Skip to main content
SpringerLink
Log in

MUST, SHOULD, DON’T CARE: TCP Conformance in the Wild

  • Conference paper
  • First Online:
Passive and Active Measurement (PAM 2020)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 12048))

Included in the following conference series:

  • 904 Accesses

Abstract

Standards govern the SHOULD and MUST requirements for protocol implementers for interoperability. In case of TCP that carries the bulk of the Internets’ traffic, these requirements are defined in RFCs. While it is known that not all optional features are implemented and non-conformance exists, one would assume that TCP implementations at least conform to the minimum set of MUST requirements. In this paper, we use Internet-wide scans to show how Internet hosts and paths conform to these basic requirements. We uncover a non-negligible set of hosts and paths that do not adhere to even basic requirements. For example, we observe hosts that do not correctly handle checksums and cases of middlebox interference for TCP options. We identify hosts that drop packets when the urgent pointer is set or simply crash. Our publicly available results highlight that conformance to even fundamental protocol requirements should not be taken for granted but instead checked regularly.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (Finland)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 42.79
Price includes VAT (Finland)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 54.99
Price includes VAT (Finland)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    RFC 793bis-Draft14 states: “Must be zero in generated segments and must be ignored in received segments, if corresponding future features are unimplemented by the sending or receiving host.” [27].

References

  1. Contiki-NG TCP URG Pull Request. https://github.com/contiki-ng/contiki-ng/pull/1173

  2. Contiki-NG: The OS for Next Generation IoT Devices. https://github.com/contiki-ng

  3. Contiki OS. https://github.com/contiki-os

  4. Cowboyku. https://github.com/heroku/cowboyku

  5. Dataset to “MUST, SHOULD, DON’T CARE: TCP Conformance in the Wild”. https://doi.org/10.18154/RWTH-2020-00809

  6. Heroku platform. https://www.heroku.com/

  7. lwIP - A Lightweight TCP/IP stack. http://savannah.nongnu.org/projects/lwip/

  8. Seastar. https://github.com/scylladb/seastar

  9. Seastar: Virtio device reports features not supported by the OS. https://github.com/scylladb/seastar/issues/719

  10. tcp(7) - Linux man page. https://linux.die.net/man/7/tcp

  11. TCPM Mailinglist: RFC793bis draft 14 reserved bits: problem statement. https://mailarchive.ietf.org/arch/msg/tcpm/s0LtY3Ce3QBBAkJ_DuSH5VDNFMY

  12. TCPM Mailinglist: RFC793bis draft 14 reserved bits: proposal. https://mailarchive.ietf.org/arch/msg/tcpm/_jpUQx0AjByR3UOgyX88RWoTxL0

  13. uIP. https://github.com/adamdunkels/uip

  14. Vegur: Http proxy library. https://github.com/heroku/vegur

  15. Virtio: Paravirtualized drivers for KVM/Linux. https://www.linux-kvm.org/page/Virtio

  16. Alashwali, E.S., Szalachowski, P., Martin, A.: Does “www.” mean better transport layer security? In: ACM International Conference on Availability, Reliability and Security (ARES) (2019). https://doi.org/10.1145/3339252.3339277

  17. Alexa Internet: About us. https://www.alexa.com/about

  18. Bauer, S., Beverly, R., Berger, A.: Measuring the state of ECN readiness in servers, clients, and routers. In: ACM Internet Measurement Conference (IMC) (2011). https://doi.org/10.1145/2068816.2068833

  19. Beverly, R.: A robust classifier for passive TCP/IP fingerprinting. In: Barakat, C., Pratt, I. (eds.) PAM 2004. LNCS, vol. 3015, pp. 158–167. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24668-8_16

    Chapter  Google Scholar 

  20. Bradner, S.O.: Key words for use in RFCs to indicate requirement levels. RFC 2119, March 1997. https://doi.org/10.17487/RFC2119

  21. Cardwell, N., et al.: packetdrill: Scriptable network stack testing, from sockets to packets. In: USENIX Annual Technical Conference (ATC) (2013). https://www.usenix.org/conference/atc13/technical-sessions/presentation/cardwell

  22. Carpenter, B., Brim, S.: Middleboxes: taxonomy and issues (2002). https://doi.org/10.17487/RFC3234

  23. Craven, R., Beverly, R., Allman, M.: A middlebox-cooperative TCP for a non end-to-end internet. In: ACM SIGCOMM (2014). https://doi.org/10.1145/2619239.2626321

  24. Detal, G., Hesmans, B., Bonaventure, O., Vanaubel, Y., Donnet, B.: Revealing middlebox interference with tracebox. In: ACM Internet Measurement Conference (IMC) (2013). https://doi.org/10.1145/2504730.2504757

  25. Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by internet-wide scanning. In: ACM Conference on Computer and Communications Security (CCS) (2015). https://doi.org/10.1145/2810103.2813703

  26. Durumeric, Z., Wustrow, E., Halderman, J.A.: ZMap: Fast Internet-wide scanning and its security applications. In: USENIX Security Symposium (2013). https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/durumeric

  27. Eddy, W.: Transmission control protocol specification. Internet-draft draft-ietf-tcpm-rfc793bis-14. Internet Engineering Task Force, July 2019. https://datatracker.ietf.org/doc/html/draft-ietf-tcpm-rfc793bis-14. Work in Progress

  28. Edeline, K., Donnet, B.: A bottom-up investigation of the transport-layer ossification. In: Network Traffic Measurement and Analysis Conference (TMA) (2019). https://doi.org/10.23919/TMA.2019.8784690

  29. Floyd, S., Ramakrishnan, D.K.K., Black, D.L.: The addition of explicit congestion notification (ECN) to IP. RFC 3168, September 2001. https://doi.org/10.17487/RFC3168

  30. Fyodor: Remote OS detection via TCP/IP stack fingerprinting (1998). https://nmap.org/nmap-fingerprinting-article.txt

  31. Gilligan, R.E., McCann, J., Bound, J., Thomson, S.: Basic socket interface extensions for IPv6. RFC 3493, March 2003. https://doi.org/10.17487/RFC3493

  32. Honda, M., Nishida, Y., Raiciu, C., Greenhalgh, A., Handley, M., Tokuda, H.: Is it still possible to extend TCP? In: ACM Internet Measurement Conference (IMC) (2011). https://doi.org/10.1145/2068816.2068834

  33. HTTP Archive: About HTTP Archive. https://httparchive.org/about

  34. Knutsen, A., Ramaiah, A., Ramasamy, A.: TCP option for transparent middlebox negotiation (2013). https://tools.ietf.org/html/draft-ananth-middisc-tcpopt-02

  35. Kühlewind, M., Walter, M., Learmonth, I.R., Trammell, B.: Tracing internet path transparency. In: Network Traffic Measurement and Analysis Conference (TMA) (2018). https://doi.org/10.23919/TMA.2018.8506532

  36. Kühlewind, M., Neuner, S., Trammell, B.: On the state of ECN and TCP options on the internet. In: Roughan, M., Chang, R. (eds.) PAM 2013. LNCS, vol. 7799, pp. 135–144. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36516-4_14

    Chapter  Google Scholar 

  37. Langley, A.: Probing the viability of TCP extensions (2008). http://www.imperialviolet.org/binary/ecntest.pdf

  38. Mandalari, A.M., Lutu, A., Briscoe, B., Bagnulo, M., Alay, O.: Measuring ECN++: good news for ++, bad news for ECN over mobile. IEEE Commun. Mag. 56(3), 180–186 (2018). https://doi.org/10.1109/MCOM.2018.1700739

    Article  Google Scholar 

  39. Mandalari, A.M., Bagnulo, M., Lutu, A.: TCP Fast Open: initial measurements. In: ACM CoNEXT Student Workshop (2015)

    Google Scholar 

  40. Marinos, I., Watson, R.N., Handley, M.: Network stack specialization for performance. In: ACM SIGCOMM (2014). https://doi.org/10.1145/2619239.2626311

  41. Marinos, I., Watson, R.N., Handley, M., Stewart, R.R.: Disk, Crypt, Net: rethinking the stack for high-performance video streaming. In: ACM SIGCOMM (2017). https://doi.org/10.1145/3098822.3098844

  42. Medina, A., Allman, M., Floyd, S.: Measuring interactions between transport protocols and middleboxes. In: ACM Internet Measurement Conference (IMC) (2004). https://doi.org/10.1145/1028788.1028835

  43. Medina, A., Allman, M., Floyd, S.: Measuring the evolution of transport protocols in the internet. SIGCOMM Comput. Commun. Rev. 35(2), 37–52 (2005)

    Article  Google Scholar 

  44. Paasch, C.: Network support for TCP fast open. Presentation at NANOG 67 (2016)

    Google Scholar 

  45. Padhye, J., Floyd, S.: On inferring TCP behavior. In: ACM SIGCOMM (2001). https://doi.org/10.1145/383059.383083

  46. Piraux, M., De Coninck, Q., Bonaventure, O.: Observing the evolution of QUIC implementations. In: ACM CoNEXT Workshop on the Evolution, Performance, and Interoperability of QUIC (EPIQ) (2018). https://doi.org/10.1145/3284850.3284852

  47. Postel, J.: Transmission control protocol. RFC 793, September 1981. https://doi.org/10.17487/RFC0793

  48. Rüth, J., Hohlfeld, O.: Demystifying TCP initial window configurations of content distribution networks. In: Network Traffic Measurement and Analysis Conference (TMA) (2018). https://doi.org/10.23919/TMA.2018.8506549

  49. Rüth, J., Bormann, C., Hohlfeld, O.: Large-scale scanning of TCP’s initial window. In: ACM Internet Measurement Conference (IMC) (2017). https://doi.org/10.1145/3131365.3131370

  50. Rüth, J., Kunze, I., Hohlfeld, O.: TCP’s initial window—deployment in the wild and its impact on performance. IEEE Trans. Netw. Serv. Manag. (TNSM) (2019). https://doi.org/10.1109/TNSM.2019.2896335

    Article  Google Scholar 

  51. Rüth, J., Zimmermann, T., Hohlfeld, O.: Hidden treasures – recycling large-scale internet measurements to study the internet’s control plane. In: Choffnes, D., Barcellos, M. (eds.) PAM 2019. LNCS, vol. 11419, pp. 51–67. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15986-3_4

    Chapter  Google Scholar 

  52. Scheitle, Q., et al.: A long way to the top: significance, structure, and stability of internet top lists. In: ACM Internet Measurement Conference (IMC) (2018). https://doi.org/10.1145/3278532.3278574

  53. Smart, M., Malan, G.R., Jahanian, F.: Defeating TCP/IP stack fingerprinting. In: USENIX Security Symposium (2000)

    Google Scholar 

  54. Stevens, W.R., Thomas, M., Nordmark, E., Jinmei, T.: Advanced sockets application program interface (API) for IPv6. RFC 3542, June 2003. https://doi.org/10.17487/RFC3542

  55. Stone, J., Partridge, C.: When the CRC and TCP checksum disagree. In: ACM SIGCOMM (2000). https://doi.org/10.1145/347059.347561

Download references

Acknowledgments

This work has been funded by the DFG as part of the CRC 1053 MAKI within subproject B1. We would like to thank Akamai Technologies for feedback on our measurements, Censys for contributing active scan data, and our shepherd Robert Beverly and the anonymous reviewers.

Author information

Authors and Affiliations

  1. Communication and Distributed Systems, RWTH Aachen University, Aachen, Germany

    Mike Kosek, Leo Blöcher, Jan Rüth & Torsten Zimmermann

  2. Chair of Computer Networks, Brandenburg University of Technology, Cottbus, Germany

    Oliver Hohlfeld

Authors
  1. Mike Kosek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Leo Blöcher
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jan Rüth
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Torsten Zimmermann
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Oliver Hohlfeld
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mike Kosek .

Editor information

Editors and Affiliations

  1. University of Twente, Enschede, The Netherlands

    Anna Sperotto

  2. University of California, San Diego, CA, USA

    Alberto Dainotti

  3. University of Zürich, Zürich, Switzerland

    Burkhard Stiller

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kosek, M., Blöcher, L., Rüth, J., Zimmermann, T., Hohlfeld, O. (2020). MUST, SHOULD, DON’T CARE: TCP Conformance in the Wild. In: Sperotto, A., Dainotti, A., Stiller, B. (eds) Passive and Active Measurement. PAM 2020. Lecture Notes in Computer Science(), vol 12048. Springer, Cham. https://doi.org/10.1007/978-3-030-44081-7_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-44081-7_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-44080-0

  • Online ISBN: 978-3-030-44081-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation