IETF Logo Mail Archive

Re: [quicwg/base-drafts] IP Anycast with server IP+Port renegotiation (#560)

Mike Bishop <notifications@github.com> Tue, 22 August 2017 22:10 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46275132A7F for <quic-issues@ietfa.amsl.com>; Tue, 22 Aug 2017 15:10:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.799
X-Spam-Level:
X-Spam-Status: No, score=-4.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id onVDxUD9M3n2 for <quic-issues@ietfa.amsl.com>; Tue, 22 Aug 2017 15:10:57 -0700 (PDT)
Received: from o6.sgmail.github.com (o6.sgmail.github.com [192.254.113.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48020132A93 for <quic-issues@ietf.org>; Tue, 22 Aug 2017 15:10:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=zjP9icKyzuCQuHH2pFI/dLEgazc=; b=ghPC8VUXwUPFJaqR VdUkZvag0aJqub6nKKTUvYBB9E5ZAAN2zSomP0cpoocNIVtgf0D+FDoLJaehShz9 WudyqZLQH8DMIg0LalrEtzhu0n3o9+ZRABM6jSKmo4n92ZbSdPOY3wcWxEs4szVg jKnI4BVgsTYJr8tFe8wZU3OWFH0=
Received: by filter0500p1las1.sendgrid.net with SMTP id filter0500p1las1-19243-599CABEE-2F 2017-08-22 22:10:54.946809446 +0000 UTC
Received: from github-smtp2b-ext-cp1-prd.iad.github.net (github-smtp2b-ext-cp1-prd.iad.github.net [192.30.253.17]) by ismtpd0004p1iad1.sendgrid.net (SG) with ESMTP id Z_7j4xtkTGS6XJB-L23v2g for <quic-issues@ietf.org>; Tue, 22 Aug 2017 22:10:54.801 +0000 (UTC)
Date: Tue, 22 Aug 2017 22:10:55 +0000
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab5fcc698bbc499a51c0251119d34d27371a0cd0ea92cf0000000115b46dee92a169ce0dd2a43a@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/560/324166090@github.com>
In-Reply-To: <quicwg/base-drafts/issues/560@github.com>
References: <quicwg/base-drafts/issues/560@github.com>
Subject: Re: [quicwg/base-drafts] IP Anycast with server IP+Port renegotiation (#560)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_599cabeeaf264_7c133fbc7a2f5c3027512"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3v552A6845URJG8L2uuVnbwWrl8ihqpGbYfi mP/M5NUmATaGqW6JmwQlDA9WbrSo2mW1VsKrj+HvkeWjV1rdn1XwPOmChwkwTxzXCk0McTRMQA0Mb1 wtlt72ilLaPC70z558IWKuW+O1CwL2+c1J5uyPRDeHHLamhJd8usI5/rKx929cRtRWCftjvh2/wCGQ 0=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/U9869klK2B9LsRIjFjI4IgMfCMU>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Aug 2017 22:10:59 -0000

I don't see this as being ALTSVC -- ALTSVC by definition implies the other endpoint is an acceptable *alternative* the client should consider for the future, not a "move now" directive.  However, I do see this as being a special case of server-side migration.  We can borrow the logic from Teredo of sending appropriate bubble packets to open the NAT, but we should keep things symmetrical with an eye toward peer-to-peer uses of QUIC.

Perhaps the MIGRATE frame simply says, "I expect to shortly begin using this IP/port/Connection ID; please send a PING frame to that destination"?  The recipient then begins the process in #732 as if it had just received a packet from that IP/port.

We'd need to think about attacks where the sender knows there's an existing QUIC connection at that IP/port with that Connection ID (the attempt to validate then looks like an address change from the target connection's peer), but I'd hope that it's sufficiently difficult to force your connection to use the same key as the target, so decryption would just drop the packet.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/560#issuecomment-324166090

v2.40.3 | Report a Bug | By Email | System Status