IETF Logo Mail Archive

Re: [dtn] draft-ietf-dtn-tcpclv4-02 comments

Brian Sipos <BSipos@rkf-eng.com> Sun, 26 November 2017 10:47 UTC

Return-Path: <BSipos@rkf-eng.com>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6589126C89 for <dtn@ietfa.amsl.com>; Sun, 26 Nov 2017 02:47:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rkfeng.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bgKrL8ky5Iru for <dtn@ietfa.amsl.com>; Sun, 26 Nov 2017 02:47:34 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0053.outbound.protection.outlook.com [104.47.41.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B7AA126C19 for <dtn@ietf.org>; Sun, 26 Nov 2017 02:47:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rkfeng.onmicrosoft.com; s=selector1-rkfeng-com0i; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+/8Kr2dH0Moous78QZAgc+sM8UiiWsSHa7MphgJtnN8=; b=RLnUPe0ykwwMjW8XypHNHKWcSpFjsaLpAb26rMUtPrytoniInAhCz2Sfbw8fl3nshLBmcDJgXhRQU/6Kq/KeCKXqJ/duQE1OHEdkAmGJaFM+KtXhHNNkall1nX5y1xCo7I9ZIDhi8hCcN+RQuG1P9K8xz9ee91Kofdhc8782Afk=
Received: from BN6PR05MB3634.namprd05.prod.outlook.com (10.174.235.18) by BN6PR05MB3635.namprd05.prod.outlook.com (10.174.235.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.3; Sun, 26 Nov 2017 10:47:32 +0000
Received: from BN6PR05MB3634.namprd05.prod.outlook.com ([10.174.235.18]) by BN6PR05MB3634.namprd05.prod.outlook.com ([10.174.235.18]) with mapi id 15.20.0282.002; Sun, 26 Nov 2017 10:47:32 +0000
From: Brian Sipos <BSipos@rkf-eng.com>
To: Marius Feldmann <marius.feldmann@tu-dresden.de>, "dtn@ietf.org" <dtn@ietf.org>
Thread-Topic: [dtn] draft-ietf-dtn-tcpclv4-02 comments
Thread-Index: AQHS/5dzyMsPiqxEMU2y//mA1VnTiKJbG/GAgLaJfACAFZ/V6Q==
Date: Sun, 26 Nov 2017 10:47:32 +0000
Message-ID: <BN6PR05MB36341E8FEAECABF8275DC1EF9F240@BN6PR05MB3634.namprd05.prod.outlook.com>
References: <CAGQjfBoyDo_Jw5o1dkRF59CBtuVX+QhGAU+tmVFH-CFVL254tw@mail.gmail.com> <1500468613.27258.19.camel@rkf-eng.com>, <e97580d4-2ac0-f7c5-7bb6-1d062230f431@tu-dresden.de>
In-Reply-To: <e97580d4-2ac0-f7c5-7bb6-1d062230f431@tu-dresden.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=BSipos@rkf-eng.com;
x-originating-ip: [213.166.56.99]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR05MB3635; 6:dnxGb2T6Vxnm1zMpNUcBQpwEaRLn960kLqOIBbgY+qoUN7WKuTI/yK7eh9x3aS9P5wvxcYJkC6FZ5yROW9dj9591jGeSzmr7sjn40iJ3xbrBQTw5Y/jlRK7PKgUvLRZ6940kvFPbzFvGStnKVXVT9TwzXV/hLF86XsY5KBVHRhsw2c2ohp0f/8txqBRgW2TqRGfl/Ok6qJFOU8WzhgEpWpcztgB2NI6XNskPMuDMcuragjm19S6gvfr8JRKkJyw+QKjeW4VHvndUy7GX2dhwQOHePvmjsH+QJqfdtzK4gW+F3NjoovOiaRC+WJRzT8CZXILTQDvXDgGl+LDpmHenz4HFjA+yEkMieTbYcTK/fz8=; 5:ES6G92o//wCgPBZ0k+UuXPLQ0i64EeTyk/J7sslyMzUD89U/qf4R4xB+WjJIahGUsujc4sWBLpzR+TzM8qpDXx0oSDdVl6WSQ0SJbqvev+mSyI2510xHKlYoeiMaUc4lPCTwxWCm8ms4YwzxOjG+6UpAcEVneAI5MLIOpYsI2V0=; 24:BP2kNB74VMaa5Zmyn6Mkiv7383U5YEAxZVMVC7JaJ6PvKLszrhXWmONTF4eSHhPNfQzr6B+0B2w+Nc470j1niuNzLInA7pXyZv+OZrRKDuA=; 7:x/+59dz631Aa2frgrVEKqn20Vytz3Z6rMFiuS+FT4Q+ReJJ7LiixkT+1hZMpUMFh+DYt1R8vntq6CCOlFZvcfzqiyRxhoNcxXODDytINuUtgsh+OFhCKedzX/YzG5uku0qYbQXZuymOxnLIjaMokfjc8REjPGiqpVIjwX3A6GiMVwkYp1HZs/hLzv4kyErqsQAOk+04g+ntkXZJcn/G1oFs0gk7Qt4of5Q+owo3Ze4y/6D0B34W9TwUEqke2G8AM
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: da995618-1716-433b-f4ee-08d534bb18d0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4603075)(4627115)(201702281549075)(5600026)(4604075)(2017052603199); SRVR:BN6PR05MB3635;
x-ms-traffictypediagnostic: BN6PR05MB3635:
x-microsoft-antispam-prvs: <BN6PR05MB3635AA6641C853E0D08F249B9F240@BN6PR05MB3635.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(3231022)(10201501046)(6041248)(20161123555025)(2016111802025)(20161123558100)(20161123560025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(6043046)(201708071742011); SRVR:BN6PR05MB3635; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:BN6PR05MB3635;
x-forefront-prvs: 0503FF9A3E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39830400002)(346002)(376002)(199003)(377424004)(24454002)(15374003)(189002)(6116002)(80792005)(97736004)(3660700001)(6506006)(3846002)(54356999)(102836003)(2501003)(76176999)(3280700002)(25786009)(606006)(101416001)(229853002)(68736007)(86362001)(7736002)(81166006)(50986999)(7696005)(14454004)(189998001)(72206003)(8676002)(74316002)(81156014)(99286004)(6436002)(316002)(33656002)(6306002)(8936002)(53936002)(236005)(55016002)(966005)(6246003)(15974865002)(5660300001)(105586002)(345774005)(2900100001)(478600001)(54896002)(110136005)(2950100002)(66066001)(9686003)(77096006)(2906002)(106356001)(6606003)(53546010)(19627405001)(230783001); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR05MB3635; H:BN6PR05MB3634.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: rkf-eng.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN6PR05MB36341E8FEAECABF8275DC1EF9F240BN6PR05MB3634namp_"
MIME-Version: 1.0
X-OriginatorOrg: rkf-eng.com
X-MS-Exchange-CrossTenant-Network-Message-Id: da995618-1716-433b-f4ee-08d534bb18d0
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Nov 2017 10:47:32.1419 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4ed8b15b-911f-42bc-8524-d89148858535
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR05MB3635
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/nPxDWr1p6zb-DgBH8s_U-DxiR3o>
Subject: Re: [dtn] draft-ietf-dtn-tcpclv4-02 comments
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Nov 2017 10:47:38 -0000

Marius,

Thank you for these comments. I've been working through addressing them as well as I can.

Two of these need some further discussion though:


  *   Your comment about the USE_TLS flag is valid, but there had been discussion at an earlier IETF of whether the TLS behavior of TCPCLv4 is an integral part of the protocol and the conclusion was that it is integral to TCPCL and is to be mandatory-to-implement (but not mandatory-to-use). For this reason it's treated differently than any other extension which may come down the road.
  *   The comment about SHUTDOWN sequencing brings to light a possible consistency issue with the current spec and also with TCPCLv3. As it currently stands there is really no hard condition for closing a TCP connection after sending or receiving a TCPCL SHUTDOWN message. Since as currently stated (which is a carry-over from TCPCLv3) a node may send a SHUTDOWN but then continue to send a huge number of remaining XFER_SEGMENT messages, the receiver has no good logic to distinguish between a shutdown-but-wait-for-data behavior vs. a shutdown-and-close-connection behavior. I suppose the TCPCLv4 spec could explicitly mention both of these options as valid choices which would explain the "MAY" condition of Page 26.

________________________________
From: dtn <dtn-bounces@ietf.org> on behalf of Marius Feldmann <marius.feldmann@tu-dresden.de>
Sent: Sunday, November 12, 2017 11:21
To: dtn@ietf.org
Subject: Re: [dtn] draft-ietf-dtn-tcpclv4-02 comments

Hello,

below you will find some further comments about TCPCLv4 as described in [1].

Regards

Marius

[1] https://tools.ietf.org/html/draft-ietf-dtn-tcpclv4-02

----

Abstract:
* "Bundle Protocl" -> "Bundle Protocol"
* "...updates to the Bundle Protocol contents, encodings, and
convergence layer requirements in Bundle Protocl Version 7." - This
statement is not precise in my opinion. The current BP 7 draft only
provides general requirements in regards to the CL. Which precise
requirements does this statement point to?

Page 1:
* Page numbers provided in the table of contents are not correct
(increment by 1 to correct them).

Page 2:
* Maybe TCPCL could be motivated a bit better (currently it is just
stated that BP needs a CL)? Which precise problem(s) does TCPCL solve?

Page 3:
* "The locations of the TCPCL and the BP in the Internet model protocol
stack are shown in Figure 1." - Which protocol stack model is shown in
figure 1? Usually, we should stay with the one provided in RFC 1122
(which does not mention a physical layer and a presentation layer). It
seems this figure shows a combination of different models.

Page 4:
* Capitalized "Session" - should be written with lower case "s".
* Long form of "MRU" should be stated.
* Maybe the section "3.  General Protocol Description" should be
restructured into a section "3.1 Overview" (including the current
section 3.1) and "3.2 Example Message Exchange". Currently, the
structure is a bit strange with a long section introduction and a short
section 3.1. - in my opinion this could be merged to an "overview"
section 3.1.
* "XFER_INIT" may be mentioned in the section "3. General Protocol
Description" due to its appearance in figure 2.

Page 6:
* "The following figure visually depicts..." - Remove "visually". A
figure is a visual entity by definition, isn't it?

Page 7:
* Maybe figure 2 should also point out the parameters used in the
contact header?

Page 8:
* "Destination port number 4556 has been assigned by IANA as the
well-known port number for the TCP convergence layer." - Ports between
1024 and 49151 are named "Registered Ports", not "well-known", see RFC 6335.

Page 10:
* I was wondering if the "CAN_TLS" flag (which is actually the only
supported flag) could not be expressed as header extension item. If
expressed as header extension item it is also rendered possible to
differentiate between optional or enforced TLS.

Page 11:
* "reason code" is mentioned without introducing the concept globally,
maybe it should be introduced before or at least a reference should be
provided.
* "Each type This specification does..." - "Each type" should be
removed, I guess.

Page 13:
* "The message types defined in this specificaiton are listed in Table
3." - "specificaiton"; furthermore the information about table 3 is
redundant with the sentence before.

Page 21:
* "receving" -> "receiving", "DATA_SEGEMNT" -> "DATA_SEGMENT"

Page 22:
* "As bundles can be large, the TCPCL supports an optional mechanism by
which a receiving node MAY indicate to the sender that it does not want
to receive the corresponding bundle." - As it is stated in the next
sections, there are more reasons for transfer refusal besides the "size
of the bundle". Thus, the section may not be introduced in this way.

Page 26:
* "After receiving a SHUTDOWN message in response, both sides MAY close
the TCP connection." - Why is it "MAY", not "MUST"? The only reason may
be a reuse of the connection for a further TCPCL session. Before it is
mentioned that a contact header is sent via a new TCP connection (e.g.
page 9 "Once a TCP connection is established, both parties exchange a
contact header."). Which sence does it make to keep the TCP connection?
Either the "MAY" should be transformed to a "MUST" or the state in which
a contact header may be sent should be clarified.

----


On 19.07.2017 14:50, Brian Sipos wrote:
> Matt,
> This is some great feedback, I've in-lined responses below and also
> copied the DTN mailing list for their consideration.
>
> On Tue, 2017-07-18 at 00:28 -0700, Matt Wronkiewicz wrote:
>> DTN WG team,
>>
>> I read your draft for TCPCLv4 and look forward to implementing it.
>> Listed are some comments on the version at
>> <https://tools.ietf.org/html/draft-ietf-dtn-tcpclv4-02>:
>>
>>
>> 1. The contact header does not specify its total length. This may
>> cause a problem with header extensions because it is unclear at what
>> point a node should stop waiting for additional data, set the session
>> parameters, and start sending messages or upgrade security. The
>> contact header should include a length field that counts the
>> remaining
>> bytes including extensions.
>>
>> If it does not include a length field, there are some additional
>> ambiguities.
> This was definitely an oversight and needs to be added in. The contact
> header is supposed to be fully self-contained data, which right now it
> is not. We could add in an extension item count or an all-extension
> octet size. The size may be more helpful.
> I also didn't catch this earlier because I added extension handling to
> the spec but did not include this in the test implementation; oops!
>
>> 1.a. A critical header extension with no other flags could be
>> misinterpreted as a XFER_SEGMENT message, and vice versa. An
>> implementation must reject XFER_SEGMENT messages that do not follow
>> XFER_INIT with the same transfer id. It must not send them before
>> sending XFER_INIT. This should be clarified in 5.4.3. Data
>> Transmission (XFER_SEGMENT).
>>
>> 1.b. In Table 2: Header Extension Item Flags, several reserved bits
>> must be zero, or the header extension would collide with other
>> message
>> types that are allowed after the session is established.
>>
>>
>> 2. In Section 4.2. Validation and Parameter Negotiation, 3rd
>> paragraph, if two nodes send different version numbers in the contact
>> header, it is specified that one of the nodes must send a SHUTDOWN
>> with a version mismatch. There is no opportunity for the other side
>> to
>> downgrade to the older version. There is also no way for the older
>> version to negotiate a session, because it has not received the
>> connection flags and cannot interpret the remote EID.
>>
> I can add some guidance to this section. There is no mechanism for in-
> TCP-connection downgrade, so the recommended behavior is to re-connect
> on the same TCP port but then provide a TCPCLv3 contact header and see
> if the listening agent accepts that instead. A similar procedure could
> be use to try TCPCLv3 first then v4 after. The listener (TCP server)
> has discretion to look at the start of the contact header before
> sending its only reply header.
>
>> 3. The inability for two nodes supporting multiple TCPCL versions to
>> handshake is concerning. There are very few TCPCLv3 installations, so
>> backward compatibility is less of a worry. But if TCPCLv4 is
>> successful it will be widely deployed when there is a need for a new
>> version. It would be good to provide some mechanism for nodes that
>> implement both TCPCLv4 and v5 to establish a connection with a node
>> that only implements v4.
>>
>> One way to allow forward compatibility would be to require v4 nodes
>> to
>> send a VERSION_MISMATCH in response to a newer version, after which
>> the newer node may send a compatible contact header or disconnect.
>>
> Similar to above, do you think the one-version-per-connection-attempt
> is acceptable? Some additional informational language could be added to
> explain this situation.
>
>> 4. Nodes implementing TCPCLv4 will presumably already have functions
>> for CBOR encoding and decoding. Restructuring the messages to use it
>> would remove a lot of padding. It would also provide more flexibility
>> and robustness for adding header extensions and new protocol
>> versions.
>> I recognize this is a drastic change that you have probably already
>> discussed.
>>
> We definitely had discussed the original proposed SDNV vs. CBOR vs.
> fixed-length-fields and settled on current fixed-length due to the
> convergence layer being a lower-level protocol than BP itself. This was
> due to concern about complexity in a TCPCL implementation. There is
> also the possibility, I believe, of a pure bundle forwarder which
> speaks TCPCL but does not actually examine the bundle contents and
> simply forwards bundle, as opaque data, to some actual BP node.
>
>> 5. Table 13: SHUTDOWN Reason Codes is missing "Resource Exhaustion",
>> listed in Table 8: SHUTDOWN Reason Codes.
>>
>>
>> 6. In Table 8: SHUTDOWN Reason Codes, in the description for Resource
>> Exhaustion, the word "resource" is misspelled.
>>
> These will be corrected.
>
>> 7. The shutdown procedure is not specified when one node requires TLS
>> and the other does not set USE_TLS. It is unclear whether the
>> strict-TLS node should send SHUTDOWN with "Contact Failure" or "TLS
>> Failure". A more descriptive "TLS Required" failure code could be
>> added.
>>
> I agree that we should distinguish between "TLS Agreement Failure" when
> the endpoint policy disallows the agreed Enable TLS state, and "TLS
> Handshake Failure" where TLS is enabled and attempted but the handshake
> itself fails.
>
>> 8. In section 4.1.1. Header Extension Items, in the entry for Flags,
>> the word "unknown" is misspelled.
>>
> This will be corrected.
>
>> Thank you for your work on the DTN WG, and for considering my
>> feedback.
>>
>> Matt Wronkiewicz
> _______________________________________________
> dtn mailing list
> dtn@ietf.org
> https://www.ietf.org/mailman/listinfo/dtn
dtn Info Page - Internet Engineering Task Force<https://www.ietf.org/mailman/listinfo/dtn>
www.ietf.org
"This list is for discussions related to the formation of a Delay Tolerant Networking (DTN) working group. The IRTF DTNRG research group has worked on the particular ...



_______________________________________________
dtn mailing list
dtn@ietf.org
https://www.ietf.org/mailman/listinfo/dtn
dtn Info Page - Internet Engineering Task Force<https://www.ietf.org/mailman/listinfo/dtn>
www.ietf.org
"This list is for discussions related to the formation of a Delay Tolerant Networking (DTN) working group. The IRTF DTNRG research group has worked on the particular ...

v2.23.0 | Report a Bug | By Email