Background

The current Internet architecture tightly bundles several functions into the Transport Layer, all of which were originally intended to operate "end-to-end" between hosts. Some of these functions however, such as endpoint naming and congestion control, have proven of great importance to the requirements of network operators to control and optimize traffic crossing their networks, leaving network operators no choice but to deploy middleboxes such as firewalls, network address translators (NATs), and performance enhancing proxies (PEPs) that break end-to-end transport connections into shorter segments. In doing so these middleboxes break TCP's end-to-end reliability semantics and prevent widespread deployment of end-to-end network-layer security mechanisms such as IPsec.

We are developing a new transport service architecture that decomposes "true" end-to-end transport functions such as reliable packet delivery and security from middlebox-relevant functions such as endpoint naming and congestion control. This decomposition enables a new type of middlebox we call a flow middlebox to interact with the latter functions without interfering with the former, thereby addressing this tension in a clean architectural framework. Flow middleboxes can interact with both new transports and applications designed according to our architecture, and legacy transport and application endpoints via application-aware logic. Endpoints that are modified to implement only the end-to-end functions and to interact with Flow Middleboxes designed according to our architecture will receive the greatest benefits, although our architecture also supports and can benefit legacy endpoints.

Tng is a collaboration between the DeDiS group at Yale and the l.a.i.r. at Franklin & Marshall College.
High-level illustration of the Tng architecture, and how new and existing transport protocols fit into it.

Conference Publications

  • Fitting Square Pegs Through Round Pipes: Unordered Delivery Wire-Compatible with TCP and TLS, Michael F. Nowlan, Nabin Tiwari, Janardhan Iyengar, Syed Obaid Amin, and Bryan Ford. NSDI, April 2012. Abstract, PDF. Slides: OpenOffice, PDF.
  • Structured Streams: a New Transport Abstraction, Bryan Ford. SIGCOMM 2007. Abstract, PDF, PS, HTML. Slides: OpenOffice, PDF, HTML.

Workshop Publications

Lectures

Drafts and Reports

  • TCP Behavior in Sub-Packet Regimes (Abstract), Jay Chen, Janardhan Iyengar, Lakshminarayanan Subramanian, Bryan Ford. SIGMETRICS 2011 Poster Session, June 7-11, 2011. PDF
  • Unordered Delivery in TLS-Encrypted Connections Michael F. Nowlan. Yale CS 690 project, Spring 2011. PDF
  • Improving OpenSSL to Process Out of Order Data, Sam Gensburg. Yale CS 490 project, May 2, 2011. PDF (Yale-internal project page)
  • A Next Generation Transport Services Architecture, J. Iyengar and B. Ford. Internet-Draft draft-iyengar-ford-tng-00, July 6, 2009.
  • Flow Splitting with Fate Sharing in a Next-Generation Transport Services Architecture, Janardhan Iyengar and Bryan Ford. Draft: Abstract, PDF.

Acknowledgements

This research is sponsored by the National Science Foundation under grants CNS-0916413 and CNS-0916678. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.