The present invention relates generally to a network function modification method, and more particularly, but not by way of limitation, to a system, method, and computer program product for a network function to gracefully enter and exit a Transmission Control Protocol (TCP) connection when needed.
Virtualized Network Functions (VNF) may be commonly deployed in enterprise, telecommunications, and cloud environments for security (e.g., intrusion detection systems, deep packet inspection scrubber, etc.) and performance reasons (e.g., Split TCP, Wide Area Network (WAN) Optimizer or traffic shaper, etc.). During a TCP connection, there are instances where a network function is dynamically added or removed from a path between the user and the end server. For example, during the retrieval of a large file (e.g., a video), the user may move or the conditions of the network may change in such a way that the presence of the network function can instead slow down the connection. In such cases, leaving the network function in the path would consume processing resources of the network function that might be used to serve other users that can benefit from the network function (e.g., users in areas with poor coverage). Similarly, a connection could be migrated into the network function to improve the connection.
Thus, there is a need in the art to add or to remove a network function from the path of connection for some client-server sessions while the sessions are still in progress.
However, adding or removing network functions is not feasible in the conventional techniques for network functions that terminate the TCP connection to process the stream of data (e.g., WAN optimizer, Split TCP, etc.). Because those network functions terminate the TCP connection, there would typically be two resulting independent TCP connections (i.e., with their own sequence numbers).
That is, in the conventional techniques, if a network function is removed and stops processing the packets from the client but instead the network function forwards them to the server, the sequence number (or port number) will not match the sequence number (or port number) that is expected by the server. As a result, the TCP connection will stall. Similarly, if a connection is added to the network function in the middle of a transfer, a standard TCP stack on the network function would not recognize the network function and terminate the connection.