JBY Technologies

The Trouble With Satellite Internet Service

I have a customer who was very happy with the wireless internet service that was their only option in a medium sized New Mexico town. Based on that good experience, they took satellite internet service at a new location. The users at the new location immediately complained that they could not perform their job duties due to the slowness of the internet connection. The fundamental problem is that the radio transmitting towers in the neighboring hills are only a few miles away, but the satellite is tens of thousands of miles away. Even at the speed of light, the distance affects the thoughput.

In some areas, satellite is the only option, but here is what satellite users may likely have to deal with...

In order for a two-way satellite service to perform properly in conjunction with traditional terrestrial networks (Internet, Intranet), satellite data networks must employ special techniques to deal with the extra 44,600- mile space segment of the connection. Without those steps, the increased latency, the time required to traverse the extra distance, means that TCP severely limits performance.

The Internet relies on the Transmission Control Protocol (TCP) to ensure packet delivery without errors. TCP works by sending a certain amount of data, the "window size," then waiting for the receiver to send an acknowledgment of receipt. With TCP, the sender cannot transmit more data until it has received an acknowledgment. If an acknowledgment does not arrive in a timely manner, TCP assumes the packet was lost (discarded due to network congestion) and resends it. When packets go unacknowledged, TCP also slows the transmission rate to reduce congestion and to minimize the need for retransmissions.

TCP/IP sessions start out sending data slowly. Speed builds as the rate of the acknowledgments verifies the network's capacity to carry more traffic. This is known as slow-start, followed by a ramp-up in speed. The speed of the connection builds until the sender detects packet loss from a lack of an acknowledgment. This allows TCP to achieve the fastest practical data transfer rate for the conditions present on the network. Terrestrial networks typically have round-trip latencies in the range of 35 to 100 ms. Satellite networks, due to the distance of geosynchronous satellites above the equator, require 550 ms or more. Some satellite connections have much higher latencies. Depending upon the satellite hardware and subscription policy of the service provider, latencies of 800 ms to as much at 2,000 ms or more can occur.

TCP interprets the additional satellite transit time as network congestion. If uncorrected, this effect causes the network to send all additional packets at the slowstart rate.

Current satellite data networks employ a technique referred to as TCP acceleration or IP spoofing to compensate for the extra time required to transit the space segment. Special equipment at the carrier's main satellite hub appears to terminate the TCP session, so it appears to the sender as the remote location. In actuality the device at the satellite hub acts as a relay or forwarder between the originating terrestrial location and the remote satellite unit.

When the spoofing equipment receives Internet traffic destined for a remote satellite location, it immediately acknowledges receipt of the packet to the sender so more data packets will follow promptly. This way the sender never experiences the actual latency to the remote site because acknowledgments return rapidly. As a result, TCP moves out of slow-start mode quickly and builds to the highest practical speed.

To prevent packets from being acknowledged twice, the spoofing equipment suppresses acknowledgments from the remote site. In this way, computers behind a satellite link communicate seamlessly and efficiently with servers on the terrestrial Internet.

IPsec VPNs not only encrypt the data portion of packets, they also encrypt the TCP port number and IP address of the sender's computer. (Think of TCP port as the apartment number while the IP address is that of the building.) Consequently, only the VPN software at the remote site can decipher where packets originated and acknowledge receipt of data.

Popular IPsec VPNs, therefore, defeat TCP acceleration over satellite links because ground stations cannot adjust the fields in the header when those fields are encrypted. This situation requires that acknowledgments transit the space segment twice (over and back) and results in substantial performance degradation. The impact on performance increases as the latency rises.

Networking technology is improving constantly, so hopefully there will soon be a ingenious solution to this problem. But for now, bear in mind that wireless, wifi, cellular and satellite are not all the same thing. Try to do some research and speak with some existing satellite users in the area before you sign any contracts.

Bookmark and Share

Legal Notices