Performance-enhancing proxy

Performance-enhancing proxies (PEPs) are network agents designed to improve the end-to-end performance of some communication protocols. PEP standards are defined in RFC 3135 (PEPs intended to mitigate link-related degradations) and RFC 3449 (TCP performance implications of network path asymmetry).



Classification
Available PEP implementations use different methods to enhance performance.


 * Proxy type: A PEP can either 'split' a connection or 'snoop' into it. In the first case, the proxy pretends to be the opposite endpoint of the connection in each direction, literally splitting the connection into two. In the latter case, the proxy controls the transmissions of the TCP segments in both directions, by ack filtering and reconstruction in the existing connection (see protocol spoofing). This is based on the OSI level of implementation of the PEP.
 * Distribution: PEPs can be either integrated or distributed. Integrated PEP will run on a single box, while distributed PEP will require to be installed on both sides of the link that cause the performance degradation. This is quite common in commercial PEP devices, which act as a black box, using more or less open protocols to communicate between them in the place of TCP.
 * Symmetry: A PEP implementation may be symmetric or asymmetric. Symmetric PEPs use identical behavior in both directions; the actions taken by the PEP occur independent from which interface a packet is received. Asymmetric PEPs operate differently in each direction, which can cause, for example, only one link direction performance to be enhanced.

Types
There are a range of different types of PEPs. Each is used to solve a link related problem. Some common types include:
 * Split-TCP
 * Ack decimation
 * Snoop
 * D-proxy

Split TCP
Split TCP is typically used to solve TCP problems with large round-trip delay times. A typical system uses Split TCP PEPs to improve TCP performance over a satellite link. Split TCP functions by breaking the end-to-end connection into multiple connections and using different parameters to transfer data across the different legs. The end systems use standard TCP with no modifications, and do not need to know of the existence of the PEPs in between. Split TCP intercepts TCP connections from the end systems and terminates them. This allows the end systems to run unmodified and can overcome some problems with TCP window sizes on the end systems being set too low for satellite communications.

Ack filtering/decimation
Ack filtering or decimation is used on highly asymmetric links. In asymmetric links the upstream and downstream rates vary widely. A common example is satellite broadband where a downstream satellite link provides significantly greater bandwidths than the upstream dialup modem link. In this scenario, the speed at which the modem can return TCP acknowledgements can be a limiting factor. As TCP acknowledgements are cumulatively acknowledged some can be decimated or filtered to improve performance.

Snoop
The Snoop proxy is an example of an integrated proxy. It is designed to hide interference or collision-based packet loss over a wireless link. Snoop proxies detect losses by monitoring TCP transmissions for duplicate acknowledgements. When duplicate TCP acknowledgements, indicating a packet loss, are received by Snoop, they will be silently dropped and lost data packet will be retransmitted. The TCP sender should have no knowledge of the loss. This should prevent TCP senders from unnecessarily reducing the TCP window.

D-Proxy
D-Proxy is also designed to hide interference or collision based packet loss over a wireless link. D-Proxy is a new distributed TCP proxy, requiring a proxy on either side of the lossy link. Like Snoop, it uses TCP sequence numbers to detect lost packets. However, it has a proactive approach, monitoring the TCP sequence numbers on data packets rather than acknowledgements. When packet loss occurs, the TCP stream will be temporarily buffered until the missing packet can be recovered and re-sequenced.