SSTP: The problem with TCP over TCP, Part 2
by VPNHaus | 06/30/2011 | TCP
All of these items are critical factors contributing to the TCP protocol’s overall success. The problems begin, however, when congestion controls from the outer TCP protocol interfere with those of the inner one and vice versa. TCP divides a data stream into segments which are sent as individual Internet Protocol (IP) datagrams. Each segment carries a sequence number that numbers bytes within the data stream along with an acknowledgement number indicating to the other side what sequence number was last received. TCP uses adaptive timeouts to decide when a re-send should occur. This design can backfire when stacking TCP connections though, because a slower outer connection can cause the upper layer to queue up more retransmissions than the lower layer is able to process. This type of network slowdown is known as a “TCP meltdown problem.”
Surprisingly, this is not a design flaw, as the idea of running TCP within itself had not even occurred to the protocol designers at the time, which is why this dilemma was not originally addressed. Fortunately, some computer scientists have been able to demonstrate situations where a stacked TCP arrangement actually improves performance. In any case, Virtual Private Networking products like OpenVPN have been designed to accommodate for the problems that may occur with tunneling TCP within TCP. Unlike SSTP, OpenVPN is able to run over UDP to handle such times when a stacked TCP connection would actually degrade performance. Although SSTP may be suitable in some situations, it is severely limited by only being compatible with the latest versions of the Windows operating system. Microsoft has not announced any plans to port it to previous Windows OS versions or any other OS for that matter.