On the interaction between Internet applications and TCP

Siekkinen, Matti;Urvoy-Keller, Guillaume;Biersack, Ernst W
Research report RR-05-147

TCP is estimated to carry over 90% of the bytes in the Internet. Consequently, the
research on TCP traffic analysis continues to be very active. When studying TCP
traffic with the objective to learn about the underlying TCP/IP path properties, the
effects of the application operating on top should be accounted for. This problem is
often neglegted or solved only for particular cases. In this paper we focus on solving
the problem for the general case, i.e. for TCP traffic generated by any type of
application. The problem is hard because an application may interfere a TCP transfer
on a combination of several different time scales, e.g. in the form of rate limited
transfers or connections which are transferring only periodically and kept alive at
other times. We argue that meaningful analysis on the network characteristics can
be performed only by concentrating on TCP traffic that experiences minimal interference
by the application. We call these traffic bulk data transfer periods (BTP)
of a connection. We define the other traffic as application limited periods (ALP)
where TCP is not fully utilizing the network resources because the application does
not produce data fast enough. As an example, consider the problem of estimating
the available bandwidth of a given path by observing the throughput of a TCP connection.
Analysis including ALPs may give false estimates while BTPs convey
correct information about the path. We present a generic algorithm that isolates
BTPs from ALPs within a TCP connection and allows to quantitatively analyze
the impact of the application on the TCP throughput achieved. The algorithm is
validated by crosschecking the results with TCP state data extracted directly from
an operating system kernel. We apply our algorithm to traffic of several particular
applications extracted from public Internet traces. We show that different types of
applications exhibit significantly different characteristics when studying the properties
of their BTPs.

Sécurité numérique
Eurecom Ref:
© EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research report RR-05-147 and is available at :
See also:

PERMALINK : https://www.eurecom.fr/publication/1778