[multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)
<Markus.Amend@telekom.de> Mon, 10 July 2017 16:16 UTC
Return-Path: <prvs=3570979c7=Markus.Amend@telekom.de>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDA501317D0 for <multipathtcp@ietfa.amsl.com>; Mon, 10 Jul 2017 09:16:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.321
X-Spam-Level:
X-Spam-Status: No, score=-4.321 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qlZ2iKFlqt9E for <multipathtcp@ietfa.amsl.com>; Mon, 10 Jul 2017 09:16:01 -0700 (PDT)
Received: from MAILOUT21.telekom.de (MAILOUT21.telekom.de [80.149.113.251]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C2951317D8 for <multipathtcp@ietf.org>; Mon, 10 Jul 2017 09:16:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1499703361; x=1531239361; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=fY2LxRNG6PUAcOtDrsSlHSi6PcwdcIY4Rj+HanUjR7Y=; b=DTkejx7juTKddfyEydxYtdAhtfOHVRyrQR/Akr7Jt1klOU/F4cJLMIBG Rp/YyziNSKZ08xVJ46g9stNMMSm8nkar47f6P91iBXHHR0ssWhwhgP+MS hU8sllAElM8kCHaxzNnhuxeVG8E7PMYWaE0y7RDy4sJJEO5SNlSoKSRZJ R+biAA9L9wqMoaS7lyBl6qXRtlYkv1bmz/IrHxvqiPhd1izm6J+RayHI9 Z8eh9wUAcqluJpJZOglWRlgjTcGtD3oqOI+ScqC9kEDjb5hGeZrUjbnPs iLJpEK0WFNj1EmO7N4AyseeYKeThxnX4I5wLhuwqUt1CC2lX0sjqEm3No A==;
Received: from qdezc2.de.t-internal.com ([10.171.255.37]) by MAILOUT21.telekom.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Jul 2017 18:15:58 +0200
X-IronPort-AV: E=Sophos;i="5.40,341,1496095200"; d="scan'208";a="624689648"
Received: from he105685.emea1.cds.t-internal.com ([10.169.119.47]) by qde0ps.de.t-internal.com with ESMTP/TLS/AES256-SHA; 10 Jul 2017 18:15:58 +0200
Received: from HE105686.EMEA1.cds.t-internal.com (10.169.119.48) by HE105685.emea1.cds.t-internal.com (10.169.119.47) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Mon, 10 Jul 2017 18:15:58 +0200
Received: from HE105686.EMEA1.cds.t-internal.com ([fe80::a951:f05b:3de5:32d9]) by HE105686.emea1.cds.t-internal.com ([fe80::a951:f05b:3de5:32d9%26]) with mapi id 15.00.1263.000; Mon, 10 Jul 2017 18:15:58 +0200
From: Markus.Amend@telekom.de
To: multipathtcp@ietf.org
Thread-Topic: A proposal for MPTCP Robust session Establishment (MPTCP RobE)
Thread-Index: AdL5l2p+5KDR4ahqRJeh9onNd2ThSg==
Date: Mon, 10 Jul 2017 16:15:57 +0000
Message-ID: <64f1b27aee214f6b99b5c474158d7426@HE105686.emea1.cds.t-internal.com>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.117.36.13]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/u7oohCjNm4HMQQcXg6dn4YqIr_k>
Subject: [multipathtcp] A proposal for MPTCP Robust session Establishment (MPTCP RobE)
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jul 2017 16:16:05 -0000
Hi all, My name is Markus Amend from Deutsche Telekom Research & Innovation and I want to propose an idea how to make MPTCP robust against outages during establishment process of the initial flow. I want to start the discussion right now in advance to the IETF 99 meeting, where I will present this topic for discussion. It would be appreciated to receive some feedback in advance. --- Let's start with a short motivation --- A proposal for MPTCP Robust session Establishment (MPTCP RobE), related to the real world problem: What happens if the default gateway (GW) does not provide end-to-end connectivity, but an additional route is available? I guess, all of you already faced the problem with your smartphone (or any other device with more than one interface), connected to a bad WiFi, where you manually switched off the WiFi interface to have at least connectivity or a more stable connection over cellular network. This happens, because your smartphone decides for you to use the cheaper way, the WiFi way, but it doesn't take care about reachability and stability. So, whenever a physical WiFi connectivity is given, the smartphone puts the default GW to it. In the worst case, the WiFi is not able to establish an end-to-end connectivity and it will fail, even if a proper cellular connectivity is available at the same time. The problem is not just related to smartphone implementations, it is related to any device with more than one interface available! MPTCP implementations struggle with this as well and even more aggravated, because MPTCP promises apparently redundancy if more the one path to destination is available. But this isn't the case all the time, why? MPTCP relies on a concept of an initial flow, which has to be established first, to negotiate MP capability and afterwards proceeds to establish subsequent flows to enable redundancy or even capacity aggregation. If the initial flow fails to establish a (MP-)TCP connection, MPTCP will never make use of other available paths and from an application view, there is no connection possible. To summarize at this point again, first we need a proper initial flow establishment before subsequent flows can be established and exploit multipath capabilities. Also in a scenario where we have a lot of working paths available, but the path used for the initial flow (mostly the default GW, or more generic: default route) is unable to finish handshaking, we end in a zero connectivity scenario. We demand: "If there is at least one functional path, a connection must be possible" With the idea of MPTCP Robust Establishment "MPTCP RobE" we try to solve or mitigate the challenge of blocked or unstable path during initial flow establishment and it would shift the full multipath capabilities to the very beginning of a MPTCP session. --- stop motivation --- --- start rough description --- Over the last year we developed three proposals, to tackle the challenge. We tried to meet the following criteria: 1. Robustness: If there is at least one functional path, a connection must be possible 2. Overhead and latency: The solution should not introduce excessive amounts of overhead and latency compared to standard MPTCP 3. Standard compliance: A solution should use and integrate with existing standards and work around limitations In general, all proposals make use of redefining the initial flow towards a >potential< initial flow. That gives the freedom to use several potential initial flows at the very beginning of a session or shift the potential flows between different path. Technically it is based on duplicating the MP_CAPABLE option. Following the proposals (which will be explained in detail first during the IETF 99 session), which all includes at least the first criteria: 1. "Downgrade" approach: Start on all available path potential initial flows, the first successful one remains as the initial flow the others are "downgraded" to subsequent ones. 2. "Break before Make" approach: Start on all available path potential initial flows, first successful one remains as the initial flow the others are reset. Standard MPTCP procedure follows to establish subsequent flows 3. "Timer" approach: One potential initial flow is started, if during a defined time slot no establishment becomes apparent, a separate potential initial flow is started on another path. Currently the "Downgrade" approach is preferred from our side, because it provides beside robustness the benefit of reducing handshaking time and sub flows are created simultaneously and not delayed by initial flow establishment -> The path providing the lowest latency determined the overall connection latency. But there are still some minor drawbacks which needs to be solved. The solution of potential initial flows leads to the problem, that the SYN-Receiver cannot distinguish anymore between a valid Key A connection request or an invalid one, which is accidentally used by a foreign requester or deliberately by an attacker (e.g. brute force). MPTCP RobE tries to mitigate this challenge by reducing the time frame of accepting new SYN-Key A requests for a specific connection to the duration until the first initial flow is set up. But this is still not perfect and may be discussed in terms of security aspects. Also the question of how to handle Address IDs in the context of potential initial flows, needs to be discussed. On the other hand the "Timer" approach can integrate with the existing standard best, but doesn't exploit the full potential of a possible MPTCP RobE standard/implementation and may be delay connection establishment for a long while. Whereas the "Break before Make" approach behaves like the first one but will not speed up the overall latency in the same way, but incorporates better with the MPTCP standard. --- end rough description --- --- start outlook --- A first reference implementation was already done by us, based on MPTCP v0.90 and the "Downgrade" approach and is currently under lab investigation and optimization. Btw., we know the presentation from NICT (https://www.ietf.org/proceedings/98/slides/slides-98-mptcp-sessa-synduplication-00.pdf), but we see fundamental differences, because robustness wasn't addressed there. --- end outlook --- I'm looking forward to your comments. Kind regards Markus Amend DEUTSCHE TELEKOM AG T-Labs (Research & Innovation) Markus Amend LIFE IS FOR SHARING. You can find the obligatory information on www.telekom.com/compulsory-statement BIG CHANGES START SMALL - CONSERVE RESOURCES BY NOT PRINTING EVERY E-MAIL.
- [multipathtcp] A proposal for MPTCP Robust sessio… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Olivier Bonaventure
- Re: [multipathtcp] A proposal for MPTCP Robust se… Zuojing (2012 Laboratories)
- Re: [multipathtcp] A proposal for MPTCP Robust se… Olivier Bonaventure
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Yoshifumi Nishida
- Re: [multipathtcp] A proposal for MPTCP Robust se… Markus.Amend
- Re: [multipathtcp] A proposal for MPTCP Robust se… Yoshifumi Nishida