Multiple segment losses can cause the TCP to lose its self-clock and this results in retransmission timeouts causing...
slow performance. During these timeouts, data transmission stops, which is further followed by a slow start. All these events strain or underutilize the network by making several roundtrip times resulting in significant performance degradation over long-delay (WAN) links. According to PCS (Pittsburgh Supercomputing Center) researchers, "the heart of this problem lies in the inability of Reno TCP to accurately control congestion while recovering from dropped segments."
Using the SACK, or Selective Acknowledgement, option greatly improves the robustness of TCP following congestion. It helps TCP survive multiple segment losses in a single window, without a retransmission timeout. SACK enables gathering additional information about important state variables such as congestion state, leading to improved TCP behavior during recovery.
FACK or Forward Acknowledgement is a special algorithm that works on top of the SACK options, and is geared at congestion controlling. FACK algorithm uses information provided by SACK to add more precise control to the injection of data into the network during recovery -- this is achieved by explicitly measuring the total number of bytes of data outstanding in the network. FACK decouples congestion control from data recovery thereby attaining more precise control over the data flow in the network.
The main idea of FACK algorithm is to consider the most forward selective acknowledgement sequence number as a sign that all the previous un-(selectively)-acknowledged segments were lost. This observation allows improving recovery of losses significantly.
This question was asked at Ask the Experts on SearchNetworking.com.
About the author: Puneet Mehta is a CISSP Security Architect, at SDG Corporation, an e-security consulting and a e-business software services and solutions firm headquartered in Connecticut.
Puneet started his career implementing and troubleshooting LAN/WAN systems combining different sizes and technologies. He moved on to focus on Internet security domain, designing and implementing enterprise security solutions using leading-edge technologies. As a security architect, Puneet helps clients to design and implement solutions and strategies to improve business performance by delivering a complete, business-focused, end-to-end enterprise security model. At SDG, his responsibilities include analysis, design and implementation of different e-security solutions for high-profile clients.