IETF Logo Mail Archive

Re: [multipathtcp] [Int-area] SOCKS 6 Draft

<mohamed.boucadair@orange.com> Fri, 07 July 2017 08:17 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6820F126CD6; Fri, 7 Jul 2017 01:17:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.608
X-Spam-Level:
X-Spam-Status: No, score=-2.608 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yQYBNICt1oIg; Fri, 7 Jul 2017 01:17:03 -0700 (PDT)
Received: from relais-inet.orange.com (mta241.mail.business.static.orange.com [80.12.66.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB89D1241FC; Fri, 7 Jul 2017 01:17:02 -0700 (PDT)
Received: from opfedar03.francetelecom.fr (unknown [xx.xx.xx.5]) by opfedar20.francetelecom.fr (ESMTP service) with ESMTP id 0F1F5120697; Fri, 7 Jul 2017 10:17:01 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.34]) by opfedar03.francetelecom.fr (ESMTP service) with ESMTP id E3475180084; Fri, 7 Jul 2017 10:17:00 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM6F.corporate.adroot.infra.ftgroup ([fe80::bd00:88f8:8552:3349%17]) with mapi id 14.03.0352.000; Fri, 7 Jul 2017 10:17:00 +0200
From: mohamed.boucadair@orange.com
To: Vladimir Olteanu <vladimir.olteanu@cs.pub.ro>, David Schinazi <dschinazi@apple.com>
CC: "Int-area@ietf.org" <Int-area@ietf.org>, multipathtcp <multipathtcp@ietf.org>
Thread-Topic: [Int-area] SOCKS 6 Draft
Thread-Index: AQHS9vFOvbFXN1Rf6EegJF/ZWBQrJqJH/inQ
Date: Fri, 07 Jul 2017 08:17:00 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93300A002076@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <149871247634.6490.5928844232347189122.idtracker@ietfa.amsl.com> <c215bf9d-5313-3a4b-ac47-dd34cb22766f@cs.pub.ro> <F42011E7-0F81-44DF-9DFC-A211B615DD33@apple.com> <004b4557-a926-9128-d3cf-0b3f41bef56e@cs.pub.ro> <AE3FC07A-DE86-4765-9D1F-00640942B4E4@apple.com> <3f975b41-78b0-9f50-6c46-cc8e30007f34@cs.pub.ro> <787AE7BB302AE849A7480A190F8B93300A000764@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <b33e4726-f255-75f7-5203-9e30faa36659@cs.pub.ro> <787AE7BB302AE849A7480A190F8B93300A000D16@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <a922a59f-2670-8d50-f3c5-99e1c29848ca@cs.pub.ro> <787AE7BB302AE849A7480A190F8B93300A001A07@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <6ca9c64f-c9ca-f245-e28f-16073fa46c39@cs.pub.ro>
In-Reply-To: <6ca9c64f-c9ca-f245-e28f-16073fa46c39@cs.pub.ro>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.1]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B93300A002076OPEXCLILMA3corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/F3Qe4T5zGVYdUFFB7SnwVjOovW8>
Subject: Re: [multipathtcp] [Int-area] SOCKS 6 Draft
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 08:17:05 -0000

Hi Vlad,

Please see inline.

Cheers,
Med

De : Vladimir Olteanu [mailto:vladimir.olteanu@cs.pub.ro]
Envoyé : vendredi 7 juillet 2017 09:19
À : BOUCADAIR Mohamed IMT/OLN; David Schinazi
Cc : Int-area@ietf.org; multipathtcp
Objet : Re: [Int-area] SOCKS 6 Draft


Hi Mohamed,
I'm replying specifically to the parts quoted below.

SOCKS is used by explicit proxies; anything related to transparent proxies is beyond its scope.
[Med] The definition we had so far is that "explicit proxy" means that the client is aware about the presence of the proxy and such packets are sent explicitly to that proxy. An explicit proxy can therefore behave either as transparent or non-transparent. I understand, that the current design assumes non-transparent mode.
 It does not preclude the deployment of anything transparent. In other words, I merely propose it as an alternative to MP_CONVERT.

Discussing PCP, IPv6 source address preservation, UPnP etc. makes no sense in this context.
[Med] I disagree. The support of incoming connections is one of the requirements of the MPTCP WG: "A session can be initiated from either end".
This is why I'm wondering how this typical flow can be achieved with SOCKS.

H<=====CPE<----------proxy<===RM
         +----------+


Cheers,
Vlad

On 7/6/2017 3:56 PM, mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> wrote:
De : Vladimir Olteanu [mailto:vladimir.olteanu@cs.pub.ro]
Envoyé : mercredi 5 juillet 2017 18:39
À : BOUCADAIR Mohamed IMT/OLN; David Schinazi
Cc : Int-area@ietf.org<mailto:Int-area@ietf.org>; multipathtcp
Objet : Re: [Int-area] SOCKS 6 Draft
 <SNIP>

On 7/5/2017 9:00 AM, mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> wrote:
<SNIP>

De : Vladimir Olteanu [mailto:vladimir.olteanu@cs.pub.ro]
Envoyé : mercredi 5 juillet 2017 01:35
À : BOUCADAIR Mohamed IMT/OLN; David Schinazi
Cc : Int-area@ietf.org<mailto:Int-area@ietf.org>; multipathtcp
Objet : Re: [Int-area] SOCKS 6 Draft
<SNIP>
Can you please let me know if the proposal supports the following features:

*         Support incoming connections (Proxy<---Remote Host): That is the proxy intercept a TCP connection that it transforms into an MPTCP one.
Yes. See section 7.2. The client makes a request and then has to keep the connection to the proxy open. When the proxy accepts a connection from a remote host, it informs the client of the remote host's address and starts relaying data. SOCKS 5 has the exact same feature. You are limited to one incoming connection per request, though.
[Med] In the plain mode, there is no such limitation because we are leveraging on PCP (RFC6887).

*         If such feature is supported, how a host located behind a CPE (Host----CPE-----Proxy----Remote Host) can instruct dynamically the CPE so that it can forward appropriately incoming connections?
It does not have to. The connection on the host-proxy leg is initiated by the client.
[Med] I'm not sure to understand your answer here. Let's consider that your host is using UPnP IGD to talk with the CPE to accept incoming connections + those connections are eligible to the MPTCP service. How the solution would work?


<SNIP>



*         IPv6 source address/prefix preservation

I'm not sure what you mean by that.
[Med] Please see slide 18 of https://www.ietf.org/proceedings/98/slides/slides-98-mptcp-sessa-network-assisted-mptcp-03.pdf

v2.23.0 | Report a Bug | By Email