IETF Logo Mail Archive

Re: [multipathtcp] SOCKS 6 Draft

Yoshifumi Nishida <nishida@sfc.wide.ad.jp> Wed, 12 July 2017 07:51 UTC

Return-Path: <nishida@sfc.wide.ad.jp>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3163131468 for <multipathtcp@ietfa.amsl.com>; Wed, 12 Jul 2017 00:51:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.401
X-Spam-Level:
X-Spam-Status: No, score=-1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kSONR5xdMgjL for <multipathtcp@ietfa.amsl.com>; Wed, 12 Jul 2017 00:51:48 -0700 (PDT)
Received: from mail.sfc.wide.ad.jp (shonan.sfc.wide.ad.jp [203.178.142.130]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A074131447 for <multipathtcp@ietf.org>; Wed, 12 Jul 2017 00:51:47 -0700 (PDT)
Received: from mail-lf0-f50.google.com (mail-lf0-f50.google.com [209.85.215.50]) by mail.sfc.wide.ad.jp (Postfix) with ESMTPSA id C109127850D for <multipathtcp@ietf.org>; Wed, 12 Jul 2017 16:51:45 +0900 (JST)
Received: by mail-lf0-f50.google.com with SMTP id t72so8797777lff.1 for <multipathtcp@ietf.org>; Wed, 12 Jul 2017 00:51:45 -0700 (PDT)
X-Gm-Message-State: AIVw110Pi4E2wgz9GMBWjTJkJznMjQceCthxJSJiVHuzJHZSGlRxaozt rkPwvoWBcs+EUS5DKWmczi0bHJZmsw==
X-Received: by 10.25.150.148 with SMTP id y142mr1335726lfd.180.1499845903542; Wed, 12 Jul 2017 00:51:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.35.87 with HTTP; Wed, 12 Jul 2017 00:51:42 -0700 (PDT)
In-Reply-To: <a4e490fa-42fc-b421-c125-26520bf3ea87@cs.pub.ro>
References: <149871247634.6490.5928844232347189122.idtracker@ietfa.amsl.com> <96151c77-fd31-f6ca-dca0-bffb9780f89f@cs.pub.ro> <CAO249yf3Jt8SdC9+1aZTbtTJ_iu+TkoHdqTu+NSxuXoS+0pUTA@mail.gmail.com> <a4e490fa-42fc-b421-c125-26520bf3ea87@cs.pub.ro>
From: Yoshifumi Nishida <nishida@sfc.wide.ad.jp>
Date: Wed, 12 Jul 2017 00:51:42 -0700
X-Gmail-Original-Message-ID: <CAO249ycWyDzZzHP27iWcymXno-yeXqj+PYLv=FmNff=pBm9Z1Q@mail.gmail.com>
Message-ID: <CAO249ycWyDzZzHP27iWcymXno-yeXqj+PYLv=FmNff=pBm9Z1Q@mail.gmail.com>
To: Vladimir Olteanu <vladimir.olteanu@cs.pub.ro>
Cc: Yoshifumi Nishida <nishida@sfc.wide.ad.jp>, multipathtcp <multipathtcp@ietf.org>, Dragoș Niculescu <dragos.niculescu@cs.pub.ro>
Content-Type: multipart/alternative; boundary="001a114022384c723705541a16a6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/fAodVI_9Mbqa1DC7rF_rt8_EsU0>
Subject: Re: [multipathtcp] SOCKS 6 Draft
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2017 07:51:50 -0000

Hi Vlad,

Thanks for the response.

On Mon, Jul 10, 2017 at 4:19 PM, Vladimir Olteanu <
vladimir.olteanu@cs.pub.ro> wrote:

> Hi Yoshi,
>
> As a response to question 2, the client can send some initial data as part
> of the request. It does have to wait for a reply to send any more data,
> though. As such, the client can get a data response from the server in 1
> RTT, same as when contacting the server directly with TFO, if:
>  * Everyone uses TFO (otherwise, RTTs are incurred only on the segments
> where TFO is not available).
>  * Authentication is not required, or 0-RTT authentication succeeds.
> (Otherwise, some extra RTTs are incurred, same as above.)
>

> If nobody uses TFO, but authentication is not an issue (either it's not
> needed or done in 0 RTTs), then SOCKS 6 does no worse than regular TCP (2
> RTTs for a data response).
>
> As for the use case, there are two possible ways in which it can be
> handled:
>  * The client knows about both proxies.
>  * The client knows only about proxy1, but proxy1 is configured to go via
> proxy2 when contacting the server.
>

> Assuming the client knows about both of them, it can speak SOCKS 6 over
> SOCKS 6. The relevant messages are:
> C->P1 request(P2, auth data 1, initial data(request(S, auth data 2,
> initial data(application data))))
> P1->P2 request(S, auth data 2, initial data(application data))
> P2->S application data
>
> If proxy1 is configured to use proxy2:
> C->P1 request(S, auth data 1, initial data(application data))
> P1->P2 request(S, auth data 2, initial data(application data))
> P2->S application data
>
>
Thanks for the clarification.
So, in both cases, if C piggy-backs all requests (authentication, connect,
etc if any) and application data in SYN payload with TFO, P1 can forward it
as soon as it receives and P2 can do the same thing? (We might presume no
authentication or 0-rtt authentication here, though.)
--
Yoshi

v2.23.0 | Report a Bug | By Email