Optimizing TCP forwarder performance

A TCP forwarder is a network node that establishes and forwards data betwee n a pair of TCP connections. An example of a TCP forwarder is a firewall th at places a proxy between a TCP connection to an external host and a TCP co nnection to an internal host, controlling access to a resource on the inter nal host. Once the proxy approves the access, it simply forwards data from one connection to the other, We use the term TCP forwarding to describe ind irect TCP communication via a proxy in general. This paper briefly characte rizes the behavior of TCP forwarding, and illustrates the role TCP forwardi ng plays in common network services like firewalls and HTTP proxies. We the n introduce an optimization technique, called connection splicing, that can be applied to a TCP forwarder, and report the results of a performance stu dy designed to evaluate its impact. Connection splicing improves TCP forwar ding performance by a factor of two to four, making it competitive with IP router performance on the same hardware.