Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Exchanging Data More Efficiently Using TCP Fast Open


TCP Fast Open (TFO) is an update to TCP that saves up to one full round-trip time (RTT) over the standard three-way connection handshake during a TCP session. TFO support is for MS-MPC and MS-MIC.

The standard three-way connection handshake involves three sets of send and receive messages between two hosts and the following exchange of SYN (synchronize) and ACK (acknowledgement) packets:

  1. Host A sends a TCP SYN packet to Host B. Host B receives it.

  2. Host B sends a SYN-ACK packet to Host A. Host A receives it.

  3. Host A sends an ACK packet to Host B. Host B receives it.

In standard TCP, although data can be carried in SYN packets, this data cannot be delivered until the three-way handshake is completed. TFO removes this constraint and allows data in SYN packets to be delivered to the application, yielding significant latency improvement.

The key component of TFO is the Fast Open Cookie (cookie), which is a Message Authentication Code (MAC) tag generated by the server. The client requests a cookie in one regular TCP connection, then uses it for future TCP connections to exchange data during the handshake.

The TFO option is used to request or to send a TFO cookie. When a cookie is not present or is empty, the option is used by the client to request a cookie from the server. When the cookie is present, the option is used to pass the cookie from the server to the client or from the client back to the server.

The following list outlines how the client requests a TFO cookie:

  1. The client sends a SYN with a TFO option that has the cookie field empty.

  2. The server generates a cookie and sends it through the TFO option of a SYN-ACK packet.

  3. The client caches the cookie for future TFO connections.

Thereafter, the two devices perform a TFO exchange:

  1. The client sends a SYN with data and the cookie in the TFO option.

  2. The server validates the cookie:

    • If the cookie is valid, the server sends a SYN-ACK acknowledging both the SYN and the data.

      The server then delivers the data to the application.

    • Otherwise, the server drops the data and sends a SYN-ACK acknowledging only the SYN sequence number.

The rest of the connection proceeds like a normal TCP connection. The client can repeat many TFO operations once it acquires a cookie (until the cookie is expired by the server). Thus, TFO is useful for applications in which the same client reconnects to the same server multiple times and exchanges data.

Related Documentation