cigno Credits for part of the original material to Saverio Niccolini NEC Heidelberg Skype characteristics Skype is a well known P2P program for real time communications

More information

Limitations on Monitored Lines

Limitations on Monitored Lines Limitations on Monitored Lines Version 1.0 April 7, 2014 1009 Pruitt Road The Woodlands, TX 77380 WWW.BROADSOFT.COM Table of Contents 1. MONITORING LINES... 1 2. HOW MONITORING WORKS... 1 3. SIP MESSAGE

More information

Outline. TCP connection setup/data transfer. 15-441 Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics

Outline. TCP connection setup/data transfer. 15-441 Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics Outline 15-441 Computer Networking Lecture 8 TCP & Congestion Control TCP connection setup/data transfer TCP Reliability Congestion sources and collapse Congestion control basics Lecture 8: 09-23-2002

More information

Guidance Regarding Skype and Other P2P VoIP Solutions

Guidance Regarding Skype and Other P2P VoIP Solutions Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,

More information