LLMpediaThe first transparent, open encyclopedia generated by LLMs

RFC 4987

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Stream Control Transmission Protocol Hop 4
Expansion Funnel Raw 73 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted73
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
RFC 4987
Number4987
TitleNot All Who Wander Are Lost: Avoiding Problems with Early TCP Implementations
AuthorsDave Thaler
Published2007-09
StatusBest Current Practice
SeriesRFC

RFC 4987 RFC 4987 is a Best Current Practice document published in 2007 that addresses interoperability and robustness issues arising from divergent TCP implementations. It provides recommendations intended to reduce connection failures and promote reliable operation across implementations developed by diverse vendors and standards bodies.

Background

The document arose from operational experience involving interoperability among implementations produced by organizations such as IETF, Internet Engineering Task Force, Microsoft, Apple Inc., Cisco Systems, Juniper Networks, IBM, Oracle Corporation, Sun Microsystems and academic projects at MIT, Stanford University, University of California, Berkeley, Carnegie Mellon University and University of Cambridge. Events like the IETF 58 meetings, discussions in the IETF TCPM Working Group, and incidents reported by operators at RIPE NCC, ARIN, APNIC and LACNIC highlighted how differing interpretations of earlier standards such as RFC 793, RFC 1122, and RFC 3168 could produce connection failures. The history of transmission control protocols also intersects with work by researchers associated with Vint Cerf, Bob Kahn, Leonard Kleinrock, Paul Baran and institutions including DARPA and Bell Labs.

Scope and Purpose

RFC 4987 aims to document problematic behaviors observed in TCP implementations and recommend conservative choices for implementers from vendors like Sun Microsystems and Microsoft as well as open-source projects such as FreeBSD, NetBSD, OpenBSD, Linux kernel and BSD-derived stacks. The purpose is to improve robustness in heterogeneous environments involving equipment from Cisco Systems, Juniper Networks, Broadcom, Intel Corporation and software stacks used by Apache HTTP Server, NGINX, Google LLC, Facebook, Inc. and research deployments at CERN. The scope includes interaction with standards like RFC 793 and later clarifying documents while excluding protocol redesigns such as those later explored by QUIC initiatives at IETF QUIC Working Group.

Key Recommendations

RFC 4987 recommends conservative defaults and interoperability-minded behavior for implementers from companies like Microsoft, Apple Inc., Cisco Systems, Juniper Networks and projects like Linux kernel and FreeBSD. Specific recommendations relate to how stacks handle unusual TCP sequences, delayed acknowledgments influenced by research from Van Jacobson, retransmission strategies debated at IETF TCPM Working Group, handling of window updates in situations studied by Vint Cerf and compatibility choices highlighted by implementers at IETF 60. It advises against aggressive heuristics promoted in some vendor designs and encourages behavior consistent with historical practice from BSD Unix and research prototypes at Xerox PARC and Bell Labs. The document suggests concrete actions for developers in organizations such as Google LLC and Facebook, Inc. to prefer robustness over optimization that harms interoperability with stacks from IBM or Oracle Corporation.

Security Considerations

The security implications described involve interaction with mechanisms and actors like CERT Coordination Center, US-CERT, ENISA, and threat models discussed at Black Hat USA and DEF CON. RFC 4987 warns that deviations from conservative TCP behavior can open avenues for denial-of-service conditions exploited by adversaries referenced in reports by Mandiant and Kaspersky Lab and discussed in policy forums at NIST and IETF SECWORK. It emphasizes that implementers from vendors including Cisco Systems and Juniper Networks must weigh robustness recommendations alongside security practices advocated by OWASP and incident responders at SANS Institute.

Implementation and Impact

Adoption of RFC 4987's guidance influenced implementations in stacks maintained by FreeBSD, OpenBSD, NetBSD, Linux kernel maintainers, commercial systems from Microsoft, Apple Inc., Cisco Systems and research projects at MIT and Stanford University. Operators at AT&T, Verizon Communications, Comcast, Level 3 Communications and content providers like Akamai Technologies and Cloudflare reported reduced intermittent connection failures after aligning behavior with the recommendations. The practical impact was reflected in interoperability test events organized at IETF Interop sessions and coordination through registries such as IANA and collaborative forums like IETF Datatracker.

Reception and Updates

The document was discussed in IETF TCPM Working Group meetings and cited in implementation notes from vendors including Microsoft, Apple Inc., Cisco Systems and in open-source changelogs for FreeBSD, OpenBSD and the Linux kernel. Follow-up clarification and related guidance appeared in later documents and working group drafts at IETF and in research papers from ACM SIGCOMM and conferences such as USENIX and IEEE INFOCOM. While not a protocol redesign like later QUIC or HTTP/2 work at IETF HTTP Working Group, RFC 4987 remains a reference for implementers seeking pragmatic interoperability advice.

Category:Internet Standards