Wireshark is a widely used network analyzer that can capture network traffic, save the captured packets (\*.pcap) for later analysis and most importantly helps with analyzing such packet traces. Wireshark supports many protocols, which means it is able to assign meaning to bytes (dissect in the wireshark nomenclature) and display it accordingly. In some cases as in the TCP dissector, Wireshark even builds some state to provide expert information, for instance to identify TCP retransmissions. So far, Wireshark supported stateless dissection of MPTCP, i.e., it could dissect MPTCP options correctly, without being able to identify Multipath TCP connections.
Since November 2015 and the following patch (i.e., starting from Wireshark >= 2.1), Wireshark now considers MPTCP as a separate protocol, and builds states for MPTCP as well, thus mimicking TCP dissection.
This means Wireshark is now able to (providing the matching features are enabled):
- map TCP subflows (tcp.stream) to MPTCP connections (mptcp.stream, see also mptcp.analysis.subflows).
- List MPTCP connections
- identify the master subflows (*mptcp.master == 1*)
- check for mistmatched key/tokens and key/initial sequence data number (ISN)
- etc... start filtering packets with *mptcp.* and wireshark autocompletion should show the different possibilities
Full MPTCP dissection can be quite CPU-consuming, thus some options are disabled by default and can be enabled through the menu Edit -> Preferences -> Protocols -> MPTCP.
- Display relative MPTCP sequence numbers substracts the ISN to Data Sequence Numbers. This works only if the initial packets with the keys (3 way handshake) are captured and the wireshark option tcp relative sequence numbers is enabled.
- In depth analysis of data sequence signal (DSS) mappings tells wireshark to look for the packets which sent the DSS mappings that cover the current packet; wireshark then displays a clickable item that brings you to the packet. This feature enables the creation of interval trees (introduced especially for this feature), which should consume quite a bit of memory/CPU so use with care !
- Check for data duplication across subflows is a feature that was intended to help detect opportunistic reinjections or redundant schedulers but this is mostly experimental so use with care.
Multipath TCP continues to attract interest from both academic researchers who write papers that use or improve the protocol as well as engineers from industry who are deploying new innovative services on top of this new TCP extension. In this newsletter that we’ll try to post every month on the Multipath TCP blog, we’ll summarise the main information about Multipath TCP that we have collected during the previous month. Feel free to contact Olivier Bonaventure if you would like to publish something in this newsletter.
The MPTCP-DEV mailing list has been pretty active during the last month. Three patches have been announced :
Three bug fixes pushed by Christoph Paasch :
A first implementation of the ADD_ADDR2 option by Fabrizio Demaria. This option was proposed in RFC6824bis and includes a HMAC to authenticate the advertised address.
Alexander Frommgen has announced a new website that can be used to verify that Multipath TCP works end-to-end : http://amiusingmptcp.de
This new website goes beyond the original http://amiusingmptcp.com that is not available anymore.
Another useful tool is an improved AndroidTracebox by Raffaele Zullo. It can be used on smartphones to detect middlebox interference in cellular and WiFi networks.
December 2015 has been a busy month for scientific publications on Multipath TCP. Almost an entire session was devoted to Multipath TCP at Conext’2015 in Heidelberg with three papers :
- Design, Implementation and Evaluation of Energy-Aware Multi-Path TCP by Yeon-sup Lim et al. proposes a variant of Multipath TCP called eMPTCP that aims at minimising the energy consumption of Multipath TCP on smartphones. This is an expanded version of a earlier workshop paper by the same authors.
- An Anatomy of Mobile Web Performance over Multipath TCP by Bo Han et al. analyses by measurements how the utilisation of Multipath TCP affects the performance of Mobile websites.
- SMAPP : Towards Smart Multipath TCP-enabled APPlications by Benjamin Hesmans et al. proposes and evaluates a Netlink-based API that allows applications to control the utilisation of the Multipath TCP subflows.
Other papers have been posted.
- Performance Comparison of Congestion Control Strategies for Multi-Path TCP in the NORNET Testbed by Fa Fu et al. uses the Nornet testbed to compare the performance of different Multipath TCP congestion control schemes.
- System investigation of a gateway implementing subflow control policies using a multipath TCP proxy by Yu Okada et al. proposes and evaluates a Multipath TCP proxy running in userspace to bond several networks together.
- Exploiting Path Diversity in Datacenters using MPTCP-aware SDN by Savvas Zannettou et al. proposes to control the creation of subflows by an SDN controller. For this, they enhance the full-mesh path manager to create multiple subflows and the Floodlight SDN controller
- SAMPO: Online Subflow Association for Multipath TCP with Partial Flow Record by Yan Zhang proposes algorithms to extract Multipath TCP information from incomplete packet traces (e.g. packet traces collected with sampling or where the first packets of a flow have been lost).
The IETF mailing list has been rather quite during the last month. One relevant draft has been updated :
This draft addresses the Hybrid Access Networks, i.e. access networks that combine two different link layer technologies, typically DSL and LTE. The Broadband Forum is developing solutions to enable network operators to efficiently use two heterogeneous networks together and some of the proposed solutions rely on Multipath TCP. This draft proposes a TCP option similar to the one proposed in Multipath in the Middle(Box) and discusses how such a solution could be used to support UDP.
Since the publication of RFC 6824 in January 2013, various companies have started to leverage Multipath TCP‘s unique capabilities to create new innovate products. This post is a short summary of some of the publicly announced utilisations of Multipath TCP .
Multipath networks is an Irish company that was the first to use Multipath TCP to bond two ADSL links or an ADSL and a wireless link. Their initial product relied on a modified home router that used the Linux Multipath TCP kernel together with OpenVPN and an HTTP proxy. The router intercepts all TCP traffic, sends it to a server running in the cloud over Multipath TCP and the server uses regular TCP to reach the final destination. Unfortunately, the company went bankrupt and the service is not sold anymore as of this writing.
VRT is the Flemish TV broadcaster in Belgium. They have designed their own cars to allow web journalists to capture videos, edit them and upload them to the VRT head quarters. Videos are long files that require a large bandwidth to be uploaded quickly. To allow the journalists to send their video reports as quickly as possibly, the latest VRT car, called The Beast has been equipped with three types of antennas :
- one satellite antenna
- several 3G antennas with the corresponding SIMs
- several WiFi antennas
Once a video is ready, the server running in the car automatically starts all the available network interfaces and combines them thanks to Multipath TCP to upload the entire video to the VRT head quarters. This car has been used in production for more than a year at VRT.
Apple has started to use Multipath TCP on iPhones and iPads in September 2013 to support the Siri voice recognition application. Thanks to Multipath TCP, these mobile devices can better cope with losses and connectivity problems over the wireless interfaces. This deployment uses an implementation written by Apple’s engineers that is now also included in MacOS. Apple’s implementation of Multipath TCP does not include all the features of the protocol defined in RFC 6824 but it is fully interoperable with the Linux implementation.
Tessares is a recent spinoff from UCL that was created with funding from Proximus, the Belgian network operator and the VIVES investment fund. Its objective is to develop new innovative network services on top of Multipath TCP. The first product developed by this company is a solution for Hybrid Access Networks. Such an access network combines two different types of technologies, typically DSL and 3G/4G. It is illustrated in the figure below.
This solution is composed of two different network devices :
- The Hybrid CPE (HCPE)
- The Hybrid Aggregation Gateway (HAG)
The HCPE is a CPE device that is capable of using two separate access networks. It is typically a home router that has been extended with a 3G/4G interface. Tessares provides a tuned version of the Multipath TCP implementation in the Linux kernel that has been optimised for this platform. It also includes a Multipath TCP proxy that intercepts the TCP connections established by the devices in the home network and converts them into Multipath TCP connections. Thanks to the utilisation of Multipath TCP, the devices used in the home network can use both the DSL and the 3G/4G network. The Hybrid Aggregation Gateway terminates the Multipath TCP connection and converts them into regular TCP connections so that regular servers that have not been upgraded to support Multipath TCP can be contacted.
The BroadBand Forum is working on solutions to support Hybrid Access Networks. During the last Broadband World Forum in London, several companies have demonstrated solutions that include the Multipath TCP implementation in the Linux kernel : Tessares that received a highly commended award, SoftatHome, Sagemcom, Technicolor, Intel and Ericsson.
Gigapath is a commercial service that was launched during the summer 2015 by Korean Telecom. In Korea competition among network operators forces them to provide higher bandwidth mobile services. The cellular networks deployed in this country are among the fastest in the world, but this is still not sufficient. Gigapath allows smartphone uses to combine together their 4G and WiFi networks to reach bandwidths of 800 Mbps and more.
From a technical viewpoint, the solution deployed by KT combines Multipath TCP and the SOCKS protocol. Korean Telecom has convinced Samsung and LG Electronics to port the open-source Multipath TCP implementation in the Linux kernel on their high-end smartphones. As of December 2015, there are about half a dozen different smartphone models from these two vendors that include Multipath TCP. Each smartphone also includes a SOCKS client that intercepts all TCP connection establishments and redirects them to a SOCKS proxy running on one server managed by Korean Telecom. The SOCKS proxy uses the Multipath TCP implementation in the Linux kernel and terminates the Multipath TCP connection.
In July 2015, 5,000 users had subscribed to the Gigapath service. In November 2015, there were about 20,000 users.
OVH is a French cloud company that also provides DSL services. In September 2015, they announced a new product called Overthebox. This product combines Multipath TCP and SOCKS proxies to enable users to bond different DSL lines together. In contrast with the SOCKS-based solution deployed by KT, OVH did not modify the enduser devices. Instead, they provide a device that is attached to the different DSL routers that need to be combined. This device acts as the default gateway in the home network and serves as the DHCP server. Its SOCKS client can then intercept all established TCP connections and convert them into Multipath TCP towards a SOCKS server running in the cloud. The SOCKS server terminates the Multipath TCP and creates a regular TCP connection to the final destination. In December 2015, more than 300 users already participate in the beta and the commercial deployment is expected in January 2016.
The design of Multipath TCP has been heavily influenced by the middleboxes that have been deployed in a wide range of networks, notably in cellular and enterprise networks. Some of these middleboxes like regular NATs interact correctly with Multipath TCP and many Multipath TCP users work behind NATs. However, some middleboxes, such as firewalls or TCP optimisers, terminate TCP connections or interfere with TCP options and thus interact badly with Multipath TCP.
Several tools can be used to verify that Multipath TCP works through a given network. If you have installed a Multipath TCP enabled kernel, you can simply use curl and issue the following command :
The webserver that supports http://www.multipath-tcp.org has been configured to send a special response to an HTTP request with the curl User-Agent. If the request is sent over a regular TCP connection, the server replies with :
Nay, Nay, Nay, your have an old computer that does not speak MPTCP. Shame on you!
If the HTTP request is sent over a Multipath TCP connection, the server replies with :
Yay, you are MPTCP-capable! You can now rest in peace.
This is a basic test that if often used to validate the correct installation of a Multipath TCP enabled Linux kernel.
However, many users are interested in simpler tests through a web interface or through a smartphone application. Two young researchers have recently released two useful tools.
http://amiusingmptcp.com has been the first website created to verify that Multipath TCP was working correctly. Unfortunately, it is not anymore up and running. Alexander Frommgen and his colleagues at TU Darmstadt have posted an updated version of this website. In addition to verifying that the web page is served over a Multipath TCP connection, the new web site also checks whether Multipath TCP passes correctly through other ports. You can test it at http://amiusingmptcp.de Other tests will be added soon.
Another option is tracebox. This command-line tool allows to perform traceroute-like tests with different TCP options to verify whether they pass through middleboxes. tracebox works well on Linux and MacOS, but not yet on smartphones.
Raffaele Zullo a student at the University of Napoli in Italy has spent several months at the University of Liege to work with Benoit Donnet. During his internship, he developed a new version of tracebox that runs on Android smartphones. It requires a rooted smartphone, but does not need a Multipath TCP kernel on the smartphone. You can download it from