summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc9006.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc9006.txt')
-rw-r--r--doc/rfc/rfc9006.txt1343
1 files changed, 1343 insertions, 0 deletions
diff --git a/doc/rfc/rfc9006.txt b/doc/rfc/rfc9006.txt
new file mode 100644
index 0000000..d4e7435
--- /dev/null
+++ b/doc/rfc/rfc9006.txt
@@ -0,0 +1,1343 @@
+
+
+
+
+Internet Engineering Task Force (IETF) C. Gomez
+Request for Comments: 9006 UPC
+Category: Informational J. Crowcroft
+ISSN: 2070-1721 University of Cambridge
+ M. Scharf
+ Hochschule Esslingen
+ March 2021
+
+
+ TCP Usage Guidance in the Internet of Things (IoT)
+
+Abstract
+
+ This document provides guidance on how to implement and use the
+ Transmission Control Protocol (TCP) in Constrained-Node Networks
+ (CNNs), which are a characteristic of the Internet of Things (IoT).
+ Such environments require a lightweight TCP implementation and may
+ not make use of optional functionality. This document explains a
+ number of known and deployed techniques to simplify a TCP stack as
+ well as corresponding trade-offs. The objective is to help embedded
+ developers with decisions on which TCP features to use.
+
+Status of This Memo
+
+ This document is not an Internet Standards Track specification; it is
+ published for informational purposes.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Not all documents
+ approved by the IESG are candidates for any level of Internet
+ Standard; see Section 2 of RFC 7841.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ https://www.rfc-editor.org/info/rfc9006.
+
+Copyright Notice
+
+ Copyright (c) 2021 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+Table of Contents
+
+ 1. Introduction
+ 2. Characteristics of CNNs Relevant for TCP
+ 2.1. Network and Link Properties
+ 2.2. Usage Scenarios
+ 2.3. Communication and Traffic Patterns
+ 3. TCP Implementation and Configuration in CNNs
+ 3.1. Addressing Path Properties
+ 3.1.1. Maximum Segment Size (MSS)
+ 3.1.2. Explicit Congestion Notification (ECN)
+ 3.1.3. Explicit Loss Notifications
+ 3.2. TCP Guidance for Single-MSS Stacks
+ 3.2.1. Single-MSS Stacks -- Benefits and Issues
+ 3.2.2. TCP Options for Single-MSS Stacks
+ 3.2.3. Delayed Acknowledgments for Single-MSS Stacks
+ 3.2.4. RTO Calculation for Single-MSS Stacks
+ 3.3. General Recommendations for TCP in CNNs
+ 3.3.1. Loss Recovery and Congestion/Flow Control
+ 3.3.1.1. Selective Acknowledgments (SACKs)
+ 3.3.2. Delayed Acknowledgments
+ 3.3.3. Initial Window
+ 4. TCP Usage Recommendations in CNNs
+ 4.1. TCP Connection Initiation
+ 4.2. Number of Concurrent Connections
+ 4.3. TCP Connection Lifetime
+ 5. Security Considerations
+ 6. IANA Considerations
+ 7. References
+ 7.1. Normative References
+ 7.2. Informative References
+ Appendix A. TCP Implementations for Constrained Devices
+ A.1. uIP
+ A.2. lwIP
+ A.3. RIOT
+ A.4. TinyOS
+ A.5. FreeRTOS
+ A.6. uC/OS
+ A.7. Summary
+ Acknowledgments
+ Authors' Addresses
+
+1. Introduction
+
+ The Internet Protocol suite is being used for connecting Constrained-
+ Node Networks (CNNs) to the Internet, enabling the so-called Internet
+ of Things (IoT) [RFC7228]. In order to meet the requirements that
+ stem from CNNs, the IETF has produced a suite of new protocols
+ specifically designed for such environments (see, e.g., [RFC8352]).
+ New IETF protocol stack components include the IPv6 over Low-Power
+ Wireless Personal Area Networks (6LoWPANs) adaptation layer
+ [RFC4944][RFC6282][RFC6775], the IPv6 Routing Protocol for Low-Power
+ and Lossy Networks (RPL) [RFC6550], and the Constrained Application
+ Protocol (CoAP) [RFC7252].
+
+ As of this writing, the main transport-layer protocols in IP-based
+ IoT scenarios are UDP and TCP. TCP has been criticized, often
+ unfairly, as a protocol that is unsuitable for the IoT. It is true
+ that some TCP features, such as relatively long header size,
+ unsuitability for multicast, and always-confirmed data delivery, are
+ not optimal for IoT scenarios. However, many typical claims on TCP
+ unsuitability for IoT (e.g., a high complexity, connection-oriented
+ approach incompatibility with radio duty-cycling and spurious
+ congestion control activation in wireless links) are not valid, can
+ be solved, or are also found in well-accepted IoT end-to-end
+ reliability mechanisms (see a detailed analysis in [IntComp]).
+
+ At the application layer, CoAP was developed over UDP [RFC7252].
+ However, the integration of some CoAP deployments with existing
+ infrastructure is being challenged by middleboxes such as firewalls,
+ which may limit and even block UDP-based communications. This is the
+ main reason why a CoAP over TCP specification has been developed
+ [RFC8323].
+
+ Other application-layer protocols not specifically designed for CNNs
+ are also being considered for the IoT space. Some examples include
+ HTTP/2 and even HTTP/1.1, both of which run over TCP by default
+ [RFC7230] [RFC7540], and the Extensible Messaging and Presence
+ Protocol (XMPP) [RFC6120]. TCP is also used by non-IETF application-
+ layer protocols in the IoT space such as the Message Queuing
+ Telemetry Transport (MQTT) [MQTT] and its lightweight variants.
+
+ TCP is a sophisticated transport protocol that includes optional
+ functionality (e.g., TCP options) that may improve performance in
+ some environments. However, many optional TCP extensions require
+ complex logic inside the TCP stack and increase the code size and the
+ memory requirements. Many TCP extensions are not required for
+ interoperability with other standard-compliant TCP endpoints. Given
+ the limited resources on constrained devices, careful selection of
+ optional TCP features can make an implementation more lightweight.
+
+ This document provides guidance on how to implement and configure TCP
+ and guidance on how applications should use TCP in CNNs. The
+ overarching goal is to offer simple measures to allow for lightweight
+ TCP implementation and suitable operation in such environments. A
+ TCP implementation following the guidance in this document is
+ intended to be compatible with a TCP endpoint that is compliant to
+ the TCP standards, albeit possibly with a lower performance. This
+ implies that such a TCP client would always be able to connect with a
+ standard-compliant TCP server, and a corresponding TCP server would
+ always be able to connect with a standard-compliant TCP client.
+
+ This document assumes that the reader is familiar with TCP. A
+ comprehensive survey of the TCP standards can be found in RFC 7414
+ [RFC7414]. Similar guidance regarding the use of TCP in special
+ environments has been published before, e.g., for cellular wireless
+ networks [RFC3481].
+
+2. Characteristics of CNNs Relevant for TCP
+
+2.1. Network and Link Properties
+
+ CNNs are defined in [RFC7228] as networks whose characteristics are
+ influenced by being composed of a significant portion of constrained
+ nodes. The latter are characterized by significant limitations on
+ processing, memory, and energy resources, among others [RFC7228].
+ The first two dimensions pose constraints on the complexity and
+ memory footprint of the protocols that constrained nodes can support.
+ The latter requires techniques to save energy, such as radio duty-
+ cycling in wireless devices [RFC8352] and the minimization of the
+ number of messages transmitted/received (and their size).
+
+ [RFC7228] lists typical network constraints in CNNs, including low
+ achievable bitrate/throughput, high packet loss and high variability
+ of packet loss, highly asymmetric link characteristics, severe
+ penalties for using larger packets, limits on reachability over time,
+ etc. CNNs may use wireless or wired technologies (e.g., Power Line
+ Communication), and the transmission rates are typically low (e.g.,
+ below 1 Mbps).
+
+ For use of TCP, one challenge is that not all technologies in a CNN
+ may be aligned with typical Internet subnetwork design principles
+ [RFC3819]. For instance, constrained nodes often use physical- /
+ link-layer technologies that have been characterized as 'lossy',
+ i.e., exhibit a relatively high bit error rate. Dealing with
+ corruption loss is one of the open issues in the Internet [RFC6077].
+
+2.2. Usage Scenarios
+
+ There are different deployment and usage scenarios for CNNs. Some
+ CNNs follow the star topology, whereby one or several hosts are
+ linked to a central device that acts as a router connecting the CNN
+ to the Internet. Alternatively, CNNs may also follow the multihop
+ topology [RFC6606].
+
+ In constrained environments, there can be different types of devices
+ [RFC7228]. For example, there can be devices with a single combined
+ send/receive buffer, a separate send and receive buffer, or a pool of
+ multiple send/receive buffers. In the latter case, it is possible
+ that buffers are also shared for other protocols.
+
+ One key use case for TCP in CNNs is a model where constrained devices
+ connect to unconstrained servers in the Internet. But it is also
+ possible that both TCP endpoints run on constrained devices. In the
+ first case, communication will possibly traverse a middlebox (e.g., a
+ firewall, NAT, etc.). Figure 1 illustrates such a scenario. Note
+ that the scenario is asymmetric, as the unconstrained device will
+ typically not suffer the severe constraints of the constrained
+ device. The unconstrained device is expected to be mains-powered,
+ have a high amount of memory and processing power, and be connected
+ to a resource-rich network.
+
+ Assuming that a majority of constrained devices will correspond to
+ sensor nodes, the amount of data traffic sent by constrained devices
+ (e.g., sensor node measurements) is expected to be higher than the
+ amount of data traffic in the opposite direction. Nevertheless,
+ constrained devices may receive requests (to which they may respond),
+ commands (for configuration purposes and for constrained devices
+ including actuators), and relatively infrequent firmware/software
+ updates.
+
+
+ +---------------+
+ o o <-------- TCP communication -----> | |
+ o o | |
+ o o | Unconstrained |
+ o o +-----------+ | device |
+ o o o ------ | Middlebox | ------- | |
+ o o +-----------+ | (e.g., cloud) |
+ o o o | |
+ +---------------+
+ Constrained devices
+
+ Figure 1: TCP Communication between a Constrained Device and an
+ Unconstrained Device, Traversing a Middlebox
+
+2.3. Communication and Traffic Patterns
+
+ IoT applications are characterized by a number of different
+ communication patterns. The following non-comprehensive list
+ explains some typical examples:
+
+ Unidirectional transfers: An IoT device (e.g., a sensor) can
+ (repeatedly) send updates to the other endpoint. There is not
+ always a need for an application response back to the IoT device.
+
+ Request-response patterns: An IoT device receiving a request from
+ the other endpoint, which triggers a response from the IoT device.
+
+ Bulk data transfers: A typical example for a long file transfer
+ would be an IoT device firmware update.
+
+ A typical communication pattern is that a constrained device
+ communicates with an unconstrained device (cf. Figure 1). But it is
+ also possible that constrained devices communicate amongst
+ themselves.
+
+3. TCP Implementation and Configuration in CNNs
+
+ This section explains how a TCP stack can deal with typical
+ constraints in CNN. The guidance in this section relates to the TCP
+ implementation and its configuration.
+
+3.1. Addressing Path Properties
+
+3.1.1. Maximum Segment Size (MSS)
+
+ Assuming that IPv6 is used, and for the sake of lightweight
+ implementation and operation, unless applications require handling
+ large data units (i.e., leading to an IPv6 datagram size greater than
+ 1280 bytes), it may be desirable to limit the IP datagram size to
+ 1280 bytes in order to avoid the need to support Path MTU Discovery
+ [RFC8201]. In addition, an IP datagram size of 1280 bytes avoids
+ incurring IPv6-layer fragmentation [RFC8900].
+
+ An IPv6 datagram size exceeding 1280 bytes can be avoided by setting
+ the TCP MSS to 1220 bytes or less. Note that it is already a
+ requirement for TCP implementations to consume payload space instead
+ of increasing datagram size when including IP or TCP options in an IP
+ packet to be sent [RFC6691]. Therefore, it is not required to
+ advertise an MSS smaller than 1220 bytes in order to accommodate TCP
+ options.
+
+ Note that setting the MTU to 1280 bytes is possible for link-layer
+ technologies in the CNN space, even if some of them are characterized
+ by a short data unit payload size, e.g., up to a few tens or hundreds
+ of bytes. For example, the maximum frame size in IEEE 802.15.4 is
+ 127 bytes. 6LoWPAN defined an adaptation layer to support IPv6 over
+ IEEE 802.15.4 networks. The adaptation layer includes a
+ fragmentation mechanism, since IPv6 requires the layer below to
+ support an MTU of 1280 bytes [RFC8200], while IEEE 802.15.4 lacks
+ fragmentation mechanisms. 6LoWPAN defines an IEEE 802.15.4 link MTU
+ of 1280 bytes [RFC4944]. Other technologies, such as Bluetooth low
+ energy [RFC7668], ITU-T G.9959 [RFC7428], or Digital Enhanced
+ Cordless Telecommunications (DECT) Ultra Low Energy (ULE) [RFC8105],
+ also use 6LoWPAN-based adaptation layers in order to enable IPv6
+ support. These technologies do support link-layer fragmentation. By
+ exploiting this functionality, the adaptation layers that enable IPv6
+ over such technologies also define an MTU of 1280 bytes.
+
+ On the other hand, there exist technologies also used in the CNN
+ space, such as Master Slave (MS) / Token Passing (TP) [RFC8163],
+ Narrowband IoT (NB-IoT) [RFC8376], or IEEE 802.11ah [6LO-WLANAH],
+ that do not suffer the same degree of frame size limitations as the
+ technologies mentioned above. It is recommended that the MTU for MS/
+ TP be 1500 bytes [RFC8163]; the MTU in NB-IoT is 1600 bytes, and the
+ maximum frame payload size for IEEE 802.11ah is 7991 bytes.
+
+ Using a larger MSS (to a suitable extent) may be beneficial in some
+ scenarios, especially when transferring large payloads, as it reduces
+ the number of packets (and packet headers) required for a given
+ payload. However, the characteristics of the constrained network
+ need to be considered. In particular, in a lossy network where
+ unreliable fragment delivery is used, the amount of data that TCP
+ unnecessarily retransmits due to fragment loss increases (and
+ throughput decreases) quickly with the MSS. This happens because the
+ loss of a fragment leads to the loss of the whole fragmented packet
+ being transmitted. Unnecessary data retransmission is particularly
+ harmful in CNNs due to the resource constraints of such environments.
+ Note that, while the original 6LoWPAN fragmentation mechanism
+ [RFC4944] does not offer reliable fragment delivery, fragment
+ recovery functionality for 6LoWPAN or 6Lo environments has been
+ standardized [RFC8931].
+
+3.1.2. Explicit Congestion Notification (ECN)
+
+ ECN [RFC3168] allows a router to signal in the IP header of a packet
+ that congestion is rising, for example, when a queue size reaches a
+ certain threshold. An ECN-enabled TCP receiver will echo back the
+ congestion signal to the TCP sender by setting a flag in its next TCP
+ Acknowledgment (ACK). The sender triggers congestion control
+ measures as if a packet loss had happened.
+
+ RFC 8087 [RFC8087] outlines the principal gains in terms of increased
+ throughput, reduced delay, and other benefits when ECN is used over a
+ network path that includes equipment that supports Congestion
+ Experienced (CE) marking. In the context of CNNs, a remarkable
+ feature of ECN is that congestion can be signaled without incurring
+ packet drops (which will lead to retransmissions and consumption of
+ limited resources such as energy and bandwidth).
+
+ ECN can further reduce packet losses since congestion control
+ measures can be applied earlier [RFC2884]. Fewer lost packets
+ implies that the number of retransmitted segments decreases, which is
+ particularly beneficial in CNNs, where energy and bandwidth resources
+ are typically limited. Also, it makes sense to try to avoid packet
+ drops for transactional workloads with small data sizes, which are
+ typical for CNNs. In such traffic patterns, it is more difficult and
+ often impossible to detect packet loss without retransmission
+ timeouts (e.g., as there may not be three duplicate ACKs). Any
+ retransmission timeout slows down the data transfer significantly.
+ In addition, if the constrained device uses power-saving techniques,
+ a retransmission timeout will incur a wake-up action, in contrast to
+ ACK clock-triggered sending. When the congestion window of a TCP
+ sender has a size of one segment and a TCP ACK with an ECN signal
+ (ECN-Echo (ECE) flag) arrives at the TCP sender, the TCP sender
+ resets the retransmit timer, and the sender will only be able to send
+ a new packet when the retransmit timer expires. Effectively, at that
+ moment, the TCP sender reduces its sending rate from 1 segment per
+ Round-Trip Time (RTT) to 1 segment per Retransmission Timeout (RTO)
+ and reduces the sending rate further on each ECN signal received in
+ subsequent TCP ACKs. Otherwise, if an ECN signal is not present in a
+ subsequent TCP ACK, the TCP sender resumes the normal ACK-clocked
+ transmission of segments [RFC3168].
+
+ ECN can be incrementally deployed in the Internet. Guidance on
+ configuration and usage of ECN is provided in RFC 7567 [RFC7567].
+ Given the benefits, more and more TCP stacks in the Internet support
+ ECN, and it makes sense to specifically leverage ECN in controlled
+ environments such as CNNs. As of this writing, there is ongoing work
+ to extend the types of TCP packets that are ECN capable, including
+ pure ACKs [TCPM-ECN]. Such a feature may further increase the
+ benefits of ECN in CNN environments. Note, however, that supporting
+ ECN increases implementation complexity.
+
+3.1.3. Explicit Loss Notifications
+
+ There has been a significant body of research on solutions capable of
+ explicitly indicating whether a TCP segment loss is due to
+ corruption, in order to avoid activation of congestion control
+ mechanisms [ETEN] [RFC2757]. While such solutions may provide
+ significant improvement, they have not been widely deployed and
+ remain as experimental work. In fact, as of today, the IETF has not
+ standardized any such solution.
+
+3.2. TCP Guidance for Single-MSS Stacks
+
+ This section discusses TCP stacks that allow transferring a single
+ MSS. More general guidance is provided in Section 3.3.
+
+3.2.1. Single-MSS Stacks -- Benefits and Issues
+
+ A TCP stack can reduce the memory requirements by advertising a TCP
+ window size of 1 MSS and also transmit, at most, 1 MSS of
+ unacknowledged data. In that case, both congestion and flow control
+ implementation are quite simple. Such a small receive and send
+ window may be sufficient for simple message exchanges in the CNN
+ space. However, only using a window of 1 MSS can significantly
+ affect performance. A stop-and-wait operation results in low
+ throughput for transfers that exceed the length of 1 MSS, e.g., a
+ firmware download. Furthermore, a single-MSS solution relies solely
+ on timer-based loss recovery, therefore missing the performance gain
+ of Fast Retransmit and Fast Recovery (which requires a larger window
+ size; see Section 3.3.1).
+
+ If CoAP is used over TCP with the default setting for NSTART in RFC
+ 7252 [RFC7252], a CoAP endpoint is not allowed to send a new message
+ to a destination until a response for the previous message sent to
+ that destination has been received. This is equivalent to an
+ application-layer window size of 1 data unit. For this use of CoAP,
+ a maximum TCP window of 1 MSS may be sufficient, as long as the CoAP
+ message size does not exceed 1 MSS. An exception in CoAP over TCP,
+ though, is the Capabilities and Settings Message (CSM) that must be
+ sent at the start of the TCP connection. The first application
+ message carrying user data is allowed to be sent immediately after
+ the CSM message. If the sum of the CSM size plus the application
+ message size exceeds the MSS, a sender using a single-MSS stack will
+ need to wait for the ACK confirming the CSM before sending the
+ application message.
+
+3.2.2. TCP Options for Single-MSS Stacks
+
+ A TCP implementation needs to support, at a minimum, TCP options 2,
+ 1, and 0. These are, respectively, the MSS option, the No-Operation
+ option, and the End Of Option List marker [RFC0793]. None of these
+ are a substantial burden to support. These options are sufficient
+ for interoperability with a standard-compliant TCP endpoint, albeit
+ many TCP stacks support additional options and can negotiate their
+ use. A TCP implementation is permitted to silently ignore all other
+ TCP options.
+
+ A TCP implementation for a constrained device that uses a single-MSS
+ TCP receive or transmit window size may not benefit from supporting
+ the following TCP options: Window Scale [RFC7323], TCP Timestamps
+ [RFC7323], Selective Acknowledgment (SACK) [RFC2018], and SACK-
+ Permitted [RFC2018]. Also, other TCP options may not be required on
+ a constrained device with a very lightweight implementation. With
+ regard to the Window Scale option, note that it is only useful if a
+ window size greater than 64 kB is needed.
+
+ Note that a TCP sender can benefit from the TCP Timestamps option
+ [RFC7323] in detecting spurious RTOs. The latter are quite likely to
+ occur in CNN scenarios due to a number of reasons (e.g., route
+ changes in a multihop scenario, link-layer retries, etc.). The
+ header overhead incurred by the Timestamps option (of up to 12 bytes)
+ needs to be taken into account.
+
+3.2.3. Delayed Acknowledgments for Single-MSS Stacks
+
+ TCP Delayed Acknowledgments are meant to reduce the number of ACKs
+ sent within a TCP connection, thus reducing network overhead, but
+ they may increase the time until a sender may receive an ACK. In
+ general, usefulness of Delayed ACKs depends heavily on the usage
+ scenario (see Section 3.3.2). There can be interactions with single-
+ MSS stacks.
+
+ When traffic is unidirectional, if the sender can send at most 1 MSS
+ of data or the receiver advertises a receive window not greater than
+ the MSS, Delayed ACKs may unnecessarily contribute delay (up to 500
+ ms) to the RTT [RFC5681], which limits the throughput and can
+ increase data delivery time. Note that, in some cases, it may not be
+ possible to disable Delayed ACKs. One known workaround is to split
+ the data to be sent into two segments of smaller size. A standard-
+ compliant TCP receiver may immediately acknowledge the second MSS of
+ data, which can improve throughput. However, this "split hack" may
+ not always work since a TCP receiver is required to acknowledge every
+ second full-sized segment, but not two consecutive small segments.
+ The overhead of sending two IP packets instead of one is another
+ downside of the "split hack".
+
+ Similar issues may happen when the sender uses the Nagle algorithm,
+ since the sender may need to wait for an unnecessarily Delayed ACK to
+ send a new segment. Disabling the algorithm will not have impact if
+ the sender can only handle stop-and-wait operation at the TCP level.
+
+ For request-response traffic, when the receiver uses Delayed ACKs, a
+ response to a data message can piggyback an ACK, as long as the
+ latter is sent before the Delayed ACK timer expires, thus avoiding
+ unnecessary ACKs without payload. Disabling Delayed ACKs at the
+ request sender allows an immediate ACK for the data segment carrying
+ the response.
+
+3.2.4. RTO Calculation for Single-MSS Stacks
+
+ The RTO calculation is one of the fundamental TCP algorithms
+ [RFC6298]. There is a fundamental trade-off: a short, aggressive RTO
+ behavior reduces wait time before retransmissions, but it also
+ increases the probability of spurious timeouts. The latter leads to
+ unnecessary waste of potentially scarce resources in CNNs such as
+ energy and bandwidth. In contrast, a conservative timeout can result
+ in long error recovery times and, thus, needlessly delay data
+ delivery.
+
+ If a TCP sender uses a very small window size, and it cannot benefit
+ from Fast Retransmit and Fast Recovery or SACK, the RTO algorithm has
+ a large impact on performance. In that case, RTO algorithm tuning
+ may be considered, although careful assessment of possible drawbacks
+ is recommended [RFC8961].
+
+ As an example, adaptive RTO algorithms defined for CoAP over UDP have
+ been found to perform well in CNN scenarios [Commag] [CORE-FASOR].
+
+3.3. General Recommendations for TCP in CNNs
+
+ This section summarizes some widely used techniques to improve TCP,
+ with a focus on their use in CNNs. The TCP extensions discussed here
+ are useful in a wide range of network scenarios, including CNNs.
+ This section is not comprehensive. A comprehensive survey of TCP
+ extensions is published in RFC 7414 [RFC7414].
+
+3.3.1. Loss Recovery and Congestion/Flow Control
+
+ Devices that have enough memory to allow a larger (i.e., more than 3
+ MSS of data) TCP window size can leverage a more efficient loss
+ recovery than the timer-based approach used for a smaller TCP window
+ size (see Section 3.2.1) by using Fast Retransmit and Fast Recovery
+ [RFC5681], at the expense of slightly greater complexity and
+ Transmission Control Block (TCB) size. Assuming that Delayed ACKs
+ are used by the receiver, a window size of up to 5 MSS is required
+ for Fast Retransmit and Fast Recovery to work efficiently: in a given
+ TCP transmission of full-sized segments 1, 2, 3, 4, and 5, if segment
+ 2 gets lost, and the ACK for segment 1 is held by the Delayed ACK
+ timer, then the sender should get an ACK for segment 1 when 3 arrives
+ and duplicate ACKs when segments 4, 5, and 6 arrive. It will
+ retransmit segment 2 when the third duplicate ACK arrives. In order
+ to have segments 2, 3, 4, 5, and 6 sent, the window has to be of at
+ least 5 MSS. With an MSS of 1220 bytes, a buffer of a size of 5 MSS
+ would require 6100 bytes.
+
+ The example in the previous paragraph did not use a further TCP
+ improvement such as Limited Transmit [RFC3042]. The latter may also
+ be useful for any transfer that has more than one segment in flight.
+ Small transfers tend to benefit more from Limited Transmit, because
+ they are more likely to not receive enough duplicate ACKs. Assuming
+ the example in the previous paragraph, Limited Transmit allows
+ sending 5 MSS with a congestion window (cwnd) of three segments, plus
+ two additional segments for the first two duplicate ACKs. With
+ Limited Transmit, even a cwnd of two segments allows sending 5 MSS,
+ at the expense of additional delay contributed by the Delayed ACK
+ timer for the ACK that confirms segment 1.
+
+ When a multiple-segment window is used, the receiver will need to
+ manage the reception of possible out-of-order received segments,
+ requiring sufficient buffer space. Note that even when a window of 1
+ MSS is used, out-of-order arrival should also be managed, as the
+ sender may send multiple sub-MSS packets that fit in the window. (On
+ the other hand, the receiver is free to simply drop out-of-order
+ segments, thus forcing retransmissions.)
+
+3.3.1.1. Selective Acknowledgments (SACKs)
+
+ If a device with less severe memory and processing constraints can
+ afford advertising a TCP window size of several MSSs, it makes sense
+ to support the SACK option to improve performance. SACK allows a
+ data receiver to inform the data sender of non-contiguous data blocks
+ received, thus a sender (having previously sent the SACK-Permitted
+ option) can avoid performing unnecessary retransmissions, saving
+ energy and bandwidth, as well as reducing latency. In addition, SACK
+ often allows for faster loss recovery when there is more than one
+ lost segment in a window of data, since SACK recovery may complete
+ with less RTTs. SACK is particularly useful for bulk data transfers.
+ A receiver supporting SACK will need to keep track of the data blocks
+ that need to be received. The sender will also need to keep track of
+ which data segments need to be resent after learning which data
+ blocks are missing at the receiver. SACK adds 8*n+2 bytes to the TCP
+ header, where n denotes the number of data blocks received, up to
+ four blocks. For a low number of out-of-order segments, the header
+ overhead penalty of SACK is compensated by avoiding unnecessary
+ retransmissions. When the sender discovers the data blocks that have
+ already been received, it needs to also store the necessary state to
+ avoid unnecessary retransmission of data segments that have already
+ been received.
+
+3.3.2. Delayed Acknowledgments
+
+ For certain traffic patterns, Delayed ACKs may have a detrimental
+ effect, as already noted in Section 3.2.3. Advanced TCP stacks may
+ use heuristics to determine the maximum delay for an ACK. For CNNs,
+ the recommendation depends on the expected communication patterns.
+
+ When traffic over a CNN is expected mostly to be unidirectional
+ messages with a size typically up to 1 MSS, and the time between two
+ consecutive message transmissions is greater than the Delayed ACK
+ timeout, it may make sense to use a smaller timeout or disable
+ Delayed ACKs at the receiver. This avoids incurring additional
+ delay, as well as the energy consumption of the sender (which might,
+ e.g., keep its radio interface in receive mode) during that time.
+ Note that disabling Delayed ACKs may only be possible if the peer
+ device is administered by the same entity managing the constrained
+ device. For request-response traffic, enabling Delayed ACKs is
+ recommended at the server end, in order to allow combining a response
+ with the ACK into a single segment, thus increasing efficiency. In
+ addition, if a client issues requests infrequently, disabling Delayed
+ ACKs at the client allows an immediate ACK for the data segment
+ carrying the response.
+
+ In contrast, Delayed ACKs allow for a reduced number of ACKs in bulk
+ transfer types of traffic, e.g., for firmware/software updates or for
+ transferring larger data units containing a batch of sensor readings.
+
+ Note that, in many scenarios, the peer that a constrained device
+ communicates with will be a general purpose system that communicates
+ with both constrained and unconstrained devices. Since Delayed ACKs
+ are often configured through system-wide parameters, the behavior of
+ Delayed ACKs at the peer will be the same regardless of the nature of
+ the endpoints it talks to. Such a peer will typically have Delayed
+ ACKs enabled.
+
+3.3.3. Initial Window
+
+ [RFC5681] specifies a TCP Initial Window (IW) of roughly 4 kB.
+ Subsequently, RFC 6928 [RFC6928] defines an experimental new value
+ for the IW, which in practice will result in an IW of 10 MSS.
+ Nowadays, the latter is used in many TCP implementations.
+
+ Note that a 10-MSS IW was recommended for resource-rich environments
+ (e.g., broadband environments), which are significantly different
+ from CNNs. In CNNs, many application-layer data units are relatively
+ small (e.g., below 1 MSS). However, larger objects (e.g., large
+ files containing sensor readings, firmware updates, etc.) may also
+ need to be transferred in CNNs. If such a large object is
+ transferred in CNNs, with an IW setting of 10 MSS, there is
+ significant buffer overflow risk, since many CNN devices support
+ network or radio buffers of a size smaller than 10 MSS. In order to
+ avoid such a problem, the IW needs to be carefully set in CNNs, based
+ on device and network resource constraints. In many cases, a safe IW
+ setting will be smaller than 10 MSS.
+
+4. TCP Usage Recommendations in CNNs
+
+ This section discusses how TCP can be used by applications that are
+ developed for CNN scenarios. These remarks are by and large
+ independent of how TCP is exactly implemented.
+
+4.1. TCP Connection Initiation
+
+ In the scenario of a constrained device to an unconstrained device
+ illustrated above, a TCP connection is typically initiated by the
+ constrained device, in order for the device to support possible sleep
+ periods to save energy.
+
+4.2. Number of Concurrent Connections
+
+ TCP endpoints with a small amount of memory may only support a small
+ number of connections. Each TCP connection requires storing a number
+ of variables in the TCB. Depending on the internal TCP
+ implementation, each connection may result in further memory
+ overhead, and connections may compete for scarce resources (e.g.,
+ further memory overhead for send and receive buffers, etc.).
+
+ A careful application design may try to keep the number of concurrent
+ connections as small as possible. A client can, for instance, limit
+ the number of simultaneous open connections that it maintains to a
+ given server. Multiple connections could, for instance, be used to
+ avoid the "head-of-line blocking" problem in an application transfer.
+ However, in addition to consuming resources, using multiple
+ connections can also cause undesirable side effects in congested
+ networks. For example, the HTTP/1.1 specification encourages clients
+ to be conservative when opening multiple connections [RFC7230].
+ Furthermore, each new connection will start with a three-way
+ handshake, therefore increasing message overhead.
+
+ Being conservative when opening multiple TCP connections is of
+ particular importance in Constrained-Node Networks.
+
+4.3. TCP Connection Lifetime
+
+ In order to minimize message overhead, it makes sense to keep a TCP
+ connection open as long as the two TCP endpoints have more data to
+ send. If applications exchange data rather infrequently, i.e., if
+ TCP connections would stay idle for a long time, the idle time can
+ result in problems. For instance, certain middleboxes such as
+ firewalls or NAT devices are known to delete state records after an
+ inactivity interval. RFC 5382 [RFC5382] specifies a minimum value
+ for such an interval of 124 minutes. Measurement studies have
+ reported that TCP NAT binding timeouts are highly variable across
+ devices, with the median being around 60 minutes, the shortest
+ timeout being around 2 minutes, and more than 50% of the devices with
+ a timeout shorter than the aforementioned minimum timeout of 124
+ minutes [HomeGateway]. The timeout duration used by a middlebox
+ implementation may not be known to the TCP endpoints.
+
+ In CNNs, such middleboxes may, e.g., be present at the boundary
+ between the CNN and other networks. If the middlebox can be
+ optimized for CNN use cases, it makes sense to increase the initial
+ value for filter state inactivity timers to avoid problems with idle
+ connections. Apart from that, this problem can be dealt with by
+ different connection-handling strategies, each having pros and cons.
+
+ One approach for infrequent data transfer is to use short-lived TCP
+ connections. Instead of trying to maintain a TCP connection for a
+ long time, it is possible that short-lived connections can be opened
+ between two endpoints, which are closed if no more data needs to be
+ exchanged. For use cases that can cope with the additional messages
+ and the latency resulting from starting new connections, it is
+ recommended to use a sequence of short-lived connections instead of
+ maintaining a single long-lived connection.
+
+ The message and latency overhead that stems from using a sequence of
+ short-lived connections could be reduced by TCP Fast Open (TFO)
+ [RFC7413], which is an experimental TCP extension, at the expense of
+ increased implementation complexity and increased TCB size. TFO
+ allows data to be carried in SYN (and SYN-ACK) segments and to be
+ consumed immediately by the receiving endpoint. This reduces the
+ message and latency overhead compared to the traditional three-way
+ handshake to establish a TCP connection. For security reasons, the
+ connection initiator has to request a TFO cookie from the other
+ endpoint. The cookie, with a size of 4 or 16 bytes, is then included
+ in SYN packets of subsequent connections. The cookie needs to be
+ refreshed (and obtained by the client) after a certain amount of
+ time. While a given cookie is used for multiple connections between
+ the same two endpoints, the latter may become vulnerable to privacy
+ threats. In addition, a valid cookie may be stolen from a
+ compromised host and may be used to perform SYN flood attacks, as
+ well as amplified reflection attacks to victim hosts (see Section 5
+ of [RFC7413]). Nevertheless, TFO is more efficient than frequently
+ opening new TCP connections with the traditional three-way handshake,
+ as long as the cookie can be reused in subsequent connections.
+ However, as stated in [RFC7413], TFO deviates from the standard TCP
+ semantics, since the data in the SYN could be replayed to an
+ application in some rare circumstances. Applications should not use
+ TFO unless they can tolerate this issue, e.g., by using TLS
+ [RFC7413]. A comprehensive discussion on TFO can be found in RFC
+ 7413 [RFC7413].
+
+ Another approach is to use long-lived TCP connections with
+ application-layer heartbeat messages. Various application protocols
+ support such heartbeat messages (e.g., CoAP over TCP [RFC8323]).
+ Periodic application-layer heartbeats can prevent early filter state
+ record deletion in middleboxes. If the TCP binding timeout for a
+ middlebox to be traversed by a given connection is known, middlebox
+ filter state deletion will be avoided if the heartbeat period is
+ lower than the middlebox TCP binding timeout. Otherwise, the
+ implementer needs to take into account that middlebox TCP binding
+ timeouts fall in a wide range of possible values [HomeGateway], and
+ it may be hard to find a proper heartbeat period for application-
+ layer heartbeat messages.
+
+ One specific advantage of heartbeat messages is that they also allow
+ liveness checks at the application level. In general, it makes sense
+ to realize liveness checks at the highest protocol layer possible
+ that is meaningful to the application, in order to maximize the depth
+ of the liveness check. In addition, timely detection of a dead peer
+ may allow savings in terms of TCB memory use. However, the
+ transmission of heartbeat messages consumes resources. This aspect
+ needs to be assessed carefully, considering the characteristics of
+ each specific CNN.
+
+ A TCP implementation may also be able to send "keep-alive" segments
+ to test a TCP connection. According to [RFC1122], keep-alives are an
+ optional TCP mechanism that is turned off by default, i.e., an
+ application must explicitly enable it for a TCP connection. The
+ interval between keep-alive messages must be configurable, and it
+ must default to no less than two hours. With this large timeout, TCP
+ keep-alive messages might not always be useful to avoid deletion of
+ filter state records in some middleboxes. However, sending TCP keep-
+ alive probes more frequently risks draining power on energy-
+ constrained devices.
+
+5. Security Considerations
+
+ Best current practices for securing TCP and TCP-based communication
+ also applies to CNN. As an example, use of TLS [RFC8446] is strongly
+ recommended if it is applicable. However, note that TLS protects
+ only the contents of the data segments.
+
+ There are TCP options that can actually protect the transport layer.
+ One example is the TCP Authentication Option (TCP-AO) [RFC5925].
+ However, this option adds overhead and complexity. TCP-AO typically
+ has a size of 16-20 bytes. An implementer needs to asses the trade-
+ off between security and performance when using TCP-AO, considering
+ the characteristics (in terms of energy, bandwidth, and computational
+ power) of the environment where TCP will be used.
+
+ For the mechanisms discussed in this document, the corresponding
+ considerations apply. For instance, if TFO is used, the security
+ considerations of RFC 7413 [RFC7413] apply.
+
+ Constrained devices are expected to support smaller TCP window sizes
+ than less-limited devices. In such conditions, segment
+ retransmission triggered by RTO expiration is expected to be
+ relatively frequent, due to lack of (enough) duplicate ACKs,
+ especially when a constrained device uses a single-MSS
+ implementation. For this reason, constrained devices running TCP may
+ appear as particularly appealing victims of the so-called "shrew"
+ Denial-of-Service (DoS) attack [SHREW], whereby one or more sources
+ generate a packet spike targeted to coincide with consecutive RTO-
+ expiration-triggered retry attempts of a victim node. Note that the
+ attack may be performed by Internet-connected devices, including
+ constrained devices in the same CNN as the victim, as well as remote
+ ones. Mitigation techniques include RTO randomization and attack
+ blocking by routers able to detect shrew attacks based on their
+ traffic pattern.
+
+6. IANA Considerations
+
+ This document has no IANA actions.
+
+7. References
+
+7.1. Normative References
+
+ [RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
+ RFC 793, DOI 10.17487/RFC0793, September 1981,
+ <https://www.rfc-editor.org/info/rfc793>.
+
+ [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts -
+ Communication Layers", STD 3, RFC 1122,
+ DOI 10.17487/RFC1122, October 1989,
+ <https://www.rfc-editor.org/info/rfc1122>.
+
+ [RFC2018] Mathis, M., Mahdavi, J., Floyd, S., and A. Romanow, "TCP
+ Selective Acknowledgment Options", RFC 2018,
+ DOI 10.17487/RFC2018, October 1996,
+ <https://www.rfc-editor.org/info/rfc2018>.
+
+ [RFC3042] Allman, M., Balakrishnan, H., and S. Floyd, "Enhancing
+ TCP's Loss Recovery Using Limited Transmit", RFC 3042,
+ DOI 10.17487/RFC3042, January 2001,
+ <https://www.rfc-editor.org/info/rfc3042>.
+
+ [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
+ of Explicit Congestion Notification (ECN) to IP",
+ RFC 3168, DOI 10.17487/RFC3168, September 2001,
+ <https://www.rfc-editor.org/info/rfc3168>.
+
+ [RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion
+ Control", RFC 5681, DOI 10.17487/RFC5681, September 2009,
+ <https://www.rfc-editor.org/info/rfc5681>.
+
+ [RFC6298] Paxson, V., Allman, M., Chu, J., and M. Sargent,
+ "Computing TCP's Retransmission Timer", RFC 6298,
+ DOI 10.17487/RFC6298, June 2011,
+ <https://www.rfc-editor.org/info/rfc6298>.
+
+ [RFC6691] Borman, D., "TCP Options and Maximum Segment Size (MSS)",
+ RFC 6691, DOI 10.17487/RFC6691, July 2012,
+ <https://www.rfc-editor.org/info/rfc6691>.
+
+ [RFC6928] Chu, J., Dukkipati, N., Cheng, Y., and M. Mathis,
+ "Increasing TCP's Initial Window", RFC 6928,
+ DOI 10.17487/RFC6928, April 2013,
+ <https://www.rfc-editor.org/info/rfc6928>.
+
+ [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for
+ Constrained-Node Networks", RFC 7228,
+ DOI 10.17487/RFC7228, May 2014,
+ <https://www.rfc-editor.org/info/rfc7228>.
+
+ [RFC7323] Borman, D., Braden, B., Jacobson, V., and R.
+ Scheffenegger, Ed., "TCP Extensions for High Performance",
+ RFC 7323, DOI 10.17487/RFC7323, September 2014,
+ <https://www.rfc-editor.org/info/rfc7323>.
+
+ [RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain, "TCP
+ Fast Open", RFC 7413, DOI 10.17487/RFC7413, December 2014,
+ <https://www.rfc-editor.org/info/rfc7413>.
+
+ [RFC7567] Baker, F., Ed. and G. Fairhurst, Ed., "IETF
+ Recommendations Regarding Active Queue Management",
+ BCP 197, RFC 7567, DOI 10.17487/RFC7567, July 2015,
+ <https://www.rfc-editor.org/info/rfc7567>.
+
+ [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6
+ (IPv6) Specification", STD 86, RFC 8200,
+ DOI 10.17487/RFC8200, July 2017,
+ <https://www.rfc-editor.org/info/rfc8200>.
+
+7.2. Informative References
+
+ [6LO-WLANAH]
+ Del Carpio Vega, L., Robles, M., and R. Morabito, "IPv6
+ over 802.11ah", Work in Progress, Internet-Draft, draft-
+ delcarpio-6lo-wlanah-01, 19 October 2015,
+ <https://tools.ietf.org/html/draft-delcarpio-6lo-wlanah-
+ 01>.
+
+ [Commag] Betzler, A., Gomez, C., Demirkol, I., and J. Paradells,
+ "CoAP Congestion Control for the Internet of Things", IEEE
+ Communications Magazine, Vol. 54, Issue 7, pp. 154-160,
+ DOI 10.1109/MCOM.2016.7509394, July 2016,
+ <https://doi.org/10.1109/MCOM.2016.7509394>.
+
+ [CORE-FASOR]
+ Jarvinen, I., Kojo, M., Raitahila, I., and Z. Cao, "Fast-
+ Slow Retransmission Timeout and Congestion Control
+ Algorithm for CoAP", Work in Progress, Internet-Draft,
+ draft-ietf-core-fasor-01, 19 October 2020,
+ <https://tools.ietf.org/html/draft-ietf-core-fasor-01>.
+
+ [Dunk] Dunkels, A., "Full TCP/IP for 8-Bit Architectures",
+ MobiSys '03, pp. 85-98, DOI 10.1145/1066116.106611, May
+ 2003, <https://doi.org/10.1145/1066116.106611>.
+
+ [ETEN] Krishnan, R., Sterbenz, J., Eddy, W., and C. Partridge,
+ "Explicit transport error notification (ETEN) for error-
+ prone wireless and satellite networks", Computer Networks,
+ DOI 10.1016/j.comnet.2004.06.012, June 2004,
+ <https://doi.org/10.1016/j.comnet.2004.06.012>.
+
+ [GNRC] Lenders, M., Kietzmann, P., Hahm, O., Petersen, H.,
+ Gündoğa, C., Baccelli, E., Schleiser, K., Schmidt, T., and
+ M. Wählisch, "Connecting the World of Embedded Mobiles:
+ The RIOT Approach to Ubiquitous Networking for the IoT",
+ arXiv:1801.02833v1 [cs.NI], January 2018.
+
+ [HomeGateway]
+ Haetoenen, S., Nyrhinen, A., Eggert, L., Strowes, S.,
+ Sarolahti, P., and M. Kojo, "An Experimental Study of Home
+ Gateway Characteristics", Proceedings of the 10th ACM
+ SIGCOMM conference on Internet measurement, pp. 260-266,
+ DOI 10.1145/1879141.1879174, November 2010,
+ <https://doi.org/10.1145/1879141.1879174>.
+
+ [IntComp] Gomez, C., Arcia-Moret, A., and J. Crowcroft, "TCP in the
+ Internet of Things: from Ostracism to Prominence", IEEE
+ Internet Computing, Vol. 22, Issue 1, pp. 29-41,
+ DOI 10.1109/MIC.2018.112102200, January 2018,
+ <https://doi.org/10.1109/MIC.2018.112102200>.
+
+ [MQTT] ISO/IEC, "Information technology -- Message Queuing
+ Telemetry Transport (MQTT) v3.1.1", ISO/IEC 20922:2016,
+ June 2016.
+
+ [RFC2757] Montenegro, G., Dawkins, S., Kojo, M., Magret, V., and N.
+ Vaidya, "Long Thin Networks", RFC 2757,
+ DOI 10.17487/RFC2757, January 2000,
+ <https://www.rfc-editor.org/info/rfc2757>.
+
+ [RFC2884] Hadi Salim, J. and U. Ahmed, "Performance Evaluation of
+ Explicit Congestion Notification (ECN) in IP Networks",
+ RFC 2884, DOI 10.17487/RFC2884, July 2000,
+ <https://www.rfc-editor.org/info/rfc2884>.
+
+ [RFC3481] Inamura, H., Ed., Montenegro, G., Ed., Ludwig, R., Gurtov,
+ A., and F. Khafizov, "TCP over Second (2.5G) and Third
+ (3G) Generation Wireless Networks", BCP 71, RFC 3481,
+ DOI 10.17487/RFC3481, February 2003,
+ <https://www.rfc-editor.org/info/rfc3481>.
+
+ [RFC3819] Karn, P., Ed., Bormann, C., Fairhurst, G., Grossman, D.,
+ Ludwig, R., Mahdavi, J., Montenegro, G., Touch, J., and L.
+ Wood, "Advice for Internet Subnetwork Designers", BCP 89,
+ RFC 3819, DOI 10.17487/RFC3819, July 2004,
+ <https://www.rfc-editor.org/info/rfc3819>.
+
+ [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler,
+ "Transmission of IPv6 Packets over IEEE 802.15.4
+ Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007,
+ <https://www.rfc-editor.org/info/rfc4944>.
+
+ [RFC5382] Guha, S., Ed., Biswas, K., Ford, B., Sivakumar, S., and P.
+ Srisuresh, "NAT Behavioral Requirements for TCP", BCP 142,
+ RFC 5382, DOI 10.17487/RFC5382, October 2008,
+ <https://www.rfc-editor.org/info/rfc5382>.
+
+ [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP
+ Authentication Option", RFC 5925, DOI 10.17487/RFC5925,
+ June 2010, <https://www.rfc-editor.org/info/rfc5925>.
+
+ [RFC6077] Papadimitriou, D., Ed., Welzl, M., Scharf, M., and B.
+ Briscoe, "Open Research Issues in Internet Congestion
+ Control", RFC 6077, DOI 10.17487/RFC6077, February 2011,
+ <https://www.rfc-editor.org/info/rfc6077>.
+
+ [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence
+ Protocol (XMPP): Core", RFC 6120, DOI 10.17487/RFC6120,
+ March 2011, <https://www.rfc-editor.org/info/rfc6120>.
+
+ [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6
+ Datagrams over IEEE 802.15.4-Based Networks", RFC 6282,
+ DOI 10.17487/RFC6282, September 2011,
+ <https://www.rfc-editor.org/info/rfc6282>.
+
+ [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J.,
+ Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur,
+ JP., and R. Alexander, "RPL: IPv6 Routing Protocol for
+ Low-Power and Lossy Networks", RFC 6550,
+ DOI 10.17487/RFC6550, March 2012,
+ <https://www.rfc-editor.org/info/rfc6550>.
+
+ [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem
+ Statement and Requirements for IPv6 over Low-Power
+ Wireless Personal Area Network (6LoWPAN) Routing",
+ RFC 6606, DOI 10.17487/RFC6606, May 2012,
+ <https://www.rfc-editor.org/info/rfc6606>.
+
+ [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C.
+ Bormann, "Neighbor Discovery Optimization for IPv6 over
+ Low-Power Wireless Personal Area Networks (6LoWPANs)",
+ RFC 6775, DOI 10.17487/RFC6775, November 2012,
+ <https://www.rfc-editor.org/info/rfc6775>.
+
+ [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
+ Protocol (HTTP/1.1): Message Syntax and Routing",
+ RFC 7230, DOI 10.17487/RFC7230, June 2014,
+ <https://www.rfc-editor.org/info/rfc7230>.
+
+ [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained
+ Application Protocol (CoAP)", RFC 7252,
+ DOI 10.17487/RFC7252, June 2014,
+ <https://www.rfc-editor.org/info/rfc7252>.
+
+ [RFC7414] Duke, M., Braden, R., Eddy, W., Blanton, E., and A.
+ Zimmermann, "A Roadmap for Transmission Control Protocol
+ (TCP) Specification Documents", RFC 7414,
+ DOI 10.17487/RFC7414, February 2015,
+ <https://www.rfc-editor.org/info/rfc7414>.
+
+ [RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets
+ over ITU-T G.9959 Networks", RFC 7428,
+ DOI 10.17487/RFC7428, February 2015,
+ <https://www.rfc-editor.org/info/rfc7428>.
+
+ [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext
+ Transfer Protocol Version 2 (HTTP/2)", RFC 7540,
+ DOI 10.17487/RFC7540, May 2015,
+ <https://www.rfc-editor.org/info/rfc7540>.
+
+ [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B.,
+ Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low
+ Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015,
+ <https://www.rfc-editor.org/info/rfc7668>.
+
+ [RFC8087] Fairhurst, G. and M. Welzl, "The Benefits of Using
+ Explicit Congestion Notification (ECN)", RFC 8087,
+ DOI 10.17487/RFC8087, March 2017,
+ <https://www.rfc-editor.org/info/rfc8087>.
+
+ [RFC8105] Mariager, P., Petersen, J., Ed., Shelby, Z., Van de Logt,
+ M., and D. Barthel, "Transmission of IPv6 Packets over
+ Digital Enhanced Cordless Telecommunications (DECT) Ultra
+ Low Energy (ULE)", RFC 8105, DOI 10.17487/RFC8105, May
+ 2017, <https://www.rfc-editor.org/info/rfc8105>.
+
+ [RFC8163] Lynn, K., Ed., Martocci, J., Neilson, C., and S.
+ Donaldson, "Transmission of IPv6 over Master-Slave/Token-
+ Passing (MS/TP) Networks", RFC 8163, DOI 10.17487/RFC8163,
+ May 2017, <https://www.rfc-editor.org/info/rfc8163>.
+
+ [RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed.,
+ "Path MTU Discovery for IP version 6", STD 87, RFC 8201,
+ DOI 10.17487/RFC8201, July 2017,
+ <https://www.rfc-editor.org/info/rfc8201>.
+
+ [RFC8323] Bormann, C., Lemay, S., Tschofenig, H., Hartke, K.,
+ Silverajan, B., and B. Raymor, Ed., "CoAP (Constrained
+ Application Protocol) over TCP, TLS, and WebSockets",
+ RFC 8323, DOI 10.17487/RFC8323, February 2018,
+ <https://www.rfc-editor.org/info/rfc8323>.
+
+ [RFC8352] Gomez, C., Kovatsch, M., Tian, H., and Z. Cao, Ed.,
+ "Energy-Efficient Features of Internet of Things
+ Protocols", RFC 8352, DOI 10.17487/RFC8352, April 2018,
+ <https://www.rfc-editor.org/info/rfc8352>.
+
+ [RFC8376] Farrell, S., Ed., "Low-Power Wide Area Network (LPWAN)
+ Overview", RFC 8376, DOI 10.17487/RFC8376, May 2018,
+ <https://www.rfc-editor.org/info/rfc8376>.
+
+ [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
+ Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
+ <https://www.rfc-editor.org/info/rfc8446>.
+
+ [RFC8900] Bonica, R., Baker, F., Huston, G., Hinden, R., Troan, O.,
+ and F. Gont, "IP Fragmentation Considered Fragile",
+ BCP 230, RFC 8900, DOI 10.17487/RFC8900, September 2020,
+ <https://www.rfc-editor.org/info/rfc8900>.
+
+ [RFC8931] Thubert, P., Ed., "IPv6 over Low-Power Wireless Personal
+ Area Network (6LoWPAN) Selective Fragment Recovery",
+ RFC 8931, DOI 10.17487/RFC8931, November 2020,
+ <https://www.rfc-editor.org/info/rfc8931>.
+
+ [RFC8961] Allman, M., "Requirements for Time-Based Loss Detection",
+ BCP 233, RFC 8961, DOI 10.17487/RFC8961, November 2020,
+ <https://www.rfc-editor.org/info/rfc8961>.
+
+ [RIOT] Baccelli, E., Gündoğa, C., Hahm, O., Kietzmann, P.,
+ Lenders, M., Petersen, H., Schleiser, K., Schmidt, T., and
+ M. Wählisch, "RIOT: An Open Source Operating System for
+ Low-End Embedded Devices in the IoT", IEEE Internet of
+ Things Journal, Vol. 5, Issue 6,
+ DOI 10.1109/JIOT.2018.2815038, March 2018,
+ <https://doi.org/10.1109/JIOT.2018.2815038>.
+
+ [SHREW] Nyrhinen, A. and E. Knightly, "Low-Rate TCP-Targeted
+ Denial of Service Attacks (The Shrew vs. the Mice and
+ Elephants)", SIGCOMM'03, DOI 10.1145/863955.863966, August
+ 2003, <https://doi.org/10.1145/863955.863966>.
+
+ [TCPM-ECN] Bagnulo, M. and B. Briscoe, "ECN++: Adding Explicit
+ Congestion Notification (ECN) to TCP Control Packets",
+ Work in Progress, Internet-Draft, draft-ietf-tcpm-
+ generalized-ecn-07, 16 February 2021,
+ <https://tools.ietf.org/html/draft-ietf-tcpm-generalized-
+ ecn-07>.
+
+Appendix A. TCP Implementations for Constrained Devices
+
+ This section overviews the main features of TCP implementations for
+ constrained devices. The survey is limited to open-source stacks
+ with a small footprint. It is not meant to be all-encompassing. For
+ more powerful embedded systems (e.g., with 32-bit processors), there
+ are further stacks that comprehensively implement TCP. On the other
+ hand, please be aware that this Annex is based on information
+ available as of the writing.
+
+A.1. uIP
+
+ uIP is a TCP/IP stack, targeted for 8- and 16-bit microcontrollers,
+ which pioneered TCP/IP implementations for constrained devices. uIP
+ has been deployed with Contiki and the Arduino Ethernet shield. A
+ code size of ~5 kB (which comprises checksumming, IPv4, ICMP, and
+ TCP) has been reported for uIP [Dunk]. Later versions of uIP
+ implement IPv6 as well.
+
+ uIP uses the same global buffer for both incoming and outgoing
+ traffic, which has a size of a single packet. In case of a
+ retransmission, an application must be able to reproduce the same
+ user data that had been transmitted. Multiple connections are
+ supported but need to share the global buffer.
+
+ The MSS is announced via the MSS option on connection establishment,
+ and the receive window size (of 1 MSS) is not modified during a
+ connection. Stop-and-wait operation is used for sending data. Among
+ other optimizations, this allows for the avoidance of sliding window
+ operations, which use 32-bit arithmetic extensively and are expensive
+ on 8-bit CPUs.
+
+ Contiki uses the "split hack" technique (see Section 3.2.3) to avoid
+ Delayed ACKs for senders using a single segment.
+
+ The code size of the TCP implementation in Contiki-NG has been
+ measured to be 3.2 kB on CC2538DK, cross-compiling on Linux.
+
+A.2. lwIP
+
+ lwIP is a TCP/IP stack, targeted for 8- and 16-bit microcontrollers.
+ lwIP has a total code size of ~14 kB to ~22 kB (which comprises
+ memory management, checksumming, network interfaces, IPv4, ICMP, and
+ TCP) and a TCP code size of ~9 kB to ~14 kB [Dunk]. Both IPv4 and
+ IPv6 are supported in lwIP since v2.0.0.
+
+ In contrast with uIP, lwIP decouples applications from the network
+ stack. lwIP supports a TCP transmission window greater than a single
+ segment, as well as the buffering of incoming and outgoing data.
+ Other implemented mechanisms comprise slow start, congestion
+ avoidance, fast retransmit, and fast recovery. SACK and Window Scale
+ support has been recently added to lwIP.
+
+A.3. RIOT
+
+ The RIOT TCP implementation (called "GNRC TCP") has been designed for
+ Class 1 devices [RFC7228]. The main target platforms are 8- and
+ 16-bit microcontrollers, with 32-bit platforms also supported. GNRC
+ TCP offers a similar function set as uIP, but it provides and
+ maintains an independent receive buffer for each connection. In
+ contrast to uIP, retransmission is also handled by GNRC TCP. For
+ simplicity, GNRC TCP uses a single-MSS implementation. The
+ application programmer does not need to know anything about the TCP
+ internals; therefore, GNRC TCP can be seen as a user-friendly uIP TCP
+ implementation.
+
+ The MSS is set on connections establishment and cannot be changed
+ during connection lifetime. GNRC TCP allows multiple connections in
+ parallel, but each TCB must be allocated somewhere in the system. By
+ default, there is only enough memory allocated for a single TCP
+ connection, but it can be increased at compile time if the user needs
+ multiple parallel connections.
+
+ The RIOT TCP implementation offers an optional Portable Operating
+ System Interface (POSIX) socket wrapper that enables POSIX
+ compliance, if needed.
+
+ Further details on RIOT and GNRC can be found in [RIOT] and [GNRC].
+
+A.4. TinyOS
+
+ TinyOS was important as a platform for early constrained devices.
+ TinyOS has an experimental TCP stack that uses a simple non-blocking
+ library-based implementation of TCP, which provides a subset of the
+ socket interface primitives. The application is responsible for
+ buffering. The TCP library does not do any receive-side buffering.
+ Instead, it will immediately dispatch new, in-order data to the
+ application or otherwise drop the segment. A send buffer is provided
+ by the application. Multiple TCP connections are possible.
+ Recently, there has been little work on the stack.
+
+A.5. FreeRTOS
+
+ FreeRTOS is a real-time operating system kernel for embedded devices
+ that is supported by 16- and 32-bit microprocessors. Its TCP
+ implementation is based on multiple-segment window size, although a
+ "Tiny-TCP" option, which is a single-MSS variant, can be enabled.
+ Delayed ACKs are supported, with a 20 ms Delayed ACK timer as a
+ technique intended "to gain performance".
+
+A.6. uC/OS
+
+ uC/OS is a real-time operating system kernel for embedded devices,
+ which is maintained by Micrium. uC/OS is intended for 8-, 16-, and
+ 32-bit microprocessors. The uC/OS TCP implementation supports a
+ multiple-segment window size.
+
+A.7. Summary
+
+ None of the implementations considered in this Annex support ECN or
+ TFO.
+
+ +==========+=====+======+==========+======+========+==========+=====+
+ | | uIP |lwIP | lwIP 2.1 | RIOT | TinyOS | FreeRTOS |uC/OS|
+ | | |orig | | | | | |
+ +==========+=====+======+==========+======+========+==========+=====+
+ | Code | <5 |~9 to | 38 | <7 | N/A | <9.2 | N/A |
+ | Size | | ~14 | | | | | |
+ | (kB) | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Memory | (a) | (T1) | (T4) | (T3) | N/A | (T2) | N/A |
+ +==========+=====+======+==========+======+========+==========+=====+
+ | TCP |
+ | Features |
+ +==========+=====+======+==========+======+========+==========+=====+
+ | Single- | Yes | No | No | Yes | No | No | No |
+ | Segm. | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Slow | No | Yes | Yes | No | Yes | No | Yes |
+ | start | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Fast | No | Yes | Yes | No | Yes | No | Yes |
+ | rec/retx | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Keep- | No | No | Yes | No | No | Yes | Yes |
+ | alive | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Win. | No | No | Yes | No | No | Yes | No |
+ | Scale | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | TCP | No | No | Yes | No | No | Yes | No |
+ | timest. | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | SACK | No | No | Yes | No | No | Yes | No |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Del. | No | Yes | Yes | No | No | Yes | Yes |
+ | ACKs | | | | | | | |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Socket | No | No | Optional | (I) | Subset | Yes | Yes |
+ +----------+-----+------+----------+------+--------+----------+-----+
+ | Concur. | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
+ | Conn. | | | | | | | |
+ +==========+=====+======+==========+======+========+==========+=====+
+ | TLS supp | No | No | Yes | Yes | Yes | Yes | Yes |
+ | orted | | | | | | | |
+ +==========+=====+======+==========+======+========+==========+=====+
+
+ Table 1: Summary of TCP Features for Different Lightweight TCP
+ Implementations
+
+ Legend:
+
+ (T1): TCP-only, on x86 and AVR platforms
+
+ (T2): TCP-only, on ARM Cortex-M platform
+
+ (T3): TCP-only, on ARM Cortex-M0+ platform (NOTE: RAM usage for the
+ same platform is ~2.5 kB for one TCP connection plus ~1.2 kB
+ for each additional connection)
+
+ (T4): TCP-only, on CC2538DK, cross-compiling on Linux
+
+ (a): Includes IP, ICMP, and TCP on x86 and AVR platforms. The
+ Contiki-NG TCP implementation has a code size of 3.2 kB on
+ CC2538DK, cross-compiling on Linux
+
+ (I): Optional POSIX socket wrapper that enables POSIX compliance
+ if needed
+
+ Mult.: Multiple
+
+ N/A: Not Available
+
+Acknowledgments
+
+ The work of Carles Gomez has been funded in part by the Spanish
+ Government (Ministerio de Educacion, Cultura y Deporte) through Jose
+ Castillejo grants CAS15/00336 and CAS18/00170; the European Regional
+ Development Fund (ERDF); the Spanish Government through projects
+ TEC2016-79988-P, PID2019-106808RA-I00, AEI/FEDER, and UE; and the
+ Generalitat de Catalunya Grant 2017 SGR 376. Part of his
+ contribution to this work has been carried out during his stays as a
+ visiting scholar at the Computer Laboratory of the University of
+ Cambridge.
+
+ The authors appreciate the feedback received for this document. The
+ following folks provided comments that helped improve the document:
+ Carsten Bormann, Zhen Cao, Wei Genyu, Ari Keränen, Abhijan
+ Bhattacharyya, Andres Arcia-Moret, Yoshifumi Nishida, Joe Touch, Fred
+ Baker, Nik Sultana, Kerry Lynn, Erik Nordmark, Markku Kojo, Hannes
+ Tschofenig, David Black, Ilpo Jarvinen, Emmanuel Baccelli, Stuart
+ Cheshire, Gorry Fairhurst, Ingemar Johansson, Ted Lemon, and Michael
+ Tüxen. Simon Brummer provided details and kindly performed Random
+ Access Memory (RAM) and Read-Only Memory (ROM) usage measurements on
+ the RIOT TCP implementation. Xavi Vilajosana provided details on the
+ OpenWSN TCP implementation. Rahul Jadhav kindly performed code size
+ measurements on the Contiki-NG and lwIP 2.1.2 TCP implementations.
+ He also provided details on the uIP TCP implementation.
+
+Authors' Addresses
+
+ Carles Gomez
+ UPC
+ C/Esteve Terradas, 7
+ 08860 Castelldefels
+ Spain
+
+ Email: carlesgo@entel.upc.edu
+
+
+ Jon Crowcroft
+ University of Cambridge
+ JJ Thomson Avenue
+ Cambridge
+ CB3 0FD
+ United Kingdom
+
+ Email: jon.crowcroft@cl.cam.ac.uk
+
+
+ Michael Scharf
+ Hochschule Esslingen
+ University of Applied Sciences
+ Flandernstr. 101
+ 73732 Esslingen am Neckar
+ Germany
+
+ Email: michael.scharf@hs-esslingen.de