TCP splicing for application layer proxy performance |
| David Maltz, Pravin Bhagwat |
| Application layer proxies already play an important
role in today's networks, serving as firewalls and HTTP caches --- and
their role is being expanded to include encryption, compression, and mobility
support services. Current application layer proxies suffer major
performance penalties as they spend most of their time moving data back
and forth between connections; context switching and crossing protection
boundaries for each chunk of data they handle. We present a technique
called TCP Splice that provides kernel support for data relaying
operations which runs at near router speeds. In our lab testing,
we find SOCKS firewalls using TCP Splice can sustain a data throughput
twice that of normal firewalls, with an average packet forwarding latency
30 times less.
|
| Paper (gzipped postscript) |
|
|