IETF Logo Mail Archive

Re: HTTP Alternative Services Best Practices?

Lucas Pardue <lucaspardue.24.7@gmail.com> Tue, 17 December 2019 19:47 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1359A120CF8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 17 Dec 2019 11:47:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJ6y34ntFbKZ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 17 Dec 2019 11:47:28 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72F7F120CF0 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 17 Dec 2019 11:47:23 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ihImU-0001BJ-U6 for ietf-http-wg-dist@listhub.w3.org; Tue, 17 Dec 2019 19:45:18 +0000
Resent-Date: Tue, 17 Dec 2019 19:45:18 +0000
Resent-Message-Id: <E1ihImU-0001BJ-U6@frink.w3.org>
Received: from titan.w3.org ([2603:400a:ffff:804:801e:34:0:4c]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <lucaspardue.24.7@gmail.com>) id 1ihImS-00018i-3C for ietf-http-wg@listhub.w3.org; Tue, 17 Dec 2019 19:45:16 +0000
Received: from mail-vs1-xe32.google.com ([2607:f8b0:4864:20::e32]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <lucaspardue.24.7@gmail.com>) id 1ihImQ-0002BL-IJ for ietf-http-wg@w3.org; Tue, 17 Dec 2019 19:45:15 +0000
Received: by mail-vs1-xe32.google.com with SMTP id t12so7229207vso.13 for <ietf-http-wg@w3.org>; Tue, 17 Dec 2019 11:45:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LxU2yHxAyoMYzOn+Vi6lVHoxhPgCX2HPRU2vps3AvGM=; b=EKnvPHEduBcAgIVZsxdYsXfkjsWNeXDZTzzZWYchPY98siL7GYVm7OJXDGMkyP7LCA rbpUocqquSWnhGydz3RaUZCccbdYMIZKwQCvDZ/4zgZBXoXQlg/KUKC9p9tAdve10Bxq IgTUrPkCWCjeVHz8jvmLvxNLok/89QDZQWM8aqHEcHbfatnVyUHjyK7/t/tx0SqyLLmt +YwdjMGcTsjtKLYmhKWTk1cPeVMZ4ia2T6o0u7KurTRcjMM7Vvdj6GXxNPhu6Wq1QPzr dpGrFi/kyRkKYNRtoG7qvQkFuPPE+ko8LEHaZSmvBtGAJYioAaXtHD6GpyoZ4sdsBqAz Tj2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LxU2yHxAyoMYzOn+Vi6lVHoxhPgCX2HPRU2vps3AvGM=; b=SUuVF9IRTTpJE+GXffH4YDjuC8XZXe3U6H4QATXcVVK0LgTJ8MXvqIVrusF0uhSAD2 UHtURONuYPIukeKgS94dkcRGULFdPQ8ZA0ZeCEBai+X0xr7JH5u+tuwYQ44w1UhhoPt1 PHVNtNhsDrEFSg/9hGB1a74Pxvsrp6H6jZrFnFfupECpzMkEVstlpitRi4Y/D2OErRwD b0tqNdombJYNcTjjdwolEYdCE1pxNBwzCJZysySZkVnfvTw53Y/iPTVbNERYK2KUchid sp7h44Gk3wN9ElswwaxCCDo+xZENQiC6a/Sf0l7PwseI4HkeVfCf23a7tHRjEzE7OPNS stgQ==
X-Gm-Message-State: APjAAAXT0DBNl0l4pKmDmvWIa1tXQqiHYk/bsZjIEj5SIffYnGvNY1mx LBxIjRIC6A/F8I7LmmJ2RH4ruKIFwMPFiNaNiNLJxQ==
X-Google-Smtp-Source: APXvYqwckI0Suy4ZSkDOhfC2h9q/nzRUKtYZ+PfRjXuLArrII8u//Qi7voscV7bxihtoFTk8aoxFclM0Arr+yqdiD68=
X-Received: by 2002:a67:f8cf:: with SMTP id c15mr4090737vsp.27.1576611913234; Tue, 17 Dec 2019 11:45:13 -0800 (PST)
MIME-Version: 1.0
References: <CALGR9oaCNigDAZP=ue-sORxCJFzkVynhaJszjjY_ohN56ewy8g@mail.gmail.com> <CAJ_4DfQDgaouwoMyG1f2v4_CndWWNpqft+9=zbOfeM_ek7mSHA@mail.gmail.com> <DM6PR22MB20105A0DA471BB9419E6BDEADA500@DM6PR22MB2010.namprd22.prod.outlook.com>
In-Reply-To: <DM6PR22MB20105A0DA471BB9419E6BDEADA500@DM6PR22MB2010.namprd22.prod.outlook.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Tue, 17 Dec 2019 19:45:06 +0000
Message-ID: <CALGR9oYAURH4KnzHKmASQdOA6-rH+V-v2Ro2cekVQpnzZS-XNA@mail.gmail.com>
To: Mike Bishop <mbishop@evequefou.be>
Cc: Ryan Hamilton <rch=40google.com@dmarc.ietf.org>, QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000097d760599eb9127"
Received-SPF: pass client-ip=2607:f8b0:4864:20::e32; envelope-from=lucaspardue.24.7@gmail.com; helo=mail-vs1-xe32.google.com
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1ihImQ-0002BL-IJ 0228256e88dfc603a1c3a3bb2e6f8745
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP Alternative Services Best Practices?
Archived-At: <https://www.w3.org/mid/CALGR9oYAURH4KnzHKmASQdOA6-rH+V-v2Ro2cekVQpnzZS-XNA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37226
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I agree with both of your points. IMHO there are a few patterns of
deployment that likely benefit from different approaches to Alt-Svc usage.
RFC7540 provides the toolkit but not everything is a hammer nor a nail.

In my original email I also neglected to mention the Alt-Used header or the
"clear" special value, which may have different considerations applicable
to different deployments. Is there much experience with these at Internet
scale?

Lucas

On Tue, 17 Dec 2019, 19:27 Mike Bishop, <mbishop@evequefou.be> wrote:

> Saying that “persist=false would be deleterious” is a bit simplistic.  You
> wouldn’t use persist=false for your scenarios, true enough.  Persist=true
> is intended for alternatives that aren’t derived from the user’s network
> location, and therefore don’t need to be flushed when the network location
> changes.  (For example, this host also supports QUIC.)
>
>
>
> However, there are other scenarios where it is location-dependent – a CDN
> routing you to a closer node because DNS or Anycast didn’t get you close
> enough, for example.  If you change networks, not only is the node you were
> directed to no longer your closest, it might actually be prohibited from
> serving users on other networks.
>
>
>
> The right answer here is that you need to know which type of Alt-Svc
> you’re issuing.
>
>
>
> *From:* QUIC <quic-bounces@ietf.org> *On Behalf Of * Ryan Hamilton
> *Sent:* Monday, December 16, 2019 3:24 PM
> *To:* Lucas Pardue <lucaspardue.24.7@gmail.com>
> *Cc:* QUIC WG <quic@ietf.org>; HTTP Working Group <ietf-http-wg@w3.org>
> *Subject:* Re: HTTP Alternative Services Best Practices?
>
>
>
> Thanks for raising this issue! I think documenting best practices/guidance
> would be a great idea. I think the Google servers advertise a 30 day
> expiration (because 24 hours is *really* short). Further, it turns out that
> Chrome implicitly assumes persist = true (because Chrome incorrectly
> doesn't implement persist = false). We have a bunch of deployment
> experience with this model which I think suggests that shorter ttls and
> persist = false would be have a deleterious impact on performance.
>
>
>
> On Mon, Dec 16, 2019 at 4:02 AM Lucas Pardue <lucaspardue.24.7@gmail.com>
> wrote:
>
> Hello QUIC and HTTP members,
>
>
>
> HTTP Alternative Services (Alt-Svc) is specified in RFC 7838 which was
> published in 2016 [1].. Many of us are starting to use Alt-Svc and I wonder
> if its appearance of simplicity might cause some unintended effects on the
> Internet. In the 3 or so years since it was published, have any best
> practices emerged that might be useful to capture.
>
>
>
> Major uses of Alt-Svc today in no particular order: switching to gQUIC
> (typically on the same port), switching to HTTP/3, Opportunistic Encryption
> (RFC 8164) [2], Opportunistic Onion (advertising .onion [3]), and traffic
> management by advertising alternatives with different destination IPs or
> network path characteristics..
>
>
>
> Arguably, HTTP/3 will be the largest-scale deployed use case of Alt-Svc
> both in terms of advertisements and clients that take them up. Alt-Svc for
> this can be deceptively simple, which may lead to unexpected outcomes. For
> example, the minimal expression:
>
>
>
> Alt-Svc: h3-24=":443"
>
>
>
> invokes default values for parameters, "ma" is fresh for 24 hours and
> "persist" is false (i.e. clear alternative cache on network changes). One
> could imagine how this could cause bursts of activity at regular periods,
> or cascades due to end-user local conditions such as flocking or hopping.
>
>
>
> Finally, the proposal for an HTTPSVC DNS record [4] might attract a
> different population of operator that is less familiar with the expected
> behaviour of Alt-Svc implementations.
>
>
>
> Does anyone think it would be useful to share or document some guidance?
>
>
>
> Cheers
>
> Lucas
>
>
>
> [1] https://tools.ietf.org/html/rfc7838
>
> [2] https://tools.ietf.org/html/rfc8164
>
> [3] https://tools.ietf.org/html/rfc7686
>
> [4] https://tools.ietf.org/html/draft-ietf-dnsop-svcb-httpssvc-01
>
>

v2.23.0 | Report a Bug | By Email