Lightweight Middlebox TCP

Abstract

Nowadays, middleboxes are important actors of the Internet and they are used in many contexts such as network address translation, firewalls, load balancers, and intrusion detection systems, among others. Consequently, their implementation can have a great impact on the performance of networks and it is thus crucial to ensure that they do not become bottlenecks.

The objective of this work is to develop a lightweight and middlebox-oriented TCP stack that takes into account the specificities of the context in which middleboxes work in order to provide them with the ability to inspect and modify the traffic, as well as inject packets. All of this on the fly. This manuscript first describes the architecture of the developed framework, listing its components and functionalities, and how to use them to create middleboxes.

We then continue by providing information about the development and the design of the framework, describing the underlying data structures. In addition, we detail the algorithms at the heart of the TCP stack as well as the corresponding time complexities and we explain why they are important to achieve our goals.

The results indicate that it is possible to use this framework to implement a middlebox that performs deep packet inspection with a small and constant overhead. On the other hand, when the middlebox starts modifying the flows, the overhead becomes linear regarding the size of the content. We show that the modularity of the framework we developed allows the users to mitigate the induced overhead by selecting only the features they need.

Finally, we list some elements that could not be implemented in this work, proposing some improvements to the present work that could be made in the future in order to extend it.