IETF Logo Mail Archive

Re: [middisc] TCP middlebox option requirements

Ron Frederick <ronf@bluecoat.com> Thu, 10 June 2010 17:37 UTC

Return-Path: <ron.frederick@bluecoat.com>
X-Original-To: middisc@core3.amsl.com
Delivered-To: middisc@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 26D3B28C142 for <middisc@core3.amsl.com>; Thu, 10 Jun 2010 10:37:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.002
X-Spam-Level:
X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vhSg6tDe99TB for <middisc@core3.amsl.com>; Thu, 10 Jun 2010 10:37:07 -0700 (PDT)
Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by core3.amsl.com (Postfix) with ESMTP id 013A928C138 for <middisc@ietf.org>; Thu, 10 Jun 2010 10:37:06 -0700 (PDT)
Received: from exchfront1.internal.cacheflow.com (exchfront1 [10.2.2.114]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id o5AHb9nG027806; Thu, 10 Jun 2010 10:37:09 -0700 (PDT)
Received: from ronfred.sv.bluecoat.com ([10.2.15.99]) by exchfront1.internal.cacheflow.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 10 Jun 2010 10:37:03 -0700
Mime-Version: 1.0 (Apple Message framework v1078)
Content-Type: multipart/alternative; boundary="Apple-Mail-8--616003211"
From: Ron Frederick <ronf@bluecoat.com>
In-Reply-To: <AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADB9D7B9@MAILBOXES2.nbttech.com>
Date: Thu, 10 Jun 2010 10:37:03 -0700
Message-Id: <6F266BEA-ACD1-4E60-BA19-CC896126C11C@bluecoat.com>
References: <0C53DCFB700D144284A584F54711EC5809BD740A@xmb-sjc-21c.amer.cisco.com> <4BF6CF8A.5030707@bluecoat.com> <AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADAB3597@MAILBOXES2.nbttech.com> <4BFC6B29.1080706@bluecoat.com> <2A7D4A79-0E08-480F-A67B-35338D226E14@bluecoat.com> <AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADB9D3D6@MAILBOXES2.nbttech.com> <93730462-B3C5-4ACA-8C0A-C69F52BF0822@bluecoat.com> <B583FBF374231F4A89607B4D08578A4303EB17F3@bcs-mail03.internal.cacheflow.com> <ECD8F3EA-A5DB-4B47-B33F-E8952A6D2B4E@bluecoat.com> <AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADB9D7B9@MAILBOXES2.nbttech.com>
To: Mark Day <Mark.Day@riverbed.com>
X-Mailer: Apple Mail (2.1078)
X-OriginalArrivalTime: 10 Jun 2010 17:37:04.0032 (UTC) FILETIME=[8A314200:01CB08C3]
Cc: "middisc@ietf.org" <middisc@ietf.org>
Subject: Re: [middisc] TCP middlebox option requirements
X-BeenThere: middisc@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Discussions on TCP option for middlebox discovery." <middisc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/middisc>, <mailto:middisc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/middisc>
List-Post: <mailto:middisc@ietf.org>
List-Help: <mailto:middisc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/middisc>, <mailto:middisc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jun 2010 17:37:08 -0000

On May 28, 2010, at 9:17 AM, Mark Day wrote:
> Regarding sending options in the middle of a stream, I must admit that I'm still nervous about that, especially around how the middleboxes doing this will handle retransmissions of data packets originally sent with the option. However, I can see legitimate use cases for doing this, and I can see how an implementation could work if the options were just treated as essentially best-effort delivery with it being up to the specific middlebox implementation to handle any reliability concerns when sending such mid-stream options.
>  
> I may have inadvertently created this concern, and if so I’d like to clarify my position to see if we can get it off the table.
>  
> I objected to the requirement for restriction of options to headers with the SYN bit set, since Riverbed products do use options in other cases.  However, I don’t believe there is any case in which we start adding options in the middle of a stream.  Sometimes an option appears only on a few packets at the start of a stream and is no longer used after some number of exchanges; in other cases, an option is used for the entire duration of a connection. I don’t believe that we have any need for an option to suddenly appear midstream on a flow that did not previously use it.
>  
> As is correctly noted, it would not be reasonable to assume that a packet with a newly-added option will still be able to reach the destination, since something along the route may suppress it. If the middlebox had added a new option and was not receiving acks from the other side, it’s not clear what the right behavior would be. When I think it through a little, all of the choices seem problematic. It seems like a whole can of worms that is best avoided.

Thanks for the clarification, Mark. This makes perfect sense, and I see no problem with continuing to allow the option to be sent for all data packets on the connection.

As for the case where the option is sent only for a few packets at the start of a stream and no longer used after some number of exchanges, I guess I can see how to make that work. In that case, it seems like each side would need to keep retransmitting the option data it was sending to the other side in all data packets until it received a positive acknowledgement in the return option from the other side that the data had been received. This would happen independently in each of the two directions, if both sides wanted to send additional option data in packets after the SYN/SYN-ACK. Once the acknowledgement was received in either direction, that direction could stop retransmitting the corresponding option data.
-- 
Ron Frederick
ronf@bluecoat.com

v2.23.0 | Report a Bug | By Email