Problem solve Get help with specific problems with your technologies, process and projects.

Reduce TCP congestion, packet loss on the WAN with SACK and FACK

TCP robustness and packet loss can be reduced with the use of the SACK and FACK algorithms on the WAN. Find out how these algorithms can help reduce congestion on the network.

Multiple segment losses can cause the TCP to lose its self-clock and this results in retransmission timeouts causing slow performance. During these timeouts, data transmission stops, which is further followed by a slow start. All these events strain or underutilize the network by making several roundtrip times resulting in significant performance degradation over long-delay (WAN) links. According to PCS (Pittsburgh Supercomputing Center) researchers, "the heart of this problem lies in the inability of Reno TCP to accurately control congestion while recovering from dropped segments."

Using the SACK, or Selective Acknowledgement, option greatly improves the robustness of TCP following congestion. It helps TCP survive multiple segment losses in a single window, without a retransmission timeout. SACK enables gathering additional information about important state variables such as congestion state, leading to improved TCP behavior during recovery.

FACK or Forward Acknowledgement is a special algorithm that works on top of the SACK options, and is geared at congestion controlling. FACK algorithm uses information provided by SACK to add more precise control to the injection of data into the network during recovery -- this is achieved by explicitly measuring the total number of bytes of data outstanding in the network. FACK decouples congestion control from data recovery thereby attaining more precise control over the data flow in the network.

The main idea of FACK algorithm is to consider the most forward selective acknowledgement sequence number as a sign that all the previous un-(selectively)-acknowledged segments were lost. This observation allows improving recovery of losses significantly.

This question was asked at Ask the Experts on

Puneet Mehta, Contributing expert

About the author: Puneet Mehta is a CISSP Security Architect, at SDG Corporation, an e-security consulting and a e-business software services and solutions firm headquartered in Connecticut.

Puneet started his career implementing and troubleshooting LAN/WAN systems combining different sizes and technologies. He moved on to focus on Internet security domain, designing and implementing enterprise security solutions using leading-edge technologies. As a security architect, Puneet helps clients to design and implement solutions and strategies to improve business performance by delivering a complete, business-focused, end-to-end enterprise security model. At SDG, his responsibilities include analysis, design and implementation of different e-security solutions for high-profile clients.

This was last published in May 2009

Dig Deeper on WAN technologies and services