ietf
[Top] [All Lists]

Fwd: [multipathtcp] Call for contribution to middlebox survey

2010-10-03 01:02:08


Begin forwarded message:

From: Michio Honda <micchie(_at_)sfc(_dot_)wide(_dot_)ad(_dot_)jp>
Date: October 3, 2010 2:30:57 GMT+03:00
To: Multipath TCP Mailing List <multipathtcp(_at_)ietf(_dot_)org>, 
"tcpm(_at_)ietf(_dot_)org" <tcpm(_at_)ietf(_dot_)org>
Cc: Mark Handley <m(_dot_)handley(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk>
Subject: [multipathtcp] Call for contribution to middlebox survey

Hi, 

We are surveying middleboxes affecting TCP in the Internet, and we'd like you 
to contribute to this work by running 1 python script at your available 
networks, because we want data of as many paths as possible.    
This script generates test TCP traffic to a server node, and detects various 
middlebox behavior, for example, it detects how unknown TCP options are 
treated and if sequence number is rewritten.  

- Overview of script
This generates test TCP traffic by using raw socket or pcap. 
Destinations of the test traffic are port 80, 443 and 34343 on 
vinson3.sfc.wide.ad.jp, which is located in Japan. 
The total amount of test traffic is approximately 90 connections (not 
parallel), and each of them uses approximately maximum 2048Byte.    

- System requirement
Our script works on Mac OSX 10.5 or 10.6, Linux (kernel 2.6) and FreeBSD (7.0 
or higher).  This also requires python 2.5 or higher, and libpcap
NOTE. if you try in a virtual machine on Windows, please connect the guest OS 
via not NAT but bridge.   

How to run experiment is described below per-OS basis.  

After the experiment, you will find 3 log files (logxxxxxxxxx.txt) in the 
same directory as the experiment.  
Please send them to us (micchie(_at_)sfc(_dot_)wide(_dot_)ad(_dot_)jp) and 
tell me your network information as much as you know (e.g., product name of 
the broadband router, ISP name, product name of firewall appliance etc...) 
In addition, let us know if you have hesitation to open these information.  
This experiment doesn't collect traffic information other than those our 
script generated.  

***** How to run the experiment (Mac OSX) *****

1. Filtering RST TCP segment from OS
Execute a following command by root:
ipfw add 101 deny tcp from any to vinson3.sfc.wide.ad.jp dst-port 
34343,80,443 tcpflags rst

NOTE: if you are already running ipfw, please add equivalent rules
After the experiment, you can revert by "ipfw delete 101"

2. Executing script
Download script from 
http://www.micchie.net/software/tcpexposure/for_distrib.tar.gz, and 
decompress it to anywhere you like (e.g., tar xzf for_distrib.tar.gz by 
command line)

In the for_distrib directory, execute a following command by root:
sh run-bsd2.sh
(This will take approximately 30 min.)


***** How to run the experiment (Linux) *****

1. Filtering RST TCP segment from OS
Execute following command by root:
/sbin/iptables -A OUTPUT -p tcp -d vinson3.sfc.wide.ad.jp --tcp-flags RST RST 
-m multiport --dports 34343,80,443 -j DROP

NOTE: if you are already running iptables, please add equivalent rules
After the experiment, you can revert by opposite commands - using -D instead 
of -A

2. Executing script
Download script from 
http://www.micchie.net/software/tcpexposure/for_distrib.tar.gz, and 
decompress it to anywhere you like (e.g., tar xzf for_distrib.tar.gz)

In the for_distrib directory, execute a following command by root:
sh run-linux2.sh
(This will take approximately 30 min.)


***** How to run the script (FreeBSD) *****

1. Filtering RST TCP segment from OS   
If you are using neither ipfw nor pf: 
Load pf kernel module with a following command by root:
kldload /boot/kernel/pf.ko

Add following 2 lines to /etc/pf.conf (please replace IFNAME to your outgoing 
interface name (e.g., em0):
pass out all
block out quick on IFNAME proto tcp to vinson3.sfc.wide.ad.jp port 
{34343,80,443} flags R/R

Execute following command by root:
pfctl -e -f /etc/pf.conf

If you are already running pf, please add equivalent rules
After the experiment, you can revert settings by  cleaning up /etc/pf.conf 
and executing "pfctl -d" by root

If you are already using ipfw:
 Please add a following rule to ipfw configuration:
 deny tcp from any to vinson3.sfc.wide.ad.jp dst-port 34343,80,443 tcpflags 
rst

2. Executing script
Download script from 
http://www.micchie.net/software/tcpexposure/for_distrib.tar.gz, and 
decompress it to anywhere you like (e.g., tar xzf for_distrib.tar.gz)

In the for_distrib directory, execute a following command by root:
sh run-bsd2.sh
(This will take approximately 30 min.)


Best regards,
- Michio

_______________________________________________
multipathtcp mailing list
multipathtcp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/multipathtcp

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>
  • Fwd: [multipathtcp] Call for contribution to middlebox survey, Lars Eggert <=