TCP Fast Open (TFO) is an extension to speed up the opening of successive Transmission Control Protocol (TCP) connections between two endpoints. It works by using a TFO cookie (a TCP option), which is a cryptographic cookie stored on the client and set upon the initial connection with the server. [RFC7413]
When the client later reconnects, it sends the initial SYN packet along with the TFO cookie data to authenticate itself. If successful, the server may start sending data to the client even before the reception of the final ACK packet of the three-way handshake, skipping that way a round-trip delay and lowering the latency in the start of data transmission.
The TFO plugin for PATHspider aims to detect connectivity breakage due to the the use of TCP Fast Open, implementation of TCP Fast Open, and TFO implementation anomalies.
To use the TFO plugin, specify
tfo as the plugin to use on the command-line:
pathspider tfo </usr/share/doc/pathspider/examples/webtest.csv >results.txt
For the baseline test, the plugin will perform a TCP connection to the target host. For the experimental case, the plugin will perform two TCP connections to the target host. The first experimental connection is run to acquire a TFO cookie and the second to check that it can be used.
In addition to the default output fields, the TFO plugin also provides the following fields for each flow:
|tfo_synkind||TCP Option Kind of TFO option on SYN (34, 254; 0 = none)|
|tfo_ackkind||TCP Option Kind of TFO option on SYN/ACK (34, 254; 0 = none)|
|tfo_synclen||TFO Cookie Length on SYN|
|tfo_ackclen||TFO Cookie Length on SYN/ACK|
|tfo_seq||Sequence number of SYN|
|tfo_dlen||Length of TCP payload on SYN|
|tfo_ack||Ack number of SYN/ACK. For ACKed data, = seq + dlen + 1|