1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
|
Network Working Group M. West
Request for Comments: 4413 S. McCann
Category: Informational Siemens/Roke Manor Research
March 2006
TCP/IP Field Behavior
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
This memo describes TCP/IP field behavior in the context of header
compression. Header compression is possible because most header
fields do not vary randomly from packet to packet. Many of the
fields exhibit static behavior or change in a more or less
predictable way. When a header compression scheme is designed, it is
of fundamental importance to understand the behavior of the fields in
detail. An example of this analysis can be seen in RFC 3095. This
memo performs a similar role for the compression of TCP/IP headers.
West & McCann Informational [Page 1]
^L
RFC 4413 TCP/IP Field Behavior March 2006
Table of Contents
1. Introduction ....................................................3
2. General classification ..........................................4
2.1. IP Header Fields ...........................................5
2.1.1. IPv6 Header Fields ....................................5
2.1.2. IPv4 Header Fields ....................................7
2.2. TCP Header Fields .........................................10
2.3. Summary for IP/TCP ........................................11
3. Classification of Replicable Header Fields .....................11
3.1. IPv4 Header (Inner and/or Outer) ..........................12
3.2. IPv6 Header (inner and/or outer) ..........................14
3.3. TCP Header ................................................14
3.4. TCP Options ...............................................15
3.5. Summary of Replication ....................................16
4. Analysis of Change Patterns of Header Fields ...................16
4.1. IP Header .................................................19
4.1.1. IP Traffic-Class / Type-Of-Service (TOS) .............19
4.1.2. ECN Flags ............................................19
4.1.3. IP Identification ....................................20
4.1.4. Don't Fragment (DF) flag .............................22
4.1.5. IP Hop-Limit / Time-To-Live (TTL) ....................22
4.2. TCP Header ................................................23
4.2.1. Sequence Number ......................................23
4.2.2. Acknowledgement Number ...............................24
4.2.3. Reserved .............................................25
4.2.4. Flags ................................................25
4.2.5. Checksum .............................................26
4.2.6. Window ...............................................26
4.2.7. Urgent Pointer .......................................27
4.3. Options ...................................................27
4.3.1. Options Overview .....................................28
4.3.2. Option Field Behavior ................................29
5. Other Observations .............................................36
5.1. Implicit Acknowledgements .................................36
5.2. Shared Data ...............................................36
5.3. TCP Header Overhead .......................................37
5.4. Field Independence and Packet Behavior ....................37
5.5. Short-Lived Flows .........................................37
5.6. Master Sequence Number ....................................38
5.7. Size Constraint for TCP Options ...........................38
6. Security Considerations ........................................39
7. Acknowledgements ...............................................39
8. References .....................................................40
8.1. Normative References ......................................40
8.2. Informative References ....................................41
West & McCann Informational [Page 2]
^L
RFC 4413 TCP/IP Field Behavior March 2006
1. Introduction
This document describes the format of the TCP/IP header and the
header field behavior, i.e., how fields vary within a TCP flow. The
description is presented in the context of header compression.
Since the IP header does exhibit slightly different behavior from
that previously presented in RFC 3095 [31] for UDP and RTP, it is
also included in this document.
This document borrows much of the classification text from RFC 3095
[31], rather than inserting many references to that document.
According to the format presented in RFC 3095 [31], TCP/IP header
fields are classified and analyzed in two steps. First, we have a
general classification in Section 2, where the fields are classified
on the basis of stable knowledge and assumptions. This general
classification does not take into account the change characteristics
of changing fields, as those will vary more or less depending on the
implementation and on the application used. Section 3 considers how
field values can be used to optimize short-lived flows. A more
detailed analysis of the change characteristics is then done in
Section 4. Finally, Section 5 summarizes with conclusions about how
the various header fields should be handled by the header compression
scheme to optimize compression.
A general question raised by this analysis is: what 'baseline'
definition of all possible TCP/IP implementations is to be
considered? This review is based on an analysis of currently
deployed TCP implementations supporting mechanisms standardised by
the IETF.
The general requirement for transparency is also interesting. A
number of recent proposals for extensions to TCP use some of the
previously 'reserved' bits in the TCP packet header. Therefore, a
'reserved' bit cannot be taken to have a guaranteed zero value; it
may change. Ideally, this should be accommodated by the compression
profile.
A number of reserved bits are available for future expansion. A
treatment of field behavior cannot predict the future use of such
bits, but we expect that they will be used at some point. Given
this, a compression scheme can optimise for the current situation but
should be capable of supporting any arbitrary usage of the reserved
bits. However, it is impossible to optimise for usage patterns that
have yet to be defined.
West & McCann Informational [Page 3]
^L
RFC 4413 TCP/IP Field Behavior March 2006
2. General classification
The following definitions (and some text) are copied from RFC 3095
[31], Appendix A. Differences of IP field behavior between RFC 3095
[31] (i.e., IP/UDP/RTP behavior for audio and video applications) and
this document have been identified.
For the following, we define "session" as a TCP packet stream, being
a series of packets with the same IP addresses and port numbers. A
packet flow is defined by certain fields (see STATIC-DEF, below) and
may be considered a subset of a session. See [31] for a fuller
discussion of separation of sessions into streams of packets for
header compression.
At a general level, the header fields are separated into 5 classes:
o INFERRED
These fields contain values that can be inferred from other
values (for example, the size of the frame carrying the packet)
and thus do not have to be handled at all by the compression
scheme.
o STATIC
These fields are expected to be constant throughout the
lifetime of the packet stream. Static information must in some
way be communicated once.
o STATIC-DEF
STATIC fields whose values define a packet stream. They are in
general handled as STATIC.
o STATIC-KNOWN
These STATIC fields are expected to have well-known values and
therefore do not need to be communicated at all.
o CHANGING
These fields are expected to vary randomly within a limited
value set or range or in some other manner.
West & McCann Informational [Page 4]
^L
RFC 4413 TCP/IP Field Behavior March 2006
In this section, each of the IP and TCP header fields is assigned to
one of these classes. For all fields except those classified as
CHANGING, the motives for the classification are also stated. In
section 4, CHANGING fields are further examined and classified on the
basis of their expected change behavior.
2.1. IP Header Fields
2.1.1. IPv6 Header Fields
+---------------------+-------------+----------------+
| Field | Size (bits) | Class |
+---------------------+-------------+----------------+
| Version | 4 | STATIC |
| DSCP* | 6 | ALTERNATING |
| ECT flag* | 1 | CHANGING |
| CE flag* | 1 | CHANGING |
| Flow Label | 20 | STATIC-DEF |
| Payload Length | 16 | INFERRED |
| Next Header | 8 | STATIC |
| Hop Limit | 8 | CHANGING |
| Source Address | 128 | STATIC-DEF |
| Destination Address | 128 | STATIC-DEF |
+---------------------+-------------+----------------+
* Differs from RFC 3095 [31]. (The DSCP, ECT,
and CE flags were amalgamated into the Traffic
Class octet in RFC 3095).
Figure 1. IPv6 Header Fields
o Version
The version field states which IP version is used. Packets
with different values in this field must be handled by
different IP stacks. All packets of a packet stream must
therefore be of the same IP version. Accordingly, the field is
classified as STATIC.
o Flow Label
This field may be used to identify packets belonging to a
specific packet stream. If the field is not used, its value
should be zero. Otherwise, all packets belonging to the same
stream must have the same value in this field, it being one of
the fields that define the stream. The field is therefore
classified as STATIC-DEF.
West & McCann Informational [Page 5]
^L
RFC 4413 TCP/IP Field Behavior March 2006
o Payload Length
Information about packet length (and, consequently, payload
length) is expected to be provided by the link layer. The
field is therefore classified as INFERRED.
o Next Header
This field will usually have the same value in all packets of a
packet stream. It encodes the type of the subsequent header.
Only when extension headers are sometimes absent will the field
change its value during the lifetime of the stream. The field
is therefore classified as STATIC. The classification of
STATIC is inherited from RFC 3095 [31]. However, note that the
next header field is actually determined by the type of the
following header. Thus, it might be more appropriate to view
this as an inference, although this depends upon the specific
implementation of the compression scheme.
o Source and Destination Addresses
These fields are part of the definition of a stream and
therefore must be constant for all packets in the stream. The
fields are therefore classified as STATIC-DEF.
This might be considered as a slightly simplistic view. In
this document, the IP addresses are associated with the
transport layer connection and assumed to be part of the
definition of a flow. More complex flow-separation could, of
course, be considered (see also RFC 3095 [31] for more
discussion of this issue). Where tunneling is being performed,
the use of the IP addresses in outer tunnel headers is also
assumed to be STATIC-DEF.
The total size of the fields in each class is as follows:
+--------------+--------------+
| Class | Size (octets)|
+--------------+--------------+
| INFERRED | 2 |
| STATIC | 1.5 |
| STATIC-DEF | 34.5 |
| STATIC-KNOWN | 0 |
| CHANGING | 2 |
+--------------+--------------+
Figure 2: Field sizes
West & McCann Informational [Page 6]
^L
RFC 4413 TCP/IP Field Behavior March 2006
2.1.2. IPv4 Header Fields
+---------------------+-------------+----------------+
| Field | Size (bits) | Class |
+---------------------+-------------+----------------+
| Version | 4 | STATIC |
| Header Length | 4 | STATIC-KNOWN |
| DSCP* | 6 | ALTERNATING |
| ECT flag* | 1 | CHANGING |
| CE flag* | 1 | CHANGING |
| Packet Length | 16 | INFERRED |
| Identification | 16 | CHANGING |
| Reserved flag* | 1 | CHANGING |
| Don't Fragment flag*| 1 | CHANGING |
| More Fragments flag | 1 | STATIC-KNOWN |
| Fragment Offset | 13 | STATIC-KNOWN |
| Time To Live | 8 | CHANGING |
| Protocol | 8 | STATIC |
| Header Checksum | 16 | INFERRED |
| Source Address | 32 | STATIC-DEF |
| Destination Address | 32 | STATIC-DEF |
+---------------------+-------------+----------------+
* Differs from RFC 3095 [31]. (The DSCP, ECT
and CE flags were amalgamated into the TOS
octet in RFC 3095; the DF flag behavior is
considered later; the reserved field is
discussed below).
Figure 3. IPv4 Header Fields
o Version
The version field states which IP version is used. Packets
with different values in this field must be handled by
different IP stacks. All packets of a packet stream must
therefore be of the same IP version. Accordingly, the field is
classified as STATIC.
o Header Length
As long as no options are present in the IP header, the header
length is constant and well known. If there are options, the
fields would be STATIC, but it is assumed here that there are
no options. The field is therefore classified as STATIC-KNOWN.
West & McCann Informational [Page 7]
^L
RFC 4413 TCP/IP Field Behavior March 2006
o Packet Length
Information about packet length is expected to be provided by
the link layer. The field is therefore classified as INFERRED.
o Flags
The Reserved flag must be set to zero, as defined in RFC 791
[1]. In RFC 3095 [31] the field is therefore classified as
STATIC-KNOWN. However, it is expected that reserved fields may
be used at some future point. It is undesirable to select an
encoding that would preclude the use of a compression profile
for a future change in the use of reserved fields. For this
reason, the alternative encoding of CHANGING is used. (A
compression profile can, of course, still optimise for the
current situation, where the field value is known to be 0).
The More Fragments (MF) flag is expected to be zero because
fragmentation is, ideally, not expected. However, it is also
understood that some scenarios (for example, some tunnelling
architectures) do cause fragmentation. In general, though,
fragmentation is not expected to be common in the Internet due
to a combination of initial MSS negotiation and subsequent use
of path-MTU discovery. RFC 3095 [31] points out that, for RTP,
only the first fragment will contain the transport layer
protocol header; subsequent fragments would have to be
compressed with a different profile. This is also obviously
the case for TCP. If fragmentation were to occur, the first
fragment, by definition, would be relatively large, minimizing
the header overhead. Subsequent fragments would be compressed
with another profile. It is therefore considered undesirable
to optimise for fragmentation in performing header compression.
The More Fragments flag is therefore classified as STATIC-
KNOWN.
o Fragment Offset
Under the assumption that no fragmentation occurs, the fragment
offset is always zero. The field is therefore classified as
STATIC-KNOWN. Even if fragmentation were to be further
considered, only the first fragment would contain the TCP
header, and the fragment offset of this packet would still be
zero.
o Protocol
This field will usually have the same value in all packets of a
packet stream. It encodes the type of the subsequent header.
West & McCann Informational [Page 8]
^L
RFC 4413 TCP/IP Field Behavior March 2006
Only where the sequence of headers changes (e.g., an extension
header is inserted or deleted or a tunnel header is added or
removed) will the field change its value. The field is
therefore classified as STATIC. Whether such a change would
cause the sequence of packets to be treated as a new flow (for
header compression) is an issue for profile design. ROHC
profiles must be able to cope with extension headers and
tunnelling, but the choice of strategy is outside the scope of
this document.
o Header Checksum
The header checksum protects individual hops from processing a
corrupted header. When almost all IP header information is
compressed away, there is no point in having this additional
checksum. Instead, it can be regenerated at the decompressor
side. The field is therefore classified as INFERRED.
Note that the TCP checksum does not protect the whole TCP/IP
header, but only the TCP pseudo-header (and the payload).
Compare this with ROHC [31], which uses a CRC to verify the
uncompressed header. Given the need to validate the complete
TCP/IP header, the cost of computing the TCP checksum over the
entire payload, and known weaknesses in the TCP checksum [37],
an additional check is necessary. Therefore, it is highly
desirable that some additional checksum (such as a CRC) will be
used to validate correct decompression.
o Source and Destination Addresses
These fields are part of the definition of a stream and must
thus be constant for all packets in the stream. The fields are
therefore classified as STATIC-DEF.
The total size of the fields in each class is as follows:
+--------------+--------------+
| Class | Size (octets)|
+--------------+--------------+
| INFERRED | 4 |
| STATIC* | 1.5 |
| STATIC-DEF | 8 |
| STATIC-KNOWN*| 2.25 |
| CHANGING* | 4.25 |
+--------------+--------------+
* Differs from RFC 3095 [31]
Figure 4. Field sizes
West & McCann Informational [Page 9]
^L
RFC 4413 TCP/IP Field Behavior March 2006
2.2. TCP Header Fields
+---------------------+-------------+----------------+
| Field | Size (bits) | Class |
+---------------------+-------------+----------------+
| Source Port | 16 | STATIC-DEF |
| Destination Port | 16 | STATIC-DEF |
| Sequence Number | 32 | CHANGING |
| Acknowledgement Num | 32 | CHANGING |
| Data Offset | 4 | INFERRED |
| Reserved | 4 | CHANGING |
| CWR flag | 1 | CHANGING |
| ECE flag | 1 | CHANGING |
| URG flag | 1 | CHANGING |
| ACK flag | 1 | CHANGING |
| PSH flag | 1 | CHANGING |
| RST flag | 1 | CHANGING |
| SYN flag | 1 | CHANGING |
| FIN flag | 1 | CHANGING |
| Window | 16 | CHANGING |
| Checksum | 16 | CHANGING |
| Urgent Pointer | 16 | CHANGING |
| Options | 0(-352) | CHANGING |
+---------------------+-------------+----------------+
Figure 5: TCP header fields
o Source and Destination ports
These fields are part of the definition of a stream and must thus
be constant for all packets in the stream. The fields are
therefore classified as STATIC-DEF.
o Data Offset
The number of 4 octet words in the TCP header, indicating the
start of the data. It is always a multiple of 4 octets. It can
be re-constructed from the length of any options, and thus it is
not necessary to carry this explicitly. The field is therefore
classified as INFERRED.
West & McCann Informational [Page 10]
^L
RFC 4413 TCP/IP Field Behavior March 2006
2.3. Summary for IP/TCP
Summarizing this for IP/TCP, one obtains the following:
+----------------+----------------+----------------+
| Class \ IP ver | IPv6 (octets) | IPv4 (octets) |
+----------------+----------------+----------------+
| INFERRED | 2 + 4 bits | 4 + 4 bits |
| STATIC | 1 + 4 bits | 1 + 4 bits |
| STATIC-DEF | 38 + 4 bits | 12 |
| STATIC-KNOWN | - | 2 + 2 bits |
| CHANGING | 17 + 4 bits | 19 + 6 bits |
+----------------+----------------+----------------+
| Totals | 60 | 40 |
+----------------+----------------+----------------+
(Excludes options, which are all classified as CHANGING).
Figure 6. Overall field sizes
3. Classification of Replicable Header Fields
Where multiple flows either overlap in time or occur sequentially
within a short space of time, there can be a great deal of similarity
in header field values. Such commonality of field values is
reflected in the compression context. Thus, it should be possible to
utilise commonality between fields across different flows to improve
the compression ratio. In order to do this, it is important to
understand the 'replicable' characteristics of the various header
fields.
The key concept is that of 'replication': an existing context is used
as a baseline and replicated to initialise a new context. Those
fields that are the same are then automatically initialised in the
new context. Those that have changed will be updated or overwritten
with values from the initialisation packet that triggered the
replication. This section considers the commonality between fields
in different flows.
Note, however, that replication is based on contexts (rather than on
just field values), so compressor-created fields that are part of the
context may also be included. These, of course, are dependent upon
the nature of the compression protocol (ROHC profile) being applied.
West & McCann Informational [Page 11]
^L
RFC 4413 TCP/IP Field Behavior March 2006
A brief analysis of the relationship of TCP/IP fields among
'replicable' packet streams follows.
'N/A': The field need not be considered in the replication
process, as it is inferred or known 'a priori' (and,
therefore, does not appear in the context).
'No': The field cannot be replicated since its change pattern
between two packet flows is uncorrelated.
'Yes': The field may be replicated. This does not guarantee that
the field value will be the same across two candidate
streams, only that it might be possible to exploit
replication to increase the compression ratio. Specific
encoding methods can be used to improve the compression
efficiency.
3.1. IPv4 Header (Inner and/or Outer)
+-----------------------+---------------+------------+
| Field | Class | Replicable |
+-----------------------+---------------+------------+
| Version | STATIC | N/A |
| Header Length | STATIC-KNOWN | N/A |
| DSCP | ALTERNATING | No (1) |
| ECT flag | CHANGING | No (2) |
| CE flag | CHANGING | No (2) |
| Packet Length | INFERRED | N/A |
| Identification | CHANGING | Yes (3) |
| Reserved flag | CHANGING | No (4) |
| Don't Fragment flag | CHANGING | Yes (5) |
| More Fragments flag | STATIC-KNOWN | N/A |
| Fragment Offset | STATIC-KNOWN | N/A |
| Time To Live | CHANGING | Yes |
| Protocol | STATIC | N/A |
| Header Checksum | INFERRED | N/A |
| Source Address | STATIC-DEF | Yes |
| Destination Address | STATIC-DEF | Yes |
+-----------------------+---------------+------------+
Figure 7: IPv4 header
(1) The DSCP is marked according to the application's requirements.
If it can be assumed that replicable connections belong to the
same diffserv class, then it is likely that the DSCP will be
replicable. The DSCP can be set not only by the sender but by
any packet marker. Thus, a flow may have a number of DSCP values
at different points in the network. However, header compression
West & McCann Informational [Page 12]
^L
RFC 4413 TCP/IP Field Behavior March 2006
operates on a point-to-point link and so would expect to see a
relatively stable value. If re-marking is being done based on
the state of a meter, then the value may change mid-flow.
Overall, though, we expect supporting replication of the DSCP to
be useful for header compression.
(2) It is not possible for the ECN bits to be replicated (note that
use of the ECN nonce scheme [19] is anticipated). However, it
seems likely that all TCP flows between ECN-capable hosts will
use ECN, the use (or not) of ECN for flows between the same end-
points might be considered replicable. See also note (4).
(3) The replicable context for this field includes the IP-ID, NBO,
and RND flags (as described in ROHC RTP). This highlights that
the replication is of the context, rather than just the header
field values and, as such, needs to be considered based on the
exact nature of compression applied to each field.
(4) Since the possible future behavior of the 'Reserved Flag' cannot
be predicted, it is not considered as replicable. However, it
might be expected that the behavior of the reserved flag between
the same end-points will be similar. In this case, any selection
of packet formats (for example) based on this behavior might
carry across to the new flow. In the case of packet formats,
this can probably be considered as a compressor-local decision.
(5) In theory, the DF bit may be replicable. However, this is not
guaranteed and, in practice, it is unlikely to be useful to do
this. From the perspective of header compression, having to
indicate whether or not a 1-bit flag should be replicated or
specified explicitly is likely to require more bits than simply
conveying the value of the flag. We do not rule out DF
replication.
West & McCann Informational [Page 13]
^L
RFC 4413 TCP/IP Field Behavior March 2006
3.2. IPv6 Header (inner and/or outer)
+-----------------------+---------------+------------+
| Field | Class | Replicable |
+-----------------------+---------------+------------+
| Version | STATIC | N/A |
| Traffic Class | CHANGING | Yes (1) |
| ECT flag | CHANGING | No (2) |
| CE flag | CHANGING | No (2) |
| Flow Label | STATIC-DEF | N/A |
| Payload Length | INFERRED | N/A |
| Next Header | STATIC | N/A |
| Hop Limit | CHANGING | Yes |
| Source Address | STATIC-DEF | Yes |
| Destination Address | STATIC-DEF | Yes |
+-----------------------+---------------+------------+
(1) See comment about DSCP field for IPv4, above.
(2) See comment about ECT and CE flags for IPv4, above.
Figure 8. IPv6 Header
3.3. TCP Header
+-----------------------+---------------+------------+
| Field | Class | Replicable |
+-----------------------+---------------+------------+
| Source Port | STATIC-DEF | Yes (1) |
| Destination Port | STATIC-DEF | Yes (1) |
| Sequence Number | CHANGING | No (2) |
| Acknowledgement Number| CHANGING | No |
| Data Offset | INFERRED | N/A |
| Reserved Bits | CHANGING | No (3) |
| Flags | | |
| CWR | CHANGING | No (4) |
| ECE | CHANGING | No (4) |
| URG | CHANGING | No |
| ACK | CHANGING | No |
| PSH | CHANGING | No |
| RST | CHANGING | No |
| SYN | CHANGING | No |
| FIN | CHANGING | No |
| Window | CHANGING | Yes |
| Checksum | CHANGING | No |
| Urgent Pointer | CHANGING | Yes (5) |
+-----------------------+---------------+------------+
Figure 9: TCP Header
West & McCann Informational [Page 14]
^L
RFC 4413 TCP/IP Field Behavior March 2006
(1) On the server side, the port number is likely to be a well-known
value. On the client side, the port number is generally selected
by the stack automatically. Whether the port number is
replicable depends upon how the stack chooses the port number.
Whilst most implementations use a simple scheme that sequentially
picks the next available port number, it may not be desirable to
rely on this behavior.
(2) With the recommendation (and expected deployment) of TCP Initial
Sequence Number randomization, defined in RFC 1948 [10], it will
be impossible to share the sequence number. Thus, this field
will not be regarded as replicable.
(3) See comment (4) for the IPv4 header, above.
(4) See comment (2) on ECN flags for the IPv4 header, above.
(5) The urgent pointer is very rarely used. This means that, in
practice, the field may be considered replicable.
3.4. TCP Options
+---------------------------+--------------+------------+
| Option | SYN-only (1) | Replicable |
+---------------------------+--------------+------------+
| End of Option List | No | No (2) |
| No-Operation | No | No (2) |
| Maximum Segment Size | Yes | Yes |
| Window Scale | Yes | Yes |
| SACK-Permitted | Yes | Yes |
| SACK | No | No |
| Timestamp | No | No |
+---------------------------+--------------+------------+
Figure 10. TCP Options
(1) This indicates whether the option only appears in SYN packets.
Options that are not 'SYN-only' may appear in any packet. Many
TCP options are used only in SYN packets. Some options, such as
MSS, Window Scale, and SACK-Permitted, will tend to have the same
value among replicable packet streams.
Thus, to support context sharing, the compressor should maintain
such TCP options in the context (even though they only appear in
the SYN segment).
(2) Since these options have fixed values, they could be regarded as
replicable. However, the only interesting thing to convey about
West & McCann Informational [Page 15]
^L
RFC 4413 TCP/IP Field Behavior March 2006
these options is their presence. If it is known that such an
option exists, its value is defined.
3.5. Summary of Replication
From the above analysis, it can be seen that there are reasonable
grounds for exploiting redundancy between flows as well as between
packets within a flow. Simply consider the advantage of being able
to elide the source and destination addresses for a repeated
connection between two IPv6 endpoints. There will also be a cost (in
terms of complexity and robustness) for replicating contexts, and
this must be considered when one decides what constitutes an
appropriate solution.
Finally, note that the use of replication requires that the
compressor have a suitable degree of confidence that the source data
is present and correct at the decompressor. This may place some
restrictions on which of the 'changing' fields, in particular, can be
utilised during replication.
4. Analysis of Change Patterns of Header Fields
To design suitable mechanisms for efficient compression of all header
fields, their change patterns must be analyzed. For this reason, an
extended classification is done based on the general classification
in 2, considering the fields that were labeled CHANGING in that
classification.
The CHANGING fields are separated into five different subclasses:
o STATIC
These are fields that were classified as CHANGING on a general
basis, but that are classified as STATIC here due to certain
additional assumptions.
o SEMISTATIC
These fields are STATIC most of the time. However, occasionally
the value changes but reverts to its original value after a known
number of packets.
o RARELY-CHANGING (RC)
These are fields that change their values occasionally and then
keep their new values.
West & McCann Informational [Page 16]
^L
RFC 4413 TCP/IP Field Behavior March 2006
o ALTERNATING
These fields alternate between a small number of different values.
o IRREGULAR
These, finally, are the fields for which no useful change pattern
can be identified.
To further expand the classification possibilities without increasing
complexity, the classification can be done either according to the
values of the field and/or according to the values of the deltas for
the field.
When the classification is done, other details are also stated
regarding possible additional knowledge about the field values and/or
field deltas, according to the classification. For fields classified
as STATIC or SEMISTATIC, the value of the field could be not only
STATIC but also well-KNOWN a priori (two states for SEMISTATIC
fields). For fields with non-irregular change behavior, it could be
known that changes are usually within a LIMITED range compared to the
maximal change for the field. For other fields, the values are
completely UNKNOWN.
Figure 11 classifies all the CHANGING fields on the basis of their
expected change patterns. (4) refers to IPv4 fields and (6) refers to
IPv6.
West & McCann Informational [Page 17]
^L
RFC 4413 TCP/IP Field Behavior March 2006
+------------------------+-------------+-------------+-------------+
| Field | Value/Delta | Class | Knowledge |
+========================+=============+=============+=============+
| DSCP(4) / Tr.Class(6) | Value | ALTERNATING | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| IP ECT flag(4) | Value | RC | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| IP CE flag(4) | Value | RC | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| Sequential | Delta | STATIC | KNOWN |
| -----------+-------------+-------------+-------------+
| IP Id(4) Seq. jump | Delta | RC | LIMITED |
| -----------+-------------+-------------+-------------+
| Random | Value | IRREGULAR | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| IP DF flag(4) | Value | RC | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| IP TTL(4) / Hop Lim(6) | Value | ALTERNATING | LIMITED |
+------------------------+-------------+-------------+-------------+
| TCP Sequence Number | Delta | IRREGULAR | LIMITED |
+------------------------+-------------+-------------+-------------+
| TCP Acknowledgement Num| Delta | IRREGULAR | LIMITED |
+------------------------+-------------+-------------+-------------+
| TCP Reserved | Value | RC | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| TCP flags | | | |
| ECN flags | Value | IRREGULAR | UNKNOWN |
| CWR flag | Value | IRREGULAR | UNKNOWN |
| ECE flag | Value | IRREGULAR | UNKNOWN |
| URG flag | Value | IRREGULAR | UNKNOWN |
| ACK flag | Value | SEMISTATIC | KNOWN |
| PSH flag | Value | IRREGULAR | UNKNOWN |
| RST flag | Value | IRREGULAR | UNKNOWN |
| SYN flag | Value | SEMISTATIC | KNOWN |
| FIN flag | Value | SEMISTATIC | KNOWN |
+------------------------+-------------+-------------+-------------+
| TCP Window | Value | ALTERNATING | KNOWN |
+------------------------+-------------+-------------+-------------+
| TCP Checksum | Value | IRREGULAR | UNKNOWN |
+------------------------+-------------+-------------+-------------+
| TCP Urgent Pointer | Value | IRREGULAR | KNOWN |
+------------------------+-------------+-------------+-------------+
| TCP Options | Value | IRREGULAR | UNKNOWN |
+------------------------+-------------+-------------+-------------+
Figure 11. Classification of CHANGING Fields
West & McCann Informational [Page 18]
^L
RFC 4413 TCP/IP Field Behavior March 2006
The following subsections discuss the various header fields in
detail. Note that Table 1 and the discussion below do not consider
changes caused by loss or reordering before the compression point.
4.1. IP Header
4.1.1. IP Traffic-Class / Type-Of-Service (TOS)
The Traffic-Class (IPv6) or Type-Of-Service/DSCP (IPv4) field might
be expected to change during the lifetime of a packet stream. This
analysis considers several RFCs that describe modifications to the
original RFC 791 [1].
The TOS byte was initially described in RFC 791 [1] as 3 bits of
precedence followed by 3 bits of TOS and 2 reserved bits (defined to
be zero). RFC 1122 [21] extended this to specify 5 bits of TOS,
although the meanings of the additional 2 bits were not defined. RFC
1349 [23] defined the 4th bit of TOS as 'minimize monetary cost'.
The next significant change was in RFC 2474 [14] (obsoleting RFC 1349
[23]). RFC 2474 reworked the TOS octet as 6 bits of DSCP (DiffServ
Code Point) plus 2 unused bits. Most recently, RFC 2780 [30]
identified the 2 reserved bits in the TOS or traffic class octet for
experimental use with ECN.
It is therefore proposed that the TOS (or traffic class) octet be
classified as 6 bits for the DSCP and 2 additional bits. These 2
bits may be expected to be zero or to contain ECN data. From a
future-proofing perspective, it is preferable to assume the use of
ECN, especially with respect to TCP.
It is also considered important that the profile work with legacy
stacks, since these will be in existence for some considerable time
to come. For simplicity, this will be considered as 6 bits of TOS
information and 2 bits of ECN data, so the fields are always
considered to be structured the same way.
The DSCP (as for TOS in ROHC RTP) is not expected to change
frequently (although it could change mid-flow, for example, as a
result of a route change).
4.1.2. ECN Flags
Initially, we describe the ECN flags as specified in RFC 2481 [15]
and RFC 3168 [18]. Subsequently, a suggested update is described
that would alter the behavior of the flags.
In RFC 2481 [15] there are 2 separate flags, the ECT (ECN Capable
Transport) flag and the CE (Congestion Experienced) flag. The ECT
West & McCann Informational [Page 19]
^L
RFC 4413 TCP/IP Field Behavior March 2006
flag, if negotiated by the TCP stack, will be '1' for all data
packets and '0' for all 'pure acknowledgement' packets. This means
that the behavior of the ECT flag is linked to behavior in the TCP
stack. Whether this can be exploited for compression is not clear.
The CE flag is only used if ECT is set to '1'. It is set to '0' by
the sender and can be set to '1' by an ECN-capable router in the
network to indicate congestion. Thus the CE flag is expected to be
randomly set to '1' with a probability dependent on the congestion
state of the network and the position of the compressor in the path.
Therefore, a compressor located close to the receiver in a congested
network will see the CE bit set frequently, but a compressor located
close to a sender will rarely, if ever, see the CE bit set to '1'.
A recent experimental proposal [19] suggests an alternative view of
these 2 bits. This considers the two bits together to have 4
possible codepoints. Meanings are then assigned to the codepoints:
00 Not ECN capable
01 ECN capable, no congestion (known as ECT(0))
10 ECN capable, no congestion (known as ECT(1))
11 Congestion experienced
The use of 2 codepoints for signaling ECT allows the sender to detect
when a receiver is not reliably echoing congestion information.
For the purposes of compression, this update means that ECT(0) and
ECT(1) are equally likely (for an ECN capable flow) and that '11'
will be seen relatively rarely. The probability of seeing a
congestion indication is discussed above in the description of the CE
flag.
It is suggested that, for the purposes of compression, ECN with
nonces be assumed as the baseline, although the compression scheme
must be able to compress the original ECN scheme transparently.
4.1.3. IP Identification
The Identification field (IP ID) of the IPv4 header identifies which
fragments constitute a datagram, when fragmented datagrams are
reassembled. The IPv4 specification does not specify exactly how
this field is to be assigned values, only that each packet should get
an IP ID that is unique for the source-destination pair and protocol
for the time during which the datagram (or any of its fragments)
could be alive in the network. This means that assignment of IP ID
values can be done in various ways, which we have separated into
three classes:
West & McCann Informational [Page 20]
^L
RFC 4413 TCP/IP Field Behavior March 2006
o Sequential jump
This is the most common assignment policy in today's IP stacks. A
single IP ID counter is used for all packet streams. When the
sender is running more than one packet stream simultaneously, the
IP ID can increase by more than one between packets in a stream.
The IP ID values will be much more predictable and will require
fewer bits to transfer than random values, and the packet-to-
packet increment (determined by the number of active outgoing
packet streams and sending frequencies) will usually be limited.
o Random
Some IP stacks assign IP ID values by using a pseudo-random number
generator. There is thus no correlation between the ID values of
subsequent datagrams. Therefore, there is no way to predict the
IP ID value for the next datagram. For header compression
purposes, this means that the IP ID field needs to be sent
uncompressed with each datagram, resulting in two extra octets of
header. IP stacks in cellular terminals that need optimum header
compression efficiency should not use this IP ID assignment
policy.
o Sequential
This assignment policy keeps a separate counter for each outgoing
packet stream, and thus the IP ID value will increment by one for
each packet in the stream, except at wrap around. Therefore, the
delta value of the field is constant and well known a priori.
This assignment policy is the most desirable for header
compression purposes. However, its usage is not as common as it
perhaps should be.
In order to avoid violating RFC 791 [1], packets sharing the same
IP address pair and IP protocol number cannot use the same IP ID
values. Therefore, implementations of sequential policies must
make the ID number spaces disjoint for packet streams of the same
IP protocol going between the same pair of nodes. This can be
done in a number of ways, all of which introduce occasional jumps
and thus make the policy less than perfectly sequential. For
header compression purposes, less frequent jumps are preferred.
Note that the ID is an IPv4 mechanism and is therefore not a problem
for IPv6. For IPv4, the ID could be handled in three different ways.
First, we have the inefficient but reliable solution where the ID
field is sent as-is in all packets, increasing the compressed headers
by two octets. This is the best way to handle the ID field if the
sender uses random assignment of the ID field. Second, there can be
West & McCann Informational [Page 21]
^L
RFC 4413 TCP/IP Field Behavior March 2006
solutions with more flexible mechanisms that require fewer bits for
the ID handling as long as sequential jump assignment is used. Such
solutions will probably require even more bits if random assignment
is used by the sender. Knowledge about the sender's assignment
policy could therefore be useful when choosing between the two
solutions above. Finally, even for IPv4, header compression could be
designed without any additional information for the ID field included
in compressed headers. To use such schemes, it must be known which
assignment policy for the ID field is being used by the sender. That
might not be possible to know, which implies that the applicability
of such solutions is very uncertain. However, designers of IPv4
stacks for cellular terminals should use an assignment policy close
to sequential.
With regard to TCP compression, the behavior of the IP ID field is
essentially the same. However, in RFC 3095 [31], the IP ID is
generally inferred from the RTP Sequence Number. There is no obvious
candidate in the TCP case for a field to offer this 'master sequence
number' role.
Clearly, from a busy server, the observed behavior may well be quite
erratic. This is a case where the ability to share the IP
compression context between a number of flows (between the same end-
points) could offer potential benefits. However, this would only
have any real impact where there is a large number of flows between
one machine and the server. If context sharing is being considered,
then it is preferable to share the IP part of the context.
4.1.4. Don't Fragment (DF) flag
Path-MTU discovery (RFC 1191 for IPv4 [6] and RFC 1981 for IPv6 [11])
is widely deployed for TCP, in contrast to little current use for UDP
packet streams. This employs the DF flag value of '1' to detect the
need for fragmentation in the end-to-end path and to probe the
minimum MTU along the network path. End hosts using this technique
may be expected to send all packets with DF set to '1', although a
host may end PMTU discovery by clearing the DF bit to '0'. Thus, for
compression, we expect the field value to be stable.
4.1.5. IP Hop-Limit / Time-To-Live (TTL)
The Hop-Limit (IPv6) or Time-To-Live (IPv4) field is expected to be
constant during the lifetime of a packet stream or to alternate
between a limited number of values due to route changes.
West & McCann Informational [Page 22]
^L
RFC 4413 TCP/IP Field Behavior March 2006
4.2. TCP Header
Any discussion of compressability of TCP fields borrows heavily from
RFC 1144 [22]. However, the premise of how the compression is
performed is slightly different, and the protocol has evolved
slightly in the intervening time.
4.2.1. Sequence Number
Understanding the sequence and acknowledgement number behavior is
essential for a TCP compression scheme.
At the simplest level, the behavior of the sequence number can be
described relatively easily. However, there are a number of
complicating factors that also need to be considered.
For transferring in-sequence data packets, the sequence number will
increment for each packet by between 0 and an upper limit defined by
the MSS (Maximum Segment Size) and, if it is being used, by Path-MTU
discovery.
There are common MSS values, but these can be quite variable and
unpredictable for any given flow. Given this variability and the
range of window sizes, it is hard (compared with the RTP case, for
example) to select a 'one size fits all' encoding for the sequence
number. (The same argument applies equally to the acknowledgement
number).
Note that the increment of the sequence number in a packet is the
size of the data payload of that packet (including the SYN and FIN
flags). This is, of course, exactly the relationship that RFC 1144
[22] exploits to compress the sequence number in the most efficient
case. This technique may not be directly applicable to a robust
solution, but it may be a useful relationship to consider.
However, at any point on the path (i.e., wherever a compressor might
be deployed), the sequence number can be anywhere within a range
defined by the TCP window. This is a combination of a number of
values (buffer space at the sender; advertised buffer size at the
receiver; and TCP congestion control algorithms). Missing packets or
retransmissions can cause the TCP sequence number to fluctuate within
the limits of this window.
It is desirable to be able to predict the sequence number with some
regularity. However, this also appears to be difficult to do. For
example, during bulk data transfer, the sequence number will tend to
go up by 1 MSS per packet (assuming no packet loss). Higher layer
values have been seen to have an impact as well, where sequence
West & McCann Informational [Page 23]
^L
RFC 4413 TCP/IP Field Behavior March 2006
number behavior has been observed with an 8 kbyte repeating pattern
-- 5 segments of 1460 bytes followed by 1 segment of 892 bytes. The
implementation of TCP and the management of buffers within a protocol
stack can affect the behavior of the sequence number.
It may be possible to track the TCP window by the compressor,
allowing it to bound the size of these jumps.
For interactive flows (for example, telnet), the sequence number will
change by small, irregular amounts. In this case, the Nagle
algorithm [3] commonly applies, coalescing small packets where
possible in order to reduce the basic header overhead. This may also
mean that predictable changes in the sequence number are less likely
to occur. The Nagle algorithm is an optimisation and is not required
to be used (applications can disable its use). However, it is turned
on by default in all common TCP implementations.
Note also that the SYN and FIN flags (which have to be acknowledged)
each consume 1 byte of sequence space.
4.2.2. Acknowledgement Number
Much of the information about the sequence number applies equally to
the acknowledgement number. However, there are some important
differences.
For bulk data transfers, there will tend to be 1 acknowledgement for
every 2 data segments. The algorithm is specified in RFC 2581 [16].
An ACK need not always be sent immediately on receipt of a data
segment, but it must be sent within 500ms and should be generated for
at least every second full-size segment (MSS) of received data. It
may be seen from this that the delta for the acknowledgement number
is roughly twice that of the sequence number. This is not always the
case, and the discussion about sequence number irregularity should be
applied.
As an aside, a common implementation bug is 'stretch ACKs' [33]
(acknowledgements may be generated less frequently than every two
full-size data segments). This pattern can also occur following loss
on the return path.
Since the acknowledgement number is cumulative, dropped packets in
the forward path will result in the acknowledgement number remaining
constant for a time in the reverse direction. Retransmission of a
dropped segment can then cause a substantial jump in the
acknowledgement number. These jumps in acknowledgement number are
bounded by the TCP window, just as for the jumps in sequence number.
West & McCann Informational [Page 24]
^L
RFC 4413 TCP/IP Field Behavior March 2006
In the acknowledgement case, information about the advertised
received window gives a bound to the size of any ACK jump.
4.2.3. Reserved
This field is reserved, and it therefore might be expected to be
zero. This can no longer be assumed, due to future-proofing. It is
only a matter of time before a suggestion for using the flag is made.
4.2.4. Flags
o ECN-E (Explicit Congestion Notification)
'1' to echo CE bit in IP header. It will be set in several
consecutive headers (until 'acknowledged' by CWR). If ECN nonces
are used, then there will be a 'nonce-sum' (NS) bit in the flags,
as well. Again, transparency of the reserved bits is crucial for
future-proofing this compression scheme. From an
efficiency/compression standpoint, the NS bit will either be
unused (always '0') or randomly changing. The nonce sum is the
1-bit sum of the ECT codepoints, as described in [19].
o CWR (Congestion Window Reduced)
'1' to signal congestion window reduced on ECN. It will generally
be set in individual packets. The flag will be set once per loss
event. Thus, the probability of its being set is proportional to
the degree of congestion in the network, but it is less likely to
be set than the CE flag.
o ECE (Echo Congestion Experience)
If 'congestion experienced' is signaled in a received IP header,
this is echoed through the ECE bit in segments sent by the
receiver until acknowledged by seeing the CWR bit set. Clearly,
in periods of high congestion and/or long RTT, this flag will
frequently be set to '1'.
During connection open (SYN and SYN/ACK packets), the ECN bits
have special meaning:
* CWR and ECN-E are both set with SYN to indicate desire to use
ECN.
West & McCann Informational [Page 25]
^L
RFC 4413 TCP/IP Field Behavior March 2006
* CWR only is set in SYN-ACK, to agree to ECN.
(The difference in bit-patterns for the negotiation is such that
it will work with broken stacks that reflect the value of
reserved bits).
o URG (Urgent Flag)
'1' to indicate urgent data (which is unlikely with any flag other
than ACK).
o ACK (Acknowledgement)
'1' for all except the initial 'SYN' packet.
o PSH (Push Function Field)
Generally accepted to be randomly '0' or '1'. However, it may be
biased more to one value than the other (this is largely caused by
the implementation of the stack).
o RST (Reset Connection)
'1' to reset a connection (unlikely with any flag other than ACK).
o SYN (Synchronize Sequence Number)
'1' for the SYN/SYN-ACK, only at the start of a connection.
o FIN (End of Data: FINished)
'1' to indicate 'no more data' (unlikely with any flag other than
ACK).
4.2.5. Checksum
Carried as the end-to-end check for the TCP data. See RFC 1144 [22]
for a discussion of why this should be carried. A header compression
scheme should not rely upon the TCP checksum for robustness, though,
and should apply appropriate error-detection mechanisms of its own.
The TCP checksum has to be considered to be randomly changing.
4.2.6. Window
This may oscillate randomly between 0 and the receiver's window limit
(for the connection).
West & McCann Informational [Page 26]
^L
RFC 4413 TCP/IP Field Behavior March 2006
In practice, the window will either not change or alternate between a
relatively small number of values. Particularly when the window is
closing (its value is getting smaller), the change in window is
likely to be related to the segment size, but it is not clear that
this necessarily offers any compression advantage. When the window
is opening, the effect of 'Silly-Window Syndrome' avoidance should be
remembered. This prevents the window from opening by small amounts
that would encourage the sender to clock out small segments.
When thinking about what fields might change in a sequence of TCP
segments, one should note that the receiver can generate 'window
update' segments in which only the window advertisement changes.
4.2.7. Urgent Pointer
From a compression point of view, the Urgent Pointer is interesting
because it offers an example where 'semantically identical'
compression is not the same as 'bitwise identical'. This is because
the value of the Urgent Pointer is only valid if the URG flag is set.
However, the TCP checksum must be passed transparently, in order to
maintain its end-to-end integrity checking property. Since the TCP
checksum includes the Urgent Pointer in its coverage, this enforces
bitwise transparency of the Urgent Pointer. Thus, the issue of
'semantic' vs. 'bitwise' identity is presented as a note: the Urgent
Pointer must be compressed in a way that preserves its value.
If the URG flag is set, then the Urgent Pointer indicates the end of
the urgent data and thus can point anywhere in the window. It may be
set (and changing) over several segments. Note that urgent data is
rarely used, since it is not a particularly clean way of managing
out-of-band data.
4.3. Options
Options occupy space at the end of the TCP header. All options are
included in the checksum. An option may begin on any byte boundary.
The TCP header must be padded with zeros to make the header length a
multiple of 32 bits.
Optional header fields are identified by an option kind field.
Options 0 and 1 are exactly one octet, which is their kind field.
All other options have their one-octet kind field, followed by a
one-octet length field, followed by length-2 octets of option data.
West & McCann Informational [Page 27]
^L
RFC 4413 TCP/IP Field Behavior March 2006
4.3.1. Options Overview
The IANA provides the authoritative list of TCP options. Figure 12
describes the current allocations at the time of publication. Any
new option would have a 'kind' value assigned by IANA. The list is
available at [20]. Where applicable, the associated RFC is also
cited.
+----+-------+------------------------------------+----------+-----+
|Kind|Length | Meaning | RFC | Use |
| |octets | | | |
+----+-------+------------------------------------+----------+-----+
| 0 | - | End of Option List | RFC 793 | * |
| 1 | - | No-Operation | RFC 793 | * |
| 2 | 4 | Maximum Segment Size | RFC 793 | * |
| 3 | 3 | WSopt - Window Scale | RFC 1323 | * |
| 4 | 2 | SACK Permitted | RFC 2018 | * |
| 5 | N | SACK | RFC 2018 | * |
| 6 | 6 | Echo (obsoleted by option 8) | RFC 1072 | |
| 7 | 6 | Echo Reply (obsoleted by option 8) | RFC 1072 | |
| 8 | 10 | TSopt - Time Stamp Option | RFC 1323 | * |
| 9 | 2 | Partial Order Connection Permitted | RFC 1693 | |
| 10 | 3 | Partial Order Service Profile | RFC 1693 | |
| 11 | 6 | CC | RFC 1644 | |
| 12 | 6 | CC.NEW | RFC 1644 | |
| 13 | 6 | CC.ECHO | RFC 1644 | |
| 14 | 3 | Alternate Checksum Request | RFC 1146 | |
| 15 | N | Alternate Checksum Data | RFC 1146 | |
| 16 | | Skeeter | | |
| 17 | | Bubba | | |
| 18 | 3 | Trailer Checksum Option | | |
| 19 | 18 | MD5 Signature Option | RFC 2385 | |
| 20 | | SCPS Capabilities | | |
| 21 | | Selective Negative Acks | | |
| 22 | | Record Boundaries | | |
| 23 | | Corruption experienced | | |
| 24 | | SNAP | | |
| 25 | | Unassigned (released 12/18/00) | | |
| 26 | | TCP Compression Filter | | |
+----+-------+------------------------------------+----------+-----+
Figure 12. Common TCP Options
The 'use' column is marked with '*' to indicate options that are most
likely to be seen in TCP flows. Also note that RFC 1072 [4] has been
obsoleted by RFC 1323 [7], although the original bit usage is defined
only in RFC 1072.
West & McCann Informational [Page 28]
^L
RFC 4413 TCP/IP Field Behavior March 2006
4.3.2. Option Field Behavior
Generally speaking, all option fields have been classified as
changing. This section describes the behavior of each option
referenced within an RFC, listed by 'kind' indicator.
0: End of Option List
This option code indicates the end of the option list. This
might not coincide with the end of the TCP header according to
the Data Offset field. This is used at the end of all options,
not at the end of each option, and it need only be used if the
end of the options would not otherwise coincide with the end of
the TCP header. Defined in RFC 793 [2].
There is no data associated with this option, so a compression
scheme must simply be able to encode its presence. However,
note that since this option marks the end of the list and the
TCP options are 4-octet aligned, there may be octets of padding
(defined to be '0' in [2]) after this option.
1: No-Operation
This option code may be used between options, for example, to
align the beginning of a subsequent option on a word boundary.
There is no guarantee that senders will use this option, so
receivers must be prepared to process options even if they do
not begin on a word boundary RFC 793 [2]. There is no data
associated with this option, so a compression scheme must
simply be able to encode its presence. This may be done by
noting that the option simply maintains a certain alignment and
that compression need only convey this alignment. In this way,
padding can just be removed.
2: Maximum Segment Size
If this option is present, then it communicates the maximum
segment size that may be used to send a packet to this end-
host. This field must only be sent in the initial connection
request (i.e., in segments with the SYN control bit set). If
this option is not used, any segment size is allowed RFC 793
[2].
This option is very common. The segment size is a 16-bit
quantity. Theoretically, this could take any value; however
there are a number of values that are common. For example,
1460 bytes is very common for TCP/IPv4 over Ethernet (though
with the increased prevalence of tunnels, for example, smaller
West & McCann Informational [Page 29]
^L
RFC 4413 TCP/IP Field Behavior March 2006
values such as 1400 have become more popular). 536 bytes is the
default MSS value. This may allow for common values to be
encoded more efficiently.
3: Window Scale Option (WSopt)
This option may be sent in a SYN segment by the TCP end-host
(1) to indicate that the sending TCP end-host is prepared to
perform both send and receive window scaling, and
(2) to communicate a scale factor to be applied to its receive
window.
The scale factor is encoded logarithmically as a power of 2
(presumably to be implemented by binary shifts). Note that the
window in the SYN segment itself is never scaled (RFC 1072
[4]). This option may be sent in an initial segment (i.e., in
a segment with the SYN bit on and the ACK bit off). It may
also be sent in later segments, but only if a Window Scale
option was received in the initial segment. A Window Scale
option in a segment without a SYN bit should be ignored. The
Window field in a SYN segment itself is never scaled (RFC 1323
[7]).
The use of window scaling does not affect the encoding of any
other field during the lifetime of the flow. Only the encoding
of the window scaling option itself is important. The window
scale must be between 0 and 14 (inclusive). Generally, smaller
values would be expected (a window scale of 14 allows for a
1Gbyte window, which is extremely large).
4: SACK-Permitted
This option may be sent in a SYN by a TCP that has been
extended to receive (and presumably to process) the SACK option
once the connection has opened RFC 2018 [12]. There is no data
in this option all that is required is for the presence of the
option to be encoded.
5: SACK
This option is to be used to convey extended acknowledgment
information over an established connection. Specifically, it
is to be sent by a data receiver to inform the data transmitter
of non-contiguous blocks of data that have been received and
queued. The data receiver awaits the receipt of data in later
retransmissions to fill the gaps in sequence space between
these blocks. At that time, the data receiver acknowledges the
data, normally by advancing the left window edge in the
West & McCann Informational [Page 30]
^L
RFC 4413 TCP/IP Field Behavior March 2006
Acknowledgment Number field of the TCP header. It is important
to understand that the SACK option will not change the meaning
of the Acknowledgment Number field, whose value will still
specify the left window edge, i.e., one byte beyond the last
sequence number of fully received data (RFC 2018 [12]).
If SACK has been negotiated (through an exchange of SACK-
Permitted options), then this option may occur when dropped
segments are noticed by the receiver. Because this identifies
ranges of blocks within the receiver's window, it can be viewed
as a base value with a number of offsets. The base value (left
edge of the first block) can be viewed as offset from the TCP
acknowledgement number. There can be up to 4 SACK blocks in a
single option. SACK blocks may occur in a number of segments
(if there is more out-of-order data 'on the wire'), and this
will typically extend the size of or add to the existing
blocks.
Alternative proposals such as DSACK RFC 2883 [17] do not
fundamentally change the behavior of the SACK block, from the
point of view of the information contained within it.
6: Echo
This option carries information that the receiving TCP may send
back in a subsequent TCP Echo Reply option (see below). A TCP
may send the TCP Echo option in any segment, but only if a TCP
Echo option was received in a SYN segment for the connection.
When the TCP echo option is used for RTT measurement, it will
be included in data segments, and the four information bytes
will define the time at which the data segment was transmitted
in any format convenient to the sender (see RFC 1072 [4]).
The Echo option is generally not used in practice -- it is
obsoleted by the Timestamp option. However, for transparency
it is desirable that a compression scheme be able to transport
it. (However, there is no benefit in attempting any treatment
more sophisticated than viewing it as a generic 'option').
7: Echo Reply
A TCP that receives a TCP Echo option containing four
information bytes will return these same bytes in a TCP Echo
Reply option. This TCP Echo Reply option must be returned in
the next segment (e.g., an ACK segment) that is sent. If more
than one Echo option is received before a reply segment is
sent, the TCP must choose only one of the options to echo,
West & McCann Informational [Page 31]
^L
RFC 4413 TCP/IP Field Behavior March 2006
ignoring the others; specifically, it must choose the newest
segment with the oldest sequence number (see RFC 1072 [4]).
The Echo Reply option is generally not used in practice -- it
is obsoleted by the Timestamp option. However, for
transparency it is desirable that a compression scheme be able
to transport it. (However, there is no benefit in attempting
any more sophisticated treatment than viewing it as a generic
'option').
8: Timestamps
This option carries two four-byte timestamp fields. The
Timestamp Value field (TSval) contains the current value of the
timestamp clock of the TCP sending the option. The Timestamp
Echo Reply field (TSecr) is only valid if the ACK bit is set in
the TCP header; if it is valid, it echoes a timestamp value
that was sent by the remote TCP in the TSval field of a
Timestamps option. When TSecr is not valid, its value must be
zero. The TSecr value will generally be from the most recent
Timestamp option that was received; however, there are
exceptions that are explained below. A TCP may send the
Timestamps option (TSopt) in an initial segment (i.e., a
segment containing a SYN bit and no ACK bit), and it may send a
TSopt in other segments only if it received a TSopt in the
initial segment for the connection (see RFC 1323 [7]).
Timestamps are quite commonly used. If timestamp options are
exchanged in the connection set-up phase, then they are
expected to appear on all subsequent segments. If this
exchange does not happen, then they will not appear for the
remainder of the flow.
Because the value being carried is a timestamp, it is logical
to expect that the entire value need not be carried. There is
no obvious pattern of increments that might be expected,
however.
An important reason for using the timestamp option is to allow
detection of sequence space wrap-around (Protection Against
Wrapped Sequence-number, or PAWS, see RFC 1323 [7]). It is not
expected that this is a serious concern on the links on which
TCP header compression would be deployed, but it is important
that the integrity of this option be maintained. This issue is
discussed in, for example, RFC 3150 [32]. However, the
proposed Eifel algorithm [35] makes use of timestamps, so it is
currently recommended that timestamps be used for cellular-type
links [34].
West & McCann Informational [Page 32]
^L
RFC 4413 TCP/IP Field Behavior March 2006
With regard to compression, note that the range of resolutions
for the timestamp suggested in RFC 1323 [7] is quite wide (1ms
to 1s per 'tick'). This (along with the perhaps wide variation
in RTT) makes it hard to select a set of encodings that will be
optimal in all cases.
9: Partial Order Connection (POC) permitted
This option represents a simple indicator communicated between
the two peer transport entities to establish the operation of
the POC protocol. See RFC 1693 [9].
The Partial Order Connection option sees little (or no) use in
the current Internet, so the only requirement is that the
header compression scheme be able to encode it.
10: POC service profile
This option serves to communicate the information necessary to
carry out the job of the protocol -- the type of information
that is typically found in the header of a TCP segment. The
Partial Order Connection option sees little (or no) use in the
current Internet, so the only requirement is that the header
compression scheme be able to encode it.
11: Connection Count (CC)
This option is part of the implementation of TCP Accelerated
Open (TAO) that effectively bypasses the TCP Three-Way
Handshake (3WHS). TAO introduces a 32-bit incarnation number,
called a "connection count" (CC), that is carried in a TCP
option in each segment. A distinct CC value is assigned to
each direction of an open connection. The implementation
assigns monotonically increasing CC values to successive
connections that it opens actively or passively (see RFC 1644
[8]). This option sees little (or no) use in the current
Internet, so the only requirement is that the header
compression scheme be able to encode it.
12: CC.NEW
Correctness of the TAO mechanism requires that clients generate
monotonically increasing CC values for successive connection
initiations. Receiving a CC.NEW causes the server to
invalidate its cache entry and to do a 3WHS. See RFC 1644 [8].
This option sees little (or no) use in the current Internet, so
the only requirement is that the header compression scheme be
able to encode it.
West & McCann Informational [Page 33]
^L
RFC 4413 TCP/IP Field Behavior March 2006
13: CC.ECHO
When a server host sends a segment, it echoes the connection
count from the initial in a CC.ECHO option, which is used by
the client host to validate the segment (see RFC 1644 [8]).
This option sees little (or no) use in the current Internet, so
the only requirement is that the header compression scheme be
able to encode it.
14: Alternate Checksum Request
This option may be sent in a SYN segment by a TCP to indicate
that the TCP is prepared to both generate and receive checksums
based on an alternate algorithm. During communication, the
alternate checksum replaces the regular TCP checksum in the
checksum field of the TCP header. Should the alternate
checksum require more than 2 octets to transmit, either the
checksum may be moved into a TCP Alternate Checksum Data Option
and the checksum field of the TCP header be sent as zero, or
the data may be split between the header field and the option.
Alternate checksums are computed over the same data as the
regular TCP checksum; see RFC 1146 [5].
This option sees little (or no) use in the current Internet, so
the only requirement is that the header compression scheme be
able to encode it. It would only occur in connection set-up
(SYN) packets. Even if this option were used, it would not
affect the handling of the checksum, since this should be
carried transparently in any case.
15: Alternate Checksum Data
This field is used only when the alternate checksum that is
negotiated is longer than 16 bits. These checksums will not
fit in the checksum field of the TCP header and thus at least
part of them must be put in an option. Whether the checksum is
split between the checksum field in the TCP header and the
option or the entire checksum is placed in the option is
determined on a checksum-by-checksum basis. The length of this
option will depend on the choice of alternate checksum
algorithm for this connection; see RFC 1146 [5].
If an alternative checksum was negotiated in the connection
set-up, then this option may appear on all subsequent packets
(if needed to carry the checksum data). However, this option
is in practice never seen, so the only requirement is that the
header compression scheme be able to encode it.
West & McCann Informational [Page 34]
^L
RFC 4413 TCP/IP Field Behavior March 2006
16 - 18:
These non-RFC option types are not considered in this document.
19: MD5 Digest
Every segment sent on a TCP connection to be protected against
spoofing will contain the 16-byte MD5 digest produced by
applying the MD5 algorithm to a concatenated block of data
[13].
Upon receiving a signed segment, the receiver must validate it
by calculating its own digest from the same data (using its own
key) and comparing the two digests. A failing comparison must
result in the segment's being dropped and must not produce any
response back to the sender. Logging the failure is probably
advisable.
Unlike other TCP extensions (e.g., the Window Scale option
[7]), the absence of the option in the SYN-ACK segment must not
cause the sender to disable its sending of signatures. This
negotiation is typically done to prevent some TCP
implementations from misbehaving upon receiving options in non-
SYN segments. This is not a problem for this option, since the
SYN-ACK sent during connection negotiation will not be signed
and will thus be ignored. The connection will never be made,
and non-SYN segments with options will never be sent. More
importantly, the sending of signatures must be under the
complete control of the application, not at the mercy of a
remote host not understanding the option. MD5 digest
information should, like any cryptographically secure data, be
incompressible. Therefore the compression scheme must simply
transparently carry this option, if it occurs.
20 - 26;
Thse non-RFC option types are not considered in this document.
This only means that their behavior is not described in detail,
as a compression scheme is not expected to be optimised for
these options. However, any unrecognised option must be
carried by a TCP compression scheme transparently, in order to
work efficiently in the presence of new or rare options.
The above list covers options known at the time of writing. Other
options are expected to be defined. It is important that any future
options can be handled by a header compression scheme. The
processing of as-yet undefined options cannot be optimised but, at
the very least, unknown options should be carried transparently.
West & McCann Informational [Page 35]
^L
RFC 4413 TCP/IP Field Behavior March 2006
The current model for TCP options is that an option is negotiated in
the SYN exchange and used thereafter, if the negotiation succeeds.
This leads to some assumptions about the presence of options (being
only on packets with the SYN flag set, or appearing on every packet,
for example). Where such assumptions hold true, it may be possible
to optimise compression of options slightly. However, it is seen as
undesirable to be so constrained, as there is no guarantee that
option handling and negotiation will remain the same in the future.
Also note that a compressor may not process the SYN packets of a flow
and cannot, therefore, be assumed to know which options have been
negotiated.
5. Other Observations
5.1. Implicit Acknowledgements
There may be a small number of cues for 'implicit acknowledgements'
in a TCP flow. Even if the compressor only sees the data transfer
direction, for example, seeing a packet without the SYN flag set
implies that the SYN packet has been received.
There is a clear requirement for the deployment of compression to be
topologically independent. This means that it is not actually
possible to be sure that seeing a data packet at the compressor
guarantees that the SYN packet has been correctly received by the
decompressor (as the SYN packet may have taken an alternative path).
However, there may be other such cues, which may be used in certain
circumstances to improve compression efficiency.
5.2. Shared Data
It can be seen that there are two distinct deployments (i) where the
forward (data) and reverse (ACK) path are both carried over a common
link, and (ii) where the forward (data) and reverse (ACK) path are
carried over different paths, with a specific link carrying packets
corresponding to only one direction of communication.
In the former case, a compressor and decompressor could be colocated.
It may then be possible for the compressor and decompressor at each
end of the link to exchange information. This could lead to possible
optimizations.
For example, acknowledgement numbers are generally taken from the
sequence numbers in the opposite direction. Since an acknowledgement
cannot be generated for a packet that has not passed across the link,
this offers an efficient way of encoding acknowledgements.
West & McCann Informational [Page 36]
^L
RFC 4413 TCP/IP Field Behavior March 2006
5.3. TCP Header Overhead
For a TCP bulk data-transfer, the overhead of the TCP header does not
form a large proportion of the data packet (e.g., < 3% for a 1460
octet packet), particularly compared to the typical RTP voice case.
Spectral efficiency is clearly an important goal. However,
extracting every last bit of compression gain offers only marginal
benefit at a considerable cost in complexity. This trade-off, of
efficiency and complexity, must be addressed in the design of a TCP
compression profile.
However, in the acknowledgement direction (i.e., for 'pure'
acknowledgement headers), the overhead could be said to be infinite
(since there is no data being carried). This is why optimizations
for the acknowledgement path may be considered useful.
There are a number of schemes for manipulating TCP acknowledgements
to reduce the ACK bandwidth. Many of these are documented in [33]
and [32]. Most of these schemes are entirely compatible with header
compression, without requiring any particular support. While it is
not expected that a compression scheme will be optimised for
experimental options, it is useful to consider these when developing
header compression schemes, and vice versa. A header compression
scheme must be able to support any option (including ones as yet
undefined).
5.4. Field Independence and Packet Behavior
It should be apparent that direct comparisons with the highly
'packet'-based view of RTP compression are hard. RTP header fields
tend to change regularly per-packet, and many fields (IPv4 IP ID, RTP
sequence number, and RTP timestamp, for example) typically change in
a dependent manner. However, TCP fields, such as sequence number
tend to change more unpredictably, partly because of the influence of
external factors (size of TCP windows, application behavior, etc.).
Also, the field values tend to change independently. Overall, this
makes compression more challenging and makes it harder to select a
set of encodings that can successfully trade off efficiency and
robustness.
5.5. Short-Lived Flows
It is hard to see what can be done to improve performance for a
single, unpredictable, short-lived connection. However, there are
commonly cases where there will be multiple TCP connections between
the same pair of hosts. As a particular example, consider web
browsing (this is more the case with HTTP/1.0 [25] than with HTTP/1.1
[26]).
West & McCann Informational [Page 37]
^L
RFC 4413 TCP/IP Field Behavior March 2006
When a connection closes, either it is the last connection between
that pair of hosts or it is likely that another connection will open
within a relatively short space of time. In this case, the IP header
part of the context (i.e., those fields characterised in Section 2.1)
will probably be almost identical. Certain aspects of the TCP
context may also be similar.
Support for context replication is discussed in more detail in
Section 3. Overall, support for sub-context sharing or initializing
one context from another offers useful optimizations for a sequence
of short-lived connections.
Note that, although TCP is connection oriented, it is hard for a
compressor to tell whether a TCP flow has finished. For example,
even in the 'bi-directional' link case, seeing a FIN and the ACK of
the FIN at the compressor/decompressor does not mean that the FIN
cannot be retransmitted. Thus, it may be more useful to think about
initializing a new context from an existing one, rather than re-using
an existing one.
As mentioned previously in Section 4.1.3, the IP header can clearly
be shared between any transport-layer flows between the same two
end-points. There may be limited scope for initialisation of a new
TCP header from an existing one. The port numbers are the most
obvious starting point.
5.6. Master Sequence Number
As pointed out earlier, in Section 4.1.3, there is no obvious
candidate for a 'master sequence number' in TCP. Moreover, it is
noted that such a master sequence number is only required to allow a
decompressor to acknowledge packets in bi-directional mode. It can
also be seen that such a sequence number would not be required for
every packet.
While the sequence number only needs to be 'sparse', it is clear that
there is a requirement for an explicitly added sequence number.
There are no obvious ways to guarantee the unique identity of a
packet other than by adding such a sequence number (sequence and
acknowledgement numbers can both remain the same, for example).
5.7. Size Constraint for TCP Options
As can be seen from the above analysis, most TCP options, such as
MSS, WSopt, or SACK-Permitted, may appear only on a SYN segment.
Every implementation should (and we expect that most will) ignore
unknown options on SYN segments. TCP options will be sent on non-SYN
segments only when an exchange of options on the SYN segments has
West & McCann Informational [Page 38]
^L
RFC 4413 TCP/IP Field Behavior March 2006
indicated that both sides understand the extension. Other TCP
options, such as MD5 Digest or Timestamp, also tend to be sent when
the connection is initiated (i.e., in the SYN packet).
The total header size is also an issue. The TCP header specifies
where segment data starts with a 4-bit field that gives the total
size of the header (including options) in 32-bit words. This means
that the total size of the header plus option must be less than or
equal to 60 bytes. This leaves 40 bytes for options.
6. Security Considerations
Since this document only describes TCP field behavior, it raises no
direct security concerns.
This memo is intended to be used to aid the compression of TCP/IP
headers. Where authentication mechanisms such as IPsec AH [24] are
used, it is important that compression be transparent. Where
encryption methods such as IPsec ESP [27] are used, the TCP fields
may not be visible, preventing compression.
7. Acknowledgements
Many IP and TCP RFCs (hopefully all of which have been collated
below), together with header compression schemes from RFC 1144 [22],
RFC 3544 [36], and RFC 3095 [31], and of course the detailed analysis
of RTP/UDP/IP in RFC 3095, have been sources of ideas and knowledge.
Further background information can also be found in [28] and [29].
This document also benefited from discussion on the ROHC mailing list
and in various corridors (virtual or otherwise) about many key
issues; special thanks go to Qian Zhang, Carsten Bormann, and Gorry
Fairhurst.
Qian Zhang and Hongbin Liao contributed the extensive analysis of
shareable header fields.
Any remaining misrepresentation or misinterpretation of information
is entirely the fault of the authors.
West & McCann Informational [Page 39]
^L
RFC 4413 TCP/IP Field Behavior March 2006
8. References
8.1. Normative References
[1] Postel, J., "Internet Protocol", STD 5, RFC 791, September
1981.
[2] Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
September 1981.
[3] Nagle, J., "Congestion control in IP/TCP internetworks", RFC
896, January 1984.
[4] Jacobson, V. and R. Braden, "TCP extensions for long-delay
paths", RFC 1072, October 1988.
[5] Zweig, J. and C. Partridge, "TCP alternate checksum options",
RFC 1146, March 1990.
[6] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191,
November 1990.
[7] Jacobson, V., Braden, B., and D. Borman, "TCP Extensions for
High Performance", RFC 1323, May 1992.
[8] Braden, B., "T/TCP -- TCP Extensions for Transactions
Functional Specification", RFC 1644, July 1994.
[9] Connolly, T., Amer, P., and P. Conrad, "An Extension to TCP:
Partial Order Service", RFC 1693, November 1994.
[10] Bellovin, S., "Defending Against Sequence Number Attacks", RFC
1948, May 1996.
[11] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery for
IP version 6", RFC 1981, August 1996.
[12] Mathis, M., Mahdavi, J., Floyd, S., and A. Romanow, "TCP
Selective Acknowledgment Options", RFC 2018, October 1996.
[13] Heffernan, A., "Protection of BGP Sessions via the TCP MD5
Signature Option", RFC 2385, August 1998.
[14] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of
the Differentiated Services Field (DS Field) in the IPv4 and
IPv6 Headers", RFC 2474, December 1998.
West & McCann Informational [Page 40]
^L
RFC 4413 TCP/IP Field Behavior March 2006
[15] Ramakrishnan, K. and S. Floyd, "A Proposal to add Explicit
Congestion Notification (ECN) to IP", RFC 2481, January 1999.
[16] Allman, M., Paxson, V., and W. Stevens, "TCP Congestion
Control", RFC 2581, April 1999.
[17] Floyd, S., Mahdavi, J., Mathis, M., and M. Podolsky, "An
Extension to the Selective Acknowledgement (SACK) Option for
TCP", RFC 2883, July 2000.
[18] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of
Explicit Congestion Notification (ECN) to IP", RFC 3168,
September 2001.
[19] Spring, N., Wetherall, D., and D. Ely, "Robust Explicit
Congestion Notification (ECN) Signaling with Nonces", RFC
3540, June 2003.
8.2. Informative References
[20] IANA, "IANA", IANA TCP options, February 1998,
<http://www.iana.org/assignments/tcp-parameters>.
[21] Braden, R., "Requirements for Internet Hosts - Communication
Layers", STD 3, RFC 1122, October 1989.
[22] Jacobson, V., "Compressing TCP/IP headers for low-speed serial
links", RFC 1144, February 1990.
[23] Almquist, P., "Type of Service in the Internet Protocol Suite",
RFC 1349, July 1992.
[24] Kent, S. and R. Atkinson, "IP Authentication Header", RFC 2402,
November 1998.
[25] Berners-Lee, T., Fielding, R., and H. Nielsen, "Hypertext
Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996.
[27] Kent, S. and R. Atkinson, "IP Encapsulating Security Payload
(ESP)", RFC 2406, November 1998.
[26] Fielding, R., Gettys, J., Mogul, J., Nielsen, H., and T.
Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC
2068, January 1997.
[28] Degermark, M., Nordgren, B., and S. Pink, "IP Header
Compression", RFC 2507, February 1999.
West & McCann Informational [Page 41]
^L
RFC 4413 TCP/IP Field Behavior March 2006
[29] Casner, S. and V. Jacobson, "Compressing IP/UDP/RTP Headers for
Low-Speed Serial Links", RFC 2508, February 1999.
[30] Bradner, S. and V. Paxson, "IANA Allocation Guidelines For
Values In the Internet Protocol and Related Headers", BCP 37,
RFC 2780, March 2000.
[31] Bormann, C., Burmeister, C., Degermark, M., Fukushima, H.,
Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, K.,
Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., Wiebke, T.,
Yoshimura, T., and H. Zheng, "RObust Header Compression (ROHC):
Framework and four profiles: RTP, UDP, ESP, and uncompressed",
RFC 3095, July 2001.
[32] Dawkins, S., Montenegro, G., Kojo, M., and V. Magret, "End-to-
end Performance Implications of Slow Links", BCP 48, RFC 3150,
July 2001.
[33] Balakrishnan, Padmanabhan, V., Fairhurst, G., and M.
Sooriyabandara, "TCP Performance Implications of Network Path
Asymmetry", RFC 3449, December 2002.
[34] Inamura, H., Montenegro, G., Ludwig, R., Gurtov, A., and F.
Khafizov, "TCP over Second (2.5G) and Third (3G) Generation
Wireless Networks", RFC 3481, February 2003.
[35] Ludwig, R. and M. Meyer, "The Eifel Detection Algorithm for
TCP", RFC 3522, April 2003.
[36] Engan, M., Casner, S., Bormann, C., and T. Koren, "IP Header
Compression over PPP", RFC 3544, July 2003.
[37] Karn, P., Bormann, C., Fairhurst, G., Grossman, D., Ludwig, R.,
Mahdavi, J., Montenegro, G., Touch, J., and L. Wood, "Advice
for Internet Subnetwork Designers", BCP 89, RFC 3819, July
2004.
West & McCann Informational [Page 42]
^L
RFC 4413 TCP/IP Field Behavior March 2006
Authors' Addresses
Mark A. West
Siemens/Roke Manor Research
Roke Manor Research Ltd.
Romsey, Hants SO51 0ZN
UK
Phone: +44 (0)1794 833311
EMail: mark.a.west@roke.co.uk
URI: http://www.roke.co.uk
Stephen McCann
Siemens/Roke Manor Research
Roke Manor Research Ltd.
Romsey, Hants SO51 0ZN
UK
Phone: +44 (0)1794 833341
EMail: stephen.mccann@roke.co.uk
URI: http://www.roke.co.uk
West & McCann Informational [Page 43]
^L
RFC 4413 TCP/IP Field Behavior March 2006
Full Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
West & McCann Informational [Page 44]
^L
|
