Re: [multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)
Yoshifumi Nishida <nishida@sfc.wide.ad.jp> Wed, 04 October 2017 07:53 UTC
Return-Path: <nishida@sfc.wide.ad.jp>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2B2C13295C for <multipathtcp@ietfa.amsl.com>; Wed, 4 Oct 2017 00:53:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KSXCnzBDQ2um for <multipathtcp@ietfa.amsl.com>; Wed, 4 Oct 2017 00:53:14 -0700 (PDT)
Received: from mail.sfc.wide.ad.jp (shonan.sfc.wide.ad.jp [IPv6:2001:200:0:8803::53]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4342713202D for <multipathtcp@ietf.org>; Wed, 4 Oct 2017 00:53:13 -0700 (PDT)
Received: from mail-qt0-f175.google.com (mail-qt0-f175.google.com [209.85.216.175]) by mail.sfc.wide.ad.jp (Postfix) with ESMTPSA id 800E727874E for <multipathtcp@ietf.org>; Wed, 4 Oct 2017 16:53:11 +0900 (JST)
Received: by mail-qt0-f175.google.com with SMTP id 34so461762qtb.13 for <multipathtcp@ietf.org>; Wed, 04 Oct 2017 00:53:11 -0700 (PDT)
X-Gm-Message-State: AMCzsaWxPHjJnHAkkDpKHCqjOauFJvIl5NYEB/0wUrqvdjc/Xzng9Zrb fN8S26kuEtSct2tE8s4+Vlcj2qPTgcK+NwfGUcw=
X-Google-Smtp-Source: AOwi7QCm/TooF/uJzviingkJnbYIl8L26y6KJ4P50VlOVwd/ip2/tQvBIKA6kiFFJtET9qenJ8Wtv2+2gsyo1H4t5oc=
X-Received: by 10.37.179.9 with SMTP id l9mr3362289ybj.434.1507103590156; Wed, 04 Oct 2017 00:53:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.185.9 with HTTP; Wed, 4 Oct 2017 00:53:09 -0700 (PDT)
In-Reply-To: <272695de663e4adca1930203b32f44e7@HE105686.emea1.cds.t-internal.com>
References: <64f1b27aee214f6b99b5c474158d7426@HE105686.emea1.cds.t-internal.com> <e51005d7-23dd-d10e-9c8f-27ef155461b1@uclouvain.be> <79ac6cb307784db3a6d8ae1550a49573@HE105686.emea1.cds.t-internal.com> <272695de663e4adca1930203b32f44e7@HE105686.emea1.cds.t-internal.com>
From: Yoshifumi Nishida <nishida@sfc.wide.ad.jp>
Date: Wed, 04 Oct 2017 00:53:09 -0700
X-Gmail-Original-Message-ID: <CAO249yc4P9-NsHvwxAUBEQprtOXRTh5jChpOcZ=37hzMKj+h8Q@mail.gmail.com>
Message-ID: <CAO249yc4P9-NsHvwxAUBEQprtOXRTh5jChpOcZ=37hzMKj+h8Q@mail.gmail.com>
To: Markus.Amend@telekom.de
Cc: multipathtcp <multipathtcp@ietf.org>
Content-Type: multipart/alternative; boundary="f403045f2b0821910d055ab3e6c7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/D5kDSKn8stg66lk5oxhPhPwDxA0>
Subject: Re: [multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2017 07:53:17 -0000
Hi Markus,
I still need to think about it a bit more, but here's my current thoughts..
Sorry for slow response.
1: I am guessing we cannot use this approach with TFO yet. But, if TFO
cannot be used, it might affect the latency of some apps.
2: Although I am not sure as I'm not an implementor, but I feel it could be
a bit tricky to implement MP_JOIN_CAP as servers cannot be sure if this
subflow becomes primary or secondary until several packets are exchanged.
(also, I'm not sure how to merge connections when TFO is used.)
3: I guess we'll need another step after SA6.2 to verify the response from
host B.
Also, MP_JOIN_CAP will require extra RTTs when the other end doesn't
support it. (because it will need to send RST and MP_JOIN to establish a
subflow)
4: I tend to prefer just sending MP_JOIN after SA6.1 for simplicity so far.
We might be able to do everything in a shim layer.
--
Yoshi
On Tue, Sep 19, 2017 at 3:00 AM, <Markus.Amend@telekom.de> wrote:
> Dear all,
>
> any comments to my proposal from two weeks ago?
>
> BR
>
> Markus
>
> > -----Original Message-----
> > From: Amend, Markus
> > Sent: Montag, 4. September 2017 14:17
> > To: multipathtcp@ietf.org
> > Subject: RE: [multipathtcp] A proposal for MPTCP Robust session
> > Establishment (MPTCP RobE)
> >
> > Dear all,
> >
> > Based on feedback at IETF99, regarding MPTCP RobE proposal
> > (https://datatracker.ietf.org/meeting/99/materials/slides-99-mptcp-a-
> > proposal-for-mptcp-robust-session-establishment-mptcp-robe), I
> completely
> > reconsider the original approach, I presented. Remember, the "Downgrade"-
> > approach (see slides) was preferred from my side, because it combines
> > robustness and a huge latency reduction.
> >
> > The main feedback I got was:
> >
> > (1) Relying on SYN-Key-A as identifier to combine potential initial
> flows, raise
> > several issues
> > (1.1) not available in RFC6824bis anymore
> > (1.2) security, because
> > (1.2.1) Key-A is transmitted many times
> > (1.2.2) can be abused by accident/intend
> > (2) Separate robustness and latency functionality
> > (3) To much computing resources needed on receiver side to detect
> > duplicate Key-A
> > (4) Do it in the application layer library (build a shim layer); not
> in the
> > MPTCP standard and/or implementation to reduce complexity
> >
> > With the following reworked proposal (based on the "Downgrade" approach,
> > see slides), I try to address all of the points above.
> >
> > With Fig. 1, the flow diagram for the new proposal is depicted. It is
> referred
> > to MPTCP version 0, but should be equivalent to probable version 1
> > (RFC6284bis), just without a SYN-MP_CAPABLE containing Key-A.
> > To reach robustness, several separate MPTCP initial flows are initiated
> at the
> > beginning, in the following denoted as "potential initial flows". In
> step SA1
> > and SA2, respectively SB3 and SB4, standard MPTCP initial flow procedure
> is
> > applied, so no change so far. With occurring SA3/SA4 the requester "Host
> A"
> > has to decide which potential initial flow will be used further as
> initial flow
> > (e.g. the first which returns) and what shall happen with the other
> potential
> > flows. Either it can break all but one (e.g. sending RST at SA6.1) OR
> recycle
> > them (step SA6.2). Thereby, it is a full client side decision to use
> robustness
> > only or benefit from latency reduction as well and can be toggled
> separately
> > by e.g. sysctl globally and/or socket option.
> > Until SA6.1, it doesn't require any MPTCP standard modification!
> >
> > Host A Host B
> > ------------------------ ----------
> > Address A1 Address A2 Address B1
> > ---------- ---------- ----------
> > | | |
> > | SYN + MP_CAPABLE(Key-A) |
> > (SA1) |--------------------------------------------->| (SB1)
> > | | SYN + MP_CAPABLE(Key-A') |
> > (SA2) | |------------------------------->| (SB2)
> > | | |
> > (SA3) |<---------------------------------------------| (SB3)
> > | SYN/ACK + MP_CAPABLE(Key-B) |
> > (SA4) | |<-------------------------------| (SB4)
> > | | SYN/ACK + MP_CAPABLE(Key-B') |
> > | | |
> > | ACK + MP_CAPABLE(Key-A, Key-B) |
> > (SA5) |--------------------------------------------->| (SB5)
> > | | RST |
> > (SA6.1) | |------------------------------->| (SB6.1)
> > robust | | |
> > ness | | |
> > -------------------------------------------------------------------
> > latency | | |
> > red. | | ACK + MP_JOIN_CAP(Key-A, HMAC) |
> > (SA6.2) | |------------------------------->| (SB6.2)
> >
> > Key-B_fast_hash = crc16(Key-B) & 0x3FF -> (10bit)
> > HMAC_keys = HMAC(Key-A+Key-B+Key-B') -> (>=96bit)
> > HMAC = (HMAC_keys & ~0x3FF) | Key-B_fast_hash -> (size same as
> > HMAC_keys)
> >
> > Figure 1: Example Use of MPTCP RobE (for MPTCP version 0)
> >
> > For not wasting resources by breaking all but one and benefit in addition
> > from a huge latency reduction (see MPTCP RobE proposal, p.12,14+15,17),
> > one can make use of a new proposed MPTCP option "MP_JOIN_CAP",
> > illustrated in Fig. 2. According to Fig. 1, A1<->B1 is assumed as
> initial flow at
> > SA3 and A2<->B1 shall be recycled at SA6.2 (SA6.1 is skipped therefore).
> > Instead of sending an MP_CAPABLE in the third ACK, an MP_JOIN_CAP is
> > sent, which includes Key-A of the selected initial flow A1<->B1 and an
> HMAC,
> > coding Key-A, Key-B, Key-B' in a determined way (see Fig. 1 bottom).
> >
> > 1 2 3
> > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> > +---------------+---------------+-------+-------+---------------+
> > | Kind | Length |Subtype| | ADDR_ID |
> > +---------------+---------------+-------+-------+---------------+
> > | Sender's Key-A (64 bits) |
> > | |
> > | |
> > +---------------------------------------------------------------+
> > | HMAC (>=96 bits) |
> > | |
> > | |
> > : :
> > +---------------------------------------------------------------+
> > Figure 2: Multipath Join Capable (MP_JOIN_CAP) Option (for Third
> > MP_CAPABLE ACK)
> >
> > For the MP_CAPABLE, ADDR_ID is set to zero (like RFC6824) and for
> > MP_JOIN_CAP it is sent with.
> >
> > Which boundary conditions can happen:
> >
> > 1. Like Fig. 1, A1<->B1 is assumed as initial flow and MP_CAPABLE
> receives
> > first at Host B (SB5), A2<->B1 shall be recycled and ACK is sent with
> > MP_JOIN_CAP
> > If MP_JOIN_CAP is received it has to iterate once (like MP_JOIN) the
> > connection list and check for Key-A availability. If a Key-A connection
> is
> > found, it is validated against HMAC value. The validation has two
> reasons,
> > firstly several Key-A can exist, because different Hosts choose same
> Key-A by
> > accident. Furthermore no one can join a connection by just
> recording/brute-
> > forcing Key-A and duplicate the request. (solves point (1) from the
> feedback)
> >
> > 2. Like 1., but MP_JOIN_CAP arrives before the MP_CAPABLE at Host B
> >
> > 2.1 draft-ietf-mptcp-rfc6824bis-09
> > Based on Key-A, it will iterate over the connection list, but it
> will not
> > match, because Key-A from formerly selected initial flow hasn't arrived
> yet.
> > So it will continue with a fast iterate only over the connections, which
> are still
> > in establishment phase, using the 10bit Key-B_fast_hash (crc16(Key-B) &
> > 0x3FF). If it matches against a (precomputed) existing Key-B_fast_hash
> in the
> > connection list, it will validate with the HMAC(Key-A+Key-B+Key-B')
> again to
> > ensure legitimation. If successful, both, the initial flow and the
> MP_JOIN_CAP
> > flow, can be immediately established. This is true, because without the
> > knowledge of Key-B, Host A couldn't calculate the HMAC. So it is clear,
> that
> > host A had received the SYN/ACK (SB3).
> > This also mitigates the requirement of a reliable ACK (draft-ietf-mptcp-
> > rfc6824bis-09, p.15) exchange, because only one
> > MP_CAPABLE/MP_JOIN_CAP needs to reach receiver side.
> >
> > 2.2 MPTCP version 0 (RFC6824)
> > Can match based on Key-A, like 1., same effort as for a MP_JOIN.
> >
> > 3. A2<->B1 is selected as initial flow, because according SYN/ACK returns
> > earlier at Host A.
> > It is the same as 1. and 2., just the other way round :-)
> >
> > With these boundary conditions it has been shown, that no additional
> > computing resources are required (see feedback (3)), compared to todays
> > MPTCP, with a minimal exception of 2.1.
> >
> > With such a simple approach, and by adding an inconspicuous simple MPTCP
> > option MP_JOIN_CAP, MPTCP would be extended towards robustness and if
> > desired, latency reduction can be enabled on top, but obviously requires
> > receiver support. Negotiation is inherently given by the new MP_JOIN_CAP
> > which is either accepted or not. If not, the standard MP_JOIN process
> can be
> > applied.
> >
> > Because of such a simplicity and the massive benefit by optional latency
> > reduction, I still believe it fits best in the MPTCP layer itself and
> not in an
> > application shim layer (see feedback (4)).
> >
> > Due to the separation of robustness and latency reduction functionality,
> it
> > offers the chance to implement "robustness" in plain TCP as well. It
> could
> > look the same like in Fig. 1, (SA1)-(SA6.1), just without MP_CAPABLE
> option.
> > But be aware, it needs some kind of path management, which is already
> > present in MPTCP, but not in TCP. Furthermore I assume "robustness" is a
> > topic more related to taps working group, whereas "latency reduction" is
> > related to MPTCP obviously and depends on "robustness"!
> >
> > BR
> >
> > Markus
> _______________________________________________
> multipathtcp mailing list
> multipathtcp@ietf.org
> https://www.ietf.org/mailman/listinfo/multipathtcp
>
- [multipathtcp] A proposal for MPTCP Robust sessio… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Olivier Bonaventure
- Re: [multipathtcp] A proposal for MPTCP Robust se… Zuojing (2012 Laboratories)
- Re: [multipathtcp] A proposal for MPTCP Robust se… Olivier Bonaventure
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Yoshifumi Nishida
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Yoshifumi Nishida