IETF Logo Mail Archive

Re: [quicwg/base-drafts] Handling of a lost push signal (#4930)

Tatsuhiro Tsujikawa <notifications@github.com> Fri, 30 July 2021 03:04 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A79A13A17A2 for <quic-issues@ietfa.amsl.com>; Thu, 29 Jul 2021 20:04:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.148
X-Spam-Level:
X-Spam-Status: No, score=-7.148 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jXGvJTo1Kqr4 for <quic-issues@ietfa.amsl.com>; Thu, 29 Jul 2021 20:04:02 -0700 (PDT)
Received: from smtp.github.com (out-26.smtp.github.com [192.30.252.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5433A3A17A0 for <quic-issues@ietf.org>; Thu, 29 Jul 2021 20:04:02 -0700 (PDT)
Received: from github.com (hubbernetes-node-c306552.ash1-iad.github.net [10.56.118.49]) by smtp.github.com (Postfix) with ESMTPA id 5B1D35E07F5 for <quic-issues@ietf.org>; Thu, 29 Jul 2021 20:04:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1627614241; bh=1K8/pcUN9hYLuHrNMslQ6Vxn08RBzAorN8VKxdKm94s=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=txrHsXIsJ+zx3ogZRwbA1N/lxkgmHLqpjZJe+PJRcXAFEuozz69W9J7OLo2VLggLq WzWRLw/TLRyp5uWCkQrcg9MFQ68OEuOv485S5Siz3m3XpeiXAWfy6j0kDmCbV/RAna 7Tsuj2Z6q1PC8Vt9Bq8nmLBkfLDVIrpf3J/VXclI=
Date: Thu, 29 Jul 2021 20:04:01 -0700
From: Tatsuhiro Tsujikawa <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK2KW66HRY2G42SAHQN7B5GSDEVBNHHDR4HSDQ@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/4930/889592797@github.com>
In-Reply-To: <quicwg/base-drafts/issues/4930@github.com>
References: <quicwg/base-drafts/issues/4930@github.com>
Subject: Re: [quicwg/base-drafts] Handling of a lost push signal (#4930)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_61036c2158832_1410c710146343"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: tatsuhiro-t
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/P_hpqVY8Z83g06Y78hHzjw9h6DQ>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 03:04:05 -0000

I think an endpoint has right to cancel or abort new stream to protect itself due to memory pressure or high load.  The RFC9000 allows an endpoint not to send STOP_SENDING without passing data to app (we can require QUIC stack to pass such data in this case as discussed in ml) if it sees fin and server does not notice that pushed stream is silently rejected.  Even if client sends STOP_SENDING, by the time STOP_SENDING is received by the server, it has finished processing the pushed stream and forgets about it.  I imagine that if QUIC stack provides BSD socket-like interface and HTTP/3 server writes all data and can clear the memory without waiting for an acknowledgement.


That said, if we ensure that client gets either PUSH_PROMISE or push ID in pushed stream, timer works.  One concern to this approach is the impact to connection-level flow control credit.  If client holds pushed stream until corresponding PUSH_PROMISE is received, it might not give back flow control credit to server, which means decreased flow control window until timer fires.
How much it costs depends on the settings.  The current text says it should give at least 1024 bytes to a remote endpoint, so if 100 such pushed streams are held, 100k is spent for these streams until timer fires.  This is a bit extreme case however.  Given the possibilities that this occurs, it is probably not a severe problem.


As for using timers for the counter measures to broken or malicious servers, I'm not sure the timer is needed.  If client cancels pushes when timer fires, those servers just open another pushes and quickly create the same situation again.


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/4930#issuecomment-889592797

v2.23.0 | Report a Bug | By Email