PoC MultiPath TCP

I have written about Multipath TCP several times in this blog because I think is a trend for the near future in networking architectures. Although MPTCP Security is a concern, this new way to establish connections have a lot of advantages, that along with HTTP/2, they are going to change our mind about as we know networks today. Next, we'll see a Proof of Concept about Multipath TCP and how to configure it in some systems like F5 BIG-IP LTM or Linux, as well as how to test it.

Today, there are increasingly more systems with MPTCP support. For instance, Multipath TCP is a benefit of Layer 7 Load Balancing and as a result F5 BIG-IP and Citrix NetScaler support this technology. On the other hand, mobile manufactures like Apple, Samsung and LG also support this technology. Of course, Linux and FreeBSD systems support MPTCP as well, and we can read How to install MPTCP in the multipath-tcp.org web-page to test it. However, Microsoft Windows doesn't support this technology yet.

Once we have installed it, we'll see Multipath TCP in the TCP Options header and even the Wireshark tool could recognize the MPTCP protocol if we enable it under Edit -> Preferences -> Protocols -> MPTCP.

MPTCP in Wireshark

 

Next, we can watch the PoC. First, we'll see how an Ubuntu system connects to the amiusingmptcp.de website to check Multipath TCP, it's green, it's OK, my laptop supports this protocol. Then, I download a 500 MB file from multipath-tcp.org while I'm monitoring the network bandwidth, and we can see how both interfaces, the wired interface eth0 and the wireless interface wlan0, download the file at the same time. Therefore, I could have a faster and reliable connection with this protocol. In addition, we canetr-multipth-tcp-figure-03-1180 watch in the video how to configure MPTCP in a F5 BIG-IP system.

If we would like to accelerate our applications with MPTCP but we don't want to modify our HTTP servers, we'll need a full proxy server between our web applications and our clients. A good choice to do it is with a load balancer like F5 BIG-IP or Citrix NetScaler. For instance, F5 TCP Express uses MPTCP along with SACK and the Nagle's Algorithm to speed up connections. Nevertheless, we have to take into account a properly networking architecture because if we install some appliance, like an UTM firewall, without MPTCP support between our clients and the full proxy server, we could deny legitimate connections and MPTCP wouldn't work.

MPTCP in F5 BIG-IP

This is a trend that big companies are implementing right now because the amount of connections against their applications are too big and their services are demanding. Consequently, they need fast, reliable and robust connections.

Regards my friend, don't stay behind, think in the future!!!