IETF Logo Mail Archive

Re: [Masque] ECN & Flow IDs

Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> Wed, 07 April 2021 12:42 UTC

Return-Path: <mirja.kuehlewind@ericsson.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70C1A3A25C3 for <masque@ietfa.amsl.com>; Wed, 7 Apr 2021 05:42:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JJrsEeOg_2Ox for <masque@ietfa.amsl.com>; Wed, 7 Apr 2021 05:42:10 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130058.outbound.protection.outlook.com [40.107.13.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D07163A1609 for <masque@ietf.org>; Wed, 7 Apr 2021 05:42:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WATadrSy+Ix5DrusCzBrpYA75Y0C3RMe1ZwWbvo7xYKUmVwTiESpzqIkxq9Lfz/jc6cys1DDxZYGYowr5EJQj5lJEZj8pEbT2EzbYbZlzeKvfNuRuoHQfIp9L78d8hzHO1GAFskOx/zT7uqRD+H/HsEcIJEYrxYenkaVWYkdsKImqUlPrLPvVwQQEnRH+VQVBBKBpAJKssVdXpJ7F4hMexmD1iKY55oFimFrHBwsiGfqbRSmBKFdExrpiphvEKDamtIVxb9mMVYTHngZSfHG9h47hBru9vb2sny40qm4nQLq1Repd2pMcBe8XPUuOPNpMXFOua2m0ThcCkuvA65iRg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QjQtoHTbenX9tqJHcEeBSndxNUiiWiKjStMO7IZeghI=; b=IWgQ2mI6TUeyDLLhtvtIaAKuJlUxvBV71U+jnWhF2QFhXcSMfT4tMpR4Lpmtq9sqvJk+eOw1NKoQvhDKZEfNvnhf1z1SDuQvhBPWbMOkV5w2uvYyP+qPMLUX/QoyVA0Ade8+laugYGzhc20OIf2sOEujDt284hnvZWiZvQS8Nb+UjmBsH4N6uWNVAOU1O+gkFBAa2P4IDcC3CUXGbnSFfS5S1JJpUa2sNuzlixYzPhgzi6M2G7LPZuFOL+B6V6z4/RaaDVpsJ1HZw+1S//81zHQbU7LfW/cHqljLD+V0MXkIX7TVS+sNNdtC4HZ57+yCh+XUOZTn9mVMEpqi6HG7ew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QjQtoHTbenX9tqJHcEeBSndxNUiiWiKjStMO7IZeghI=; b=Oec+HkFjFERvaIFcqxL1yu7v1hkW1tz9F3DjO9HNfac/kjPuyv0vXsWewAxnjjqflzi3/C8QuPfBYzAaQ/KghX00l0XbulgoLZeXmu1VLYlFi0GsJKVhnSBQCy8NeVRGbxkYmLxIln95VJZkoHskjgID+pLvpUPaIa9EaJuZE6Y=
Received: from AM0PR07MB3939.eurprd07.prod.outlook.com (2603:10a6:208:40::14) by AM0PR07MB5970.eurprd07.prod.outlook.com (2603:10a6:208:11b::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.13; Wed, 7 Apr 2021 12:42:06 +0000
Received: from AM0PR07MB3939.eurprd07.prod.outlook.com ([fe80::f5b3:5946:19c5:d8b8]) by AM0PR07MB3939.eurprd07.prod.outlook.com ([fe80::f5b3:5946:19c5:d8b8%6]) with mapi id 15.20.4020.018; Wed, 7 Apr 2021 12:42:06 +0000
From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
To: David Schinazi <dschinazi.ietf@gmail.com>, Martin Duke <martin.h.duke@gmail.com>
CC: Alex Chernyakhovsky <achernya@google.com>, MASQUE <masque@ietf.org>
Thread-Topic: [Masque] ECN & Flow IDs
Thread-Index: AQHXJbW1vTSBFeqDBkyrNFSyc8ns66qdQC0AgAAgTACABeZ7gIABncWAgARIOAA=
Date: Wed, 07 Apr 2021 12:42:06 +0000
Message-ID: <4457141D-32F8-4BA0-98DB-740823A80D56@ericsson.com>
References: <CAM4esxRmjWr-y-9-KAJmmKvGdONpPufgAbubUhPu_KaS1_Md9Q@mail.gmail.com> <CAPDSy+6go4xh4E55220upECkrept1Yb15diVhC8e3HEWsz52fQ@mail.gmail.com> <CAHbWFkTLC-VdZOX6yTTR9UAy37UZ8R8_t-pWtH=z0rdBZoV4Tg@mail.gmail.com> <CAM4esxTX8dtptAQ3szrzfCCiKYC3-_w=sai948=mvhhcdPiJyw@mail.gmail.com> <CAPDSy+7H224GLSn+7FxS8GdfPuAj_Gi72aXi_bdvfZH5FLcg_w@mail.gmail.com>
In-Reply-To: <CAPDSy+7H224GLSn+7FxS8GdfPuAj_Gi72aXi_bdvfZH5FLcg_w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.45.21011103
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [2003:de:e740:2700:4df7:b0d:5924:864b]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7122f270-a63c-4dbc-c628-08d8f9c28d77
x-ms-traffictypediagnostic: AM0PR07MB5970:
x-microsoft-antispam-prvs: <AM0PR07MB597053D64841CB3A201791AFF4759@AM0PR07MB5970.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: liyAIcGUHfZDGAC94vUZCkT12OsWzabW3fZcoTsEeyeCIzobxld86Li1B4yAdqpy99f7aMhe/k1fGbfLoflVrw3JfDyCz1TRumlcs5Fiu/bwXVtfpJ/PgURZzZCwaCnztIXqNbJg4QHqrx3cZVif/7goVWCquDIH6LJt4c9jX1hcc/vaIXMpKwidJEY+T59URLRWPemIJAbR+i0fgJtgsJcG+D+30YQqezUCJhwmj7dw891hYTyU7zs4x32tQQ3MGfZimi4vfU7jYegF41B20r3PthdrVCCmuQ6bN20bREr314pWUjMwq9MiYLbtxxr0UnAHB6zWHY7TdQypzzI/4ug9tAqOSV+y7WlDChMZ97z94uYVyiqcfNrf4xijWPAi7cQtdcYZ1u8kmVn+jqEnJUF7JgTaTw2mGBQ4DPCNAZg6D0Ev2KfRuirfU2t9WPxwlNqMMgFFq5GSX/LCFFHFtMNcDNYk2OOif7TgKwPTEqV7Dg80i3Tsv0BhQQ7/dyDsFgNmaEiGcmqnkEWkkMdUur5iqJJfwf6ZDFeCrl9kb/9k6der7JawP1gU8vhE6uEyp3iif9litSagszKmhn7oGtujvWKXpJZ532ovYkgI07eh5jZzHaCJOt44QL4ziHWPyJxSE222hl+rpZBWH144bKCS+e6o8Fx4JzdvBoxs09VQ2O7MP3i4fH88EglwNlB8VXL3I2EoO9ldHgh/bKnLSVKQB/ol+TaujRTL7lqe+WanV2LELoUyDg59dfc6LXPRuQnMKw/Y2fWwTCJt42uEjg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB3939.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(396003)(376002)(136003)(346002)(6512007)(36756003)(186003)(110136005)(76116006)(66946007)(66476007)(66556008)(64756008)(2906002)(6486002)(54906003)(66446008)(316002)(5660300002)(4326008)(38100700001)(966005)(478600001)(166002)(6506007)(53546011)(44832011)(33656002)(2616005)(8676002)(86362001)(8936002)(71200400001)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ba8z0UOYz9TRGPo+HkMRADHOISODR/BQRQkfFz3t4rVr+/J3EN/1FMgQkl91aWuyF5xJaKfNPeioXvV+cuuPM6qVeFlJq/njPrwctqsGiacKOEdO0GrQs+aZC+Q1RghfAPAcmaUvbMYHe/dXxqaRaXKL7u7F8CAJvQjV8oqE2SXXEZ0PXyF7NrjPsZS/EbykHuHIs0cedhhpgHWySRslHaB/ABAPdcpX2Wnf03TIJra+n/FCNjhVsbLLMkjDq70cPqfq/C1fN7k5bTcCQhkMGPkWc0+LoAhViyNQe6sRYB66IFSiHKeDy3LN5ZoXXOgXnsZky0g4TjFC25nYHvzvbp029K1TJYgveVebH7RFIx1WG6MSRCsWgAZ/OH7IfVD5Zpp46aXJmsOAZK8g1GmuknKkvOa2flg2YkUM2a0sxmfsOpPUr1rd0EO1S8kBmJ6zzV0Yz1orS7Z2mrR2YUrjT9HbzE+1Zpc9PP46NbkstVInZJHRxj0ia2184C9skAu5Bcm6r8G1yDlUP2W2bzZUIr66w5wULqYG+i0d79aKjycLnwPcYftwm59t0V+n2tc/zkOHxZBVLMxJNZ0chqrgAhOIYjQ9PEdHI8CKhfmJ65Jk6818PYhaPuAPef5a8EzJghFbdefjeJ55rcsHVgNc9tXprwTGOqdncw3BlPRTtlSrOBNp8oVt1ijE5guNCEyLrn5iZEDr1Eah6V5nMlE3qutV/DieYJk/R2mwu5N+1ETQ/Lq9obOZqV5MtTKoD8J1gzl3U+Ilj5sPM/AVNxsx7X+luov+Qb9/WhZtnuKoBwNmPLjf6DjSW322dAFLg0B+O41jS6kRYyrhjlrLG0zzIdj0yFDe8zzjO5/yBjKkaXFSfAc42BuuFer/MlXXYD8i7ErfYMJ6lMIc502l5yYnMsgtiTgignCcES94gk4oihMQgnin6cKYWaQWjRumzmYNf/G3if3T+RLmLvYOcQCFAoC1FxjcB/44FuSyl+AkDDtWd3BjpQogXt2j3h6PTgNWUaUm3PdPx6aN0qjwsOxtc62Y8Iz9Rj8VYIb+YB11kLajO0UbxpRCi1Xj7gWrytX8Q+r2jcqXDa2snAWTbnm7i+6IOd/brS1+18tgEdNK8FRlwjs8I3ioXNohYNguNVnrmWfKkvqKCP4frBLFyszdvx9y6IUTE6xZ82uDre3DRX5dzK5o2AxlBj/iuKr0FGc9brxZzs6UTwEA3ZRAoeP2MDiHR2yM9wbbh+ezb4VsauBmN2IPT7li8XkhsC3Lv58hsTwhWvXRn3anmThwtfo/sljM8i+QQxMqJ6E6NMlVNYtP7VUiXiPcKjdA8b5hCjSAfsEjukIOhO3mVsab901XpOASpsEhSOb/+U0LB9bhgbJAthb4pbSQXW3QLW2+avHg
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_4457141D32F84BA098DB740823A80D56ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB3939.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7122f270-a63c-4dbc-c628-08d8f9c28d77
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Apr 2021 12:42:06.4134 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: A4cfYJaGR1TZPDLS1biO8RoErLj7rEh7oN0wudvzNDCg4jnTcZl+BqUYMZEgHYrEYsicolSKlP8SwMYA93et/6Fh6wPszwy/is0KrZ5Sl9Q=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB5970
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/m3gkZNs5I__pcMOC_N7fpvh-SHE>
Subject: Re: [Masque] ECN & Flow IDs
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Apr 2021 12:42:15 -0000

I wouldn’t call that a decent solution as there is work underway to make all packets ECN capable. This is especially important  since losing the first packet of a connection usually has a higher delay penalty than any other packet.


From: Masque <masque-bounces@ietf.org> on behalf of David Schinazi <dschinazi.ietf@gmail.com>
Date: Sunday, 4. April 2021 at 23:19
To: Martin Duke <martin.h.duke@gmail.com>
Cc: Alex Chernyakhovsky <achernya@google.com>, MASQUE <masque@ietf.org>
Subject: Re: [Masque] ECN & Flow IDs

Martin, your understanding matches mine. I think using RFC3168-style ECN (where the client's first flight isn't ECN-Capable) seems like a decent solution here.

David

On Sat, Apr 3, 2021 at 1:37 PM Martin Duke <martin.h.duke@gmail.com<mailto:martin.h.duke@gmail.com>> wrote:
There's a problem with ECN (and anything else) that is both an extension and implies a different datagram format: IIUC, you are likely to add 1RTT of latency.

For example, with ECN, say there was just an "ecn" header field that mean the first byte was the TOS byte. If the server doesn't understand the extension, then datagrams that arrive before the response will be incorrectly parsed. It is therefore unsafe to send packets before the capability if fully negotiated.

With David's design, datagrams with ECT(0) are simply dropped by the proxy, because it doesn't have a mapping for the flow ID. To avoid loss, the client can simply send Not-ECT until it gets a response. This isn't a great outcome, but far better than always having to withhold the first flight.

Am I misunderstanding how this would work in practice?

On Tue, Mar 30, 2021 at 7:31 PM Alex Chernyakhovsky <achernya@google.com<mailto:achernya@google.com>> wrote:
I don't think ECN is a good example for discussing datagram flow IDs. I have a github issue (https://github.com/ietf-wg-masque/draft-ietf-masque-h3-datagram/issues/35<https://protect2.fireeye.com/v1/url?k=408475ca-1f1f4cab-40843551-86d8a30ca42b-3047b2712c0c3067&q=1&e=090bd79d-94f2-4b16-9aa9-8dcf0b51791f&u=https%3A%2F%2Fgithub.com%2Fietf-wg-masque%2Fdraft-ietf-masque-h3-datagram%2Fissues%2F35>) out to remove the ECN example. (I much prefer passing the ECN information in the datagram payload, prefixed ahead of the packet as David describes).

In addition to the issues that David describes, I think we should also consider whether the Datagram-Flow-Id header is a list separately from whether we allow a 1:many mapping between streams and datagram flow IDs. (I would like to make sure we do not have a many:many or many:1 mapping where multiple streams are responsible for multiple datagram flow IDs)

Sincerely
-Alex

On Tue, Mar 30, 2021 at 8:36 PM David Schinazi <dschinazi.ietf@gmail.com<mailto:dschinazi.ietf@gmail.com>> wrote:
The trivial other approach to solving ECN would be to prefix the UDP payload with a type byte that contains the two ECN bits and 6 unused bits.
That would definitely work, and therefore I don't think ECN is a good example to use as a discussion starter for how flow IDs are managed.
I wrote that draft to test out the extensibility of the CONNECT-UDP design, I'm not planning on moving it forward at this time.

More conceptually, the main question is whether we allow one client-initiated bidirectional stream to map to multiple datagram flow IDs.
The approach I've taken is to say yes: that allows us to reuse the flow ID multiplexing logic to encode additional information in the flow ID.
You could build something isomorphic to this where you say no and have one flow ID per stream, and then add a second varint right after the flow ID.
Since datagrams have to fit in a QUIC packet, adding more varints eats into available datagram MTU which makes me prefer the multiple flow IDs per stream approach.
Both are pretty much equivalent in terms of implementation complexity: either way you need a hash table mapping from a varint to what that varint means.
There is more complexity in how you convey that mapping (right now this is done using parameters on the Datagram-Flow-Id header), but I don't think
requiring one flow ID per stream solves any of that complexity, you'll still need a way to convey extension information. The ECN example is so simple that
it doesn't require sending much extension information, but if you look further at enabling optional IP header compression in CONNECT-IP, then you'll want
a way to associate a varint with which IP addresses you're compressing.

I think the question we have to answer becomes: do we want MASQUE protocols to be extensible? Our options are:
- disallow extensibility and slightly simplify the protocol
- allow extensibility via multiple flow IDs per stream, and deal with the slight complexity
- allow extensibility with a single flow ID per stream, and deal with the slight complexity
Personally, I feel strongly that we should allow extensibility.

David


On Tue, Mar 30, 2021 at 3:40 PM Martin Duke <martin.h.duke@gmail.com<mailto:martin.h.duke@gmail.com>> wrote:
Hello MASQUE,

At IETF 110 there was a lot of good discussion challenging the foundations of the CONNECT-UDP framework, including the relationship between streams and Flow-IDs. While CONNECT-UDP happens to use flow IDs somewhat incidentally, the real action with the controversial multiple-flow-id-per-CONNECT happens in David's (unadopted) ECN draft: https://datatracker.ietf.org/doc/draft-schinazi-masque-connect-udp-ecn/

Leading up to the interim, it would be great if one of the detractors of the flow-id mapping submitted their own approach to solve ECN. This would help to illuminate the tradeoffs. Speaking as an individual, I am also hoping to move the ECN work forward and having another design would help to do that.

Thanks,
Martin
--
Masque mailing list
Masque@ietf.org<mailto:Masque@ietf.org>
https://www.ietf.org/mailman/listinfo/masque
--
Masque mailing list
Masque@ietf.org<mailto:Masque@ietf.org>
https://www.ietf.org/mailman/listinfo/masque

v2.23.0 | Report a Bug | By Email