IETF Logo Mail Archive

Re: [multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)

<Markus.Amend@telekom.de> Thu, 13 July 2017 11:48 UTC

Return-Path: <prvs=3609ddca8=Markus.Amend@telekom.de>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1980A131461 for <multipathtcp@ietfa.amsl.com>; Thu, 13 Jul 2017 04:48:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.32
X-Spam-Level:
X-Spam-Status: No, score=-4.32 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CLMDk0--vn1e for <multipathtcp@ietfa.amsl.com>; Thu, 13 Jul 2017 04:48:06 -0700 (PDT)
Received: from MAILOUT31.telekom.de (MAILOUT31.telekom.de [80.149.113.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2579E12ECEF for <multipathtcp@ietf.org>; Thu, 13 Jul 2017 04:48:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1499946486; x=1531482486; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=DXzt3Exj3Il5JiP0qsd5Tn6zCVZXJURkbPHUSgGw/C0=; b=hlnDUVotOOtOplJFR0CdIWpk/9CaSepNYK68y4P16Npi7GBZ0e/h5sdN GEWuilwF4WJwp0hskaOn2il24Vj7L1ma0Viy6MHRo1EM3IgsV5LkYm1+7 P73osCM2U9uP6hWJfJZJO4LNlV24EzqSW1Le6jEOndRGONramS0wRUMAc 6a6VssKJw+Rsb2o7h9ibPjc13FVy1YPGmjPhNS8+pX+s41vatQrkFfne5 qe412MTAHiA39ZMYbOnE9GGkKNbXMDTynF+n68PEOdWaHlnaD1CLhekpT BAcII4Miy9p5HK1qtJfTayArpJDysIfEjOTnXz5EAlTxXPndh2FSrFtv/ Q==;
Received: from qde8e4.de.t-internal.com ([10.171.255.33]) by MAILOUT31.telekom.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Jul 2017 13:48:01 +0200
X-IronPort-AV: E=Sophos;i="5.40,353,1496095200"; d="scan'208";a="40726866"
Received: from he105686.emea1.cds.t-internal.com ([10.169.119.48]) by QDE8PP.de.t-internal.com with ESMTP/TLS/AES256-SHA; 13 Jul 2017 13:48:01 +0200
Received: from HE105686.EMEA1.cds.t-internal.com (10.169.119.48) by HE105686.emea1.cds.t-internal.com (10.169.119.48) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Thu, 13 Jul 2017 13:48:00 +0200
Received: from HE105686.EMEA1.cds.t-internal.com ([fe80::a951:f05b:3de5:32d9]) by HE105686.emea1.cds.t-internal.com ([fe80::a951:f05b:3de5:32d9%26]) with mapi id 15.00.1263.000; Thu, 13 Jul 2017 13:48:00 +0200
From: Markus.Amend@telekom.de
To: multipathtcp@ietf.org
Thread-Topic: [multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)
Thread-Index: AdL5l2p+5KDR4ahqRJeh9onNd2ThSgBn5kmAACWZiyA=
Date: Thu, 13 Jul 2017 11:48:00 +0000
Message-ID: <79ac6cb307784db3a6d8ae1550a49573@HE105686.emea1.cds.t-internal.com>
References: <64f1b27aee214f6b99b5c474158d7426@HE105686.emea1.cds.t-internal.com> <e51005d7-23dd-d10e-9c8f-27ef155461b1@uclouvain.be>
In-Reply-To: <e51005d7-23dd-d10e-9c8f-27ef155461b1@uclouvain.be>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.117.30.239]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/GOhxj0YfI9M6lxD3I8pUXpSETzw>
Subject: Re: [multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jul 2017 11:48:09 -0000

Hi Olivier,

thanks for your feedback, see inline...

BR

Markus 

> -----Original Message-----
> From: Olivier Bonaventure [mailto:Olivier.Bonaventure@uclouvain.be]
> Sent: Mittwoch, 12. Juli 2017 21:48
> To: Amend, Markus <Markus.Amend@telekom.de>; multipathtcp@ietf.org
> Subject: Re: [multipathtcp] A proposal for MPTCP Robust session 
> Establishment (MPTCP RobE)
> 
> Markus,
> 
> The problem that you raise is very similar to the HappyEyeBalls 
> solutions that is used by web browsers on dual-stack hosts. The final 
> goal is to make sure that applications can connect quickly to a 
> destination when there are two paths available and one of them is bad.
> 
> I think that there are two ways to solve this problem :
> 
> 1. Enhance MPTCP so that MPTCP can support this use case without 
> requiring any modification to the applications

That is exactly what we aim to, because of application transparency. MPTCP is a wonderful protocol which extends TCPs single path limitation to multipath support. But again, like the TCP it tries to improve in respect to multipath support, it depends during sessions establishment from a single path. We see the chance to make MPTCP both robust against default route blocking and at the same time reduce establishment latency to the fastest path in game. This idea of robustness and acceleration is implemented in our "Downgrade" proposal, without any network overhead, but obviously a proposal with higher complexity. Especially compared to an approach which only tries to solve robustness challenge.

> 
> 2. Enhance the applications without adding complexity to MPTCP
> 

You are absolutely right to raise this option, which was never in focus of us, because we think/thought it should be a MPTCP inherent capability, see above. But why not...
At the end it needs special treatment from application developers, where I ever thought, that MPTCP focus is to be application transparent.

> Concerning the first approach, I guess that you solution is to let the 
> server parse through all the received SYN with a given key to check 
> whether this is a dual connection establishment or a regular 
> connection establishment. The limitation of this approach is that 
> server needs to lookup all the keys of the received SYNs (possibly 
> during a given period of time as you mention in your
> email) everytime it receives a SYN. This increases the SYN processing 
> time on servers and thus the risk of denial of service attacks.

Yes, good observation. Indeed, it is a risk and I guess without additional processing, compared to MPTCP, it is hard to solve.

Our implementation uses the same functionality as exists in the MPTCP reference implementation for ensuring local uniqueness of keys respectively the corresponding token (hashtables). Thus the complexity is reduced to search the correct hash table entry and then only parse the linked list stored at this point.

> It would be interesting
> to see how your implementation copes with this issue. Note that it 
> requires the presence of a key inside the SYN (as defined in RFC6824). 
> This implies that this is not compatible with RFC6824bis.

It seems so, just read it the first time and yes, if KeyA is missing it is hard to figure out SYNs, related to the same request.

> The second approach has been used successfully with HappyEyeBalls by 
> web browers. It could be integrated in any library or higher level 
> programming language by simply trying to open separate MPTCP 
> connections and reset that one that connects slowly. A kernel 
> implementation could probably also include code to support these parallel establishments of MPTCP connections.
> This would allow all applications to benefit from this feature, even 
> those that use the C socket API directly.

It is like the "Break before make" or "Timer" proposal from my original email, which is very similar to HappyEyeBalls idea in kernel space.

> The main benefit of the second approach is that the client is in 
> control. It can delay the transmission of the second SYN as in 
> HappyEyeBalls to avoid doubling unnecessarily the number of SYNs that a server has to process.
> Since the client is less loaded than the server, it is less an issue 
> to put some complexity (e.g. timers, remembering the best interface, 
> ...) on the client side.

I guess, you mean the third "Timer" proposal, which fulfill the requirement of robustness as well. As you already wrote, we possibly delay!!! requests, that's why we don't prefer it currently, especially compared to the "Downgrade" proposal.
We know about the complexity of the first "Downgrade" proposal, but hey, to be honest, MPTCP is somehow also not easy :-)

I think in further discussion we have to clarify, if we raise with the question for MPTCP robust establishment a standard relevant topic or is it just implementation related?

> If you travel to Prague, I'd be happy to discuss with you. We'll also 
> participate to the hackathon on Sunday if you'd like to discuss about 
> your implementation.
> 

Unfortunately, I arrive Sunday late around 8pm. But I like to discuss the ideas with you and anyone who is interested. Perhaps, we agree during the first MPTCP session on Tuesday some additional discussion? Otherwise you can contact me directly if you have some time on Sunday evening or Monday.
I'm looking forward to meet you in Prague. 

> Best regards,
> 
> 
> Olivier

v2.23.0 | Report a Bug | By Email