Reduce TCP congestion, packet loss on the WAN with SACK and FACK

Puneet Mehta, Contributing expert
Multiple segment losses can cause the TCP to lose its self-clock and this results in retransmission timeouts causing slow performance. During these timeouts, data transmission stops, which is further followed by a slow start. All these

    Requires Free Membership to View

events strain or underutilize the network by making several roundtrip times resulting in significant performance degradation over long-delay (WAN) links. According to PCS (Pittsburgh Supercomputing Center) researchers, "the heart of this problem lies in the inability of Reno TCP to accurately control congestion while recovering from dropped segments."

Using the SACK, or Selective Acknowledgement, option greatly improves the robustness of TCP following congestion. It helps TCP survive multiple segment losses in a single window, without a retransmission timeout. SACK enables gathering additional information about important state variables such as congestion state, leading to improved TCP behavior during recovery.

FACK or Forward Acknowledgement is a special algorithm that works on top of the SACK options, and is geared at congestion controlling. FACK algorithm uses information provided by SACK to add more precise control to the injection of data into the network during recovery -- this is achieved by explicitly measuring the total number of bytes of data outstanding in the network. FACK decouples congestion control from data recovery thereby attaining more precise control over the data flow in the network.

The main idea of FACK algorithm is to consider the most forward selective acknowledgement sequence number as a sign that all the previous un-(selectively)-acknowledged segments were lost. This observation allows improving recovery of losses significantly.

This question was asked at Ask the Experts on SearchNetworking.com.

About the author: Puneet Mehta is a CISSP Security Architect, at SDG Corporation, an e-security consulting and a e-business software services and solutions firm headquartered in Connecticut.

Puneet started his career implementing and troubleshooting LAN/WAN systems combining different sizes and technologies. He moved on to focus on Internet security domain, designing and implementing enterprise security solutions using leading-edge technologies. As a security architect, Puneet helps clients to design and implement solutions and strategies to improve business performance by delivering a complete, business-focused, end-to-end enterprise security model. At SDG, his responsibilities include analysis, design and implementation of different e-security solutions for high-profile clients.

This was first published in May 2009

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.