TCP-in-UDP Solution (eBPF)
10 months ago
- #Networking
- #MPTCP
- #eBPF
- MPTCP protocol is complex to survive middleboxes like NATs, firewalls, IDS, or proxies.
- MPTCP connections can fallback to plain TCP, though this is rarer now due to widespread use since 2013.
- Performance Enhancing Proxies (PEPs) on some mobile networks may still block MPTCP connections.
- TCP-in-UDP is a simpler tunneling solution for MPTCP, using eBPF without extra data per packet or VPN setup.
- TCP-in-UDP reorders TCP header items to start with UDP header, inspired by an old IETF draft.
- The solution modifies the layer 4 protocol in layer 3 and switches Urgent Pointer to Length, affecting checksum.
- Linux network stack optimizations like GRO and TSO/GSO complicate per-packet handling in TCP-in-UDP.
- Checksum issues arise due to skb->csum_offset differences between TCP and UDP, requiring workarounds.
- MTU/MSS adjustments may be necessary to avoid IP fragmentation when using TCP-in-UDP.
- The eBPF program can be deployed on clients and servers to bypass middleboxes blocking MPTCP or other protocols.