IETF Logo Mail Archive

Re: [multipathtcp] High-level design decisions /architecture

William Herrin <bill@herrin.us> Wed, 04 November 2009 20:18 UTC

Return-Path: <wherrin@gmail.com>
X-Original-To: multipathtcp@core3.amsl.com
Delivered-To: multipathtcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 35B443A690F for <multipathtcp@core3.amsl.com>; Wed, 4 Nov 2009 12:18:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uwn4jFAXPi5Q for <multipathtcp@core3.amsl.com>; Wed, 4 Nov 2009 12:18:57 -0800 (PST)
Received: from mail-ew0-f207.google.com (mail-ew0-f207.google.com [209.85.219.207]) by core3.amsl.com (Postfix) with ESMTP id B2BA13A68E5 for <multipathtcp@ietf.org>; Wed, 4 Nov 2009 12:18:56 -0800 (PST)
Received: by ewy3 with SMTP id 3so3524135ewy.37 for <multipathtcp@ietf.org>; Wed, 04 Nov 2009 12:19:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type; bh=zx0Ci4QWHu2uhws0ylcH/U75dECQ2L+cAYWBsmvT5d0=; b=Un2nhpMydlUEBCENMFJZgomZmQEl1VZqoyIvTWaLA1qDdkoUFRzSnHZ3UUh2bpFOi4 3CXNUSDwfdLi3KZcRueKwOur7XmHm0rHk9tpmTseyoTFntSQYjaiBLpzRbQyh/fXEhna WsTBgSmCO5Th0AB3C5Lcju5EQSScyIjlNS11Q=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=kayntHHcYcAzNdz9D5T6sQyB6NSI0AY3LaPFbcAhHiQQCREqMBLiM2bM48e6bnvpKn 0cD0yA0vqmux5NDEebm3X3Fyzw6vzjurHS9Pr8AsYmQmkulU/DI5RnMBoPPXzWXl00Lj gyL4F1Ep+fbS/yE4Ahtr8LNOHDIaVKZ9sJRxo=
MIME-Version: 1.0
Sender: wherrin@gmail.com
Received: by 10.216.88.195 with SMTP id a45mr666562wef.63.1257365952338; Wed, 04 Nov 2009 12:19:12 -0800 (PST)
In-Reply-To: <4AF09EA5.9030308@isi.edu>
References: <4A916DBC72536E419A0BD955EDECEDEC06363A62@E03MVB1-UKBR.domain1.systemhost.net> <3c3e3fca0911021328h2ef65493v9f0290f384f7b800@mail.gmail.com> <2181C5F19DD0254692452BFF3EAF1D6808C85178@rsys005a.comm.ad.roke.co.uk> <4AF09EA5.9030308@isi.edu>
Date: Wed, 04 Nov 2009 15:19:11 -0500
X-Google-Sender-Auth: bed4b5e9bd3839b9
Message-ID: <3c3e3fca0911041219o5ddea192h297afa82882992e3@mail.gmail.com>
From: William Herrin <bill@herrin.us>
To: multipathtcp@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Subject: Re: [multipathtcp] High-level design decisions /architecture
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/multipathtcp>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2009 20:18:58 -0000

On Tue, Nov 3, 2009 at 5:20 PM, Joe Touch <touch@isi.edu> wrote:
> TCP negotiates all options during the SYN - that's the only 'handshake'
> there is. TCP does not define option negotiation after connection
> establishment.
>
> I.e., you can decide to start the separate connections later, but you
> need to negotiate support for the option during the SYN.

Hi Joe,

I assume that's a convention rather than a hard protocol requirement.
Something previous folks working in the space have deemed a "wise
idea" rather than a "all these things will break if we don't" kind of
thing, yes?

Is there a good discussion on this somewhere so I can read up on the
rationale that brought it into being?




On Tue, Nov 3, 2009 at 6:03 PM, Ford, Alan <alan.ford@roke.co.uk> wrote:
> I think Scott's concern is with an IDS that may look at traffic which
> does not behave maliciously until it is spread across multiple subflows,
> thus requiring the IDS to do some correlation between (what it sees as)
> multiple traffic flows. But I'm sure Scott can be more specific...

Oh, I see. Like splitting the HTTP request into multiple subflows so
that the IDS can't see the request, yes?

Smells like a system configuration issue to me: if you want the IDS to
do deep packet inspection, you have to arrange for all possible flows
to and from the protected system to go past the same IDS and if your
protected systems are configured to support MP then then the IDS must
be able to recognize MP as well.

I'll entertain suggestions why it's actually worse than that, but at
the moment I don't see how that's a con versus MPTCP that breaks up
traffic some other way than subflows.


> I do have a
> concern that recommending APIs return a null value in such a case may
> itself be overloading an error signal to an application. I would hope
> that applications should be able to cope with such a return value, but
> it is unlikely that all will.

I figure that if we accept the proposal that we should support
applications using the legacy API at all then the best we can do for
the ones who need to know the local and/or remote address and port
information is to provide values which:

A. Are unlikely to induce a security problem, and
B. Will tend to pull up information about multipath TCP and legacy
apps if the user plugs the unexpected values into a google search.

My thought on this is that we should identify some IP address which is
routable as a destination in as few deployed IP stacks as possible. We
can register it with IANA as meaning "multipath TCP in operation but
legacy API in use."


>> The only downside that jumps out at me is that if a connection is
>> eligible for MPTCP we can't report to the application that the
>> connection definitely isn't MPTCP.
>
> Yes. And it also takes the initial decision to use MPTCP away from the
> initiating endpoint (not necessarily a bad idea, just something that
> changes what one may expect a transport protocol's behaviour to be).

Allowing either side to start MPTCP creates some complexity since:

1. The sides' attempts to start MPTCP could overlap requiring one of
them to yield to the other.
2. Regardless of who starts MPTCP, only the connection's initiator can
start up new subflows without running afoul of the firewall.


>> Retransmit is a problem. If retransmit is strictly independent then
>> the unexpected collapse of any subflow kills the entire connection.
>> That reduces overall TCP reliability to the product of each path's
>> reliability.
>
> What we have in the design as it stands is that, once a segment of data
> is transmitted on a subflow, that segment of subflow sequence space must
> only be used for that data. That does not, however, preclude also
> sending the same data on another subflow. The data-level sequence
> numbering will permit correct reassembly at the receiver, and this will
> ensure reliability and survivability over failure.
>
> Ah, well, that's kinda what I was describing above. What does your can
> of worms contain?

Closed windows. When the one or more subflows stall, the buffers in
the other flows will fill while the receiver waits for one of them to
contain the next packet in the sequence. How do you make sure there's
always enough buffer left in the other subflows to retransmit packets
from the stalled flow?

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin@dirtside.com  bill@herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

v2.23.0 | Report a Bug | By Email