[182922] in North American Network Operators' Group
RE: multipath tcp now in production use for linux based mobile devices
daemon@ATHENA.MIT.EDU (Darden, Patrick)
Tue Aug 4 16:10:53 2015
X-Original-To: nanog@nanog.org
From: "Darden, Patrick" <Patrick.Darden@p66.com>
To: Colin Johnston <colinj@gt86car.org.uk>, "nanog@nanog.org list"
<nanog@nanog.org>
Date: Tue, 4 Aug 2015 20:08:38 +0000
In-Reply-To: <D95C3C08-8F67-4F6B-BA8B-A5D32C7E463B@gt86car.org.uk>
Errors-To: nanog-bounces@nanog.org
So, obviously, MPTCP can cause problems with Stateful Firewalls (as in asym=
metric routing, out of state packets, etc.). Cisco's take on how to deal w=
ith MPTCP is just as interesting as MPTCP itself is.
http://www.cisco.com/c/en/us/support/docs/ip/transmission-control-protocol-=
tcp/116519-technote-mptcp-00.html
Yep, for regular ASAs they advise you to let everything with option 30 set =
in the header have a free pass to your network (turn off NOOP replacement =
of option 30 in TCP headers via a tcp-map)... and btw, turn off packet insp=
ection.
For ASA-X "next generation" firewalls with modern code levels, this behavio=
r seems to be default, although it looks like you can have your packet insp=
ection as well.
--p
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Colin Johnston
Sent: Saturday, August 01, 2015 1:45 AM
To: nanog@nanog.org list
Subject: [EXTERNAL]multipath tcp now in production use for linux based mobi=
le devices
http://blog.multipath-tcp.org/blog/html/2015/07/24/korea.html
