IETF Logo Mail Archive

Re: [quicwg/base-drafts] Connection migration must be negotiated (#1271)

Mike Bishop <notifications@github.com> Fri, 06 April 2018 20:04 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3831126BFD for <quic-issues@ietfa.amsl.com>; Fri, 6 Apr 2018 13:04:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MDG-AIuG-5yF for <quic-issues@ietfa.amsl.com>; Fri, 6 Apr 2018 13:04:40 -0700 (PDT)
Received: from o4.sgmail.github.com (o4.sgmail.github.com [192.254.112.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD1861243F6 for <quic-issues@ietf.org>; Fri, 6 Apr 2018 13:04:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=ie1xERUR2YIVOKUYT33Uie/KABQ=; b=dlwlkRFfk7TMv+FD 4DYp5j5dHGAROFcXQRSN0FL7zC9/oPgPQr3lFEdPbr2snSQCX05f8FJPE0HP8PQ9 K8tCXSIiXBzCm5/sC9d4zXYBlrNCrVDL+BhKl1VJTyE5C2BS5/aM9YB1gdPpU4OA Bnoy6vWgAIcSJ2iK3t13J/a23CM=
Received: by filter0155p1las1.sendgrid.net with SMTP id filter0155p1las1-22325-5AC7D2AE-9 2018-04-06 20:03:58.196195377 +0000 UTC
Received: from smtp.github.com (out-2.smtp.github.com [192.30.252.193]) by ismtpd0002p1iad1.sendgrid.net (SG) with ESMTP id x7Akdsk5QiqnEP0xgnjMYg for <quic-issues@ietf.org>; Fri, 06 Apr 2018 20:03:58.096 +0000 (UTC)
Date: Fri, 06 Apr 2018 20:03:58 +0000
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abcb25983d0e8b1daf984c572e8007522a84f36c0592cf0000000116df94ad92a169ce129955d7@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1271/379362183@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1271@github.com>
References: <quicwg/base-drafts/issues/1271@github.com>
Subject: Re: [quicwg/base-drafts] Connection migration must be negotiated (#1271)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ac7d2ade8a20_68d13fcb4ce5cf341416e4"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak28lCfyTjsSQEPZAjV5R5qNpgFJg3eASkXavC /AMz+KNDE5QC0UH7lBO3VTSxzz4D46Q4SAWsQCFGd9wE0vq3LB9TToHdygmkE8mAE4qIswhX3U27ri d2qVNupJzVjG+eUEebx+Quh8mSoS6PVc7gWXtNhLJA7N0Qb1bqigDvxDYGBjqLQnACg0l96riHjqSJ Q=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/P-aZGVTs3H2R1VXP1UB-hFGe-mw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Apr 2018 20:04:43 -0000

@tfpauly also hit on my biggest concern here:  What exactly gets turned off?  The point of the connection ID is the ability to survive NAT rebinds; ideally, the load balancer will be looking at the CID and not the 4-tuple at all.  After all, NAT rebinds can cross IP addresses (particularly in the Enterprise or mobile space), so 2-tuple binding isn't going to be sufficient.  But perhaps it's an acceptable Band-Aid for initial deployments.

So what are the protocol mechanics that get turned off?  The server is still going to need the ability to do path validation during the handshake (three-packet limit?), so that machinery still needs to be there.  If you're saying that you'll disable support for NAT rebinding, you're potentially going to be in a painful situation.

Regardless, the text added in #1254 states the principle that clients are the controlling party for all migrations; this remains true even if we merge #1251, because the server requests the client to perform a migration.  I think the most this restriction could get us is that clients should never intentionally change their local IP address -- though I suspect many clients will just be connecting without specifying a local IP address, so even that might have some interesting quirks.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1271#issuecomment-379362183

v2.23.0 | Report a Bug | By Email