Research Article
Improving VPN performance over multiple access links
@INPROCEEDINGS{10.1109/BROADNETS.2008.4769158, author={Jack Brassil and Rick Mc Geer and Raj Rajagopalan and Andy Bavier and Larry Roberts and Brian Mark and Stephen Schwab}, title={Improving VPN performance over multiple access links}, proceedings={5th International ICST Conference on Broadband Communications, Networks, and Systems}, publisher={IEEE}, proceedings_a={BROADNETS}, year={2010}, month={5}, keywords={}, doi={10.1109/BROADNETS.2008.4769158} }- Jack Brassil
Rick Mc Geer
Raj Rajagopalan
Andy Bavier
Larry Roberts
Brian Mark
Stephen Schwab
Year: 2010
Improving VPN performance over multiple access links
BROADNETS
IEEE
DOI: 10.1109/BROADNETS.2008.4769158
Abstract
To improve the performance of VPN connections we investigate how the bandwidth of multiple access links can be aggregated with inverse multiplexing to create a single, higher capacity logical communication link. But achieving the maximum possible aggregated TCP throughput becomes extremely challenging if the underlying links either use different technologies (e.g., DSL, cable modem) or suffer different or time-varying communication characteristics (e.g., available bandwidth, packet loss rate). To maximize VPN throughput we have constructed a system that combines two distinct innovations. First, we continuously measure the communication characteristics of the underlying component links in our aggregate and dynamically assign packets to each link in proportion to its available capacity. Second, we modify TCP congestion control across the inverse-multiplexed access hop to avoid rate decreases normally initiated by the delayed acknowledgments often triggered when using legacy TCP on multiple heterogeneous paths. We describe the systempsilas implementation, the test environment we built on Emulab, and show that when access links form the communication bottleneck in the end-to-end connection we can significantly increase VPN performance over conventional approaches.