US20190007915A1 - Method for effective pmtu discovery in vpn environment - Google Patents
Method for effective pmtu discovery in vpn environment Download PDFInfo
- Publication number
- US20190007915A1 US20190007915A1 US15/986,100 US201815986100A US2019007915A1 US 20190007915 A1 US20190007915 A1 US 20190007915A1 US 201815986100 A US201815986100 A US 201815986100A US 2019007915 A1 US2019007915 A1 US 2019007915A1
- Authority
- US
- United States
- Prior art keywords
- gateway
- transmission unit
- maximum transmission
- unit value
- current maximum
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W56/00—Synchronisation arrangements
- H04W56/001—Synchronization between nodes
- H04W56/0015—Synchronization between nodes one node acting as a reference for the others
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/36—Flow control; Congestion control by determining packet size, e.g. maximum transfer unit [MTU]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/36—Flow control; Congestion control by determining packet size, e.g. maximum transfer unit [MTU]
- H04L47/365—Dynamic adaptation of the packet size
Definitions
- the present invention generally relates to path maximum transmission unit discovery. More specifically, the present invention relates to a more effective method for path maximum transmission unit discovery.
- An information handling system generally processes, compiles, stores, or communicates information or data for business, personal, or other purposes.
- Technology and information handling needs and requirements can vary between different applications.
- information handling systems can also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information can be processed, stored, or communicated.
- the variations in information handling systems allow information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, internet of things (IOT) monitoring and communications, or global communications.
- IOT internet of things
- information handling systems can include a variety of hardware and software resources that can be configured to process, store, and communicate information and can include one or more computer systems, graphics interface systems, data storage systems, and networking systems. Information handling systems can also implement various virtualized architectures. Data communications among information handling systems may be via networks that are wired, wireless, optical or some combination.
- MTU Maximum transmission unit
- IP Internet Protocol
- PMTUD Path maximum transmission unit discovery
- MTU maximum transmission unit
- IP Internet Protocol
- IP fragmentation When IP fragmentation occurs, an initial packet of data being transmitted in the network may be broken up into multiple smaller packets of data. IP fragmentation may occur when the transmitted packet MTU size is larger than MTU size of the network path between the two IP hosts. IP fragmentation creates these smaller packets from the initial packet of data that can now be transmitted between the two IP hosts through the network. When IP fragmentation occurs, however, the initial data packet may be dropped from the network one or more times until the data packet is broken into a size that is transmittable based on the MTU size of the network path. In situations where the MTU size of the network path between two VPN hosts fluctuates, frequent dropping of data packets can negatively impact the quality of the network since errors and transmissions of the same data packets may occur numerous times.
- the data packets being transmitted may also change in size based on the additional information associated with the data being transmitted between the two IP hosts.
- IPSecurity or Internet security protocol
- IPsec Virtual Private Networks
- the IPSecurity (aka IPsec) protocol includes additional information transmitted with the data packet for security purposes.
- additional information includes authentication header and encapsulating security payload).
- the inclusion of the IPsec protocols may increase the size of the data packet being transmitted between the two IP hosts. In some situations, the size of the data packet may be greater than the MTU of the network path.
- a method for path maximum transmission unit discovery includes performing tunnel negotiations between a first gateway and a second gateway in order to establish a network tunnel for the gateways usable to transmit data packets having an initial path maximum transmission unit value.
- the tunnel negotiations include calculating a maximum transmission unit value for each gateway, advertising the calculated value, acknowledging receipt of the advertised calculated value and calculating an initial maximum transmission unit value for both gateways. This initial maximum transmission unit value is used in the established network tunnel to transmit data packets between the gateways to ensure that data packets are not dropped during transmission.
- a method for syncing path maximum transmission unit values between two gateways using an already established network tunnel is also claimed.
- the method detects changes in maximum transmission unit value associated with at least one of the gateways after the network tunnel has been established.
- the detected change is advertised to the other gateway associated with the network tunnel.
- each of the gateways After acknowledging receipt of the advertised change in the maximum transmission unit value, each of the gateways update their own maximum transmission unit value based on the advertised change. This updated maximum transmission unit value is used by the gateways to transmit subsequent data packets across the network tunnel in order to ensure that the transmitted data packets are not dropped.
- FIG. 1 illustrates an exemplary enterprise network.
- FIG. 2 illustrates an existing method of Path Maximum Unit Transmission Discovery (PMTUD).
- PMTUD Path Maximum Unit Transmission Discovery
- FIG. 3 illustrates an existing method of PMTUD where the MTU value of a gateway changes.
- FIG. 4 illustrates a method for establishing an initial MTU negotiation.
- FIG. 5 illustrates a method for updating MTU between the two gateways after the network tunnel has been established.
- FIG. 6 illustrates an exemplary notification payload.
- the systems and methods described herein are directed towards a different path MTU discovery (PMTUD) than what has been previously used in the art.
- PMTUD path MTU discovery
- the present systems and methods implement communication for the network paths so that each IP host (e.g., VPN gateways) knows their peer's MTU during tunnel negotiations.
- This communication sets an ideal PMTU value for the network path between each IP host at the beginning before transmission of data begins.
- the systems and methods also monitor changes in the MTU values for each of the IP host while transmission of data is occurring. If one or both of the IP hosts' MTU value changes, this change is identified and synchronized accordingly. In this way, the PMTU is recalculated to an appropriate value immediately so that future data packets can be formed to satisfy the updated MTU value.
- the systems and methods provide a more efficient way for these network communications (e.g., in VPN environments) to communicate since less data packets are dropped as communication between the IP host occurs.
- FIG. 1 illustrates an exemplary enterprise network 100 .
- the enterprise network may include one or more information handling systems that may include any instrumentality or aggregate of instrumentalities operable to compute, classify, process, transmit, receive, retrieve, originate, switch, store, display, manifest, detect, record, reproduce, handle, or utilize any form of information, intelligence, or data for business, scientific, control, entertainment, or other purposes.
- an information handling system may be a personal computer, a smart phone, a PDA, a mobile information handling system, a consumer electronic device, a network server or storage device, a switch router or other network communication device, or any other suitable device and may vary in size, shape, performance, functionality, and price.
- the information handling system may include memory, one or more processing resources such as a central processing unit (CPU) or hardware or software control logic, and operates to execute code. Additional components of the information handling system may include one or more storage devices that can store code, one or more communications ports for communicating with external devices as well as various input and output (I/O) devices, such as a keyboard, a mouse, and a video display. The information handling system may also include one or more buses operable to transmit communications between the various hardware components.
- processing resources such as a central processing unit (CPU) or hardware or software control logic
- Additional components of the information handling system may include one or more storage devices that can store code, one or more communications ports for communicating with external devices as well as various input and output (I/O) devices, such as a keyboard, a mouse, and a video display.
- I/O input and output
- the information handling system may also include one or more buses operable to transmit communications between the various hardware components.
- VPN network i.e. VPN network
- Each of the gateways A ( 110 ) and B ( 120 ) each have an associated maximum transmission unit (MTU) value that specifies the amount of data that can be transmitted and received by that particular gateway.
- MTU maximum transmission unit
- each of the gateways can transmit and receive data from each other with no issues.
- issues arise when the MTU values of both gateways ( 110 , 120 ) are different.
- the difference in the MTU values of the two gateways ( 110 , 120 ) cause inefficiencies in the network communications.
- FIG. 2 illustrates an existing method 200 of Path Maximum Unit Transmission Discovery (PMTUD).
- PMTUD Path Maximum Unit Transmission Discovery
- FIG. 2 illustrates the method 200 for PMTUD that is currently implemented in networks for situations where two MTU values between the gateways within the VPN network are not the same.
- Gateway-1 ( 205 ) may be a home office gateway that is using a PPPoE (Point-to-Point Protocol over Ethernet) link.
- This gateway 205 may have, for example, an initial MTU of 1500.
- Gateway-2 ( 210 ) this gateway may correspond to an Ethernet link that has an MTU of 1480.
- the method 200 may take into account any identified offset MTU value corresponding to associated overload (e.g., IPSecurity) information (e.g., authentication header) that will be included with the data packets during transmission between Gateway-1 ( 205 ) and Gateway-2 ( 210 ). Described below, with reference to FIG. 6 , the header is used to transmit MTU-related information between gateways.
- IPSecurity e.g., authentication header
- each of the gateways 205 , 210 establishes a network tunnel used to transmit data packets between Gateway-2 ( 105 ) and Gateway-2 ( 210 ).
- the tunnel negotiations described in steps 1 and 2 may occur simultaneously.
- neither gateway 205 , 210 knows of their peer's respective MTU value.
- Each gateway 205 , 210 only knows of their own MTU value.
- the MTU values of a particular gateway may depend on a variety of different factors, for example, on the type of network or physical interface being used or network condition a particular gateway is operating with.
- each of the gateways 205 , 210 calculate a MTU value that will be used by each respective gateway to transmit data packets across the network tunnel.
- the MTU value controls a maximum size of the overall data packet that can be transmitted and received across the network tunnel associated with that gateway.
- the calculated tunnel MTU for a particular gateway takes into account the MTU value of the gateway along with the overhead that will be added to each of the data packet. Therefore, as illustrated in FIG. 1 , Gateway-1 ( 205 ) calculates a MTU value of 1452 and Gateway-2 ( 210 ) calculates a MTU value of 1432.
- Each of these gateways take into account the overhead illustrated in the figure (e.g., IPSec overload is 48)
- Gateway-1 ( 205 ) begins transmitting data packets to Gateway-2 ( 210 ).
- the data packets are transmitted using the MTU value calculated in step 3 ( 225 ).
- Gateway-1 ( 205 ) transmits a data packet having an MTU value of 1452.
- the MTU value corresponds to the size of the data packet being transmitted from gateway 1 ( 205 ) to gateway 2 ( 210 ).
- Gateway-2 ( 210 ) detects that the data packet being transmitted from Gateway 1 ( 205 ) has a higher MTU value (e.g., 1452) than what is currently able to be received by Gateway-2 ( 210 ). As indicated above, the MTU value for Gateway-2 ( 210 ) was calculated in step 4 ( 230 ). Since Gateway-2 ( 210 ) has an MTU value of 1432, which corresponds to the size of the data packet that can be received by gateway 2 ( 210 ), that is smaller than that of the data packet being transmitted from Gateway 1 ( 205 ), gateway-2 ( 210 ) will not able to receive the data packet currently being transmitted from Gateway-1 ( 205 ). Therefore, the data packet being transmitted from gateway 1 ( 205 ) would need to be dropped.
- MTU value e.g., 1452
- Gateway-2 ( 210 ) provides an error message via an Internet Control Message Protocol to Gateway-1 ( 205 ) indicating that the transmission of the data was incomplete.
- the error message may indicate that the current data packets were dropped because the MTU value for the transmitted data packets was larger than the MTU value of Gateway-2 ( 210 ).
- Gateway-2 ( 210 ) also provides its current MTU value to Gateway-1 ( 205 ) at this time as well.
- Gateway-1 ( 205 ) can adjust its own MTU value accordingly to match that of gateway 2 ( 210 ) (see step 8 ( 250 )). By adjusting its MTU value based on Gateway-2's ( 210 ) MTU value, Gateway-1 ( 205 ) can ensure that future transmitted data packets can be properly received by Gateway-2 ( 210 ).
- Retransmission of the previously dropped packet (first transmitted in step 5 ( 235 )) can then be performed in step 9 ( 255 ).
- the data packets are transmitted from Gateway-1 ( 205 ) using the new MTU value from Gateway-2 ( 210 ).
- Gateway-2 ( 210 ) notes that the data packets being transmitted from Gateway 1 ( 205 ) now can be received due to the adjusted MTU value of the transmitted data packets.
- the data packets are of the appropriate size that correspond to the current MTU value of gateway-2 ( 210 ).
- FIG. 3 illustrates an existing method 300 of PMTUD where the MTU value of a gateway changes.
- PMTUD the MTU value between the two gateways has been initially synchronized
- one or more of the gateways change their own MTU value again thereby requiring another PMTUD to synchronize the MTU values again between the gateways.
- the method 300 starts off similar to FIG. 2 .
- Both Gateway-1 ( 305 ) and Gateway-2 ( 310 ) have established an MTU value for the data packets that will be transmitted and received from each gateway.
- Gateway-1 ( 305 ) and Gateway-2 ( 310 ) discover their own appropriate MTU value similar to what was described above in step 3 ( 225 ) and step 4 ( 230 ) of FIG. 2 .
- This discovery may also be similar to step 7 ( 240 ) of FIG. 2 as well where one or both of the gateways may have been previously informed of their peer's MTU value.
- step 3 ( 325 ) shows a data packet transmission between Gateway-1 ( 305 ) and Gateway-2 ( 310 ). Presuming that the MTU value for Gateway-1 ( 305 ) is less than or equal to the MTU value for Gateway-2 ( 310 ), the data packet would be received successfully at Gateway-2 ( 310 ) (as indicated via step 4 ( 330 )).
- step 5 ( 335 ) the MTU value for Gateway-2 ( 310 ) changes. Such change may happen for one or more various reasons as indicated above (e.g., administrator, damage).
- an updated MTU value is calculated for Gateway-2 ( 310 ) in step 6 ( 340 ). If the updated MTU value of Gateway-2 ( 310 ) increases, there may be no issues with respect to receiving data packets from Gateway-1 ( 305 ) since Gateway-2 ( 310 ) would have an MTU value greater than the MTU value for Gateway-1 ( 305 ). In other words, if the MTU value of Gateway-2 ( 310 ) increases, it corresponds to the capability of receiving larger data packets than what Gateway-1 ( 305 ) is currently transmitting.
- Gateway-2 ( 310 ) transmission of data packets from Gateway-2 ( 310 ) to Gateway-1 ( 305 ) (not shown) would raise errors and result in the dropping of data packet similar to what was described in FIG. 2 step 6 ( 240 ) and step 7 ( 245 ).
- the error would arise since gateway-2 ( 310 ) would be transmitting data packets of a particular size (corresponding to its current MTU value) that would be larger than what can be received by gateway 1 ( 305 ).
- step 8 ( 350 ) shows that the received data packets from Gateway-1 ( 305 ) are dropped because the MTU value for Gateway-2 ( 310 ) is smaller than the MTU value of data packets being transmitted from Gateway-1 ( 305 ). As described above, this corresponds to the situation that Gateway-2 ( 310 ) is attempting to receive data that is larger than its current MTU value being transmitted from Gateway-1 ( 305 ).
- Gateway-2 ( 310 ) provides a similar ICMP error message in step 9 ( 355 ) that indicates to Gateway-1 ( 305 ) that the previous transmitted data packets were dropped.
- the error message may also inform Gateway-1 ( 305 ) of the updated MTU value for Gateway-2 ( 310 ).
- Gateway-1 ( 305 ) updates its own MTU value based on the information provided from Gateway-2 ( 310 ) via step 9 ( 355 ).
- the new updated MTU value for Gateway-1 ( 305 ) is then used to retransmit the dropped data packet and to control the transmission of future data packets (at least until the next MTU change of one or both of the gateways) to Gateway-2 ( 310 ).
- Gateway-2 ( 310 ) is capable of receiving the re transmitted data packets from Gateway-1 ( 305 ).
- Step 10 ( 360 ) and step 11 ( 365 ) of FIG. 3 mirror step 8 ( 255 ) and step 9 ( 260 ) of FIG. 2 .
- a network path i.e. tunnel
- error messages and data packet droppings would occur thereby triggering the need to update the network path.
- the existence of the error messages and dropped data packets would pose a problem associated with efficiency of network communications.
- the present invention aims to minimize or avoid dropping data packets all together as described above in the scenarios illustrated in FIG. 2 and FIG. 3 .
- the present invention first aims to establish an optimal MTU value between the two gateways for the tunnel when the tunnel first initializes. This is in contrast, as illustrated in FIG. 2 , to the situation where the MTU is readjusted after the tunnel has been established.
- Each of the gateways communicate with each other and negotiate a reasonable MTU value to use initially thereby potentially avoiding situations illustrated in steps 5-8 (235-250) of FIG. 2 .
- the present invention also aims to maintain in sync the MTU values between the two gateways while the tunnel is running.
- each of the gateways will be instructed to advertise their current MTU value when any changes have occurred/detected during the tunnel's lifetime. In doing so, the gateways would be capable of adjusting the MTU value accordingly, such as before the next transmission of data. This adjusting/updating can potentially avoid situations illustrated in steps 5-10 (335-360) of FIG. 3 .
- the present invention may utilize various communication protocols to establish negotiations that will adjust the MTU values of one or both gateways as needed.
- the two gateways may negotiate using Internet Key Exchange (e.g., IKE, RFC 2409) or Internet Key Exchange Protocol Version 2 (e.g., IKEv2, RFC 5996).
- IPsec Internet Protocol Security
- IKE and IKEv2 protocols define several functions for peer notification within the tunnel's lifetime. With the present invention, modifications are included that utilize these protocols so that the negotiations regarding PMTU can be carried out between the gateway peers.
- FIG. 4 illustrates a method for establishing an initial MTU negotiation.
- the method 400 regarding the initial MTU negotiations would facilitate associating MTU values for each of the gateways 405 , 410 while the network tunnel is still being established for a particular VPN connection.
- the negotiations can ensure that once communication begins between the gateways 405 , 410 , data packets will be less likely to be dropped due to an initial difference or incompatibility between the MTU values of each of the gateways 405 , 410 .
- gateway 1 ( 405 ) of FIG. 4 advertises its current MTU value to gateway 2 ( 410 ) during the tunnel negotiation phase (i.e. set up).
- Gateway 1 ( 405 ) calculates its own MTU value using similar methods as described above in FIG. 1 and FIG. 2 . This MTU value is acknowledged by gateway 2 ( 410 ).
- step 2 ( 420 ) gateway 2 ( 410 ) provides its own MTU value to gateway 1 ( 405 ). This step occurs sequentially after step 1 although in some embodiments the order of the gateways may be switched. Similar to step 1 ( 415 ), gateway 2 ( 310 ) calculates its own MTU value and advertises it to gateway 1 ( 405 ).
- each respective gateway establishes their own MTU value.
- This established MTU value is based on their own MTU value as well as the value provided from their peer in either step 1 ( 415 ) or step 2 ( 420 ).
- an MTU value is selected based on the minimum of the two MTU values associated with each of the gateways. For example, using the scenario illustrated in FIG. 2 , if the MTU value for gateway 1 was 1452 and the MTU value for gateway 2 was 1432, the selected MTU value used for the tunnel (as described so far in FIG. 4 ) would initially be 1432.
- an MTU value that is less than the minimum of both the advertised MTU values of the gateways may be chosen.
- an MTU value may be chosen in order to ensure that the amount of data to be transferred between gateways is maximized based on the capabilities of each of the gateways.
- changes in MTU values may result in dropped data packages as one or both of the gateway MTU values may have dropped below what was initially established during the tunnel negotiations.
- needing to update MTU values of one or both gateways may require time and resources if such changes are frequent (although the time and resources used would be less than if the packet was transmitted and dropped).
- both gateways ( 405 , 410 ) established an initial MTU value during the tunnel negotiation. This ensures that, at least initially, data packets being transferred between the gateways using the network tunnel will be successful.
- the method 400 overcomes the issues of network inefficiency raised in FIG. 2 where the MTU values of the gateways may not be compatible after an initial tunnel negotiation.
- changes in the performance of one or more of the gateways may occur after the tunnel has been established.
- Changes in the gateway MTU value may occur for a variety of reasons (e.g., network congestion, failure/damage with respect to the gateway). These changes in the MTU value may end up being significant enough where data packets would be dropped until the MTU values of the gateways become adjusted in view of the change.
- the present invention aims to avoid the situation where changes in the MTU values of one or more of the gateway causes data packets to drop by updating changes as they occur.
- the MTU updates may be performed before any data packets are sent using the tunnel.
- FIG. 5 illustrates a method 500 for updating PMTU between the two gateways 505 , 510 after the network tunnel has been established.
- the MTU values of each gateways are notified to the other as soon as a MTU change is detected. In some embodiments, these notifications may be triggered if it exceeds a pre-determined amount. In any case, any changes in MTU values of one or more gateways can be responded to before data packets could potentially be dropped.
- gateway 1 may have detected an MTU change.
- any change in MTU can be detected at any time, there may be embodiments where the change can be detected at a pre-determined interval in time.
- changes in MTU can be detected whenever a change in MTU value is detected.
- the MTU value may need to change by a pre-determined amount before the change is detected.
- gateway 1 ( 505 ) provides the updated MTU change that it detected to gateway 2 ( 510 ).
- the update MTU change can be provided, for example, through a notification message.
- the notification message may provide the new MTU value for the gateway after the change.
- the update can be provided between transmission of data packets between the gateways (e.g., after completion of a current transmission of data but before transmission of the next data packet).
- the notification message may also include additional information such as the reason why the change was detected and when the change was detected. If for some reason the change in MTU value for the gateway is temporary (i.e. reduced MTU value for a pre-determined period of time), such indication can also be provided in this notification message. If these additional information is to be included in the notification message, structural changes to the notification payload may be needed so that the additional information can be included.
- FIG. 5 illustrates a scenario where gateway 1 ( 505 ) has detected a changed MTU and provides the update to gateway 2 ( 510 ), in other situations where gateway 2 ( 510 ) has detected an MTU change, gateway 2 ( 510 ) would similarly provide update message through a notification message to gateway 1 ( 505 ) (i.e. step 2). Lastly, in the last scenario where both gateways detect changes in MTU value, each of the gateways can provide the other with their updated MTU value in a similar manner as described above.
- gateway 2 ( 510 ) provides acknowledgement regarding the received notification message to gateway 1 ( 505 ). In some embodiments, if this acknowledgment from gateway 2 ( 510 ) is not received within a pre-determined period of time, gateway 1 ( 505 ) may be instructed to re-transmit the notification message. This retransmission is to ensure that gateway 2 ( 510 ) actually received the update in case the notification message not successfully received before.
- each of the gateways can update their own MTU value in step 4 ( 530 ) and step 5 ( 535 ).
- the MTU value of each of the gateways may be set to a value that is the minimum of both current MTU values of the gateways. As noted above, in some situations, the MTU value that both the gateways are updated to may be a value that is less than the minimum.
- the gateways can ensure that the data is being transmitted successfully through the tunnel thereby avoiding dropping packets as illustrated in FIG. 3 . Furthermore, by performing the updates whenever MTU changes are detected, a complete PMTUD would not need to be performed.
- MTU values of one or both of the gateways decrease (corresponding to a situation where less data can be transmitted across the tunnel)
- the MTU values of one or both of the gateways increase in a manner such that the minimum of both current MTU values increase (corresponding to a situation where more data can be transmitted across the tunnel).
- the method of FIG. 4 can also be used to update the MTU values of each gateway, in view of the increase of the overall minimum MTU value of both gateways, in such a way as to better utilize the available bandwidth. This may include setting the MTU value of both gateways to the minimum MTU value now dictated by the updated increased MTU value.
- FIG. 6 illustrates an exemplary notification payload.
- this exemplary notification payload can be used whenever one or both of the gateways (as described in the scenarios illustrated in FIG. 4 and FIG. 5 ) wishes to provide MTU values to the other gateway.
- FIG. 6 illustrates an exemplary extended Internet Security Association and Key Management Protocol Notification payload.
- This payload is defined by RFC 2408 used for establishing security associations and cryptographic keys in an internet environment (e.g., VPN).
- ‘40959’ is included in the Notify Message Type subsection. This input is used to indicate that an updated MTU value is being transmitted within this particular notification payload.
- the updated MTU value is carried inside the notification data field of the payload, which occupies 32 bits.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
- This application is a division of and claims the priority benefit of U.S. patent application Ser. No. 15/171,330 filed Jun. 2, 2016, the disclosure of which is incorporated herein by reference.
- The present invention generally relates to path maximum transmission unit discovery. More specifically, the present invention relates to a more effective method for path maximum transmission unit discovery.
- As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option is an information handling system. An information handling system generally processes, compiles, stores, or communicates information or data for business, personal, or other purposes. Technology and information handling needs and requirements can vary between different applications. Thus information handling systems can also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information can be processed, stored, or communicated. The variations in information handling systems allow information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, internet of things (IOT) monitoring and communications, or global communications. In addition, information handling systems can include a variety of hardware and software resources that can be configured to process, store, and communicate information and can include one or more computer systems, graphics interface systems, data storage systems, and networking systems. Information handling systems can also implement various virtualized architectures. Data communications among information handling systems may be via networks that are wired, wireless, optical or some combination.
- Maximum transmission unit (MTU) can describe how much data can be transferred via the information handling system described above. In particular, MTU corresponds to a size (e.g., in bytes or octets) of the largest protocol data unit that can be transmitted between two Internet Protocol (IP) hosts. A larger MTU can bring greater efficiency because each data packet transmitted using the network carries more data. A larger MTU also means processing of fewer data packets for the same amount of data.
- However, there are also downsides for choosing too large of an MTU. For example, large data packets can occupy the network for more time than smaller data packets, which may cause delays for subsequent data packets being transmitted. The delays can contribute to increasing lag and latency over the network. Large data packets also require that the entire data packet be retransmitted if a single error is found. It may be that larger packets are more likely to be corrupt.
- Path maximum transmission unit discovery (PMTUD) is a standardized technique used in computer networks that is used to determine a size for a maximum transmission unit (MTU) to be used in a network path between two Internet Protocol (IP) hosts. Network paths may have a pre-determined MTU size associated with the data packets that can be transmitted across that network path. Any data packets that have an MTU size larger than the pre-determined MTU size of the network path would need to be broken down into smaller portions in order to be transmitted. Therefore, the primary purpose of PMTUD is to obtain the MTU size for transmission of data packets that can be used on the network path that avoids fragmentation of the transmitted data packets between the two IP hosts (i.e. IP fragmentation).
- When IP fragmentation occurs, an initial packet of data being transmitted in the network may be broken up into multiple smaller packets of data. IP fragmentation may occur when the transmitted packet MTU size is larger than MTU size of the network path between the two IP hosts. IP fragmentation creates these smaller packets from the initial packet of data that can now be transmitted between the two IP hosts through the network. When IP fragmentation occurs, however, the initial data packet may be dropped from the network one or more times until the data packet is broken into a size that is transmittable based on the MTU size of the network path. In situations where the MTU size of the network path between two VPN hosts fluctuates, frequent dropping of data packets can negatively impact the quality of the network since errors and transmissions of the same data packets may occur numerous times.
- Furthermore, the data packets being transmitted may also change in size based on the additional information associated with the data being transmitted between the two IP hosts. For example, IPSecurity (or Internet security protocol) is a technology that deploys Virtual Private Networks (VPNs) that provides encryption and authentication protection for communications using public networks. The IPSecurity (aka IPsec) protocol includes additional information transmitted with the data packet for security purposes. Such additional information includes authentication header and encapsulating security payload). The inclusion of the IPsec protocols may increase the size of the data packet being transmitted between the two IP hosts. In some situations, the size of the data packet may be greater than the MTU of the network path.
- In view of the above, there is a need for an improved method that keeps the PMTU information synched between the two IP hosts. This improved method would facilitate more efficient transmission of data. Such methods would improve how virtual private networks (VPN) send and receive data across networks.
- A method for path maximum transmission unit discovery is presently claimed. The method includes performing tunnel negotiations between a first gateway and a second gateway in order to establish a network tunnel for the gateways usable to transmit data packets having an initial path maximum transmission unit value. The tunnel negotiations include calculating a maximum transmission unit value for each gateway, advertising the calculated value, acknowledging receipt of the advertised calculated value and calculating an initial maximum transmission unit value for both gateways. This initial maximum transmission unit value is used in the established network tunnel to transmit data packets between the gateways to ensure that data packets are not dropped during transmission.
- A method for syncing path maximum transmission unit values between two gateways using an already established network tunnel is also claimed. The method detects changes in maximum transmission unit value associated with at least one of the gateways after the network tunnel has been established. The detected change is advertised to the other gateway associated with the network tunnel. After acknowledging receipt of the advertised change in the maximum transmission unit value, each of the gateways update their own maximum transmission unit value based on the advertised change. This updated maximum transmission unit value is used by the gateways to transmit subsequent data packets across the network tunnel in order to ensure that the transmitted data packets are not dropped.
-
FIG. 1 illustrates an exemplary enterprise network. -
FIG. 2 illustrates an existing method of Path Maximum Unit Transmission Discovery (PMTUD). -
FIG. 3 illustrates an existing method of PMTUD where the MTU value of a gateway changes. -
FIG. 4 illustrates a method for establishing an initial MTU negotiation. -
FIG. 5 illustrates a method for updating MTU between the two gateways after the network tunnel has been established. -
FIG. 6 illustrates an exemplary notification payload. - The systems and methods described herein are directed towards a different path MTU discovery (PMTUD) than what has been previously used in the art. In particular, the present systems and methods implement communication for the network paths so that each IP host (e.g., VPN gateways) knows their peer's MTU during tunnel negotiations. This communication sets an ideal PMTU value for the network path between each IP host at the beginning before transmission of data begins. Furthermore, the systems and methods also monitor changes in the MTU values for each of the IP host while transmission of data is occurring. If one or both of the IP hosts' MTU value changes, this change is identified and synchronized accordingly. In this way, the PMTU is recalculated to an appropriate value immediately so that future data packets can be formed to satisfy the updated MTU value. The systems and methods provide a more efficient way for these network communications (e.g., in VPN environments) to communicate since less data packets are dropped as communication between the IP host occurs.
-
FIG. 1 illustrates anexemplary enterprise network 100. For purposes of this disclosure, the enterprise network may include one or more information handling systems that may include any instrumentality or aggregate of instrumentalities operable to compute, classify, process, transmit, receive, retrieve, originate, switch, store, display, manifest, detect, record, reproduce, handle, or utilize any form of information, intelligence, or data for business, scientific, control, entertainment, or other purposes. For example, an information handling system may be a personal computer, a smart phone, a PDA, a mobile information handling system, a consumer electronic device, a network server or storage device, a switch router or other network communication device, or any other suitable device and may vary in size, shape, performance, functionality, and price. The information handling system may include memory, one or more processing resources such as a central processing unit (CPU) or hardware or software control logic, and operates to execute code. Additional components of the information handling system may include one or more storage devices that can store code, one or more communications ports for communicating with external devices as well as various input and output (I/O) devices, such as a keyboard, a mouse, and a video display. The information handling system may also include one or more buses operable to transmit communications between the various hardware components. - As illustrated in
FIG. 1 , there are two gateways: gateway A (110) and gateway B (120). These two gateways are in communication with each other via an established VPN tunnel (i.e. VPN network) (130). Each of the gateways A (110) and B (120) each have an associated maximum transmission unit (MTU) value that specifies the amount of data that can be transmitted and received by that particular gateway. In situations where the MTU values of both gateways (110, 120) match, each of the gateways can transmit and receive data from each other with no issues. However, issues arise when the MTU values of both gateways (110, 120) are different. In many situations, the difference in the MTU values of the two gateways (110, 120) cause inefficiencies in the network communications. -
FIG. 2 illustrates an existingmethod 200 of Path Maximum Unit Transmission Discovery (PMTUD). In particular,FIG. 2 illustrates themethod 200 for PMTUD that is currently implemented in networks for situations where two MTU values between the gateways within the VPN network are not the same. - With each of the
gateways gateway 205 may have, for example, an initial MTU of 1500. With respect to Gateway-2 (210), this gateway may correspond to an Ethernet link that has an MTU of 1480. Furthermore, themethod 200 may take into account any identified offset MTU value corresponding to associated overload (e.g., IPSecurity) information (e.g., authentication header) that will be included with the data packets during transmission between Gateway-1 (205) and Gateway-2 (210). Described below, with reference toFIG. 6 , the header is used to transmit MTU-related information between gateways. - In step 1 (215) and step 2 (220) of the
method 200 illustrated inFIG. 2 , each of thegateways steps gateway gateway - In step 3 (225) and step 4 (230), each of the
gateways FIG. 1 , Gateway-1 (205) calculates a MTU value of 1452 and Gateway-2 (210) calculates a MTU value of 1432. Each of these gateways take into account the overhead illustrated in the figure (e.g., IPSec overload is 48) - In step 5 (135), Gateway-1 (205) begins transmitting data packets to Gateway-2 (210). The data packets are transmitted using the MTU value calculated in step 3 (225). As illustrated in
FIG. 1 , Gateway-1 (205) transmits a data packet having an MTU value of 1452. The MTU value corresponds to the size of the data packet being transmitted from gateway 1 (205) to gateway 2 (210). - In step 6 (240), Gateway-2 (210) detects that the data packet being transmitted from Gateway 1 (205) has a higher MTU value (e.g., 1452) than what is currently able to be received by Gateway-2 (210). As indicated above, the MTU value for Gateway-2 (210) was calculated in step 4 (230). Since Gateway-2 (210) has an MTU value of 1432, which corresponds to the size of the data packet that can be received by gateway 2 (210), that is smaller than that of the data packet being transmitted from Gateway 1 (205), gateway-2 (210) will not able to receive the data packet currently being transmitted from Gateway-1 (205). Therefore, the data packet being transmitted from gateway 1 (205) would need to be dropped.
- In step 7 (245), Gateway-2 (210) provides an error message via an Internet Control Message Protocol to Gateway-1 (205) indicating that the transmission of the data was incomplete. The error message may indicate that the current data packets were dropped because the MTU value for the transmitted data packets was larger than the MTU value of Gateway-2 (210). Gateway-2 (210) also provides its current MTU value to Gateway-1 (205) at this time as well.
- By using the information provided by gateway 2 (210) in the error message via step 7 (245), Gateway-1 (205) can adjust its own MTU value accordingly to match that of gateway 2 (210) (see step 8 (250)). By adjusting its MTU value based on Gateway-2's (210) MTU value, Gateway-1 (205) can ensure that future transmitted data packets can be properly received by Gateway-2 (210).
- Retransmission of the previously dropped packet (first transmitted in step 5 (235)) can then be performed in step 9 (255). The data packets are transmitted from Gateway-1 (205) using the new MTU value from Gateway-2 (210).
- In step 10 (260), Gateway-2 (210) notes that the data packets being transmitted from Gateway 1 (205) now can be received due to the adjusted MTU value of the transmitted data packets. In particular, the data packets are of the appropriate size that correspond to the current MTU value of gateway-2 (210).
- Even though the data packets will eventually be transmitted from Gateway-1 (205) to Gateway-2 (210) as illustrated in
FIG. 1 (after completion of steps 1-10), inefficiencies arise because of the occurrence of dropped packets when one gateway detects data packets having a higher MTU value than it can receive based on its own MTU value (e.g., Step 6). - Even after the MTU values are synchronized between the two gateways, events may occur after the establishment of the network path that causes one or more of the gateways to adjust their own MTU value. For example, an administrator may change the MTU value of one gateway. Performance of the gateway (e.g., damage, malfunction) may also cause fluctuations in the MTU value. Whenever one or more of the MTU values change, presumably PMTUD (as illustrated in
FIG. 2 ) would need to be carried out again to account for the updated MTU values for the two gateways. -
FIG. 3 illustrates an existingmethod 300 of PMTUD where the MTU value of a gateway changes. In particular, once the MTU value between the two gateways has been initially synchronized (i.e. PMTUD), one or more of the gateways change their own MTU value again thereby requiring another PMTUD to synchronize the MTU values again between the gateways. - The
method 300, as illustrated inFIG. 3 , starts off similar toFIG. 2 . Both Gateway-1 (305) and Gateway-2 (310) have established an MTU value for the data packets that will be transmitted and received from each gateway. In step 1 (315) and step 3 (220), Gateway-1 (305) and Gateway-2 (310) discover their own appropriate MTU value similar to what was described above in step 3 (225) and step 4 (230) ofFIG. 2 . This discovery may also be similar to step 7 (240) ofFIG. 2 as well where one or both of the gateways may have been previously informed of their peer's MTU value. - Returning to
FIG. 3 , step 3 (325) shows a data packet transmission between Gateway-1 (305) and Gateway-2 (310). Presuming that the MTU value for Gateway-1 (305) is less than or equal to the MTU value for Gateway-2 (310), the data packet would be received successfully at Gateway-2 (310) (as indicated via step 4 (330)). - In step 5 (335), however, the MTU value for Gateway-2 (310) changes. Such change may happen for one or more various reasons as indicated above (e.g., administrator, damage). Once a change has been detected, an updated MTU value is calculated for Gateway-2 (310) in step 6 (340). If the updated MTU value of Gateway-2 (310) increases, there may be no issues with respect to receiving data packets from Gateway-1 (305) since Gateway-2 (310) would have an MTU value greater than the MTU value for Gateway-1 (305). In other words, if the MTU value of Gateway-2 (310) increases, it corresponds to the capability of receiving larger data packets than what Gateway-1 (305) is currently transmitting. However, transmission of data packets from Gateway-2 (310) to Gateway-1 (305) (not shown) would raise errors and result in the dropping of data packet similar to what was described in
FIG. 2 step 6 (240) and step 7 (245). The error would arise since gateway-2 (310) would be transmitting data packets of a particular size (corresponding to its current MTU value) that would be larger than what can be received by gateway 1 (305). - Alternatively, if the updated MTU value of Gateway-2 (310) decreases such that the MTU value of Gateway-2 (310) is smaller than that of Gateway-1 (305), when data packets are transmitted from Gateway-1 (305) to Gateway-2 (310) (as seen in step 7 (345)), the outcome is similar to step 6 (240) and step 7 (245) of
FIG. 2 . In particular, as illustrated inFIG. 3 , step 8 (350) shows that the received data packets from Gateway-1 (305) are dropped because the MTU value for Gateway-2 (310) is smaller than the MTU value of data packets being transmitted from Gateway-1 (305). As described above, this corresponds to the situation that Gateway-2 (310) is attempting to receive data that is larger than its current MTU value being transmitted from Gateway-1 (305). - Subsequent to the dropping of the packets, Gateway-2 (310) provides a similar ICMP error message in step 9 (355) that indicates to Gateway-1 (305) that the previous transmitted data packets were dropped. The error message may also inform Gateway-1 (305) of the updated MTU value for Gateway-2 (310).
- In step 10 (360), Gateway-1 (305) updates its own MTU value based on the information provided from Gateway-2 (310) via step 9 (355). The new updated MTU value for Gateway-1 (305) is then used to retransmit the dropped data packet and to control the transmission of future data packets (at least until the next MTU change of one or both of the gateways) to Gateway-2 (310). As illustrated in step 11 (265), Gateway-2 (310) is capable of receiving the re transmitted data packets from Gateway-1 (305).
- Step 10 (360) and step 11 (365) of
FIG. 3 mirror step 8 (255) and step 9 (260) ofFIG. 2 . In each of these cases, a network path (i.e. tunnel) is being updated so that communications between the gateways can be established where data packets can be transmitted and received without fragmentation. However, in both of these scenarios (as illustrated inFIG. 2 andFIG. 3 ), error messages and data packet droppings would occur thereby triggering the need to update the network path. Based on the frequency of changes in MTU values for one or both of the gateways, the existence of the error messages and dropped data packets (thereby requiring that the same data packets be transmitted multiple times) would pose a problem associated with efficiency of network communications. - The present invention aims to minimize or avoid dropping data packets all together as described above in the scenarios illustrated in
FIG. 2 andFIG. 3 . In order to minimize or avoid dropping data packets, the present invention first aims to establish an optimal MTU value between the two gateways for the tunnel when the tunnel first initializes. This is in contrast, as illustrated inFIG. 2 , to the situation where the MTU is readjusted after the tunnel has been established. Each of the gateways communicate with each other and negotiate a reasonable MTU value to use initially thereby potentially avoiding situations illustrated in steps 5-8 (235-250) ofFIG. 2 . - The present invention also aims to maintain in sync the MTU values between the two gateways while the tunnel is running. In particular, each of the gateways will be instructed to advertise their current MTU value when any changes have occurred/detected during the tunnel's lifetime. In doing so, the gateways would be capable of adjusting the MTU value accordingly, such as before the next transmission of data. This adjusting/updating can potentially avoid situations illustrated in steps 5-10 (335-360) of
FIG. 3 . - The present invention, as described in further detail below, may utilize various communication protocols to establish negotiations that will adjust the MTU values of one or both gateways as needed. The two gateways, for example, may negotiate using Internet Key Exchange (e.g., IKE, RFC 2409) or Internet Key Exchange Protocol Version 2 (e.g., IKEv2, RFC 5996). These protocols are used to set up security association in an Internet Protocol Security (IPsec) suite that facilitates secure communications (i.e. VPN) by authenticating and encrypting each data packet being communicated between the gateways. The IKE and IKEv2 protocols define several functions for peer notification within the tunnel's lifetime. With the present invention, modifications are included that utilize these protocols so that the negotiations regarding PMTU can be carried out between the gateway peers.
-
FIG. 4 illustrates a method for establishing an initial MTU negotiation. Themethod 400 regarding the initial MTU negotiations would facilitate associating MTU values for each of thegateways gateways gateways - In step 1 (415), gateway 1 (405) of
FIG. 4 advertises its current MTU value to gateway 2 (410) during the tunnel negotiation phase (i.e. set up). Gateway 1 (405) calculates its own MTU value using similar methods as described above inFIG. 1 andFIG. 2 . This MTU value is acknowledged by gateway 2 (410). - In step 2 (420), gateway 2 (410) provides its own MTU value to gateway 1 (405). This step occurs sequentially after
step 1 although in some embodiments the order of the gateways may be switched. Similar to step 1 (415), gateway 2 (310) calculates its own MTU value and advertises it to gateway 1 (405). - In step 3 (425) and step 4 (430), each respective gateway establishes their own MTU value. This established MTU value is based on their own MTU value as well as the value provided from their peer in either step 1 (415) or step 2 (420). Generally, an MTU value is selected based on the minimum of the two MTU values associated with each of the gateways. For example, using the scenario illustrated in
FIG. 2 , if the MTU value forgateway 1 was 1452 and the MTU value forgateway 2 was 1432, the selected MTU value used for the tunnel (as described so far inFIG. 4 ) would initially be 1432. - It should be noted that in some embodiments, an MTU value that is less than the minimum of both the advertised MTU values of the gateways may be chosen. Generally, an MTU value may be chosen in order to ensure that the amount of data to be transferred between gateways is maximized based on the capabilities of each of the gateways. However, it may be decided that a lesser MTU value would be chosen in order to take into account possible fluctuations in the MTU value of one or both of the gateways once communication between the two have already begun. As described above in
FIG. 3 , changes in MTU values may result in dropped data packages as one or both of the gateway MTU values may have dropped below what was initially established during the tunnel negotiations. Furthermore, needing to update MTU values of one or both gateways may require time and resources if such changes are frequent (although the time and resources used would be less than if the packet was transmitted and dropped). - With the
method 400 ofFIG. 4 , both gateways (405, 410) established an initial MTU value during the tunnel negotiation. This ensures that, at least initially, data packets being transferred between the gateways using the network tunnel will be successful. Themethod 400 overcomes the issues of network inefficiency raised inFIG. 2 where the MTU values of the gateways may not be compatible after an initial tunnel negotiation. - As discussed above with
FIG. 3 , even after establishing the tunnel between the gateways, changes in the performance of one or more of the gateways may occur after the tunnel has been established. Changes in the gateway MTU value may occur for a variety of reasons (e.g., network congestion, failure/damage with respect to the gateway). These changes in the MTU value may end up being significant enough where data packets would be dropped until the MTU values of the gateways become adjusted in view of the change. The present invention aims to avoid the situation where changes in the MTU values of one or more of the gateway causes data packets to drop by updating changes as they occur. Furthermore, the MTU updates may be performed before any data packets are sent using the tunnel. -
FIG. 5 illustrates amethod 500 for updating PMTU between the twogateways FIG. 3 ), the MTU values of each gateways (505, 510) are notified to the other as soon as a MTU change is detected. In some embodiments, these notifications may be triggered if it exceeds a pre-determined amount. In any case, any changes in MTU values of one or more gateways can be responded to before data packets could potentially be dropped. - In step 1 (515), gateway 1 (505) may have detected an MTU change. Although any change in MTU can be detected at any time, there may be embodiments where the change can be detected at a pre-determined interval in time. Alternatively changes in MTU can be detected whenever a change in MTU value is detected. In some embodiments, the MTU value may need to change by a pre-determined amount before the change is detected. These alternatives can be implemented in situations where smaller changes in MTU may not negatively affect the transmission of data across the established tunnel. Furthermore, there may be benefits associated with limiting the frequency of updating MTU changes.
- In step 2 (520), gateway 1 (505) provides the updated MTU change that it detected to gateway 2 (510). The update MTU change can be provided, for example, through a notification message. The notification message may provide the new MTU value for the gateway after the change. The update can be provided between transmission of data packets between the gateways (e.g., after completion of a current transmission of data but before transmission of the next data packet).
- In other embodiments, the notification message may also include additional information such as the reason why the change was detected and when the change was detected. If for some reason the change in MTU value for the gateway is temporary (i.e. reduced MTU value for a pre-determined period of time), such indication can also be provided in this notification message. If these additional information is to be included in the notification message, structural changes to the notification payload may be needed so that the additional information can be included.
- Although
FIG. 5 illustrates a scenario where gateway 1 (505) has detected a changed MTU and provides the update to gateway 2 (510), in other situations where gateway 2 (510) has detected an MTU change, gateway 2 (510) would similarly provide update message through a notification message to gateway 1 (505) (i.e. step 2). Lastly, in the last scenario where both gateways detect changes in MTU value, each of the gateways can provide the other with their updated MTU value in a similar manner as described above. - In step 3 (525), gateway 2 (510) provides acknowledgement regarding the received notification message to gateway 1 (505). In some embodiments, if this acknowledgment from gateway 2 (510) is not received within a pre-determined period of time, gateway 1 (505) may be instructed to re-transmit the notification message. This retransmission is to ensure that gateway 2 (510) actually received the update in case the notification message not successfully received before.
- Once the update message (i.e. step 2) and the notification acknowledgement (i.e. step 3) have been performed, each of the gateways can update their own MTU value in step 4 (530) and step 5 (535). The MTU value of each of the gateways may be set to a value that is the minimum of both current MTU values of the gateways. As noted above, in some situations, the MTU value that both the gateways are updated to may be a value that is less than the minimum.
- By updating the MTU values of the gateways whenever one or both the gateways detect an MTU change, the gateways can ensure that the data is being transmitted successfully through the tunnel thereby avoiding dropping packets as illustrated in
FIG. 3 . Furthermore, by performing the updates whenever MTU changes are detected, a complete PMTUD would not need to be performed. - Although examples were provided above where MTU values of one or both of the gateways decrease (corresponding to a situation where less data can be transmitted across the tunnel), there may also include scenarios where the MTU values of one or both of the gateways increase in a manner such that the minimum of both current MTU values increase (corresponding to a situation where more data can be transmitted across the tunnel). The method of
FIG. 4 can also be used to update the MTU values of each gateway, in view of the increase of the overall minimum MTU value of both gateways, in such a way as to better utilize the available bandwidth. This may include setting the MTU value of both gateways to the minimum MTU value now dictated by the updated increased MTU value. -
FIG. 6 illustrates an exemplary notification payload. In particular, whenever one or both of the gateways (as described in the scenarios illustrated inFIG. 4 andFIG. 5 ) wishes to provide MTU values to the other gateway, this exemplary notification payload can be used. -
FIG. 6 illustrates an exemplary extended Internet Security Association and Key Management Protocol Notification payload. This payload is defined by RFC 2408 used for establishing security associations and cryptographic keys in an internet environment (e.g., VPN). As seen in the figure, ‘40959’ is included in the Notify Message Type subsection. This input is used to indicate that an updated MTU value is being transmitted within this particular notification payload. The updated MTU value is carried inside the notification data field of the payload, which occupies 32 bits. - The foregoing detailed description of the technology herein has been presented for purposes of illustration and description. It is not intended to be exhaustive or to limit the technology to the precise form disclosed. Many modifications and variations are possible in light of the above teaching. The described embodiments were chosen in order to best explain the principles of the technology and its practical application to thereby enable others skilled in the art to best utilize the technology in various embodiments and with various modifications as are suited to the particular use contemplated. For example, the data visualization systems and methods described herein may be usable in areas outside of the music industry. It is intended that the scope of the technology be defined by the claim.
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/986,100 US20190007915A1 (en) | 2016-06-02 | 2018-05-22 | Method for effective pmtu discovery in vpn environment |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/171,330 US10111192B2 (en) | 2016-06-02 | 2016-06-02 | Method for effective PMTU discovery in VPN environment |
US15/986,100 US20190007915A1 (en) | 2016-06-02 | 2018-05-22 | Method for effective pmtu discovery in vpn environment |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/171,330 Division US10111192B2 (en) | 2016-06-02 | 2016-06-02 | Method for effective PMTU discovery in VPN environment |
Publications (1)
Publication Number | Publication Date |
---|---|
US20190007915A1 true US20190007915A1 (en) | 2019-01-03 |
Family
ID=60483693
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/171,330 Active 2036-10-19 US10111192B2 (en) | 2016-06-02 | 2016-06-02 | Method for effective PMTU discovery in VPN environment |
US15/986,100 Abandoned US20190007915A1 (en) | 2016-06-02 | 2018-05-22 | Method for effective pmtu discovery in vpn environment |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/171,330 Active 2036-10-19 US10111192B2 (en) | 2016-06-02 | 2016-06-02 | Method for effective PMTU discovery in VPN environment |
Country Status (1)
Country | Link |
---|---|
US (2) | US10111192B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11374790B2 (en) * | 2020-05-18 | 2022-06-28 | Juniper Networks, Inc | Apparatus, system, and method for increasing bandwidth utilization in encapsulation tunnels |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10841834B2 (en) | 2018-04-04 | 2020-11-17 | At&T Intellectual Property I, L.P. | Legacy network maximum transmission unit isolation capability through deployment of a flexible maximum transmission unit packet core design |
US10638363B2 (en) * | 2018-04-04 | 2020-04-28 | At&T Intellectual Property I, L.P. | Legacy network maximum transmission unit isolation capability through deployment of a flexible maximum transmission unit packet core design |
CN110636551B (en) | 2018-06-25 | 2022-05-17 | 上海华为技术有限公司 | Method and device for avoiding message fragmentation |
US10972587B1 (en) * | 2018-09-18 | 2021-04-06 | Berryville Holdings, LLC | Systems and methods for altering the character of network traffic |
CN111654354B (en) * | 2020-05-28 | 2023-08-08 | 北京小米移动软件有限公司 | Method and device for detecting maximum transmission unit MTU and storage medium |
CN111654450B (en) * | 2020-05-28 | 2023-08-08 | 北京小米移动软件有限公司 | Data transmission method and device and storage medium |
CN114079629B (en) * | 2020-08-12 | 2023-02-03 | 华为技术有限公司 | Maximum Transmission Unit (MTU) determining method, device, equipment and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080159150A1 (en) * | 2006-12-28 | 2008-07-03 | Furquan Ahmed Ansari | Method and Apparatus for Preventing IP Datagram Fragmentation and Reassembly |
US20150350160A1 (en) * | 2014-06-02 | 2015-12-03 | Ebay Inc. | Method and apparatus for dynamic detection of geo-location obfuscation in client-server connections through an ip tunnel |
US9923835B1 (en) * | 2015-09-23 | 2018-03-20 | Juniper Networks, Inc. | Computing path maximum transmission unit size |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6212190B1 (en) * | 1997-06-23 | 2001-04-03 | Sun Microsystems, Inc. | Method and system for generating data packets on a heterogeneous network |
KR100453056B1 (en) * | 2002-03-29 | 2004-10-15 | 삼성전자주식회사 | Method for changing PMTU on dynamic IP network and apparatus thereof |
KR100453055B1 (en) * | 2002-03-29 | 2004-10-15 | 삼성전자주식회사 | Method for path MTU discovery on IP network and apparatus thereof |
KR100506529B1 (en) * | 2003-08-06 | 2005-08-03 | 삼성전자주식회사 | Apparatus, system and method for path mtu discovery in data communication network |
CN101675705B (en) * | 2007-12-25 | 2013-06-12 | 松下电器产业株式会社 | Communication device, communication method, and program |
US9413652B2 (en) * | 2013-02-19 | 2016-08-09 | Dell Products L.P. | Systems and methods for path maximum transmission unit discovery |
US9544240B1 (en) * | 2015-07-13 | 2017-01-10 | Telefonaktiebolaget L M Ericsson (Publ) | MTU discovery over multicast path using bit indexed explicit replication |
US10469232B2 (en) * | 2016-03-14 | 2019-11-05 | Dell Products, Lp | System and method for optimized calculation of path maximum transmission unit discovery in a network |
-
2016
- 2016-06-02 US US15/171,330 patent/US10111192B2/en active Active
-
2018
- 2018-05-22 US US15/986,100 patent/US20190007915A1/en not_active Abandoned
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080159150A1 (en) * | 2006-12-28 | 2008-07-03 | Furquan Ahmed Ansari | Method and Apparatus for Preventing IP Datagram Fragmentation and Reassembly |
US20150350160A1 (en) * | 2014-06-02 | 2015-12-03 | Ebay Inc. | Method and apparatus for dynamic detection of geo-location obfuscation in client-server connections through an ip tunnel |
US9923835B1 (en) * | 2015-09-23 | 2018-03-20 | Juniper Networks, Inc. | Computing path maximum transmission unit size |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11374790B2 (en) * | 2020-05-18 | 2022-06-28 | Juniper Networks, Inc | Apparatus, system, and method for increasing bandwidth utilization in encapsulation tunnels |
Also Published As
Publication number | Publication date |
---|---|
US10111192B2 (en) | 2018-10-23 |
US20170353935A1 (en) | 2017-12-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10111192B2 (en) | Method for effective PMTU discovery in VPN environment | |
EP3635939B1 (en) | Seamless mobility and session continuity with tcp mobility option | |
CN107682284B (en) | Method and network equipment for sending message | |
JP7142722B2 (en) | Transmission control method and device | |
US20180139131A1 (en) | Systems, Apparatuses and Methods for Cooperating Routers | |
US7471681B2 (en) | Determining network path transmission unit | |
EP2850776B1 (en) | Tls abbreviated session identifier protocol | |
US7706381B2 (en) | Approaches for switching transport protocol connection keys | |
EP2521335B1 (en) | Synchronizing sequence numbers | |
US20070101129A1 (en) | Approaches for automatically switching message authentication keys | |
KR101386809B1 (en) | Communication Terminal creating Multiple MTU and Data Transferring Method Using The Same | |
WO2018149408A1 (en) | High availability using multiple network elements | |
EP3375138A1 (en) | State synchronization between a controller and a switch in a communications network | |
EP3923495A1 (en) | Systems, apparatuses and methods for cooperating routers | |
US8140851B1 (en) | Approaches for automatically switching message authentication keys | |
JP2009055418A (en) | Communicating system, relay device, terminal, relay processing method, and its program | |
US20220217093A1 (en) | Sequence Number Synchronization Method and Apparatus | |
KR101730405B1 (en) | Method of managing network route and network entity enabling the method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: SONICWALL US HOLDINGS INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:QUEST SOFTWARE INC.;REEL/FRAME:059912/0097 Effective date: 20220409 |