Re: [multipathtcp] q about off-path proxy (explicit mode)

Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be> Mon, 27 March 2017 12:15 UTC

Return-Path: <olivier.bonaventure@uclouvain.be>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E31B1294ED for <multipathtcp@ietfa.amsl.com>; Mon, 27 Mar 2017 05:15:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.321
X-Spam-Level:
X-Spam-Status: No, score=-4.321 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=uclouvain.be
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X7blm_m65bpJ for <multipathtcp@ietfa.amsl.com>; Mon, 27 Mar 2017 05:15:44 -0700 (PDT)
Received: from smtp5.sgsi.ucl.ac.be (smtp.sgsi.ucl.ac.be [130.104.5.67]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7FFB129535 for <multipathtcp@ietf.org>; Mon, 27 Mar 2017 05:15:43 -0700 (PDT)
Received: from mbpobo.local (unknown [5.149.142.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: obonaventure@smtp5.sgsi.ucl.ac.be) by smtp5.sgsi.ucl.ac.be (Postfix) with ESMTPSA id F3D9667D9F4; Mon, 27 Mar 2017 14:15:34 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.9.2 smtp5.sgsi.ucl.ac.be F3D9667D9F4
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=uclouvain.be; s=selucl; t=1490616935; bh=l/agSE2+Jc1BysRoCt4+gcXeAdO6JvpkuiIagiwj4Bg=; h=Reply-To:Subject:References:To:From:Date:In-Reply-To; b=Tkymbtm1kTjyNjGa320KWM1OYtL6cVC4qgEI2uWIq4RVVR4gGGz48Y46tRRMPNR6+ Uk5rm8pAkAyAbR83GaaIHjLnslLgRcYEb7lWUUgH030wO86wuLE/sqIC+aZZTA1gnt G9KDpbszje7HNZaRG5gMRXX9peS0WTB0oFAOPm+s=
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.99.2 at smtp-5
Reply-To: Olivier.Bonaventure@uclouvain.be
References: <CAO249yc3MOaPjBsmYqsZgW3AaxKmpA_wr2TxvgLZLwP6rf9dwA@mail.gmail.com>
To: Yoshifumi Nishida <nishida@sfc.wide.ad.jp>, multipathtcp <multipathtcp@ietf.org>
From: Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be>
Message-ID: <dbe4a5bb-2f11-dab0-12bd-ebf0d108dc4a@uclouvain.be>
Date: Mon, 27 Mar 2017 14:15:42 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CAO249yc3MOaPjBsmYqsZgW3AaxKmpA_wr2TxvgLZLwP6rf9dwA@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-Sgsi-Spamcheck: SASL authenticated,
X-SGSI-Information:
X-SGSI-MailScanner-ID: F3D9667D9F4.A3A67
X-SGSI-MailScanner: Found to be clean
X-SGSI-From: olivier.bonaventure@uclouvain.be
X-SGSI-Spam-Status: No
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/tKiQzGVKREwUeTMQLkPx_9kTLDg>
Subject: Re: [multipathtcp] q about off-path proxy (explicit mode)
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 12:15:46 -0000

Yoshifumi,

> Now, I am trying to understand off-path (explicit mode) scenarios.
> In explicit mode, we need to tell the final destination to the proxy
> through MP_Convert Information Element. But, this requires mptcp
> connections. In order to clarify which cases can use this mode, I have
> drawn the following 7 cases.
> I am wondering if we can support case 3) 4) 5) with explicit mode or
> not. Also, supporting case 6), 7) seems to be a bit unclear.
> It would be great if some folks could clarify this.
>
> -----------------------------------------------------------------------------
>
>
>      C ... client,   S ... Server,  P ... Proxy,  MCIE ... MP_Convert
> Information Element
>    ====   ... mptcp connection
>    ----   ... tcp connection
>

I think that you forgot case 0

  0)   C ---------- P -------- S

This is a classical SOCKS proxy, except that the SOCKS proxy requires 
additional rtts

> single proxy cases
>
> 1)   C ========== P -------- S         : C tells S's addr to P by MCIE
> 2)   C ========== P ======== S         : C tells S's addr to P by MCIE
> 3)   C ---------- P ======== S         : How C tell S's address to P?
>

Today, the thrid case is often a load balancer in front of a real 
server. In this case, the client is not aware of the existence of S and 
only knows P. If we want to support this scenario, we need to extend TCP 
itself.

> double proxy cases
> 4)   C -------- P1 ======== P2 ------- S  : How C tell S's address to P1?
> 5)   C -------- P1 ======== P2 ======= S  : How C tell S's address to P1?

Same as case 3 above. C could use the MCIE to add information about the 
final destination.

> 6)   C ======== P1 ======== P2 ------- S  : C tells S's addr to P1 by
> MCIE and P1 forwards it to P2?
> 7)   C ======== P1 ======== P2 ======= S  : C tells S's addr to P1 by
> MCIE and P1 forwards it to P2?

Here also, case 8 could be relevant in some scenarios


  8)   C ---------- P -------- S


This would create a generic explicit TCP proxy function, that would 
apply beyond MPTCP.

Olivier