是否有一种算法可以对捕获的会话中使用的 TCP 拥塞控制算法进行指纹识别?
我想要一个程序来确定捕获的 TCP 会话中使用的 TCP 拥塞控制算法。
引用的维基百科文章指出:
TCP New Reno 最常见 实现的算法,SACK 支持是 非常常见,是一个扩展 里诺/新里诺。 其他大多数都是 仍需要竞争的提案 评估。 从 2.6.8 开始 Linux 内核切换默认值 从里诺到 BIC 的实施。 这 再次默认实现 在 2.6.19 中更改为 CUBIC 版本。
还:
Compound TCP 是 Microsoft TCP 的实现维护 两个不同的拥塞窗口 同时,目标是 在 LFN 上取得良好的性能 同时不损害公平性。 它有 已与 Microsoft 广泛部署 Windows Vista 和 Windows Server 2008 并已移植到较旧的 Microsoft Windows 版本以及 Linux。
确定正在使用哪种 CC 算法(来自捕获会话的第三方)的策略是什么?
更新
此项目构建了一个工具来执行这:
最近互联网上 从同质拥塞演变而来 异构拥塞控制 控制。 几年前,互联网 交通主要由 标准 TCP AIMD 算法,而 互联网流量现在由 许多不同的 TCP 拥塞控制 算法,如 AIMD、BIC、CUBIC、 CTCP、HSTCP、HTCP、海布拉、伊利诺伊州、 LP、STCP、VEGAS、VENO、WESTWOOD+ 和 是的。 然而,却很少有 致力于性能和稳定性 研究互联网与 异构拥塞控制。 一 根本原因是缺乏 不同的部署信息 TCP 算法。 本次活动的目标 项目目标是:
1) 开发用于识别互联网中 TCP 算法的工具, 2)在互联网上进行大规模的TCP算法测量。
I would like a program for determining the TCP congestion control algorithm used in a captured TCP session.
The referenced Wikipedia article states:
TCP New Reno is the most commonly
implemented algorithm, SACK support is
very common and is an extension to
Reno/New Reno. Most others are
competing proposals which still need
evaluation. Starting with 2.6.8 the
Linux kernel switched the default
implementation from reno to BIC. The
default implementation was again
changed to CUBIC in the 2.6.19
version.
Also:
Compound TCP is a Microsoft
implementation of TCP which maintains
two different congestion windows
simultaneously, with the goal of
achieving good performance on LFNs
while not impairing fairness. It has
been widely deployed with Microsoft
Windows Vista and Windows Server 2008
and has been ported to older Microsoft
Windows versions as well as Linux.
What would be some strategies for determining which CC algorithm is in use (from a third party capturing the session)?
Update
This project has built a tool to do this:
The Internet has recently been
evolving from homogeneous congestion
control to heterogeneous congestion
control. Several years ago, Internet
traffic was mainly controlled by the
standard TCP AIMD algorithm, whereas
Internet traffic is now controlled by
many different TCP congestion control
algorithms, such as AIMD, BIC, CUBIC,
CTCP, HSTCP, HTCP, HYBLA, ILLINOIS,
LP, STCP, VEGAS, VENO, WESTWOOD+, and
YEAH. However, there is very little
work on the performance and stability
study of the Internet with
heterogeneous congestion control. One
fundamental reason is the lack of the
deployment information of different
TCP algorithms. The goals of this
project are to:1) develop tools for identifying the TCP algorithms in the Internet, 2) conduct large-scale TCP-algorithm measurements in the Internet.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
还有更多的拥塞控制算法比你在这里提到的要多,在我的脑海中,列表包括:FAST、Scalable、HSTCP、HTCP、Bic、Cubic、Veno、Vegas。
由于实际实现中的错误修复,它们也存在细微的变化,我猜想不同操作系统中的实现的行为也略有不同。
但是,如果我需要尝试提出一个想法,那就是估计连接的 RTT,您可以尝试查看第三个和第四个数据包之间花费的时间,因为第一个和第二个数据包可能被污染通过沿途的 ARP 和其他发现算法。
在对 RTT 进行估算后,您可以尝试不断完善它,但我不太确定如何做到这一点。 但您不需要程序的完整规范,只需想法:-)
弄清楚 RTT 后,您可以尝试将数据包放入 RTT 箱中,并计算每个箱中正在传输的数据包的数量。 这样,您将能够“绘制”estimated-cwnd(bin 中的数据包数量)到时间并在那里尝试一些模式匹配。
另一种方法是沿着跟踪并尝试在您的头脑中“运行”不同的拥塞控制算法,并查看任何点的决策是否与您将做出的决策相匹配。 这将需要一些宽大和准确的间隔。
这听起来确实是一项有趣且具有挑战性的任务!
There are many more congestion control algorithms than you mention here, off the top of my head the list includes: FAST, Scalable, HSTCP, HTCP, Bic, Cubic, Veno, Vegas.
There are also small variations of them due to bug fixes in actual implementations and I'd guess that implementations in different OSes also behave slightly different from one another.
But if I need to try to come up with an idea it would be to estimate the RTT of the connection, you can try to look at the time it took between the third and the fourth packets, as the first and second packets may be tainted by ARPs and other discovery algorithms along the route.
After you have an estimate for RTT you could try to refine it along the way, I'm not exactly sure how you could do that though. But you don't require a full spec for the program, just ideas :-)
With the RTT figured out you can try to put the packets into RTT bins and count the number of in flight data packets in each bin. This way you'll be able to "plot" estimated-cwnd (# of packets in bin) to time and try some pattern matching there.
An alternative would be to go along the trace and try to "run" in your head the different congestion control algorithms and see if the decision at any point matches with the decision you would have done. It will require some leniency and accuracy intervals.
This definitely sounds like an interesting and challenging task!