SSTP: The problem with TCP over TCP, Part 1

Posted: June 28, 2011 in TCP

TCP over TCP: Issues and Concerns
The Transmission Control Protocol (TCP) is undoubtedly a fundamental component in all modern day networks. The difficultly with TCP, however, begins when operating a TCP tunnel within TCP itself, which is often the case when operating VPNs in order to protect one’s online privacy. A TCP tunnel is an important networking feature designed to aggregate and transfer packets sent between end hosts as a single TCP connection. This is useful for creating secure, point-to-point VPN connections to not only protect privacy but to create the illusion that users are directly connected to a Local Area Network (LAN). Corporations use this technology to connect telecommuters and workers on the road with corporate servers. Gamers use it for games that only offer LAN-based networking features. Average consumers use it to prevent their data from being intercepted by nearby hackers.

What all of these users share in common is the problem a TCP-based tunnel has when running within an existing TCP connection. TCP was originally designed with congestion controls that help mitigate issues with slow, latent and unreliable networks. When TCP was first designed, consumers did not have ultra-fast Internet connectivity. In fact, most consumers did not have Internet connectivity at all. If they did, it was a dial-up connection ranging from 300 to 1200 bits per second (bps) over unreliable copper telephone wire. Even universities and corporations had relatively slow and unreliable connections when compared to today’s standards. As a result, protocols like TCP were designed to accommodate this by using various congestion controls that would help to achieve high network performance while avoiding congestion collapse. These mechanisms contain timers, sent data acknowledgments and controls for the rate of data entering the network. Today’s modern TCP protocol implementations use the following four algorithms to maintain high performance: congestion avoidance, fast recovery, fast retransmit and slow-start.

This post was contributed by For information on contributing content, click here.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s