Re: [multipathtcp] SOCKS 6 Draft
Vladimir Olteanu <vladimir.olteanu@cs.pub.ro> Mon, 10 July 2017 23:19 UTC
Return-Path: <vladimir.olteanu@cs.pub.ro>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8317613194D for <multipathtcp@ietfa.amsl.com>; Mon, 10 Jul 2017 16:19:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vELcRD-_w3Oa for <multipathtcp@ietfa.amsl.com>; Mon, 10 Jul 2017 16:19:35 -0700 (PDT)
Received: from vesa.cs.pub.ro (vesa.cs.pub.ro [141.85.227.187]) by ietfa.amsl.com (Postfix) with ESMTP id 1FC5E131945 for <multipathtcp@ietf.org>; Mon, 10 Jul 2017 16:19:33 -0700 (PDT)
IronPort-PHdr: 9a23:DMO63xFdegHn28aALqN+xp1GYnF86YWxBRYc798ds5kLTJ7zrs+wAkXT6L1XgUPTWs2DsrQf2rWQ6/iocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbQhFgDiwbaluIBmqsA7cqtQYjYx+J6gr1xDHuGFIe+NYxWNpIVKcgRPx7dqu8ZBg7ipdpesv+9ZPXqvmcas4S6dYDCk9PGAu+MLrrxjDQhCR6XYaT24bjwBHAwnB7BH9Q5fxri73vfdz1SWGIcH7S60/VC+85Kl3VhDnlCYHNyY48G7JjMxwkLlbqw+lqxBm3oLYfJ2ZOP94c6jAf90VWHBBU95MWSJfDIOyb4gBAeQPMulXrYbyu0ADogGiCQS2Hu7j1jFFi33w0KYn0+ohCwbG3Ak4Et0BtHTbtsj6NKYXUeC01qnD0CzNb/dK2Tjj8ofIdA0hquyLULJudcre01QgFwLAjlWRs4zpJTSV1uARs2eF9eVgU/+vhnU7pAFquDSv3toshZLTioIPzVDJ7CN0y5s2K92gUEN3fNGpHIZKuyyZN4Z6WN0uT39qtSogxLAKoZq2cSgQxJklxhPTceGLf5aL7x75SuqdPSp0iXR4c7ylnRmy61KvyujkW8mx11ZFszRKn8HXtnAIyxzT8s+HSuZh/ku52TaAyQTT6uZcLEAqkKrUMZ8hwroqmpUPqkTPBDf2mFjtg6OMbEUk/fCk6+XhYrr4up+RL5J4hw7jPqg0mcGyAf40PhYQU2WZ4+ix2qXv/UjjT7VLiv02nLPZsJffJckDuK65BxVa3Zsi6xa6Djemys4UnX4DLFJZZh2IlY7pO0zVLf/kFvezmUyskCpwyPzcJL3hBY3BLmLfn7f5YbZ990lcxRI2zdBC45JUFrABIOrpVU/ttNzYEgM2MxSvzubmFtp9yo0eVXiIAq+DP6PYqUWI6f43I+mQeI8Vvy7wK/4k5/71jX85mEIScrOy0JsMZnC3Au5qIkuYYXXxnNgNC30FsRckQOzokF3RGQJUMke1RKI96Cw+CcqADJzDR4ykyOiH3Ty7H5FfTntIARaTEHvlMYyIHfUUPnG8OMhkxwIAXLSgTo47nTaqqALzzacvevTQ8yEZsJP5kt9x++Dakwwa/icyF9mXlXuKGTIn1lgUTiM7ifgs6Xd2zU2OhO0h26RV
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2AoAQBFCmRZjAPjVY1dGgEBAQECAQEBAQgBAQEBFQEBAQECAQEBAQgBAQEBhBMDgRGOfJB4mBQhAQyDaoEQTwKEAwEBAQEBAQEBAgESAQEBJleCMyQBgkABAQEBAwEBIQRHCxAJAhEDAQIBHQoDAgInHwkIBg0GAgEBF4oYDI1jnWOBbDonixUBAQEBBgEBAQEBAQEhgyiDTIIMgW2BDIRUIhSCc4JhBYlihm2BBY1KgiOFJY5OV4EPg2WDT4Z8lT4CD0eBCzEhVyqEWkmBcgRzAYhjAQEB
X-IPAS-Result: A2AoAQBFCmRZjAPjVY1dGgEBAQECAQEBAQgBAQEBFQEBAQECAQEBAQgBAQEBhBMDgRGOfJB4mBQhAQyDaoEQTwKEAwEBAQEBAQEBAgESAQEBJleCMyQBgkABAQEBAwEBIQRHCxAJAhEDAQIBHQoDAgInHwkIBg0GAgEBF4oYDI1jnWOBbDonixUBAQEBBgEBAQEBAQEhgyiDTIIMgW2BDIRUIhSCc4JhBYlihm2BBY1KgiOFJY5OV4EPg2WDT4Z8lT4CD0eBCzEhVyqEWkmBcgRzAYhjAQEB
X-IronPort-AV: E=Sophos;i="5.40,343,1496091600"; d="scan'208,217";a="884836"
Received: from mail.cs.pub.ro (HELO vmail.cs.pub.ro) ([141.85.227.3]) by vesa.cs.pub.ro with ESMTP; 11 Jul 2017 02:19:29 +0300
Received: from localhost (localhost [127.0.0.1]) by vmail.cs.pub.ro (Postfix) with ESMTP id 150A71A6003E; Tue, 11 Jul 2017 02:19:29 +0300 (EEST)
Received: from vmail.cs.pub.ro ([127.0.0.1]) by localhost (vmail.cs.pub.ro [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id 3iTv_jn0PGLD; Tue, 11 Jul 2017 02:19:29 +0300 (EEST)
Received: from vmail.cs.pub.ro (localhost [127.0.0.1]) by vmail.cs.pub.ro (Postfix) with ESMTPS id E8CB31A600A4; Tue, 11 Jul 2017 02:19:28 +0300 (EEST)
Received: from [192.168.1.70] (unknown [95.76.128.201]) by vmail.cs.pub.ro (Postfix) with ESMTPSA id CE7FD1A6003E; Tue, 11 Jul 2017 02:19:28 +0300 (EEST)
To: Yoshifumi Nishida <nishida@sfc.wide.ad.jp>
Cc: multipathtcp <multipathtcp@ietf.org>, Dragoș Niculescu <dragos.niculescu@cs.pub.ro>
References: <149871247634.6490.5928844232347189122.idtracker@ietfa.amsl.com> <96151c77-fd31-f6ca-dca0-bffb9780f89f@cs.pub.ro> <CAO249yf3Jt8SdC9+1aZTbtTJ_iu+TkoHdqTu+NSxuXoS+0pUTA@mail.gmail.com>
From: Vladimir Olteanu <vladimir.olteanu@cs.pub.ro>
Message-ID: <a4e490fa-42fc-b421-c125-26520bf3ea87@cs.pub.ro>
Date: Tue, 11 Jul 2017 02:19:28 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <CAO249yf3Jt8SdC9+1aZTbtTJ_iu+TkoHdqTu+NSxuXoS+0pUTA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------2ED8F6937392F404F95911F9"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/Jtf-D_4U-vsieeacsFxRNVb1akk>
Subject: Re: [multipathtcp] SOCKS 6 Draft
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jul 2017 23:19:38 -0000
Hi Yoshi, As a response to question 2, the client can send some initial data as part of the request. It does have to wait for a reply to send any more data, though. As such, the client can get a data response from the server in 1 RTT, same as when contacting the server directly with TFO, if: * Everyone uses TFO (otherwise, RTTs are incurred only on the segments where TFO is not available). * Authentication is not required, or 0-RTT authentication succeeds. (Otherwise, some extra RTTs are incurred, same as above.) If nobody uses TFO, but authentication is not an issue (either it's not needed or done in 0 RTTs), then SOCKS 6 does no worse than regular TCP (2 RTTs for a data response). As for the use case, there are two possible ways in which it can be handled: * The client knows about both proxies. * The client knows only about proxy1, but proxy1 is configured to go via proxy2 when contacting the server. Assuming the client knows about both of them, it can speak SOCKS 6 over SOCKS 6. The relevant messages are: C->P1 request(P2, auth data 1, initial data(request(S, auth data 2, initial data(application data)))) P1->P2 request(S, auth data 2, initial data(application data)) P2->S application data If proxy1 is configured to use proxy2: C->P1 request(S, auth data 1, initial data(application data)) P1->P2 request(S, auth data 2, initial data(application data)) P2->S application data Cheers, Vlad On 07/10/2017 10:00 AM, Yoshifumi Nishida wrote: > Hi Vlad and Dragos, > > I really appreciate you for preparing the draft and brought it to here. > As you might know, we have been exploring solutions for proxying mptcp > sessions. > We've had lots of discussions on plain mode and other solutions, but > because we didn't have concrete proposals other than plain mode, it > was difficult to compare the pros and the cons properly. But, now I > believe we have a good chance to advance this. > > BTW, as I'm curious about this approach to use with mptcp, I have some > questions for a certain scenario. In the WG, one use case we discuss > is using two proxies like below. > > client ---- proxy1 ============= proxy2 ---- server > > In this scenario, we presume using TCP for client-proxy1 and > proxy2-server, while using mptcp for proxy1-proxy2. > The draft says it supports TFO, but I still think it takes some RTTs > with approach although I miss something. It would be great if you > could clarify the following points. > > 1: How will the connection between proxy1 and proxy2 set up? Does > proxy1 need to negotiate proxy2 for authentication, etc? If so, it > might add another delays before clients can send data. > > 2: Do clients need to wait a response for CONNECT request? If not, how > it handles an error case? > > Thanks, > -- > Yoshi > > > On Thu, Jun 29, 2017 at 5:02 AM, Vladimir Olteanu > <vladimir.olteanu@cs.pub.ro <mailto:vladimir.olteanu@cs.pub.ro>> wrote: > > Hello, > > We have submitted a draft describing a new version of the SOCKS > protocol, which could help in the deployment of MPTCP. You can > find the abstract and a link to the draft below. > > Best, > Vlad and Dragoș > > > > -------- Forwarded Message -------- > Subject: New Version Notification for > draft-olteanu-intarea-socks-6-00.txt > Date: Wed, 28 Jun 2017 22:01:16 -0700 > From: internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> > To: Vladimir Olteanu <vladimir.olteanu@cs.pub.ro> > <mailto:vladimir.olteanu@cs.pub.ro>, Dragos Niculescu > <dragos.niculescu@cs.pub.ro> <mailto:dragos.niculescu@cs.pub.ro> > > > > A new version of I-D, draft-olteanu-intarea-socks-6-00.txt > has been successfully submitted by Vladimir Olteanu and posted to the > IETF repository. > > Name: draft-olteanu-intarea-socks-6 > Revision: 00 > Title: SOCKS Protocol Version 6 > Document date: 2017-06-28 > Group: Individual Submission > Pages: 12 > URL:https://www.ietf.org/internet-drafts/draft-olteanu-intarea-socks-6-00.txt > <https://www.ietf.org/internet-drafts/draft-olteanu-intarea-socks-6-00.txt> > Status:https://datatracker.ietf.org/doc/draft-olteanu-intarea-socks-6/ > <https://datatracker.ietf.org/doc/draft-olteanu-intarea-socks-6/> > Htmlized:https://tools.ietf.org/html/draft-olteanu-intarea-socks-6-00 > <https://tools.ietf.org/html/draft-olteanu-intarea-socks-6-00> > Htmlized:https://datatracker.ietf.org/doc/html/draft-olteanu-intarea-socks-6-00 > <https://datatracker.ietf.org/doc/html/draft-olteanu-intarea-socks-6-00> > > > Abstract: > The SOCKS protocol is used primarily to proxy TCP connections to > arbitrary destinations via the use of a proxy server. Under the > latest version of the protocol (version 5), it takes 2 RTTs (or 3, if > authentication is used) before data can flow between the client and > the server. > > This memo proposes SOCKS version 6, which reduces the number of RTTs > used, takes full advantage of TCP Fast Open, and adds support for > 0-RTT authentication. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available attools.ietf.org <http://tools.ietf.org>. > > The IETF Secretariat > > > _______________________________________________ > multipathtcp mailing list > multipathtcp@ietf.org <mailto:multipathtcp@ietf.org> > https://www.ietf.org/mailman/listinfo/multipathtcp > <https://www.ietf.org/mailman/listinfo/multipathtcp> > >
- [multipathtcp] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft mohamed.boucadair
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Dragoș Niculescu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft mohamed.boucadair
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft mohamed.boucadair
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft mohamed.boucadair
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] SOCKS 6 Draft Yoshifumi Nishida
- Re: [multipathtcp] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] SOCKS 6 Draft Yoshifumi Nishida
- Re: [multipathtcp] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Dragoș Niculescu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Vladimir Olteanu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Dragoș Niculescu
- Re: [multipathtcp] [Int-area] SOCKS 6 Draft Joe Touch