IETF Logo Mail Archive

Re: [quicwg/base-drafts] ICMP and ICMPv6 PMTUD with asymmetric connection-ids (#1243)

Kazuho Oku <notifications@github.com> Tue, 05 June 2018 04:44 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6CA8130EBC for <quic-issues@ietfa.amsl.com>; Mon, 4 Jun 2018 21:44:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Level:
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UZ4h05Shdsrk for <quic-issues@ietfa.amsl.com>; Mon, 4 Jun 2018 21:44:46 -0700 (PDT)
Received: from out-2.smtp.github.com (out-2.smtp.github.com [192.30.252.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8993130EB9 for <quic-issues@ietf.org>; Mon, 4 Jun 2018 21:44:45 -0700 (PDT)
Date: Mon, 04 Jun 2018 21:44:44 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1528173884; bh=uZNj3WVdsS/Prd1aZ33zlrXji2VY6dr2l+A7i+XXcYo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=fAoOkKvHPYpFuHs/xX7AUphYJL8BkDRF3zhqN1SHv6RxWCafARmdVp3nLrQUfYKcq 4mZr/0QxA0zAfGt4qgS5OvlOAr2CCMIjfBxkZw7+WXHn4We7K+Rec/FLl3VfrI6k5d 7kasPNh+fHu6lzacdj5HDv3I5WVKEeMqMu4/KNok=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab1acc41a98dfe3c8e5e149aed2cd771ec66ced80192cf00000001172dd73c92a169ce124738ff@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1243/394580024@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1243@github.com>
References: <quicwg/base-drafts/issues/1243@github.com>
Subject: Re: [quicwg/base-drafts] ICMP and ICMPv6 PMTUD with asymmetric connection-ids (#1243)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b16153cc714e_62012ad420e56f5428819a"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/T_7udFQTtqo3NOvnEAhD6__lU4c>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jun 2018 04:44:48 -0000

FWIW, let me point out that under the current draft it is possible for an endpoint to send a long header packet at any time it wants to observe the MTU, even after the handshake is complete. It's just that the long header packet will be ignored by the client in case it reaches the client.

And with the introduction of coalesced packets, the cost of doing this type of PMTUD has become small.

Whenever an endpoint wants to do PMTUD and it has some outstanding data, is creates a datagram that consists of the following two QUIC packets:
* a long header packet with zero-length payload that contains the server CID (or some other payload that is sufficient to route the ICMP response back to the origin server)
* a short header packet carrying outstanding data

This type of datagram never harms the conncection, because the draft requires the receiver to process each QUIC packet as if it was received as a separate datagram.

Assuming that the server will be performing PMTUD and assuming that the client's CID is zero-sized, the overhead of the long header packet is: 1 (type) + 4 (version) + 1 (cidl) + len(server_CID) + 1 (payload-length).

Actually, this approach (i.e. sending a compound datagram to contain arbitrary information) is flexible enough to carry any data that needs to be exposed to an on-path device. We could use it to expose packet drop rate for example.

I'm not saying we should support these kinds of exposures, but we cannot prohibit such thing to happen, because the receiver cannot determine if an incoming packet was sent from the peer (to expose signal to on-path devices) or from an attacker (to disrupt connection).

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1243#issuecomment-394580024

v2.23.0 | Report a Bug | By Email