Re: [quicwg/base-drafts] Transport Draft should opine about 5-tuple based load balancing (#3500)

martinduke <> Fri, 06 March 2020 18:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D604B3A07A0 for <>; Fri, 6 Mar 2020 10:50:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.482
X-Spam-Status: No, score=-1.482 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XQKXwTD9o8Je for <>; Fri, 6 Mar 2020 10:50:36 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 55E393A079F for <>; Fri, 6 Mar 2020 10:50:36 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 3CD806A0B75 for <>; Fri, 6 Mar 2020 10:50:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1583520635; bh=l/5/dk6E1Hs/hBSk723auAlZo9v7BFMux3b7puxGcUk=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=NdMoqrjiE22WriovQXIdVCmowkZFJPemdMoMG+SIVcePFrKwMWQbKV5/ZI6nUdtpF Oqx6nlbefhTYB3/psJDgeN8IAEk8mORjHQcxsbDkz063yq3JFznCx5DCf5biC8unX9 8ocBeTaF6BLo0nsFqW7GO5OJbBOvcdU4SqNrRk5c=
Date: Fri, 06 Mar 2020 10:50:35 -0800
From: martinduke <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3500/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Transport Draft should opine about 5-tuple based load balancing (#3500)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e629b7b27c97_4be33f819a8cd95c60534"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Mar 2020 18:50:38 -0000

I don't think this captures Ryan's concern: when the server is using a non-zero CID and also is behind 4-tuple routing. I think he's looking for a section of text to coherently describe what you have to do here:

- send either disable_migration or preferred_address; or
- forward packets between servers; or
- either don't use a common stateless_reset key, or put client address/port in the reset token.

This is sort of ops-drafty but there real requirements on servers to behave in a secure way. I think someone with full command of the transport draft would figure this out, but it is not clearly stated anywhere.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: