IETF Logo Mail Archive

Re: [core] RFC 7252 - Forward Proxies

Klaus Hartke <hartke@projectcool.de> Fri, 10 January 2020 09:48 UTC

Return-Path: <hartke@projectcool.de>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29C1F120814 for <core@ietfa.amsl.com>; Fri, 10 Jan 2020 01:48:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tMiRz101BJoC for <core@ietfa.amsl.com>; Fri, 10 Jan 2020 01:48:38 -0800 (PST)
Received: from wp382.webpack.hosteurope.de (wp382.webpack.hosteurope.de [IPv6:2a01:488:42:1000:50ed:8597::]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0C681200FD for <core@ietf.org>; Fri, 10 Jan 2020 01:48:37 -0800 (PST)
Received: from mail-qk1-f172.google.com ([209.85.222.172]); authenticated by wp382.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1ipquB-0004XD-4M; Fri, 10 Jan 2020 10:48:35 +0100
Received: by mail-qk1-f172.google.com with SMTP id c16so1256155qko.6 for <core@ietf.org>; Fri, 10 Jan 2020 01:48:35 -0800 (PST)
X-Gm-Message-State: APjAAAULRZJ/QZ/jePviunYTMP9HGBD6OtusP8ZRl1XP44x9ixaZcmEy vaPLuSK8v/taaMmFc0EtCXcndg5iKSgvcliO35U=
X-Google-Smtp-Source: APXvYqyZtdJNAMctXVotZSuW4Ds8g1IG8vZT2MV9Bmgd4MbCfhbPREGgX0Ba15AV1M6LT/8N/h/Btgjj6BPknj/7eQk=
X-Received: by 2002:a37:6d5:: with SMTP id 204mr2045745qkg.448.1578649713880; Fri, 10 Jan 2020 01:48:33 -0800 (PST)
MIME-Version: 1.0
References: <324677e1-06d4-a4d6-b79c-9a55c01adcbb@gmx.net>
In-Reply-To: <324677e1-06d4-a4d6-b79c-9a55c01adcbb@gmx.net>
From: Klaus Hartke <hartke@projectcool.de>
Date: Fri, 10 Jan 2020 10:47:57 +0100
X-Gmail-Original-Message-ID: <CAAzbHvYA4nX2ZaL__+yuk8W1e0JXZTx5D4fTgW0F3nJTat0spA@mail.gmail.com>
Message-ID: <CAAzbHvYA4nX2ZaL__+yuk8W1e0JXZTx5D4fTgW0F3nJTat0spA@mail.gmail.com>
To: Achim Kraus <achimkraus@gmx.net>
Cc: "core@ietf.org" <core@ietf.org>
Content-Type: text/plain; charset="UTF-8"
X-bounce-key: webpack.hosteurope.de; hartke@projectcool.de; 1578649717; 52c44423;
X-HE-SMSGID: 1ipquB-0004XD-4M
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/CAT4bQAdZPPo0NnjRFZ4VidNq2c>
Subject: Re: [core] RFC 7252 - Forward Proxies
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2020 09:48:40 -0000

Hej Achim!

Achim Kraus wrote:
> A informal description would be in my opinion, add the uri-host option,
> if it's not the IP-literal of the destination

Yes. A bit more precisely: The Uri-Host option is omitted in a request
if and only if its value equals the destination IP address of the
containing UDP datagram.

> (that assumes, that the
> term "destination" refers to the actual proxy to send the request to).

Yes. When sending a CoAP request to a forward proxy, the destination
of the UDP datagram is set to the IP address and UDP port number of
the forward proxy.

> But the text seems not to differentiate between the request's (which
> maybe the proxy) and the URI destination (which will be the "final
> destination", or something like that).

The CoAP options always encode the request URI, i.e., the URI of the
target resource. For example, if a client wants to GET a
representation of <coap://example.com:12345/.well-known/core>, then
the CoAP options always encode
<coap://198.51.100.1:12345/.well-known/core>, regardless of whether
the destination of the UDP datagram is (198.51.100.1, 12345) or the IP
address and UDP port number of a forward proxy.

> I'm also not sure, what the "or
> IPv4address" refers to.

This refers to the syntax rules for hosts in RFC 3986:

    host = IP-literal / IPv4address / reg-name

Example IP-literal: "[2001:db8::1]"
Example IPv4address: "198.51.100.1"
Example reg-name: "example.com"

> For me it seems, that stick strict to 6.4 would cause different option
> values, if a proxy is used and the "final destination" URI contains also
> a (different) literal IP address. For me "strict" will then result in a
> wrong request to the proxy.

This may need a bit clarification. When a request is intended for a
server, the request URI is encoded using the Uri-Host, Uri-Port,
Uri-Path, and Uri-Query options. (So, all the request URI components
are present, except for the scheme.) When a request is intended for a
forward proxy, the request URI is either encoded using the Proxy-Uri
option or the Proxy-Scheme, Uri-Host, Uri-Port, Uri-Path, and
Uri-Query options. (So, all the request URI components are present,
including the scheme.) Even though some of these options have the word
"Proxy" in their name, they still contain the components of the
request URI, not the IP address or UDP port number of the forward
proxy.

> "6 ... otherwise": if a Proxy-Scheme is used, should that default port
> be use? Or still the URI-Scheme's port? If the Proxy-Scheme is to be
> considered, that default port maybe unclear/unknown by the client
> implementation.

It's the port number of the request URI (or, if the port number in the
request URI is omitted, the default port number for the scheme of the
request URI). It's not the port number of the forward proxy.

Does that answer your questions?

Best regards,
Klaus

v2.23.0 | Report a Bug | By Email