[multipathtcp] MPTCP proxy work - proposed assessment Criteria - for discussion
<philip.eardley@bt.com> Thu, 09 March 2017 15:29 UTC
Return-Path: <philip.eardley@bt.com>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FCC01294A5 for <multipathtcp@ietfa.amsl.com>; Thu, 9 Mar 2017 07:29:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id itZdb3f8QOFa for <multipathtcp@ietfa.amsl.com>; Thu, 9 Mar 2017 07:29:24 -0800 (PST)
Received: from smtpb1.bt.com (smtpb1.bt.com [62.7.242.135]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3EF991295E5 for <multipathtcp@ietf.org>; Thu, 9 Mar 2017 07:29:24 -0800 (PST)
Received: from EVMHT04-UKBR.domain1.systemhost.net (193.113.108.57) by EVMED01-UKBR.bt.com (10.216.161.31) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 9 Mar 2017 15:29:19 +0000
Received: from rew09926dag03b.domain1.systemhost.net (10.55.202.22) by EVMHT04-UKBR.domain1.systemhost.net (193.113.108.57) with Microsoft SMTP Server (TLS) id 8.3.342.0; Thu, 9 Mar 2017 15:29:21 +0000
Received: from rew09926dag03b.domain1.systemhost.net (10.55.202.22) by rew09926dag03b.domain1.systemhost.net (10.55.202.22) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Thu, 9 Mar 2017 15:29:20 +0000
Received: from rew09926dag03b.domain1.systemhost.net ([fe80::d514:fe50:560c:401e]) by rew09926dag03b.domain1.systemhost.net ([fe80::d514:fe50:560c:401e%12]) with mapi id 15.00.1210.000; Thu, 9 Mar 2017 15:29:20 +0000
From: philip.eardley@bt.com
To: multipathtcp@ietf.org
Thread-Topic: MPTCP proxy work - proposed assessment Criteria - for discussion
Thread-Index: AdKY6UmrWE9iQdGUShKojDmW9+pOyA==
Date: Thu, 09 Mar 2017 15:29:20 +0000
Message-ID: <ecb4ef78b9244be3964ebd6fd1348ba8@rew09926dag03b.domain1.systemhost.net>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.202.243]
Content-Type: multipart/alternative; boundary="_000_ecb4ef78b9244be3964ebd6fd1348ba8rew09926dag03bdomain1sy_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/ORW5v9cjB8IzygG26zblcc74xKI>
Subject: [multipathtcp] MPTCP proxy work - proposed assessment Criteria - for discussion
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Mar 2017 15:29:26 -0000
For the MPTCP proxy work, we now have a 'call for proposals' (see email sent in parallel). As part of seeing which proposal may have consensus, we will assess them against Criteria. This list of criteria is an initial suggestion for discussion. * Note: since we want RFC6824bis to be on the STDS track, we will eventually need to have prototype implementations tested in an appropriate range of conditions * Prefer solution that doesn't require major changes to the protocol's semantics or additional functionality or security requirements (ie an application of RFC6824bis or a simple extension) * Prefer solution where the proxy is simple to operate and where the assumptions and requirements imposed on the operator's network are simple to meet * A session can be initiated from either end (presumably this is inherent for solutions to the dual proxy scenario, since it is symmetric) * the set-up time is minimised. Comment: arguably MPTCP is most interesting for long-running flows, when the time to set up the extra subflow(s) is less important. But it still seems worthwhile keeping the set up time down - prefer solutions that have 1 round trip to those that have 10, but reducing the last half round trip is not critical? * get MPTCP's usual benefits of resource pooling and resilience * minimise the amount of overhead on data traffic (such as delay, data overhead, potential packet fragmentation) * the solution needs to work if end to end encryption is in use Criteria specific to solutions for the single-ended proxy scenario: * the scenario means that the proxy is unlikely to be on both default paths * clarify whether the proxy simply forwards packets (towards the MPTCP end host) - or does it also perform packet re-ordering? * prefer solution that allows hosts to have TCP (& MPTCP?) traffic that doesn't get proxied (creates requirements if end host can control whether upstream traffic (ie towards the end host) is MPTCP-proxied) * the end host and proxy need to authenticate each other * ? this scenario creates an increased threat of DoS & other attacks, since the proxy hides the attacker's address? Criteria specific to solutions for the two-ended proxy scenario: * the scenario means that the proxies are assumed to know how to communicate directly * the operator can interpose the MPTCP proxies on TCP traffic without informing the end hosts, and without them being able to request that such action is, or is not, taken (?) * the solution explains how the address of the remote server is signalled to the proxy * the solution can build on security configuration etc known outside of MPTCP Best wishes, Phil & Yoshi
- [multipathtcp] MPTCP proxy work - proposed assess… philip.eardley