IETF Logo Mail Archive

Re: [nfsv4] Potential erratta for RFC7931

"J. Bruce Fields" <bfields@fieldses.org> Mon, 03 October 2016 15:37 UTC

Return-Path: <bfields@fieldses.org>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EF3C12961B for <nfsv4@ietfa.amsl.com>; Mon, 3 Oct 2016 08:37:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.898
X-Spam-Level:
X-Spam-Status: No, score=-4.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.996, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7FlxRfBuT4nq for <nfsv4@ietfa.amsl.com>; Mon, 3 Oct 2016 08:37:08 -0700 (PDT)
Received: from fieldses.org (fieldses.org [173.255.197.46]) by ietfa.amsl.com (Postfix) with ESMTP id 72E171295CE for <nfsv4@ietf.org>; Mon, 3 Oct 2016 08:37:07 -0700 (PDT)
Received: by fieldses.org (Postfix, from userid 2815) id 1CA791CE7; Mon, 3 Oct 2016 11:37:07 -0400 (EDT)
Date: Mon, 03 Oct 2016 11:37:07 -0400
From: "J. Bruce Fields" <bfields@fieldses.org>
To: Chuck Lever <chuck.lever@oracle.com>
Message-ID: <20161003153707.GF3324@fieldses.org>
References: <CADaq8jdc+5oLkvaxNkpxm65gH_X8+fGarZLAsq-bgGrUxSYC3A@mail.gmail.com> <20161003151158.GE3324@fieldses.org> <F37D4338-2D86-4B97-83D0-B0F7BE7B85E4@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <F37D4338-2D86-4B97-83D0-B0F7BE7B85E4@oracle.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/HlRe5FM3jW3logx3i5kNPfVPXlg>
Cc: Bill Baker <bill.baker@oracle.com>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Subject: Re: [nfsv4] Potential erratta for RFC7931
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2016 15:37:10 -0000

On Mon, Oct 03, 2016 at 11:26:10AM -0400, Chuck Lever wrote:
> 
> > On Oct 3, 2016, at 11:11 AM, Bruce Fields <bfields@fieldses.org> wrote:
> > 
> > On Sat, Oct 01, 2016 at 09:02:52AM -0400, David Noveck wrote:
> >> Although the NFSv4.0 specification requires the server to make sure that
> >> such verifiers are very unlikely to be regenerated, different servers may
> >> use the same approach to the construction of such verifiers, raising the
> >> probability that two distinct servers might inadvertently assign the same
> >> verifier value. The fact that the servers in question have assigned the
> >> same clientid4 may raise this probability.  In order to guard against the
> >> possibility that such assignments might cause two distinct
> >> 
> >> servers to be incorrectly considered the same, the SETCLIENTID procedure
> >> mentioned above needs to be repeated at least once.
> > 
> > Nit: I believe your argument was that one repeat was sufficient.  If
> > that's the case, let's say that.
> > 
> > And the bottom of p. 24 also needs an update: "Note also that the
> > callback update procedure can be repeated multiple times to reduce the
> > probability of further spurious matches."
> > 
> > I'd update it to something like: "The callback update procedure must
> > then be repeated one more time".
> > 
> >> This will ensure that
> >> the sucessive confirm values SCn, SCn'. SCn'' generated by these repeated
> >> SETCLIENTID operations cannot all collide with a verifier previously
> >> received by the client when communicating with IPn.
> >> 
> >> Comments?
> > 
> > I think that's correct, and it's a minimal change, and therefore maybe
> > it's the right thing for errata.
> > 
> > It bugs me that the only client I've looked at does something different
> > and much simpler.
> > 
> > After receiving the SETCLIENTID with a clientid matching an established
> > one, the modified RFC7931 requires, if I have it right:
> > 
> > 	1. SETCLIENTID_CONFIRM to the new server.
> > 	2. SETCLIENTID to the old server.
> > 	3. SETCLIENTID_CONFIRM to the new server.  And with this fix:
> > 	4. SETCLIENTID to the old server.
> > 	5. SETCLIENTID_CONFIRM to the new server.
> > 
> > Whereas the Linux client needs only:
> > 
> > 	1. SETCLIENTID_CONFIRM to the old server.
> > 
> > And that works just as well.  (The existing Linux client has the same
> > bug, but that is fixed with just a single if statement and no more
> > round trips.)
> > 
> > So at some point I'd hope we can document this, as 1) it's actually
> > being used by a major client so people need to know about it, 2) it's
> > easier to implement and analyze.
> 
> The Linux client implements something simpler because, at least so far,
> it does not support trunking at all. The detection algorithm in that
> client is to _avoid_ trunking, when a client administrator (accidentally?)
> configures multiple mount points of the same server via different
> server interfaces.

Either way we're trying to answer the question "do these two addresses
point to the same server"?  The only difference is in what we do with
that information--something not covered by this algorithm.

> The algorithm documented here is for a client fully capable of trunking.
> 
> I don't see a strong need to document the weaker algorithm in an RFC.

There's nothing weaker about this algorithm.  If you see something I'm
missing, please explain.

--b.

v2.23.0 | Report a Bug | By Email