IETF Logo Mail Archive

Re: [multipathtcp] High-level design decisions /architecture

"Ford, Alan" <alan.ford@roke.co.uk> Tue, 03 November 2009 22:03 UTC

Return-Path: <alan.ford@roke.co.uk>
X-Original-To: multipathtcp@core3.amsl.com
Delivered-To: multipathtcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8376328B56A for <multipathtcp@core3.amsl.com>; Tue, 3 Nov 2009 14:03:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level:
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[AWL=0.201, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id chEnMW-mDcBD for <multipathtcp@core3.amsl.com>; Tue, 3 Nov 2009 14:03:46 -0800 (PST)
Received: from rsys001x.roke.co.uk (rsys001x.roke.co.uk [193.118.201.108]) by core3.amsl.com (Postfix) with ESMTP id A0ECE3A6831 for <multipathtcp@ietf.org>; Tue, 3 Nov 2009 14:03:45 -0800 (PST)
Received: from rsys005a.comm.ad.roke.co.uk ([193.118.193.85]) by rsys001x.roke.co.uk (8.13.1/8.13.1) with ESMTP id nA3N3p8L018595; Tue, 3 Nov 2009 23:03:51 GMT
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 03 Nov 2009 22:03:56 -0000
Message-ID: <2181C5F19DD0254692452BFF3EAF1D6808C8517F@rsys005a.comm.ad.roke.co.uk>
In-Reply-To: <3c3e3fca0911031128j4ae1b0a1vcc73f370ebb7d773@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [multipathtcp] High-level design decisions /architecture
Thread-Index: Acpcu+OTMGXXzzykQ3m97i5oNo3VEQAE+pow
References: <4A916DBC72536E419A0BD955EDECEDEC06363A62@E03MVB1-UKBR.domain1.systemhost.net><3c3e3fca0911021328h2ef65493v9f0290f384f7b800@mail.gmail.com><4AF04585.2050700@gmail.com> <3c3e3fca0911031128j4ae1b0a1vcc73f370ebb7d773@mail.gmail.com>
From: "Ford, Alan" <alan.ford@roke.co.uk>
To: William Herrin <bill@herrin.us>, multipathtcp@ietf.org
X-roke-co-uk-MailScanner: Found to be clean
X-roke-co-uk-MailScanner-SpamCheck:
X-roke-co-uk-MailScanner-From: alan.ford@roke.co.uk
Subject: Re: [multipathtcp] High-level design decisions /architecture
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/multipathtcp>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2009 22:03:47 -0000

Hi Bill, all,

> On Tue, Nov 3, 2009 at 11:00 AM, Scott Brim <scott.brim@gmail.com>
wrote:
> > My biggest con is if your destination is multiply connected behind
two
> > non-synchronized intrusion prevention devices.
> 
> Hi Scott,
> 
> I thought that was one of the pros of subflows? Since each subflow is
> its own 2-way TCP connection between two specific addresses they can
> interact with middleboxes independently without requiring the
> middleboxes to talk to each other?
> 
> Or am I missing something?

I think Scott's concern is with an IDS that may look at traffic which
does not behave maliciously until it is spread across multiple subflows,
thus requiring the IDS to do some correlation between (what it sees as)
multiple traffic flows. But I'm sure Scott can be more specific...

> On Tue, Nov 3, 2009 at 11:55 AM, Joe Touch <touch@isi.edu> wrote:
> > Scott Brim wrote:
> >> Joe, that's just not necessary except for legacy endpoint stacks.
See
> >> the iPhone and "connectByName".  If the API revolves around a
connection
> >> ID, regardless of underlying addresses, then IP addresses can come
and
> >> go as they with as long as the transport layer has some mechanism
of
> >> maintaining session authenticity and continuity.
> >
> > This is fine if you're defining a new transport protocol. TCP
*defines*
> > a connection by the socket pair. If that socket pair disappears and
you
> > keep the connection up, I would argue you need to use a different
> > protocol number because you've seriously changed the semantics.
> 
> Hi Joe,
> 
> I'll stake out a middle ground on this one.
> 
> On the one hand, this entire exercise is academic if we don't keep the
> connection up when the original address pair fails. The high-level
> purpose of something like MPTCP is to break TCP's dependence on IP
> address stability. So, you're right: we've seriously changed the
> semantics of the TCP connection.
> 
> On the other hand, the vast majority of TCP applications won't care
> about the change in semantics. If it's possible to improve these apps'
> capability without requiring the developers to touch them again,
> that's a plus that's hard to argue against.

I'd definitely agree with those two points.

> If you accept the preceding two points, it leaves an open question:
> what do we do about the apps which *do* depend on the non-MP
> semantics? My druthers here are: first and foremost be honest, and
> second: do what I say; don't try to guess what I mean.
> 
> Where the old API can't accurately present what's going on, it should
> offer a "no information" response, not an approximate response.
[snip]
> I tend to think that has to be the result as well. But if so then we
> should avoid offering faulty information via the APIs. That is, don't
> identify the connection by it's original IP address pair. If an
> old-api application cares what the address pair is but has been
> incompatibly instructed to use MPTCP, help it fail quickly rather than
> giving it a stochastic success rate.
> 
> This means that explicitly binding the local address should implicitly
> turn MPTCP off. It also means calls like getpeername and getsockname
> should return an error or zeroed values when MPTCP is enabled so that
> we explicitly notify the application that we can't provide accurate
> information.

I agree with the principle behind all of that. However, I do have a
concern that recommending APIs return a null value in such a case may
itself be overloading an error signal to an application. I would hope
that applications should be able to cope with such a return value, but
it is unlikely that all will.

It may be the lesser of all evils, however.

> On Tue, Nov 3, 2009 at 2:37 PM, Ford, Alan <alan.ford@roke.co.uk>
wrote:
> >> What's wrong
> >> with starting all TCP connections in non-MP mode and allowing the
> >> connection's initiator to request MPTCP starting with any packet
that
> >> expects an ACK?
> >
> > I'm intrigued with your suggestion, though. I see your point that
there
> > may not be any critical reason why this information should be known
at
> > the beginning of a session. I can't immediately think of any
technical
> > reason why doing it later in a session wouldn't work. But it would
need
> > further thought.
> 
> Hi Alan,
> 
> My druthers would be for an API and/or system tunable delay before
> MPTCP starts up so that very short lived TCP connections don't suffer
> any new overhead.

That's a very good point, actually. One of my long-standing concerns has
been how to best cope with applications that only need short-lived
sessions, and don't have the extended API to express it.

Another alternative could be a system-wide threshold for traffic before
kicking in multipath.

> The only downside that jumps out at me is that if a connection is
> eligible for MPTCP we can't report to the application that the
> connection definitely isn't MPTCP.

Yes. And it also takes the initial decision to use MPTCP away from the
initiating endpoint (not necessarily a bad idea, just something that
changes what one may expect a transport protocol's behaviour to be).

> >> each MPTCP subflow looks exactly like an ordinary, semantically
> independent
> >> TCP flow. MPTCP effectively runs on top. So re-transmission, FINs
etc are
> >> independent on each subflow
> >
> > [Alan: Yes, I think this is an important high-level decision]
> 
> Whoops, missed this one on the first read through.
> 
> Retransmit is a problem. If retransmit is strictly independent then
> the unexpected collapse of any subflow kills the entire connection.
> That reduces overall TCP reliability to the product of each path's
> reliability.

Ah, I may have read that point wrong.

What we have in the design as it stands is that, once a segment of data
is transmitted on a subflow, that segment of subflow sequence space must
only be used for that data. That does not, however, preclude also
sending the same data on another subflow. The data-level sequence
numbering will permit correct reassembly at the receiver, and this will
ensure reliability and survivability over failure.

> Even if we don't withdraw a segment from a subflow once it has been
> assigned, we need to be able to send another copy in a different
> subflow should the first subflow stall. Whole can of worms waiting for
> us there.

Ah, well, that's kinda what I was describing above. What does your can
of worms contain?

Regards,
Alan

v2.23.0 | Report a Bug | By Email