<?xml version="1.0"?>encoding="UTF-8"?> <!DOCTYPE rfc SYSTEM'rfc2629.dtd' [ ]>"rfc2629-xhtml.ent"> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-tcpm-rack-15" number="8985" obsoletes="" updates="" submissionType="IETF" category="std"docName="draft-ietf-tcpm-rack-15"> <?rfc toc="yes"?>consensus="true" xml:lang="en" tocInclude="true" symRefs="true" sortRefs="true" version="3"> <front> <title abbrev="RACK">The RACK-TLPloss detection algorithmLoss Detection Algorithm for TCP</title> <seriesInfo name="RFC" value="8985"/> <author fullname="Yuchung Cheng" initials="Y." surname="Cheng"> <organization>Google,Inc</organization>Inc.</organization> <address> <email> ycheng@google.com </email> </address> </author> <author fullname="Neal Cardwell" initials="N." surname="Cardwell"> <organization>Google,Inc</organization>Inc.</organization> <address> <email> ncardwell@google.com </email> </address> </author> <author fullname="Nandita Dukkipati" initials="N." surname="Dukkipati"> <organization>Google,Inc</organization>Inc.</organization> <address> <email> nanditad@google.com </email> </address> </author> <author fullname="Priyaranjan Jha" initials="P." surname="Jha"> <organization>Google,Inc</organization>Inc.</organization> <address> <email> priyarjha@google.com </email> </address> </author> <datemonth="December" year="2020"/>month="February" year="2021"/> <area>Transport</area> <workgroup> TCP Maintenance Working Group </workgroup> <keyword>TCP</keyword> <keyword>Loss Recovery</keyword> <keyword>Reordering</keyword><abstract><t><abstract> <t> This document presents the RACK-TLP loss detection algorithm for TCP. RACK-TLP uses per-segment transmit timestamps and selectiveacknowledgements (SACK)acknowledgments (SACKs) and has twoparts: RACK ("Recent ACKnowledgment")parts. Recent Acknowledgment (RACK) starts fast recovery quickly using time-based inferences derived fromACK feedback. TLP ("Tailacknowledgment (ACK) feedback, and Tail LossProbe")Probe (TLP) leverages RACK and sends a probe packet to trigger ACK feedback to avoid retransmission timeout (RTO) events. Compared to the widely usedDUPACKduplicate acknowledgment (DupAck) threshold approach, RACK-TLP detects losses more efficiently when there are application-limited flights of data, lost retransmissions, or data packet reordering events. It is intended to be an alternative to theDUPACKDupAck threshold approach.</t></abstract></t> </abstract> </front> <middle> <sectiontitle="Terminology" anchor="terminology"> <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.</t> </section> <section title="Introduction" anchor="introduction">anchor="introduction" numbered="true" toc="default"> <name>Introduction</name> <t>This document presents RACK-TLP, a TCP loss detection algorithm that improves upon the widely implemented duplicate acknowledgment(DUPACK)(DupAck) counting approach described in[RFC5681] [RFC6675], and that<xref target="RFC5681" format="default"/> and <xref target="RFC6675" format="default"/>; it isRECOMMENDED to be used<bcp14>RECOMMENDED</bcp14> as an alternative to that earlier approach. RACK-TLP has twoparts: RACK ("Recent ACKnowledgment")parts. Recent Acknowledgment (RACK) detects losses quickly using time-based inferences derived from ACK feedback.TLP (“TailTail LossProbe”)Probe (TLP) triggers ACK feedback by quickly sending a probesegment,segment to avoid retransmission timeout (RTO) events.</t> <sectiontitle="Background" anchor="background">anchor="background" numbered="true" toc="default"> <name>Background</name> <t>In traditional TCP loss recovery algorithms[RFC5681] [RFC6675],<xref target="RFC5681" format="default"/> <xref target="RFC6675" format="default"/>, a sender starts fast recovery when the number ofDUPACKsDupAcks received reaches a threshold (DupThresh) that defaults to 3 (this approach is referred to asDUPACK-counting"DupAck counting" in the rest of the document). The sender also halves the congestion window during the recovery. The rationale behind the partial window reduction is that congestion does not seem severe since ACK clocking is still maintained. The time elapsed in fast recovery can be just oneround-trip, e.g.round trip, e.g., if the sender uses SACK-based recovery[RFC6675]<xref target="RFC6675" format="default"/> and the number of lost segments is small.</t> <t>If fast recovery is nottriggered,triggered ortriggersis triggered but fails to repair all the losses, then the sender resorts to RTO recovery. The RTO timer interval is conservatively the smoothed RTT (SRTT) plus four times the RTT variation, and is lower bounded to 1 second[RFC6298].<xref target="RFC6298" format="default"/>. Upon RTO timer expiration, the sender retransmits the first unacknowledged segment and resets the congestion window to theLOSS WINDOWloss window value (bydefaultdefault, 1full-sizefull-sized segment[RFC5681]).<xref target="RFC5681" format="default"/>). The rationale behind the congestion window reset is that an entire flight of datawas lost,and the ACK clockwaswere lost, so this deserves a cautious response. The sender then retransmits the rest of the data following the slow start algorithm[RFC5681].<xref target="RFC5681" format="default"/>. The time elapsed in RTO recovery is one RTO interval plus the number ofround-tripsround trips needed to repair all the losses.</t> </section> <sectiontitle="Motivation" anchor="motivation">anchor="motivation" numbered="true" toc="default"> <name>Motivation</name> <t>FastRecoveryrecovery is the preferred form of loss recovery because it can potentially recover all losses in thetime scaletimescale of a single round trip, with only a fractional congestion window reduction. RTO recovery and congestion window reset should ideally be the lastresort, onlyresort and should ideally be used only when the entire flight is lost. However, in addition to losing an entire flight of data, the following situations can unnecessarily resort to RTO recovery with traditional TCP loss recovery algorithms[RFC5681] [RFC6675]:</t> <t><list style="numbers"> <t>Packet<xref target="RFC5681" format="default"/> <xref target="RFC6675" format="default"/>: </t> <ol spacing="normal" type="1"><li>Packet drops for short flows or at the end of an application data flight. When the sender is limited by the application(e.g.(e.g., structured request/response traffic), segments lost at the end of the application data transfer often can only be recovered byRTO.ConsiderRTO. Consider an exampleof losingwhere only the last segment in a flight of 100segments.segments is lost. Lacking anyDUPACK,DupAck, the sender RTOexpires andexpires, reduces the congestion window to 1, and raises the congestion window to just 2 after the loss repair is acknowledged. In contrast, any single segment loss occurring between the first and the 97th segment would result in fast recovery, which would only cut the window inhalf.</t> <t>Losthalf. </li> <li>Lost retransmissions. Heavy congestion or traffic policers can cause retransmissions to be lost. Lost retransmissions cause a resort to RTOrecovery,recovery sinceDUPACK-countingDupAck counting does not detect the loss of the retransmissions. Then the slow start after RTO recovery could cause burst lossesagain thatagain, which severely degrades performance[POLICER16].</t> <t>Packet<xref target="POLICER16" format="default"/>. </li> <li>Packet reordering. In this document, "reordering" refers to the events where segments are delivered at the TCP receiver in a chronological order different from their chronological transmission order. Link-layer protocols (e.g., 802.11 block ACK), link bonding, or routers' internalload-balancingload balancing (e.g., ECMP) can deliver TCP segments out of order. The degree of such reordering is usually within the order of the pathround trip time.Ifround-trip time. If the reordering degree is beyond DupThresh,DUPACK-countingDupAck counting can cause a spurious fast recovery and unnecessary congestion window reduction. To mitigate the issue,TCP-NCR [RFC4653]Non-Congestion Robustness (NCR) for TCP <xref target="RFC4653" format="default"/> increases the DupThresh from the current fixed value of three duplicate ACKs[RFC5681]<xref target="RFC5681" format="default"/> toapproximatelyapproximate a congestion window of data having left thenetwork.</t> </list></t>network.</li> </ol> </section> </section> <sectiontitle="RACK-TLP high-level design" anchor="rack-tlp-high-level-design">anchor="terminology" numbered="true" toc="default"> <name>Terminology</name> <t> The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here. </t> </section> <section anchor="rack-tlp-high-level-design" numbered="true" toc="default"> <name>RACK-TLP High-Level Design</name> <t>RACK-TLP allows senders to recover losses more effectively in all three scenarios described in theprevious<xref target="motivation" format="none"> previous</xref> section. There are two design principles behind RACK-TLP. The first principle is to detect losses via ACK events as much as possible, to repair losses at round-triptime-scales.timescales. The second principle is to gently probe the network to solicit additional ACK feedback, to avoid RTO expiration and subsequent congestion window reset. At a high level, the two principles are implemented in RACK and TLP, respectively.</t> <sectiontitle="RACK: time-based loss inferencesanchor="rack-time-based-loss-inferences-from-acks" numbered="true" toc="default"> <name>RACK: Time-Based Loss Inferences fromACKs" anchor="rack-time-based-loss-inferences-from-acks"> <t>TheACKs</name> <t> The rationale behind RACK is that if a segment is delivered out of order, then the segments sent chronologically before that were either lost or reordered. This concept is not fundamentally different from[RFC5681] [RFC6675] [FACK]. RACK’sthose described in <xref target="RFC5681" format="default"/>, <xref target="RFC6675" format="default"/>, or <xref target="FACK" format="default"/>. RACK's key innovation is using per-segment transmission timestamps andwidely-deployedwidely deployed SACK[RFC2018]<xref target="RFC2018" format="default"/> options to conduct time-basedinferences,inferences instead of inferring losses by counting ACKs or SACKed sequences. Time-based inferences are more robust thanDUPACK-countingDupAck counting approaches because theyhave no dependencedo not depend on flightsize,size and thus are effective for application-limitedtraffic.</t>traffic. </t> <t>Conceptually, RACK keeps a virtual timer for every data segment sent (including retransmissions). Each timer expires dynamically based on the latest RTT measurements plus an additional delay budget to accommodate potential packet reordering (called thereordering window)."reordering window"). When asegment’ssegment's timer expires, RACK marks the corresponding segment as lost for retransmission.</t> <t>In reality, as an algorithm, RACK does not arm a timer for every segment sent becauseit’sit's not necessary.InsteadInstead, the sender records the most recent transmission time of every data segment sent, including retransmissions. For each ACK received, the sender calculates the latest RTT measurement (if eligible) and adjusts the expiration time of every segment sent but not yet delivered. If a segment has expired, RACK marks itlost.</t>as lost. </t> <t>Since the time-based logic of RACK applies equally to retransmissions and original transmissions, it can detect lost retransmissions as well. If a segment has been retransmitted but its most recent (re)transmission timestamp has expired,thenthen, after a reorderingwindow it’swindow, it's marked as lost.</t> </section> <sectiontitle="TLP: sending one segmentanchor="tlp-sending-one-segment-to-probe-losses-quickly-with-rack" numbered="true" toc="default"> <name>TLP: Sending One Segment toprobe losses quicklyProbe Losses Quickly withRACK" anchor="tlp-sending-one-segment-to-probe-losses-quickly-with-rack">RACK</name> <t>RACK infers losses from ACK feedback; however, in somecasescases, ACKs are sparse, particularly when the inflight is small or when the losses are high. In some challengingcasescases, the last few segments in a flight are lost. With[RFC5681] or [RFC6675]thesender’soperations described in <xref target="RFC5681" format="default"/> or <xref target="RFC6675" format="default"/>, the sender's RTO would expire and reset the congestionwindow, whenwindow when, inrealityreality, most of the flight has been delivered.</t> <t>Consider an example where a sender with a large congestion window transmits 100 new data segments after an applicationwrite,write and only the last three segments are lost. Without RACK-TLP, the RTO expires, the sender retransmits the first unacknowledged segment, and the congestion windowslow-startsslow starts from 1. After all the retransmits areacknowledgedacknowledged, the congestion windowhas beenis increased to 4. The total delivery time for this application transfer is three RTTs plus one RTO, a steep cost given that only a tiny fraction of the flight was lost. If instead the losses had occurred three segments sooner in the flight, then fast recovery would have recovered all losses within oneround-tripround trip and would have avoided resetting the congestionwindow.</t>window. </t> <t>FastRecoveryrecovery would be preferable in such scenarios; TLP is designed to trigger the feedback RACK needed to enable that. After the last (100th) segment was originally sent, TLP sends the next available (new) segment or retransmits the last (highest-sequenced) segment in tworound-tripsround trips to probe the network, hence the name“Tail"Tail LossProbe”.Probe". The successful delivery of the probe would solicit an ACK. RACK uses this ACK to detect that the 98th and 99th segments were lost, trigger fast recovery, and retransmit both successfully. The total recovery time is four RTTs, and the congestion window is only partially reduced instead of being fully reset. If the probe was alsolostlost, then the sender would invoke RTOrecoveryrecovery, resetting the congestion window.</t> </section> <sectiontitle="RACK-TLP: reordering resilienceanchor="rack-tlp-reordering-resilience-with-a-time-threshold" numbered="true" toc="default"> <name>RACK-TLP: Reordering Resilience with atime threshold" anchor="rack-tlp-reordering-resilience-with-a-time-threshold">Time Threshold</name> <sectiontitle="Reordering design rationale" anchor="reordering-design-rationale">anchor="reordering-design-rationale" numbered="true" toc="default"> <name>Reordering Design Rationale</name> <t>Upon receiving an ACK indicatingan out-of-order data delivery,a SACKed segment, a sender cannot tell immediately whether thatout-of-order deliverywas a result of reordering or loss. It can only distinguish between the two in hindsight if the missing sequence ranges are filled in later without retransmission.ThusThus, a loss detection algorithm needs to budget some wait time -- a reordering window -- to try to disambiguate packet reordering from packetloss.</t>loss. </t> <t>The reordering window in theDUPACK-countingDupAck counting approach is implicitly defined as the elapsed time to receiveacknowledgements for DupThresh-worth of out-of-order deliveries.DupThresh SACKed segments or duplicate acknowledgments. This approach is effective if the network reordering degree (in sequence distance) is smaller than DupThresh and at least DupThresh segments after the lossareis acknowledged. For cases where the reordering degree is larger than the default DupThresh of 3 packets, one alternative is to dynamically adapt DupThresh based on the FlightSize (e.g., the sender adjusts theDUPTHRESHDupThresh to half of the FlightSize). However, this does not work well with the following two types of reordering:</t><t><list style="numbers"> <t>Application-limited<ol spacing="normal" type="1"><li>Application-limited flights where the last non-full-sized segment is delivered first and then the remaining full-sized segments in the flight are delivered in order. This reordering pattern can occur when segments traverse parallel forwarding paths. In suchscenariosscenarios, the degree of reordering in packet distance is one segment less than the flightsize.</t> <t>Asize. </li> <li>A flight of segments that are delivered partially out of order. One cause for this pattern is wireless link-layer retransmissions with an inadequate reordering buffer at the receiver. In such scenarios, the wireless sender sends the data packets in order initially, but some are lost and then recovered by link-layer retransmissions; the wireless receiver delivers the TCP data packets in the order they arereceived,received due to the inadequate reordering buffer. The random wireless transmission errors in such scenarios cause the reordering degree, expressed in packet distance, to have highly variable values up to the flightsize.</t> </list></t>size.</li> </ol> <t>In the above twocasescases, the degree of reordering in packet distance is highly variable. This makes theDUPACK-countingDupAck counting approachineffectiveineffective, including dynamic adaptation variantslike [RFC4653]. Insteadas in <xref target="RFC4653" format="default"/>. Instead, the degree of reordering in time difference in such cases is usually within a single round-trip time. This is because the packets either traverseslightlydisjoint paths with similar propagation delays or are repaired quickly by the local access technology. Hence, using a time threshold instead of a packet threshold strikes a middle ground, allowing a bounded degree of reordering resilience while still allowing fast recovery. This is the rationale behind the RACK-TLP reordering resilience design.</t> <t>Specifically, RACK-TLP introduces a new dynamic reordering window parameter in time units, and the sender considers a data segment S lost if both of these conditions are met:</t><t><list style="numbers"> <t>Another<ol spacing="normal" type="1"><li>Another data segment sent later than S has beendelivered</t> <t>Sdelivered.</li> <li>S has not been delivered after the estimated round-trip time plus the reorderingwindow</t> </list></t> <t>Notewindow.</li> </ol> <t> Note that condition (1) implies at least oneround-tripround trip of time has elapsed since S has been sent.</t> </section> <sectiontitle="Reordering window adaptation" anchor="reordering-window-adaptation">anchor="reordering-window-adaptation" numbered="true" toc="default"> <name>Reordering Window Adaptation</name> <t>The RACK reordering window adapts to the measured duration of reorderingevents,events within reasonable and specific bounds to disincentivize excessive reordering. More specifically, the sender sets the reordering window as follows:</t><t><list style="numbers"> <t>The<ol spacing="normal" type="1"><li anchor="rule1">The reordering windowSHOULD<bcp14>SHOULD</bcp14> be set to zero if no reordering has been observed on the connection so far, and either (a) three segments have beendelivered out of orderSACKed since the last recovery or (b) the sender is already in fast or RTO recovery. Otherwise, the reordering windowSHOULD<bcp14>SHOULD</bcp14> start from a small fraction of theround trip time,round-trip time or zero if noround tripround-trip time estimate isavailable.</t> <t>Theavailable. </li> <li anchor="rule2">The RACK reordering windowSHOULD<bcp14>SHOULD</bcp14> adaptively increase (using thealgorithm in "Step<xref target="step4alg" format="none">algorithm</xref> in <xref target="step4" format="none">"Step 4: Update RACK reorderingwindow",window"</xref> below) if the sender receives a Duplicate SelectiveAcknowledgementAcknowledgment (DSACK) option[RFC2883].<xref target="RFC2883" format="default"/>. Receiving a DSACK suggests the sender made a spurious retransmission, which may have been due to the reordering window being toosmall.</t> <t>Thesmall.</li> <li anchor="rule3">The RACK reordering windowMUST<bcp14>MUST</bcp14> beboundedbounded, and this boundSHOULD<bcp14>SHOULD</bcp14> beSRTT.</t> </list></t>SRTT.</li> </ol> <t>Rules2 and 3<xref target="rule2" format="none">2</xref> and <xref target="rule3" format="none">3</xref> are required to adapt to reordering caused by dynamics such as the prolonged link-layer loss recovery episodes described earlier. Each increase in the reordering window requires a new round trip where the sender receives a DSACK; thus, depending on the extent of reordering, it may take multiple round trips to fully adapt.</t> <t>For short flows, the low initial reordering window helps recover losses quickly, at the risk of spurious retransmissions. The rationale is that spurious retransmissions for short flows are not expected to produce excessive additional network traffic. For longflowsflows, the design tolerates reordering within a round trip. This handles reordering in smalltime scalestimescales (reordering within the round-trip time of the shortest path).</t> <t>However, the fact that the initial reordering window islow,low and the reordering window's adaptive growth isbounded,bounded means that there will continue to be a cost to reordering that disincentivizes excessive reordering.</t> </section> </section> <sectiontitle="Ananchor="an-example-of-rack-tlp-in-action-fast-recovery" numbered="true" toc="default"> <name>An Example of RACK-TLP in Action:fast recovery" anchor="an-example-of-rack-tlp-in-action-fast-recovery">Fast Recovery</name> <t>The following example infigure 1<xref target="fig1"/> illustrates the RACK-TLP algorithm in action:</t><figure><artwork><figure anchor="fig1"> <name>RACK-TLP Protocol Example</name> <artwork name="" type="" align="left" alt=""><![CDATA[ Event TCP DATA SENDER TCP DATA RECEIVER _____ ____________________________________________________________ 1. Send P0, P1, P2, P3-->--> [P1, P2, P3 dropped by network] 2.<--<-- Receive P0, ACK P0 3a. 2RTTs after (2), TLP timer fires 3b. TLP: retransmits P3-->--> 4.<--<-- Receive P3, SACK P3 5a. Receive SACK for P3 5b. RACK: marks P1, P2 lost 5c. Retransmit P1, P2-->--> [P1 retransmission dropped by network] 6.<--<-- Receive P2, SACK P2&& P3 7a. RACK: marks P1 retransmission lost 7b. Retransmit P1-->--> 8.<--<-- Receive P1, ACK P3Figure 1. RACK-TLP protocol example </artwork></figure> <t>Figure 1, above,]]></artwork> </figure> <t anchor="fig1desc"><xref target="fig1"/> illustrates a sender sending four segments(P1,(P0, P1, P2,P3, P4)P3) and losing the last three segments. After tworound-trips,round trips, TLP sends a loss probe, retransmitting the last segment, P3, to solicit SACK feedback and restore the ACK clock(event(Event 3). The delivery of P3 enables RACK to infer(event(Event 5b) that P1 and P2 were likelylost,lost because they were sent before P3. The sender then retransmits P1 and P2. Unfortunately, the retransmission of P1 is lost again. However, the delivery of the retransmission of P2 allows RACK to infer that the retransmission of P1 was likely lost(event 7a), and hence(Event 7a); hence, P1 should be retransmitted(event(Event 7b). Note that[RFC5681]<xref target="RFC5681" format="default"/> mandates a principle that loss in two successive windows ofdata,data or the loss of aretransmission,retransmission must be taken as two indications of congestion and thereforeresultresults in two separate congestion control reactions.</t> </section> <sectiontitle="Ananchor="an-example-of-rack-tlp-in-action-rto" numbered="true" toc="default"> <name>An Example of RACK-TLP in Action:RTO" anchor="an-example-of-rack-tlp-in-action-rto">RTO</name> <t>In addition to enhancing fast recovery, RACK improves the accuracy of RTO recovery by reducing spurious retransmissions.</t> <t>Without RACK, upon RTO timerexpirationexpiration, the sender marks all the unacknowledged segments as lost. This approach can lead to spurious retransmissions. For example, consider a simple case where one segment was sent with an RTO of 1second,second and then the application writes more data, causing a second and third segment to be sent right before the RTO of the first segment expires. Suppose none of the segments were lost. Without RACK, if there is a spuriousRTORTO, then the sender marks all three segments as lost and retransmits the first segment. If the ACK for the original copy of the first segment arrives right after the spurious RTO retransmission, then the sender continues slow start and spuriously retransmits the second and thirdsegments,segments since it (erroneously) presumed they are lost.</t> <t>With RACK, upon RTO timerexpirationexpiration, the only segment automatically marked as lost is the first segment (since it was sent an RTO ago); for all the othersegmentssegments, RACK only marks the segment as lost if at least one round trip has elapsed since the segment was transmitted. Consider the previous example scenario, but this time with RACK. With RACK, when the RTOexpiresexpires, the sender only marks the first segment aslost,lost and retransmits that segment. The other two very recently sent segments are not markedlost,as lost because they were sent less than one round trip ago and there were no ACKs providing evidence that they were lost. Upon receiving the ACK for the RTOretransmissionretransmission, the RACK sender would not yet retransmit the second or thirdsegment.segment, but rather wouldrearmre-arm the RTO timer and wait for a new RTO interval to elapse before marking the second or thirdsegmentssegment as lost.</t> </section> <sectiontitle="Design Summary" anchor="design-summary">anchor="design-summary" numbered="true" toc="default"> <name>Design Summary</name> <t>To summarize, RACK-TLP aims to adapt to small time-varying degrees of reordering, quickly recover most losses within one to two round trips, and avoid costly RTO recoveries. In the presence of reordering, the adaptation algorithm can imposesometimes-needlesssometimes needless delays when it waits to disambiguate loss from reordering, but the penalty for waiting is bounded to one roundtriptrip, and such delays are confined to flows long enough to have observed reordering.</t> </section> </section> <sectiontitle="Requirements" anchor="requirements">anchor="requirements" numbered="true" toc="default"> <name>Requirements</name> <t>The reader is expected to be familiar with the definitions given in the TCP congestion control[RFC5681] and<xref target="RFC5681" format="default"/>, selective acknowledgment[RFC2018]<xref target="RFC2018" format="default"/>, and loss recovery[RFC6675]<xref target="RFC6675" format="default"/> RFCs. RACK-TLP has the followingrequirements:</t> <t><list style="numbers"> <t>Therequirements: </t> <ol spacing="normal" type="1"><li>The connectionMUST<bcp14>MUST</bcp14> use selective acknowledgment (SACK) options[RFC2018],<xref target="RFC2018" format="default"/>, and the senderMUST<bcp14>MUST</bcp14> keep SACK scoreboard information on a per-connection basis ("SACK scoreboard" has the same meaning here as in[RFC6675] section 3).</t> <t>For<xref target="RFC6675" sectionFormat="comma" section="3"/>).</li> <li>For each data segment sent, the senderMUST<bcp14>MUST</bcp14> store its most recent transmission time with a timestamp whose granularity is finer than 1/4 of the minimum RTT of the connection. At the time of writing, microsecond resolution is suitable forintra-datacenter trafficintra-data center traffic, and millisecond granularity or finer is suitable for theInternet.NoteInternet. Note that RACK-TLP can be implemented with TSO (TCP Segmentation Offload) support by having multiple segments in a TSO aggregate share the sametimestamp.</t> <t>RACKtimestamp.</li> <li>RACK DSACK-based reordering window adaptation isRECOMMENDED<bcp14>RECOMMENDED</bcp14> but is notrequired.</t> <t>TLPrequired. </li> <li>TLP requiresRACK.</t> </list></t>RACK.</li> </ol> </section> <sectiontitle="Definitions" anchor="definitions">anchor="definitions" numbered="true" toc="default"> <name>Definitions</name> <t>The reader is expected to be familiar with the variables SND.UNA, SND.NXT, SEG.ACK, and SEG.SEQ in[RFC793], SMSS,<xref target="RFC0793" format="default"/>; Sender Maximum Segment Size (SMSS) and FlightSize in[RFC5681],<xref target="RFC5681" format="default"/>; DupThresh in[RFC6675],<xref target="RFC6675" format="default"/>; and RTO and SRTT in[RFC6298].<xref target="RFC6298" format="default"/>. A RACK-TLP implementation uses several new terms and needs to store new per-segment and per-connection state, described below.</t> <sectiontitle="Terms" anchor="terms">anchor="terms" numbered="true" toc="default"> <name>Terms</name> <t>These terms are used to explain the variables and algorithmsbelow:</t> <t> “RACK.segment”. Amongbelow: </t> <dl newline="true"> <dt>RACK.segment</dt><dd>Among all the segments that have been either selectively or cumulatively acknowledged, the termRACK.segment"RACK.segment" denotes the segment that was sent most recently (includingretransmissions).</t> <t> “RACK.ack_ts” denotesretransmissions).</dd> <dt>RACK.ack_ts</dt><dd>Denotes the time when the full sequence range of RACK.segment was selectively or cumulativelyacknowledged.</t>acknowledged.</dd></dl> </section> <sectiontitle="Per-segment variables" anchor="per-segment-variables"> <t>Thesesanchor="per-segment-variables" numbered="true" toc="default"> <name>Per-Segment Variables</name> <t>These variables indicate the status of the most recent transmission of a data segment:</t><t> “Segment.lost” is true<dl newline="true"> <dt>Segment.lost</dt><dd>True if the most recent (re)transmission of the segment has been marked as lost and needs to be retransmitted. Falseotherwise.</t> <t> “Segment.retransmitted” is trueotherwise.</dd> <dt>Segment.retransmitted</dt><dd>True if the segment has ever been retransmitted. Falseotherwise.</t> <t> “Segment.xmit_ts” is theotherwise. </dd> <dt>Segment.xmit_ts</dt><dd>The time of the last transmission of a data segment, including retransmissions, if any, with a clock granularity specified in theRequirements<xref target="requirements" format="none">"Requirements"</xref> section. A maximum value INFINITE_TS indicates an invalid timestamp that represents that theSegmentsegment is not currently inflight.</t> <t> “Segment.end_seq” is theflight.</dd> <dt>Segment.end_seq</dt><dd>The next sequence number after the last sequence number of the datasegment.</t>segment.</dd></dl> </section> <sectiontitle="Per-connection variables" anchor="per-connection-variables"> <t> “RACK.xmit_ts” is theanchor="per-connection-variables" numbered="true" toc="default"> <name>Per-Connection Variables</name> <dl newline="true"> <dt>RACK.xmit_ts</dt><dd>The latest transmission timestamp ofRACK.segment.</t> <t> “RACK.end_seq” is theRACK.segment. </dd> <dt>RACK.end_seq</dt><dd>The Segment.end_seq ofRACK.segment.</t> <t> “RACK.segs_sacked” returnsRACK.segment.</dd> <dt>RACK.segs_sacked</dt><dd>Returns the total number of segments selectively acknowledged in the SACKscoreboard.</t> <t> “RACK.fack” is thescoreboard. </dd> <dt>RACK.fack</dt><dd>The highest selectively or cumulatively acknowledged sequence(i.e.(i.e., forwardacknowledgement).</t> <t> “RACK.min_RTT” is theacknowledgment).</dd> <dt>RACK.min_RTT</dt><dd>The estimated minimum round-trip time (RTT) of theconnection. </t> <t> “RACK.rtt” is theconnection.</dd> <dt>RACK.rtt</dt><dd>The RTT of the most recently delivered segment on the connection (either cumulatively acknowledged or selectively acknowledged) that was not marked as invalid as a possible spuriousretransmission.</t> <t> “RACK.reordering_seen” indicatesretransmission. </dd> <dt>RACK.reordering_seen</dt><dd>Indicates whether the sender has detected data segment reorderingevent(s).</t> <t> “RACK.reo_wnd” is aevent(s).</dd> <dt>RACK.reo_wnd</dt><dd>A reordering window computed in the unit of time used for recording segment transmission times. It is used to defer the moment at which RACK marks a segmentlost.</t> <t> “RACK.dsack_round” indicatesas lost.</dd> <dt>RACK.dsack_round</dt><dd>Indicates if a DSACK option has been received in thelastestlatest roundtrip.</t> <t> “RACK.reo_wnd_mult” is thetrip.</dd> <dt>RACK.reo_wnd_mult</dt><dd>The multiplier applied to adjustRACK.reo_wnd.</t> <t> “RACK.reo_wnd_persist” is theRACK.reo_wnd.</dd> <dt>RACK.reo_wnd_persist</dt><dd>The number of loss recoveries before resettingRACK.reo_wnd.</t> <t> “TLP.is_retrans”: aRACK.reo_wnd.</dd> <dt> TLP.is_retrans</dt><dd>A boolean indicating whether there is an unacknowledged TLPretransmission.</t> <t> “TLP.end_seq”: theretransmission.</dd> <dt>TLP.end_seq</dt><dd>The value of SND.NXT at the time of sending a TLPretransmission.</t> <t> “TLP.max_ack_delay”:probe.</dd> <dt> TLP.max_ack_delay:</dt><dd>The sender's budget for the maximum delayed ACKtimer budget.</t>interval.</dd></dl> </section> <sectiontitle="Per-connection timers" anchor="per-connection-timers"> <t>“RACKanchor="per-connection-timers" numbered="true" toc="default"> <name>Per-Connection Timers</name> <dl newline="true"> <dt>RACK reorderingtimer”: atimer</dt><dd>A timer that allows RACK to wait for reordering toresolve,resolve in order to try to disambiguate reordering fromloss,loss when someout-of-ordersegments are marked asSACKed.</t> <t>“TLP PTO”: aSACKed. </dd> <dt>TLP PTO</dt><dd>A timer event indicating that an ACK is overdue and the sender should transmit a TLPsegment,segment to solicit SACK or ACK feedback.</t></dd></dl> <t>These timers augment the existing timers maintained by a sender, including the RTO timer[RFC6298].<xref target="RFC6298" format="default"/>. A RACK-TLP sender arms one of these three timers -- RACK reordering timer, TLP PTO timer, or RTO timer -- when it has unacknowledged segments in flight. The implementation can simplify managing all three timers by multiplexing a single timer among them with an additional variable to indicate the event to invoke upon the next timer expiration.</t> </section> </section> <sectiontitle="RACKanchor="rack-algorithm-details" numbered="true" toc="default"> <name>RACK AlgorithmDetails" anchor="rack-algorithm-details">Details</name> <sectiontitle="Upon transmittinganchor="upon-transmitting-a-data-segment" numbered="true" toc="default"> <name>Upon Transmitting adata segment" anchor="upon-transmitting-a-data-segment">Data Segment</name> <t>Upon transmitting a new segment or retransmitting an old segment, record the time in Segment.xmit_ts and set Segment.lost to FALSE. Upon retransmitting a segment, set Segment.retransmitted to TRUE. </t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ RACK_transmit_new_data(Segment): Segment.xmit_ts = Now() Segment.lost = FALSE RACK_retransmit_data(Segment): Segment.retransmitted = TRUE Segment.xmit_ts = Now() Segment.lost = FALSE</artwork></figure>]]></sourcecode> </section> <sectiontitle="Upon receivinganchor="upon-receiving-an-ack" numbered="true" toc="default"> <name>Upon Receiving anACK" anchor="upon-receiving-an-ack"> <t>StepACK</name> <t anchor="step1">Step 1: Update RACK.min_RTT.</t> <t>Use the RTT measurements obtained via[RFC6298] or [RFC7323]<xref target="RFC6298" format="default"/> or <xref target="RFC7323" format="default"/> to update the estimated minimum RTT in RACK.min_RTT. The senderSHOULD<bcp14>SHOULD</bcp14> track a windowed min-filtered estimate of recent RTT measurements that can adapt when migrating to significantly longerpaths,paths rather than tracking a simple global minimum of all RTT measurements.</t><t>Step<t anchor="step2"> Step 2: Update the state for the most recently sent segment that has beendelivered</t>delivered.</t> <t>In this step, RACK updates thestatesstate thattracktracks the most recently sent segment that has been delivered:RACK.segment;RACK.segment. RACK maintains its latest transmission timestamp in RACK.xmit_ts and its highest sequence number in RACK.end_seq. These two variables areused,used in latersteps,steps to estimate if some segments not yet delivered were likelylost.Givenlost. Given the information provided in an ACK, each segment cumulatively ACKed or SACKed is marked as delivered in the scoreboard.SinceBecause an ACK can also acknowledge retransmitted datasegments,segments and because retransmissions can be spurious, the sender needs to take care to avoid spurious inferences. For example, if the sender were to use timing information from a spurious retransmission, the RACK.rtt could be vastly underestimated.</t> <t>To avoid spurious inferences, ignore a segment as invalid if any of its sequence range has been retransmitted before and if either of two conditions is true:</t><t><list style="numbers"> <t>The<ol spacing="normal" type="1"><li>The Timestamp Echo Reply field (TSecr) of theACK’sACK's timestamp option[RFC7323],<xref target="RFC7323" format="default"/>, if available, indicates the ACK was not acknowledging the last retransmission of thesegment.</t> <t>Thesegment.</li> <li>The segment was last retransmitted less than RACK.min_rtt ago.</t> </list></t> <t>The</li> </ol> <t> The second check is a heuristic when the TCP Timestamp option is notavailable,available or when theround tripround-trip time is less than the TCP Timestamp clockgranularity.</t>granularity. </t> <t>Among all the segments newly ACKed or SACKed by this ACK that pass the checks above, update the RACK.rtt to be the RTT sample calculated using this ACK. Furthermore, record the most recent Segment.xmit_ts in RACK.xmit_ts if it is ahead of RACK.xmit_ts. If Segment.xmit_ts equals RACK.xmit_ts(e.g.(e.g., due to clock granularitylimits)limits), then compare Segment.end_seq and RACK.end_seq to break the tie when deciding whether to update theRACK.segment’sRACK.segment's associated state.</t> <t>Step 2 may be summarized in pseudocode as:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ RACK_sent_after(t1, seq1, t2, seq2): If t1>> t2: Return true Else if t1 == t2 AND seq1>> seq2: Return true Else: Return false RACK_update(): For each Segment newly acknowledged, cumulatively or selectively, in ascending order of Segment.xmit_ts: rtt = Now() - Segment.xmit_ts If Segment.retransmitted is TRUE: If ACK.ts_option.echo_reply<< Segment.xmit_ts: Continue If rtt<< RACK.min_rtt: Continue RACK.rtt = rtt If RACK_sent_after(Segment.xmit_ts, Segment.end_seq RACK.xmit_ts, RACK.end_seq): RACK.xmit_ts = Segment.xmit_ts RACK.end_seq = Segment.end_seq</artwork></figure> <t>Step]]></sourcecode> <t anchor="step3">Step 3: Detect data segmentreordering</t>reordering.</t> <t>To detect reordering, the sender looks for original data segments being delivered out of order. To detect such cases, the sender tracks the highest sequence selectively or cumulatively acknowledged in the RACK.fack variable.The name "fack"".fack" stands for the most "Forward ACK" (this term is adopted from[FACK]).<xref target="FACK" format="default"/>). If a never-retransmitted segmentthat’sthat's below RACK.fack is (selectively or cumulatively) acknowledged, it has been delivered out of order. The sender sets RACK.reordering_seen to TRUE if such a segment is identified.</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ RACK_detect_reordering(): For each Segment newly acknowledged, cumulatively or selectively, in ascending order of Segment.end_seq: If Segment.end_seq>> RACK.fack: RACK.fack = Segment.end_seq Else if Segment.end_seq<< RACK.fack AND Segment.retransmitted is FALSE: RACK.reordering_seen = TRUE</artwork></figure> <t>Step]]></sourcecode> <t anchor="step4">Step 4: Update the RACK reorderingwindow</t>window.</t> <t>The RACK reordering window, RACK.reo_wnd, serves as an adaptive allowance for settling time before marking a segment as lost. This step documents a detailed algorithm that follows the principles outlined in the``Reordering window adaptation’’<xref target="reordering-window-adaptation" format="none">"Reordering Window Adaptation"</xref> section.</t> <t>If no reordering has beenobserved,observed based on theprevious step,<xref target="step3" format="none">previous step</xref>, then one way the sender can enterFast Recovery isfast recovery is when the number of SACKed segments matches or exceeds DupThresh (similar toRFC6675).<xref target="RFC6675"/>). Furthermore, when no reordering has beenobservedobserved, the RACK.reo_wnd is set to 0 both upon entering and duringFast Recoveryfast recovery or RTO recovery.</t> <t>Otherwise, if some reordering has been observed, then RACK does not triggerFast Recoveryfast recovery based on DupThresh.</t> <t>Whether or not reordering has been observed, RACK uses the reordering window to assess whether any segments can be marked as lost. As a consequence, the sender also entersFast Recoveryfast recovery when there are any number of SACKedsegmentssegments, as long as the reorder window has passed for some non-SACKed segments.</t> <t>When the reordering window is not set to 0, it starts with a conservative RACK.reo_wnd of RACK.min_RTT/4. This value was chosen because Linux TCP used the same factor in its implementation to delay Early Retransmit[RFC5827]<xref target="RFC5827" format="default"/> to reduce spurious loss detections in the presence of reordering, and experience showed this worked reasonably well[DMCG11].<xref target="DMCG11" format="default"/>. </t> <t>However, the reordering detection in the previous step,Step 3,<xref target="step3" format="none">Step 3</xref>, has a self-reinforcing drawback when the reordering window is too small to cope with the actual reordering. When that happens, RACK could spuriously mark reordered segments as lost, causing them to be retransmitted. In turn, the retransmissions can prevent the necessary conditions forStep 3<xref target="step3" format="none">Step 3</xref> to detectreordering,reordering since this mechanism requires ACKs or SACKsforonly for segments that have never been retransmitted. In somecasescases, such scenarios can persist, causing RACK to continue to spuriously mark segments as lost without realizing the reordering window is toosmall.</t>small. </t> <t>To avoid the issue above, RACK dynamically adapts to higher degrees of reordering using DSACK options from the receiver. Receiving an ACK with a DSACK option indicates a possible spurious retransmission, suggesting that RACK.reo_wnd may be too small. The RACK.reo_wnd increases linearly for every round trip in which the sender receives some DSACKoption,option so that after N round trips in which a DSACK is received, the RACK.reo_wnd becomes (N+1) * min_RTT / 4, with an upper-bound of SRTT.</t> <t>If the reordering istemporarytemporary, then a large adapted reordering window would unnecessarily delay loss recovery later. Therefore, RACK persists using the inflated RACK.reo_wnd for up to 16 loss recoveries, after which it resets RACK.reo_wnd to its starting value, min_RTT / 4. The downside of resetting the reordering window is the risk of triggering spurious fast recovery episodes if the reordering remains high. The rationale for this approach is to bound such spurious recoveries to approximately once every 16 recoveries (less than 7%). </t> <t>To track the linear scaling factor for the adaptive reordering window, RACK uses the variable RACK.reo_wnd_mult, which is initialized to 1 and adapts with the observed reordering.</t> <t>The following pseudocode implements the above algorithm for updating the RACK reordering window:</t><figure><artwork><sourcecode anchor="step4alg" name="" type="pseudocode"><![CDATA[ RACK_update_reo_wnd(): /* DSACK-based reordering window adaptation */ If RACK.dsack_round is not None AND SND.UNA>=>= RACK.dsack_round: RACK.dsack_round = None /* Grow the reordering window per round that sees DSACK. Reset the window after 16 DSACK-free recoveries */ If RACK.dsack_round is None AND any DSACK option is present on latest received ACK: RACK.dsack_round = SND.NXT RACK.reo_wnd_mult += 1 RACK.reo_wnd_persist = 16 Else if exiting Fast or RTO recovery: RACK.reo_wnd_persist -= 1 If RACK.reo_wnd_persist<=<= 0: RACK.reo_wnd_mult = 1 If RACK.reordering_seen is FALSE: If in Fast or RTO recovery: Return 0 Else if RACK.segs_sacked>=>= DupThresh: Return 0 Return min(RACK.reo_wnd_mult * RACK.min_RTT / 4, SRTT)</artwork></figure> <t>Step]]></sourcecode> <t anchor="step5">Step 5: Detect losses.</t> <t>For each segment that has not been SACKed, RACK considers that segment lost if another segment that was sent later has beendelivered,delivered and the reordering window has passed. RACK considers the reordering window to have passed if the RACK.segment was sentsufficientlya sufficient time after the segment in question,orif a sufficient time has elapsed since the RACK.segment was S/ACKed, or some combination of the two. More precisely, RACK marks a segment as lost if:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ RACK.xmit_ts>=>= Segment.xmit_ts AND RACK.xmit_ts - Segment.xmit_ts + (now - RACK.ack_ts)>=>= RACK.reo_wnd</artwork></figure>]]></sourcecode> <t>Solving this second condition for "now", the moment at which a segment is marked as lost, yields:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ now>=>= Segment.xmit_ts + RACK.reo_wnd + (RACK.ack_ts - RACK.xmit_ts)</artwork></figure>]]></sourcecode> <t>Then (RACK.ack_ts - RACK.xmit_ts) is theround tripround-trip time of the most recently (re)transmitted segment that's been delivered. When segments are delivered in order, the most recently (re)transmitted segment that's been delivered is also the most recentlydelivered, hencedelivered; hence, RACK.rtt == RACK.ack_ts - RACK.xmit_ts. But if segments were reordered, then the segment delivered most recently was sent before the most recently (re)transmitted segment.HenceHence, RACK.rtt > (RACK.ack_ts - RACK.xmit_ts). </t> <t>Since RACK.RTT >= (RACK.ack_ts - RACK.xmit_ts), the previous equation reduces to saying that the sender can declare a segment lost when:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ now>=>= Segment.xmit_ts + RACK.reo_wnd + RACK.rtt</artwork></figure>]]></sourcecode> <t>In turn, that is equivalent to stating that a RACK sender should declare a segment lost when:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ Segment.xmit_ts + RACK.rtt + RACK.reo_wnd - now<=<= 0</artwork></figure>]]></sourcecode> <t>Note that if the value on theleft handleft-hand side is positive, it represents the remaining wait time before the segment is deemed lost. But this risks a timeout (RTO) if no more ACKs come back (e.g., due to losses or application-limited transmissions) to trigger the marking. For timely loss detection, it is <bcp14>RECOMMENDED</bcp14> that the senderis RECOMMENDED toinstall a reordering timer. This timer expires at the earliest moment when RACK would conclude that all the unacknowledged segments within the reordering window were lost.</t> <t>The following pseudocode implements the algorithm above. When an ACK is received or the RACK reordering timer expires, call RACK_detect_loss_and_arm_timer(). The algorithm breaks timestamp ties by using the TCP sequencespace,space since high-speed networks often have multiple segments with identical timestamps. </t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ RACK_detect_loss(): timeout = 0 RACK.reo_wnd = RACK_update_reo_wnd() For each segment, Segment, not acknowledged yet: If RACK_sent_after(RACK.xmit_ts, RACK.end_seq, Segment.xmit_ts, Segment.end_seq): remaining = Segment.xmit_ts + RACK.rtt + RACK.reo_wnd - Now() If remaining<=<= 0: Segment.lost = TRUE Segment.xmit_ts = INFINITE_TS Else: timeout = max(remaining, timeout) Return timeout RACK_detect_loss_and_arm_timer(): timeout = RACK_detect_loss() If timeout != 0 Arm the RACK timer to call RACK_detect_loss_and_arm_timer() after timeout</artwork></figure>]]></sourcecode> <t>As an optimization, an implementation can choose to check only segments that have been sent before RACK.xmit_ts. This can be more efficient than scanning the entire SACK scoreboard, especially when there are many segments in flight. The implementation can use a separatedoubly-linkeddoubly linked list ordered bySegment.xmit_ts and insertsSegment.xmit_ts, insert a segment at the tail of the list when it is (re)transmitted, andremovesremove a segment from the list when it is delivered or marked as lost. In LinuxTCPTCP, this optimization improved CPU usage by orders of magnitude during some fast recovery episodes on high-speed WAN networks.</t> </section> <sectiontitle="Uponanchor="upon-rto-expiration" numbered="true" toc="default"> <name>Upon RTOexpiration" anchor="upon-rto-expiration">Expiration</name> <t>Upon RTO timer expiration, RACK marks the first outstanding segment as lost (since it was sent an RTO ago); for all the othersegmentssegments, RACK only marks the segment as lost if the time elapsed since the segment was transmitted is at least the sum of the recent RTT and the reordering window.</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ RACK_mark_losses_on_RTO(): For each segment, Segment, not acknowledged yet: If SEG.SEQ == SND.UNA OR Segment.xmit_ts + RACK.rtt + RACK.reo_wnd - Now()<=<= 0: Segment.lost = TRUE</artwork></figure>]]></sourcecode> </section> </section> <sectiontitle="TLPanchor="tlp-algorithm-details" numbered="true" toc="default"> <name>TLP AlgorithmDetails" anchor="tlp-algorithm-details">Details</name> <sectiontitle="Initializing state" anchor="initializing-state">anchor="initializing-state" numbered="true" toc="default"> <name>Initializing State</name> <t>Reset TLP.is_retrans and TLP.end_seq when initiating a connection, fast recovery, or RTO recovery.</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ TLP_init(): TLP.end_seq = None TLP.is_retrans = false</artwork></figure>]]></sourcecode> </section> <sectiontitle="Schedulinganchor="scheduling-a-loss-probe" numbered="true" toc="default"> <name>Scheduling aloss probe" anchor="scheduling-a-loss-probe"> <t>TheLoss Probe</name> <t> The sender schedules a loss probe timeout (PTO) to transmit a segment during the normal transmission process. The senderSHOULD<bcp14>SHOULD</bcp14> start or restart a loss probe PTO timer after transmitting new data (that was not itself a loss probe) or upon receiving an ACK that cumulatively acknowledges newdata,data unless it is already in fast recovery, RTO recovery, orthe sender hassegmentsdelivered out-of-order (i.e.have been SACKed (i.e., RACK.segs_sacked is not zero). These conditions are excluded because they are addressed by similar mechanisms, like Limited Transmit[RFC3042],<xref target="RFC3042" format="default"/>, the RACK reordering timer, andF-RTO [RFC5682].</t>Forward RTO-Recovery (F-RTO) <xref target="RFC5682" format="default"/>.</t> <t>The sender calculates the PTO interval by taking into account a number of factors.</t> <t>First, the default PTO interval is 2*SRTT. By that time, it is prudent to declare that an ACK isoverdue,overdue since under normal circumstances,i.e.i.e., no losses, an ACK typically arrives in one SRTT. Choosing the PTO to be exactly an SRTT would risk causing spuriousprobes,probes given that network and end-host delay variance can cause an ACK to be delayed beyond the SRTT.HenceHence, the PTO is conservatively chosen to be the next integral multiple of SRTT.</t> <t>Second, when there is no SRTT estimate available, the PTOSHOULD<bcp14>SHOULD</bcp14> be 1 second. This conservative value corresponds to the RTO value when no SRTT is available, per[RFC6298].</t><xref target="RFC6298" format="default"/>.</t> <t>Third, when the FlightSize is one segment, the senderMAY<bcp14>MAY</bcp14> inflate the PTO by TLP.max_ack_delay to accommodate apotentialpotentially delayed acknowledgment and reduce the risk of spurious retransmissions. The actual value of TLP.max_ack_delay isimplementation-specific.implementation specific. </t> <t>Finally, if the time at which an RTO would fire (here denoted as "TCP_RTO_expiration()") is sooner than the computed time for the PTO, then the sender schedules a TLP to be sent at that RTO time.</t> <t>Summarizing these considerations in pseudocode form, a senderSHOULD<bcp14>SHOULD</bcp14> use the following logic to select the duration of a PTO:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ TLP_calc_PTO(): If SRTT is available: PTO = 2 * SRTT If FlightSize is one segment: PTO += TLP.max_ack_delay Else: PTO = 1 sec If Now() + PTO>> TCP_RTO_expiration(): PTO = TCP_RTO_expiration() - Now()</artwork></figure>]]></sourcecode> </section> <sectiontitle="Sendinganchor="sending-a-loss-probe-upon-pto-expiration" numbered="true" toc="default"> <name>Sending aloss probeLoss Probe upon PTOexpiration" anchor="sending-a-loss-probe-upon-pto-expiration"> <t>WhenExpiration</name> <t> When the PTO timer expires, the senderMUST<bcp14>MUST</bcp14> check whether both of the following conditions are met before sending a loss probe:</t><t><list style="numbers"> <t>First,<ol spacing="normal" type="1"><li>First, there is no other previous loss probe still in flight. This ensuresthatthat, at any giventimetime, the sender has at most one additional packet in flight beyond the congestion window limit. This invariant is maintained using the state variable TLP.end_seq, which indicates the latest unacknowledged TLP lossprobe’sprobe's ending sequence. It is reset when the loss probe has been acknowledged or is deemed lost orirrelevant.</t> <t>Second,irrelevant.</li> <li>Second, the sender has obtained an RTT measurement since the last loss probewas transmitted, or, if the sender has not yet sent a loss probe on this connection, sincetransmission or the start of theconnection.connection, whichever was later. This condition ensures that loss probe retransmissions do not prevent taking the RTT samples necessary to adapt SRTT to an increase in pathRTT.</t> </list></t>RTT.</li> </ol> <t>If either one of these two conditions is not met, then the senderMUST<bcp14>MUST</bcp14> skip sending a lossprobe,probe andMUST<bcp14>MUST</bcp14> proceed tore-arminre-arm the RTO timer, as specified at the end of this section.</t> <t>If both conditions are met, then the senderSHOULD<bcp14>SHOULD</bcp14> transmit a previously unsent data segment, if one exists and the receive window allows, and increment the FlightSize accordingly. Note that the FlightSize could be one packet greater than the congestion window temporarily until the next ACK arrives.</t> <t>If such an unsent segment is not available, then the senderSHOULD<bcp14>SHOULD</bcp14> retransmit the highest-sequence segment sent so far and set TLP.is_retrans to true. This segment is chosen to deal with the retransmission ambiguity problem in TCP. Suppose a sender sends Nsegments,segments and then retransmits the last segment (segment N) as a loss probe,and thenafter which the sender receives a SACK for segment N. As long as the sender waits for the RACK reordering window to expire, it doesn't matter if that SACK was for the original transmission of segment N or the TLP retransmission; in eithercasecase, the arrival of the SACK for segment N provides evidence that the N-1 segments preceding segment N were likely lost.</t> <t>Inthea case where there is only one original outstanding segment of data (N=1), the same logic (trivially) applies: an ACK for a single outstanding segment tells the sender that the N-1=0 segments preceding that segment were lost. Furthermore, whether there are N>1 or N=1 outstanding segments, there is a question about whether the original last segment or its TLP retransmission were lost; the sender estimates whether there was such a loss using TLP recovery detection (see below). </t> <t>The senderMUST<bcp14>MUST</bcp14> follow the RACK transmission procedures in the'’Upon<xref target="upon-transmitting-a-data-segment" format="none">"Upon Transmitting a DataSegment’’Segment"</xref> section(see above)upon sending either a retransmission or a new data loss probe. This is critical for detecting losses using the ACK for the loss probe.</t><t>After<t> After attempting to send a loss probe, regardless of whether a loss probe was sent, the senderMUST<bcp14>MUST</bcp14> re-arm the RTO timer, not the PTO timer, if the FlightSize is not zero. This ensures RTO recovery remains the last resort if TLP fails. The followingpseudo codepseudocode summarizes the operations.</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ TLP_send_probe(): If TLP.end_seq is None and Sender has taken a new RTT sample since last probe or the start of connection: TLP.is_retrans = false Segment = send buffer segment starting at SND.NXT If Segment exists and fits the peer receive window limit: /* Transmit the lowest-sequence unsent Segment */ Transmit Segment RACK_transmit_data(Segment) TLP.end_seq = SND.NXT Increase FlightSize by Segment length Else: /* Retransmit the highest-sequence Segment sent */ Segment = send buffer segment ending at SND.NXT Transmit Segment RACK_retransmit_data(Segment) TLP.end_seq = SND.NXT</artwork></figure>TLP.is_retrans = true If FlightSize is not zero: Rearm RTO timer to fire at timeout = now + RTO ]]></sourcecode> </section> <sectiontitle="Detecting losses usinganchor="detecting-losses-using-the-ack-of-the-loss-probe" numbered="true" toc="default"> <name>Detecting Losses Using the ACK of theloss probe" anchor="detecting-losses-using-the-ack-of-the-loss-probe">Loss Probe</name> <t>When there is packet loss in a flight ending with a loss probe, the feedback solicited by a loss probe will reveal one of two scenarios, depending on the pattern of losses.</t> <sectiontitle="General case: detecting packet losses using RACK " anchor="general-case-detecting-packet-losses-using-rack-">anchor="general-case-detecting-packet-losses-using-rack-" numbered="true" toc="default"> <name>General Case: Detecting Packet Losses Using RACK</name> <t>If the loss probe and the ACK that acknowledges the probe are delivered successfully, RACK-TLP uses this ACK -- just as it would with any other ACK -- to detect if any segments sent prior to the probe were dropped. RACK would typically infer that any unacknowledged data segments sent before the loss probe were lost, since they were sent sufficiently far in the past(at(where at least one PTO has elapsed, plus oneround-tripround trip for the loss probe to be ACKed). More specifically, RACK_detect_loss()(step 5)(<xref target="step5" format="none">Step 5</xref>) would mark those earlier segments as lost. Then the sender would trigger a fast recovery to recover those losses.</t> </section> <sectiontitle="Special case: detectinganchor="special-case-detecting-a-single-loss-repaired-by-the-loss-probe" numbered="true" toc="default"> <name>Special Case: Detecting asingle loss repairedSingle Loss Repaired by theloss probe" anchor="special-case-detecting-a-single-loss-repaired-by-the-loss-probe">Loss Probe</name> <t>If the TLP retransmission repairs all the lost in-flight sequence ranges(i.e.(i.e., only the last segment in the flight was lost), the ACK for the loss probe appears to be a regular cumulative ACK, which would not normally trigger the congestion control response to this packet loss event. The following TLP recovery detection mechanism examines ACKs to detect this special case to make congestion control respond properly[RFC5681].</t><xref target="RFC5681" format="default"/>.</t> <t>After a TLP retransmission, the sender checks for this special case of a single loss that is recovered by the loss probe itself. To accomplish this, the sender checks for a duplicate ACK or DSACK indicating that both the original segment and TLP retransmission arrived at the receiver,meaningwhich means there was no loss. If the TLP sender does not receive such an indication, then itMUST<bcp14>MUST</bcp14> assume thateitherthe original data segment, the TLP retransmission, or a corresponding ACKwere lost,was lost for congestion control purposes.</t><t>If<t> If the TLP retransmission is spurious, a receiver that uses DSACK would return an ACK that covers TLP.end_seq with a DSACK option (Case 1). If the receiver does not support DSACK, it would return aDUPACKDupAck without any SACK option (Case 2). If the sender receives an ACK matching either case, then the sender estimates that the receiver received both the original data segment and the TLP proberetransmission, and so theretransmission. The sender considers the TLP episode to bedone,done and records that fact by setting TLP.end_seq toNone.</t>None. </t> <t>Upon receiving an ACK that covers some sequence number after TLP.end_seq, the sender should have received any ACKs for the original segment and TLP probe retransmission segment. At that time, if the TLP.end_seq is stillset,set and thus indicates that the TLP probe retransmission remains unacknowledged, then the sender should presume that at least one of its data segments was lost. The sender thenSHOULD<bcp14>SHOULD</bcp14> invoke a congestion control response equivalent to a fast recovery.</t> <t>More precisely, on eachACKACK, the sender executes the following:</t><figure><artwork><sourcecode name="" type="pseudocode"><![CDATA[ TLP_process_ack(ACK): If TLP.end_seq is not None AND ACK's ack. number>=>= TLP.end_seq: If not TLP.is_retrans: TLP.end_seq = None /* TLP of new data delivered */ Else if ACK has a DSACK option matching TLP.end_seq: TLP.end_seq = None /* Case 1, above */ Else If ACK's ack. number>> TLP.end_seq: TLP.end_seq = None /* Repaired the single loss */ (Invoke congestion control to react to the loss event the probe has repaired) Else If ACK is aDUPACKDupAck without any SACK option: TLP.end_seq = None /* Case 2, above */</artwork></figure>]]></sourcecode> </section> </section> </section> <sectiontitle="Managinganchor="managing-rack-tlp-timers" numbered="true" toc="default"> <name>Managing RACK-TLPtimers" anchor="managing-rack-tlp-timers">Timers</name> <t>The RACK reordering timer, the TLP PTO timer, the RTO, and Zero Window Probe (ZWP) timer[RFC793]<xref target="RFC0793" format="default"/> are mutually exclusive and are used in different scenarios. When arming a RACK reordering timer or TLP PTO timer, the senderSHOULD<bcp14>SHOULD</bcp14> cancel any other pendingtimer(s).timers. An implementation is expected to have one timer with an additional state variable indicating the type of the timer.</t> </section> <sectiontitle="Discussion" anchor="discussion">anchor="discussion" numbered="true" toc="default"> <name>Discussion</name> <sectiontitle="Advantagesanchor="advantages-and-disadvantages" numbered="true" toc="default"> <name>Advantages anddisadvantages" anchor="advantages-and-disadvantages">Disadvantages</name> <t>The biggest advantage of RACK-TLP is that every data segment, whether it is an original data transmission or a retransmission, can be used to detect losses of the segments sent chronologically prior to it. This enables RACK-TLP to use fast recovery in cases with application-limited flights of data, lost retransmissions, or data segment reordering events. Consider the following examples:</t><t><list style="numbers"> <t>Packet<ol spacing="normal" type="1"><li>Packet drops at the end of an application data flight: Consider a sender that transmits an application-limited flight of three data segments (P1, P2, P3), and P1 and P3 are lost. Suppose the transmission of each segment is at least RACK.reo_wnd after the transmission of the previous segment. RACK will mark P1 as lost when the SACK of P2 is received, and this will trigger the retransmission of P1 as R1. When R1 is cumulatively acknowledged, RACK will mark P3 aslostlost, and the sender will retransmit P3 as R3. This example illustrates how RACK is able to repair certain drops at the tail of a transaction without an RTO recovery. Notice that neither the conventional duplicate ACK threshold[RFC5681],<xref target="RFC5681" format="default"/>, nor[RFC6675],the loss recovery algorithm <xref target="RFC6675" format="default"/>, nor the Forward Acknowledgment[FACK]<xref target="FACK" format="default"/> algorithm can detect suchlosses,losses because of the required segment or sequencecount.</t> <t>Lostcount.</li> <li>Lost retransmission: Consider a flight of three data segments (P1, P2, P3) that are sent; P1 and P2 are dropped. Suppose the transmission of each segment is at least RACK.reo_wnd after the transmission of the previous segment. When P3 is SACKed, RACK will mark P1 and P2lostas lost, and they will be retransmitted as R1 and R2. Suppose R1 is lost again but R2 is SACKed; RACK will mark R1 as lost and trigger retransmission again. Again, neither the conventionalthree duplicatethree-duplicate ACK threshold approach, nor[RFC6675],the loss recovery algorithm <xref target="RFC6675" format="default"/>, nor the Forward Acknowledgment[FACK]<xref target="FACK" format="default"/> algorithm can detect such losses. And such a lost retransmission can happen when TCP is being rate-limited, particularly by token bucket policers with a large bucket depth and low rate limit; in suchcasescases, retransmissions are often lost repeatedly because standard congestion control requires multiple round trips to reduce the rate below the policedrate.</t> <t>Packetrate.</li> <li>Packet reordering: Consider a simple reordering event where a flight of segments are sent as (P1, P2, P3). P1 and P2 carry a full payload ofMSSMaximum Sender Size (MSS) octets, but P3 has only a 1-octet payload. Suppose the sender has detected reordering previously and thus RACK.reo_wnd is min_RTT/4. Now P3 is reordered and delivered first, before P1 and P2. As long as P1 and P2 are delivered within min_RTT/4, RACK will not consider P1 and P2 lost. But if P1 and P2 are delivered outside the reordering window, then RACK will still spuriously mark P1 and P2lost.</t> </list></t>as lost. </li> </ol> <t>The examples above show that RACK-TLP is particularly useful when the sender is limited by the application, which can happen with interactive or request/response traffic. Similarly, RACK still works when the sender is limited by the receive window, which can happen with applications that use the receive window to throttle the sender.</t> <t>RACK-TLP works more efficiently with TCP Segmentation Offload (TSO) compared toDUPACK-counting.DupAck counting. RACK always marks the entire TSO aggregate as lost because the segments in the same TSO aggregate have the same transmission timestamp. By contrast, the algorithms based on sequence counting (e.g.,[RFC6675] [RFC5681])<xref target="RFC6675" format="default"/>, <xref target="RFC5681" format="default"/>) may mark only a subset of segments in the TSO aggregate as lost, forcing the stack to perform expensive fragmentation of the TSOaggregate,aggregate or to selectively tag individual segments as lost in the scoreboard.</t> <t>The main drawback of RACK-TLP is the additionalstatesstate required compared toDUPACK-counting.DupAck counting. RACK requires the sender to record the transmission time of each segment sent at a clock granularity that is finer than 1/4 of the minimum RTT of the connection. TCP implementations that already record thisalreadyfor RTT estimation do not require any new per-packet state. But implementations that are not yet recording segment transmission times will need to add per-packet internal state (expected to be either 4 or 8 octets per segment or TSO aggregate) to track transmission times. In contrast,[RFC6675]the loss detection approach described in <xref target="RFC6675" format="default"/> does not require any per-packet state beyond the SACK scoreboard; this is particularly useful on ultra-low RTT networks where the RTT may be less than the sender TCP clock granularity(e.g.(e.g., insidedata-centers).data centers). Another disadvantage is that the reordering timer may expire prematurely (like any other retransmission timer)toand cause higher spuriousretransmissionretransmissions, especially if DSACK is not supported.</t> </section> <sectiontitle="Relationshipsanchor="relationships-with-other-loss-recovery-algorithms" numbered="true" toc="default"> <name>Relationships withother loss recovery algorithms" anchor="relationships-with-other-loss-recovery-algorithms">Other Loss Recovery Algorithms</name> <t>The primary motivation of RACK-TLP is to provide a general alternative to some of the standard loss recovery algorithms[RFC5681] [RFC6675] [RFC5827] [RFC4653].<xref target="RFC5681" format="default"/> <xref target="RFC6675" format="default"/> <xref target="RFC5827" format="default"/> <xref target="RFC4653" format="default"/>. In particular,[RFC6675]the SACK loss recovery algorithm for TCP <xref target="RFC6675" format="default"/> is not designed to handle lost retransmissions, so its NextSeg() does not work for lostretransmissionsretransmissions, and it does not specify the corresponding required additional congestion response. Therefore,[RFC6675] MUST NOTthe algorithm <xref target="RFC6675" format="default"/> <bcp14>MUST NOT</bcp14> be used with RACK-TLP; instead, a modified recovery algorithm that carefully addresses such a case is needed.</t><t>[RFC5827] [RFC4653]<t>The Early Retransmit mechanism <xref target="RFC5827" format="default"/> and NCR for TCP <xref target="RFC4653" format="default"/> dynamicallyadjustsadjust the duplicate ACK threshold based on the current or previous flight sizes. RACK-TLP takes a different approach by using a time-based reordering window. RACK-TLP can be seen as an extended Early Retransmit[RFC5827]<xref target="RFC5827" format="default"/> without a FlightSize limit but with an additional reordering window.[FACK]<xref target="FACK" format="default"/> considers an original segment to be lost when its sequence range is sufficiently far below the highest SACKed sequence. In somesensesense, RACK-TLP can be seen as a generalized form of FACK that operates in time space instead of sequence space, enabling it to better handle reordering, application-limited traffic, and lost retransmissions.</t> <t>RACK-TLP is compatible with the standard RTO[RFC6298], RTO-restart [RFC7765],<xref target="RFC6298" format="default"/>, RTO Restart <xref target="RFC7765" format="default"/>, F-RTO[RFC5682]<xref target="RFC5682" format="default"/>, and Eifel algorithms[RFC3522].<xref target="RFC3522" format="default"/>. This is because RACK-TLP only detects loss by using ACK events. It neither changes the RTO timer calculation nor detects spuriousRTO.RTOs. RACK-TLP slightly changes the behavior of[RFC6298]<xref target="RFC6298" format="default"/> by preceding the RTO with a TLP and reducing potential spurious retransmissions after RTO.</t> </section> <sectiontitle="Interactionanchor="interaction-with-congestion-control" numbered="true" toc="default"> <name>Interaction withcongestion control" anchor="interaction-with-congestion-control">Congestion Control</name> <t>RACK-TLP intentionally decouples loss detection from congestion control. RACK-TLP only detects losses; it does not modify the congestion control algorithm[RFC5681] [RFC6937].<xref target="RFC5681" format="default"/> <xref target="RFC6937" format="default"/>. A segment marked as lost by RACK-TLPMUST NOT<bcp14>MUST NOT</bcp14> be retransmitted until congestion control deems this appropriate. As mentioned in thecaption for Figure 1, [RFC5681]paragraph following <xref target="fig1"/> (<xref target="fig1desc"/>), <xref target="RFC5681" format="default"/> mandates a principle that loss in two successive windows ofdata,data or the loss of aretransmission,retransmission must be taken as two indications of congestion and therefore trigger two separate reactions.[RFC6937]The Proportional Rate Reduction (PRR) algorithm <xref target="RFC6937" format="default"/> isRECOMMENDED<bcp14>RECOMMENDED</bcp14> for the specific congestion control actions taken upon the losses detected by RACK-TLP. In the absence ofPRR,PRR <xref target="RFC6937"/>, when RACK-TLP detects a lostretransmissionretransmission, the congestion controlMUST<bcp14>MUST</bcp14> trigger an additional congestion response per the aforementioned principle in[RFC5681].<xref target="RFC5681" format="default"/>. If multiple original transmissions or retransmissions were lost in a window, the congestion control specified in[RFC5681]<xref target="RFC5681" format="default"/> only reacts once per window. The congestion control implementer is advised to carefully consider this subtle situation introduced by RACK-TLP.</t> <t>The only exception -- the only way in which RACK-TLP modulates the congestion control algorithm -- is that one outstanding loss probe can be sent even if the congestion window is fully used. However, this temporaryover-commitovercommit is accounted for and credited in the in-flight data tracked for congestion control, so that congestion control will erase theover-commitovercommit upon the next ACK. </t> <t>If packet losses happen after reordering has been observed, RACK-TLP may take longer to detect losses than the pureDUPACK-countingDupAck counting approach. In thiscasecase, TCP may continue to increase the congestion window upon receiving ACKs during this time, making the sender more aggressive.</t><t>The<t> The following simple example compares how RACK-TLP and non-RACK-TLP loss detectioninteractsinteract with congestion control: suppose a sender has a congestion window (cwnd) of 20 segments on a SACK-enabled connection. It sends 10 datasegmentssegments, and all of them are lost.</t> <t>Without RACK-TLP, the sender would time out, reset cwnd to 1, and retransmit the first segment. It would take four round trips (1 + 2 + 4 + 3 = 10) to retransmit all the 10 lost segments using slow start. The recovery latency would be RTO + 4*RTT, with an ending cwnd of 4 segments due to congestion window validation.</t> <t>With RACK-TLP, a sender would send the TLP after 2*RTT and get aDUPACK,DupAck, enabling RACK to detect the losses and trigger fast recovery. If the sender implements Proportional Rate Reduction[RFC6937]<xref target="RFC6937" format="default"/>, it would slow start to retransmit the remaining 9 lost segments since the number of segments in flight (0) is lower than the slow start threshold (10). The slow start would again take four round trips (1 + 2 + 4 + 3 = 10) to retransmit all the lost segments. The recovery latency would be 2*RTT + 4*RTT, with an ending cwnd set to theslow startslow-start threshold of 10 segments.</t> <t>The difference in recovery latency (RTO + 4*RTT vs 6*RTT) can be significant if the RTT is much smaller than the minimum RTO (1 second in[RFC6298])<xref target="RFC6298" format="default"/>) or if the RTT is large. The former case can happen in local area networks,data-centerdata center networks, or content distribution networks with deep deployments. The latter case can happen in developing regions with highly congested and/or high-latency networks.</t> </section> <sectiontitle="TLP recovery detectionanchor="tlp-recovery-detection-with-delayed-acks" numbered="true" toc="default"> <name>TLP Recovery Detection withdelayed ACKs" anchor="tlp-recovery-detection-with-delayed-acks">Delayed ACKs</name> <t>Delayed or stretched ACKs complicate the detection of repairs done byTLP, sinceTLP since, with suchACKsACKs, the sender takes a longer time to receive fewer ACKs than would normally be expected. To mitigate this complication, before sending a TLP loss probe retransmission, the sender should attempt to wait long enough that the receiver has sent any delayed ACKs that it is withholding. The sender algorithm described above features such adelay,delay in the form of TLP.max_ack_delay. Furthermore, if the receiver supportsDSACK thenDSACK, then, in the case of a delayedACKACK, the sender's TLP recovery detection mechanism (see above) can use the DSACK information to infer that the original and TLP retransmission both arrived at the receiver.</t> <t>If there is ACK loss or a delayed ACK without a DSACK, then this algorithm isconservative,conservative because the sender will reduce the congestion windowwhenwhen, infactfact, there was no packet loss. Inpracticepractice, this isacceptable,acceptable and potentially even desirable: if there is reverse pathcongestioncongestion, then reducing the congestion window can be prudent.</t> </section> <sectiontitle="RACK-TLP for other transport protocols" anchor="rack-tlp-for-other-transport-protocols">anchor="rack-tlp-for-other-transport-protocols" numbered="true" toc="default"> <name>RACK-TLP for Other Transport Protocols</name> <t>RACK-TLP can be implemented in other transport protocols (e.g.,[QUIC-LR]). The [Sprout]<xref target="I-D.ietf-quic-recovery" format="default"/>). The <xref target="SPROUT" format="default"/> loss detection algorithm was also independently designed to use a10ms10 ms reordering window to improve its loss detection similar to RACK.</t> </section> </section> <sectiontitle="Security Considerations" anchor="security-considerations">anchor="security-considerations" numbered="true" toc="default"> <name>Security Considerations</name> <t>RACK-TLP algorithm behavior is based on information conveyed in SACK options, so it has security considerations similar to those described in the Security Considerations section of[RFC6675].<xref target="RFC6675" format="default"/>. </t> <t>Additionally, RACK-TLP has a lower risk profile than[RFC6675]the loss recovery algorithm <xref target="RFC6675" format="default"/> because it is not vulnerable to ACK-splitting attacks[SCWA99]:<xref target="SCWA99" format="default"/>: for anMSS-sizeMSS-sized segment sent, the receiver or the attacker might send MSS ACKs thatSACKselectively or cumulatively acknowledge one additional byte per ACK. This would not fool RACK. In such a scenario, RACK.xmit_ts would notadvance,advance because all the sequence ranges within the segment were transmitted at the sametime,time and thus carry the same transmission timestamp. In other words, SACKing only one byte of a segment or SACKing the segment in entirety have the same effect with RACK.</t> </section> <sectiontitle="IANA Considerations" anchor="iana-considerations">anchor="iana-considerations" numbered="true" toc="default"> <name>IANA Considerations</name> <t>This documentmakeshas norequestIANA actions.</t> </section> </middle> <back> <displayreference target="I-D.ietf-quic-recovery" to="QUIC-LR"/> <displayreference target="RFC0793" to="RFC793"/> <references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.0793.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2018.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2883.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5681.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6298.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6675.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7323.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> </references> <references> <name>Informative References</name> <reference anchor="FACK"> <front> <title>Forward acknowledgement: refining TCP congestion control</title> <author initials="M." surname="Mathis" fullname="Matt Mathis"> <organization/> </author> <author initials="J." surname="Mahdavi" fullname="Jamshid Mahdavi"> <organization/> </author> <date year="1996" month="August"/> </front> <seriesInfo name="ACM SIGCOMM Computer Communication Review" value="Volume 26, Issue 4"/> <seriesInfo name="DOI" value="10.1145/248157.248181"/> </reference> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3042.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3522.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4653.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5682.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5827.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6937.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7765.xml"/> <reference anchor="DMCG11"> <front> <title>Proportional Rate Reduction for TCP </title> <author initials="N." surname="Dukkipati" fullname="Nandita Dukkipati"/> <author initials="M." surname="Matthis" fullname="Matt Mathis"/> <author initials="Y." surname="Cheng" fullname="Yuchung Cheng"/> <author initials="M." surname="Ghobadi" fullname="Monia Ghobadi"/> <date month="November" year="2011"/> </front> <seriesInfo name="Proceedings ofIANA.</t> <t>Note to RFC Editor: this section may be removedthe 2011 ACM SIGCOMM Conference onpublication as an RFC.</t> </section>Internet Measurement Conference" value="pp. 155-170"/> <seriesInfo name="DOI" value="10.1145/2068816.2068832"/> </reference> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-quic-recovery.xml"/> <reference anchor="SPROUT"> <front> <title>Stochastic Forecasts Achieve High Throughput and Low Delay over Cellular Networks </title> <author initials="K." surname="Winstein" fullname="Keith Winstein"/> <author initials="A." surname="Sivaraman" fullname="Anirudh Sivaraman"/> <author initials="H." surname="Balakrishnan" fullname="Hari Balakrishnan"/> <date year="2013"/> </front> <refcontent>10th USENIX Symposium on Networked Systems Design and Implementation (NSDI '13)"</refcontent> </reference> <reference anchor="SCWA99"> <front> <title>TCP congestion control with a misbehaving receiver</title> <author initials="S." surname="Savage" fullname="Stefan Savage"> <organization/> </author> <author initials="N." surname="Cardwell" fullname="Neal Cardwell"> <organization/> </author> <author initials="D." surname="Wetherall" fullname="David Wetherall"> <organization/> </author> <author initials="T." surname="Anderson" fullname="Tom Anderson"> <organization/> </author> <date year="1999" month="October"/> </front> <seriesInfo name="ACM Computer Communication Review" value="29(5)"/> <seriesInfo name="DOI" value="10.1145/505696.505704"/> </reference> <reference anchor="POLICER16"> <front> <title>An Internet-Wide Analysis of Traffic Policing</title> <author initials="T." surname="Flach" fullname="Tobias Flach"> <organization/> </author> <author initials="P." surname="Papageorge" fullname="Pavlos Papageorge"> <organization/> </author> <author initials="A." surname="Terzis" fullname="Andreas Terzis"> <organization/> </author> <author initials="L." surname="Pedrosa" fullname="Luis Pedrosa"> <organization/> </author> <author initials="Y." surname="Cheng" fullname="Yuchung Cheng"> <organization/> </author> <author initials="T." surname="Karim" fullname="Tayeb Karim"> <organization/> </author> <author initials="E." surname="Katz-Bassett" fullname="Ethan Katz-Bassett"> <organization/> </author> <author initials="R." surname="Govindan" fullname="Ramesh Govindan"> <organization/> </author> <date year="2016" month="August"/> </front> <seriesInfo name="DOI" value="10.1145/2934872.2934873"/> <refcontent>Proceedings of the 2016 ACM SIGCOMM Conference pp. 468-482</refcontent> </reference> </references> </references> <sectiontitle="Acknowledgments" anchor="acknowledgments">anchor="acknowledgments" numbered="false" toc="default"> <name>Acknowledgments</name> <t>The authors thankMatt Mathis<contact fullname="Matt Mathis"/> for his insights in FACK andMichael Welzl<contact fullname="Michael Welzl"/> for his per-packet timer idea that inspired this work.Eric Dumazet, Randy Stewart, Van Jacobson, Ian Swett, Rick Jones, Jana Iyengar, Hiren Panchasara, Praveen Balasubramanian, Yoshifumi Nishida, Bob Briscoe, Felix Weinrank, Michael Tuexen, Martin Duke, Ilpo Jarvinen, Theresa Enghardt, Mirja Kuehlewind, Gorry Fairhurst, Markku Kojo, and Yi Huang<contact fullname="Eric Dumazet"/>, <contact fullname="Randy Stewart"/>, <contact fullname="Van Jacobson"/>, <contact fullname="Ian Swett"/>, <contact fullname="Rick Jones"/>, <contact fullname="Jana Iyengar"/>, <contact fullname="Hiren Panchasara"/>, <contact fullname="Praveen Balasubramanian"/>, <contact fullname="Yoshifumi Nishida"/>, <contact fullname="Bob Briscoe"/>, <contact fullname="Felix Weinrank"/>, <contact fullname="Michael Tüxen"/>, <contact fullname="Martin Duke"/>, <contact fullname="Ilpo Jarvinen"/>, <contact fullname="Theresa Enghardt"/>, <contact fullname="Mirja Kühlewind"/>, <contact fullname="Gorry Fairhurst"/>, <contact fullname="Markku Kojo"/>, and <contact fullname="Yi Huang"/> contributed to this document or the implementations in Linux, FreeBSD, Windows, and QUIC.</t> </section></middle> <back> <references title="Normative References"> <reference anchor='RFC793'><front><title>Transmission Control Protocol</title><author initials='J.' surname='Postel' fullname='Jon Postel'></author><date year='1981' month='September' /></front></reference> <reference anchor='RFC2018'> <front> <title>TCP Selective Acknowledgment Options</title> <author initials='M.' surname='Mathis' fullname='M. Mathis'> <organization /></author> <author initials='J.' surname='Mahdavi' fullname='J. Mahdavi'> <organization /></author> <date year='1996' month='October' /> </front> <seriesInfo name='RFC' value='2018' /> <format type='TXT' target='http://www.rfc-editor.org/rfc/rfc2018.txt' /> </reference> <reference anchor='RFC2119'> <front> <title>Key words for use in RFCs to Indicate Requirement Levels</title> <author initials='S.' surname='Bradner' fullname='S. Bradner'> <organization /></author> <date year='1997' month='March' /> </front> <seriesInfo name='RFC' value='2119' /> <format type='TXT' target='http://www.rfc-editor.org/rfc/rfc2119.txt' /> </reference> <reference anchor='RFC2883'> <front> <title>An Extension to the Selective Acknowledgement (SACK) Option for TCP</title> <author initials='S.' surname='Floyd' fullname='S. Floyd'> <organization /></author> <author initials='J.' surname='Mahdavi' fullname='J. Mahdavi'> <organization /></author> <author initials='M.' surname='Mathis' fullname='M. Mathis'> <organization /></author> <author initials='M.' surname='Podolsky' fullname='M. Podolsky'> <organization /></author> <date year='2000' month='July' /> <abstract> <t>This note defines an extension of the Selective Acknowledgement (SACK) Option [RFC2018] for TCP. RFC 2018 specified the use of the SACK option for acknowledging out-of-sequence data not covered by TCP's cumulative acknowledgement field. This note extends RFC 2018 by specifying the use of the SACK option for acknowledging duplicate packets. This note suggests that when duplicate packets are received, the first block of the SACK option field can be used to report the sequence numbers of the packet that triggered the acknowledgement. This extension to the SACK option allows the TCP sender to infer the order of packets received at the receiver, allowing the sender to infer when it has unnecessarily retransmitted a packet. A TCP sender could then use this information for more robust operation in an environment of reordered packets [BPS99], ACK loss, packet replication, and/or early retransmit timeouts. </t></abstract></front> <seriesInfo name='RFC' value='2883' /> <format type='TXT' target='http://www.rfc-editor.org/rfc/rfc2883.txt' /> </reference> <reference anchor='RFC5681'> <front> <title>TCP Congestion Control</title> <author initials='M.' surname='Allman' fullname='M. Allman'> <organization /></author> <author initials='V.' surname='Paxson' fullname='V. Paxson'> <organization /></author> <author initials='E.' surname='Blanton' fullname='E. Blanton'> <organization /></author> <date year='2009' month='September' /> <abstract> <t>This document defines TCP's four intertwined congestion control algorithms: slow start, congestion avoidance, fast retransmit, and fast recovery. In addition, the document specifies how TCP should begin transmission after a relatively long idle period, as well as discussing various acknowledgment generation methods. This document obsoletes RFC 2581. [STANDARDS-TRACK]</t></abstract></front> <seriesInfo name='RFC' value='5681' /> <format type='TXT' octets='44339' target='http://www.rfc-editor.org/rfc/rfc5681.txt' /> </reference> <reference anchor='RFC6298'> <front> <title>Computing TCP's Retransmission Timer</title> <author initials='V.' surname='Paxson' fullname='V. Paxson'> <organization /></author> <author initials='M.' surname='Allman' fullname='M. Allman'> <organization /></author> <author initials='J.' surname='Chu' fullname='J. Chu'> <organization /></author> <author initials='M.' surname='Sargent' fullname='M. Sargent'> <organization /></author> <date year='2011' month='June' /> <abstract> <t>This document defines the standard algorithm that Transmission Control Protocol (TCP) senders are required to use to compute and manage their retransmission timer. It expands on the discussion in Section 4.2.3.1 of RFC 1122 and upgrades the requirement of supporting the algorithm from a SHOULD to a MUST. This document obsoletes RFC 2988. </t></abstract></front> <seriesInfo name='RFC' value='6298' /> <format type='TXT' target='http://www.rfc-editor.org/rfc/rfc6298.txt' /> </reference> <reference anchor='RFC6675'> <front> <title>A Conservative Loss Recovery Algorithm Based on Selective Acknowledgment (SACK) for TCP </title> <author initials='E.' surname='Blanton' fullname='E. Blanton'> <organization /></author> <author initials='M.' surname='Allman' fullname='M. Allman'> <organization /></author> <author initials='L.' surname='Wang' fullname='L. Wang'> <organization /></author> <author initials='I.' surname='Jarvinen' fullname='I. Jarvinen'> <organization /></author> <author initials='M.' surname='Kojo' fullname='M. Kojo'> <organization /></author> <author initials='Y.' surname='Nishida' fullname='Y. Nishida'> <organization /></author> <date year='2012' month='August' /> <abstract> <t>This document presents a conservative loss recovery algorithm for TCP that is based on the use of the selective acknowledgment (SACK) TCP option. The algorithm presented in this document conforms to the spirit of the current congestion control specification (RFC 2581), but allows TCP senders to recover more effectively when multiple segments are lost from a single flight of data. [STANDARDS-TRACK]</t></abstract></front> <seriesInfo name='RFC' value='6675' /> <format type='TXT' octets='27855' target='http://www.rfc-editor.org/rfc/rfc6675.txt' /> </reference> <reference anchor='RFC7323'><front><title>TCP Extensions for High Performance</title><author initials='D.' surname='Borman' fullname='David Borman'></author><author initials='B.' surname='Braden' fullname='Bob Braden'></author><author initials='V.' surname='Jacobson' fullname='Van Jacobson'></author><author initials='R.' surname='Scheffenegger' fullname='Richard Scheffenegger'></author><date year='2014' month='September' /></front></reference> <reference anchor='RFC8174'><front><title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title><author initials='B.' surname='Leiba' fullname='B. Leiba'></author><date year='2017' month='May' /></front></reference> </references> <references title="Informative References"> <reference anchor='FACK'> <front> <title>Forward acknowledgement: refining TCP congestion control</title> <author initials='M' surname='Mathis' fullname='Matt Mathis'> <organization /></author> <author initials='M' surname='Jamshid' fullname='Jamshid Mahdavi'> <organization /></author> <date year='1996' /> </front> <seriesInfo name='ACM SIGCOMM Computer Communication Review, Volume 26, Issue 4, Oct. 1996.' value=''/> </reference> <reference anchor='RFC3042'> <front> <title>Enhancing TCP's Loss Recovery Using Limited Transmit</title> <author initials='M.' surname='Allman'> <organization /></author> <author initials='H.' surname='Balakrishnan'> <organization /></author> <author initials='S.' surname='Floyd'> <organization /></author> <date year='2001' month='January' /> </front> </reference> <reference anchor='RFC3522'><front> <title>The Eifel Detection Algorithm for TCP</title> <author initials='R.' surname='Ludwig'></author> <author initials='M.' surname='Meyer'></author> <date year='2003' month='April'/> </front> </reference> <reference anchor='RFC4653'><front> <title>Improving the Robustness of TCP to Non-Congestion Events</title> <author initials='S.' surname='Bhandarkar'></author> <author initials='A. L. N.' surname='Reddy'></author> <author initials='M.' surname='Allman'></author> <author initials='E.' surname='Blanton'></author> <date year='2006' month='August'/> </front> </reference> <reference anchor='RFC5682'> <front> <title>Forward RTO-Recovery (F-RTO): An Algorithm for Detecting Spurious Retransmission Timeouts with TCP</title> <author initials='P.' surname='Sarolahti' fullname='P. Sarolahti'> <organization /></author> <author initials='M.' surname='Kojo' fullname='M. Kojo'> <organization /></author> <author initials='K.' surname='Yamamoto' fullname='K. Yamamoto'> <organization /></author> <author initials='M.' surname='Hata' fullname='M. Hata'> <organization /></author> <date year='2009' month='September' /> <abstract> <t>The purpose of this document is to move the F-RTO (Forward RTO-Recovery) functionality for TCP in RFC 4138 from Experimental to Standards Track status. The F-RTO support for Stream Control Transmission Protocol (SCTP) in RFC 4138 remains with Experimental status. See Appendix B for the differences between this document and RFC 4138.</t><t> Spurious retransmission timeouts cause suboptimal TCP performance because they often result in unnecessary retransmission of the last window of data. This document describes the F-RTO detection algorithm for detecting spurious TCP retransmission timeouts. F-RTO is a TCP sender-only algorithm that does not require any TCP options to operate. After retransmitting the first unacknowledged segment triggered by a timeout, the F-RTO algorithm of the TCP sender monitors the incoming acknowledgments to determine whether the timeout was spurious. It then decides whether to send new segments or retransmit unacknowledged segments. The algorithm effectively helps to avoid additional unnecessary retransmissions and thereby improves TCP performance in the case of a spurious timeout. [STANDARDS-TRACK]</t></abstract></front> <seriesInfo name='RFC' value='5682' /> <format type='TXT' octets='47337' target='http://www.rfc-editor.org/rfc/rfc5682.txt' /> </reference> <reference anchor='RFC5827'> <front> <title>Early Retransmit for TCP and Stream Control Transmission Protocol (SCTP)</title> <author initials='M.' surname='Allman' fullname='M. Allman'> <organization /></author> <author initials='U.' surname='Ayesta' fullname='U. Ayesta'> <organization /></author> <author initials='L.' surname='Wang' fullname='L. Wang'> <organization /></author> <author initials='J.' surname='Blanton' fullname='J. Blanton'> <organization /></author> <author initials='P.' surname='Hurtig' fullname='P. Hurtig'> <organization /></author> <date year='2010' month='April' /> <abstract> <t>This document proposes a new mechanism for TCP and Stream Control Transmission Protocol (SCTP) that can be used to recover lost segments when a connection's congestion window is small. The "Early Retransmit" mechanism allows the transport to reduce, in certain special circumstances, the number of duplicate acknowledgments required to trigger a fast retransmission. This allows the transport to use fast retransmit to recover segment losses that would otherwise require a lengthy retransmission timeout. </t></abstract></front> <seriesInfo name='RFC' value='5827' /> <format type='TXT' target='http://www.rfc-editor.org/rfc/rfc5827.txt' /> </reference> <reference anchor='RFC6937'><front> <title>Proportional Rate Reduction for TCP</title> <author initials='M.' surname='Mathis' fullname='Matt Mathis'></author> <author initials='N.' surname='Dukkipati' fullname='Nandita Dukkipati'></author> <author initials='Y.' surname='Cheng' fullname='Yuchung Cheng'></author> <date year='2013' month='May' /> </front></reference> <reference anchor='RFC7765'><front> <title>TCP and SCTP RTO Restart</title> <author initials='P.' surname='Hurtig'></author> <author initials='A.' surname='Brunstrom'></author> <author initials='A.' surname='Petlund'></author> <author initials='M.' surname='Welzl'></author> <date year='2016' month='February'/> </front> </reference> <reference anchor='DMCG11'> <front> <title>Proportional Rate Reduction for TCP </title> <author initials='N' surname='Dukkipati'></author> <author initials='M' surname='Matthis'></author> <author initials='Y' surname='Cheng'></author> <author initials='M' surname='Ghobadi'></author> <date year='2011' /> </front> <seriesInfo name='ACM SIGCOMM Conference on Internet Measurement' value=''/> </reference> <reference anchor='QUIC-LR'><front> <title>QUIC Loss Detection and Congestion Control </title> <author initials='J.' surname='Iyengar'></author> <author initials='I.' surname='Swett'></author> <date year='2020' month='Octobor'/> </front> <seriesInfo name='Internet-Draft' value='draft-ietf-quic-recovery' /> </reference> <reference anchor='Sprout'><front> <title>Stochastic Forecasts Achieve High Throughput and Low Delay over Cellular Networks </title> <author initials='K.' surname='Winstein'></author> <author initials='A.' surname='Sivaraman'></author> <author initials='H.' surname='Balakrishnan'></author> <date year='2013'/> </front> <seriesInfo name='USENIX Symposium on Networked Systems Design and Implementation (NSDI)' value=''/> </reference> <reference anchor='SCWA99'> <front> <title>TCP Congestion Control With a Misbehaving Receiver</title> <author initials='S' surname='Savage' fullname='S. Savage'> <organization /></author> <author initials='N' surname='Cardwell' fullname='N. Cardwell'> <organization /></author> <author initials='D' surname='Wetherall' fullname='D. Wetherall'> <organization /></author> <author initials='T' surname='Anderson' fullname='T. Anderson'> <organization /></author> <date year='1999' /> </front> <seriesInfo name='ACM Computer Communication Review, 29(5)' value=''/> </reference> <reference anchor='POLICER16'> <front> <title>An Analysis of Traffic Policing in the Web </title> <author initials='T' surname='Flach' fullname='T. Flach'><organization /></author> <author initials='P' surname='Papageorge' fullname='P. Papageorge'><organization /></author> <author initials='A' surname='Terzis' fullname='A. Terzis'><organization /></author> <author initials='L' surname='Pedrosa' fullname='L. Pedrosa'><organization /></author> <author initials='Y' surname='Cheng' fullname='Y. Cheng'><organization /></author> <author initials='T' surname='Karim' fullname='T. Karim'><organization /></author> <author initials='E' surname='Katz-Bassett' fullname='E. Katz-Bassett'><organization /></author> <author initials='R' surname='Govindan' fullname='R. Govindan'><organization /></author> <date year='2016' /> </front> <seriesInfo name='ACM SIGCOMM' value=''/> </reference> </references></back> </rfc>