TCP/IP Acceleration is the name of a series of techniques for achieving better throughput on an Internet connection than standard TCP achieves, without modifying the end applications.

TCP/IP AccelerationSatellite Signal LatencyList of GEO SatellitesSun Outages

How does satellite internet acceleration work?

In order to perform properly in conjunction with traditional terrestrial networks (Internet, intranet), satellite data networks must employ special techniques to deal with the increased latency caused by the 96,000 mile round-trip over the space segment of the connection.

The increased latency is caused by the extra milliseconds required for data to travel this distance. While not related directly to speed, latency can cause a severe performance problem over satellite links if not handled properly. VSAT Systems deals with latency through the use of TCP/IP acceleration technology available.

TCP/IP is the language of the Internet. It works by sending packets of data, and then waiting for acknowledgments of receipt. These acknowledgments signal the sender to transmit more data. When acknowledgments return slowly, TCP then slows the speed at which data is being sent in order to avoid overloading a network that it assumes is already congested.

TCP works by starting a TCP/IP session slowly. Speed builds as the networks capacity to carry traffic is verified by the rate of the acknowledgments. This effect is known as slow-start.

Since TCP was designed for terrestrial networks that have less latency than a satellite network, the longer satellite latency (600ms range) will cause TCP to expect an acknowledgment before the round trip to the remote site can be completed.

Because TCP was originally designed for low-latency terrestrial networks, it does not understand that a satellite is involved and operates as if the satellite latency was caused by congestion. If uncorrected, this effect causes all packets over a satellite network to be sent at the slow-start rate.

In all current-generation satellite data networks TCP/IP acceleration (TCP spoofing) compensates for the space-link transit time. TCP spoofing is accomplished by special equipment at the carrier’s main satellite hub site.

This equipment appears to TCP as if it were the remote location, while acting as a relay or forwarder for data packets going to and from the remote satellite location. When the spoofing equipment receives Internet traffic destined for a remote satellite location, it acknowledges receipt of the packet immediately on behalf of the remote site so that more data packets will follow immediately.

In this manner, the latency is “hidden” because the acknowledgments are returned rapidly. As a result, TCP moves out of slow-start mode quickly and builds to the highest possible speed.

The VSAT Systems acceleration equipment also watches for real acknowledgements coming back from the remote site and suppresses them. If the acknowledgement is not received from the remote site, the system automatically re-sends the packet from its buffer. Thus, satellite-connected sites communicate seamlessly with servers on the terrestrial Internet.

The performance problems of VPN over satellite

VSAT Systems satellite Internet platforms are friendly with most VPN solutions. Customers can use their current VPN solution with our equipment but if you are looking for a 100% compatible VPN solution we can offer our lab and field tested solutions. 

This solution is not truly a VPN, but a hybrid VPN and PN (Private Network). It does not have the VPN-over-satellite performance limitations of it’s competitors. This is because VSAT Systems creates for you, a 3DES encrypted private satellite network and then securely connects your 3DES private satellite network directly to your headquarters network eliminating the need to use additional VPN across the space segment.

In the VSAT Systems private network model, all data is secured across the space link by 3DES encryption and is therefore secure with or without added VPN technology.

VSAT Systems connects the secure traffic between your private satellite network and your companies headquarters network across a variety of customer-selected options including point-to-point T-1, Frame Relay PVC or VPN across the Internet. Since the Internet method is by far the least costly, it is the most popular.

This technology approach completely avoids the performance problems of VPN-over-satellite because there is no traditional VPN being used across the satellite portion of the connection.

TCP/IP over Satellite

IRIDIUM 9500 phones in the box

A significant difficulty encountered in supporting TCP/IP applications over satellite has to do with the inherent latency or delay of satellite systems. Because satellites are 23,000 miles above the earth, the time it takes for a signal to go from the ground to the satellite and back to the ground is just over 1/4 second. The TCP/IP protocol was designed for guaranteed transport. A server or PC sending data will begin by sending a few packets and then waiting for an acknowledgment that the data was received before sending any more. If the data is successfully received and acknowledged, the sending device will send more packets at a faster rate. It will continue to speed up until acknowledgments are lost. This tells the sending device what the speed or bandwidth capability of the transport services is, and it will send remaining data at that rate. Unfortunately, satellite latency appears to the sending TCP/IP device as a very slow or congested circuit. It expects an acknowledgment within a short time period and when it doesn’t get it, it throttles back and retries. Satellite vendors circumvented this problem by using TCP acceleration techniques sometimes called spoofing. This is based on the same techniques that were used to solve similar problems with IBM SNA/SDLC and other older protocols in the past. Many satellite solutions require an external device to provide TCP acceleration. Almost all legacy solutions accelerate TCP in only one direction. Many of the solutions are based on ‘spoofing’ the TCP/IP protocol. The problem here is that there is no end-to-end management of the TCP session, so if a packet is dropped midway through transferring a large file, the file must be retransmitted from the beginning. iDirect provides bi-directional TCP acceleration, built into the satellite router and hub equipment at both the remote site and teleport hub equipment. Further, the data transmission is tracked and buffered and occasional acknowledgments are sent end-to-end so that if an error does occur, only the corrupted portion need be retransmitted. http://www.emc-corp.net/pdfs/critical.pdf www.udcast.com/news/downloads/EETimes_12_4_2004.pdf http://www.udcast.com/news/downloads/CP_UDboost_05_2003_EN.pdf http://www.vsat-systems.com/satellite-internet-connection/VPN-over-satellite-large.pdf http://www.radn.com/pdf/dmd20-ebo.pdf

Why is spoofing so important?

Proprietary acceleration and advanced spoofing technology is employed to provide IP transparency and increase throughput speed. Spoofing is what makes the service capable of very high speeds.

Why is spoofing important? The entire Internet is based on TCP/IP. TCP (Transmission Control Protocol) manages and controls transmissions using IP (Internet Protocol). TCP sends data and looks for acknowledgments (receipts) sent back from the receiving end to indicate that everything was received. If the acknowledgments are not received, TCP resends the packets and slows down its transmission speed for future data. TCP expects these acknowledgments to be received within a certain time frame. Because of the long round-trip (90,000+ miles) that the packets must travel over the satellite link and back, the acknowledgments are delayed by several hundred milliseconds. If uncorrected, this delay would cause TCP to throttle back its speed dramatically.

Spoofing is accomplished by special NOC equipment (Hybrid Gateway) that causes TCP acknowledgments to be returned to the sender very quickly. It does this by spoofing (pretending to be the remote site) and acknowledging the packets instantly, at the same time as it forwards the packets to the remote site. TCP sees rapid acknowledgments and therefore ramps up its speed quickly. The Hybrid Gateway also looks for the real acknowledgments and discards them. If an acknowledgment is missed, the Hybrid Gateway resends the packet from its buffer. It is in this manner that multi-megabit speeds are made possible over satellite.

Signal accellration over satellite link

Web Highspeedsat