Re: [quicwg/base-drafts] disable_active_migration with SPA (#3765)

Mike Bishop <> Tue, 14 July 2020 14:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3AD7D3A079B for <>; Tue, 14 Jul 2020 07:13:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id c64WleZs_iTD for <>; Tue, 14 Jul 2020 07:13:07 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E23A63A079A for <>; Tue, 14 Jul 2020 07:13:06 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id AF72A8C097B for <>; Tue, 14 Jul 2020 07:13:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1594735985; bh=sbEZKJ8p2NCSkUS4eFeYCXJ2g32xCVYheWgXy5wNUH4=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=wgmfBULTVjInKJvqjAxe9CMqFqm3GWvMwNsKimfUTHzTFCuJAKY45ZiV61Q5S+is+ I4s2GiggWtxgnzMcflLKWqz1WyQITcorRjsD7TgshWljWwbe4c0KtrdqFCxQO7ZDNG 45csPGgMRysgCSv0WiQrhOrpndvJkr+AcE0jduxE=
Date: Tue, 14 Jul 2020 07:13:05 -0700
From: Mike Bishop <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3765/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] disable_active_migration with SPA (#3765)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f0dbd71a17c8_21dd3f8446ecd95c413a9"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 14 Jul 2020 14:13:08 -0000

> However, one of the reasons that you might want to use disable_active_migration is if you're bad at connection IDs, and instead need to prevent the client from changing addresses.
> This is now awkward because we can't really assume both things are true at the same time.

I think you're right that there are multiple levels of wanting to disable migration.

- There are the 4-tuple load balancers who really can't handle a change of anything in the tuple, so you'd better do your best to keep your NAT binding alive, because a rebind will toast your connection; forget moving to any other networks.
- There are 2-tuple load balancers who can handle NAT rebinds that leave you on the same IP (common, but not guaranteed); client might be okay to permit rebinding, but that's a risk if the IP changes, and you'd certainly better not change the IP yourself.
- There are servers that either will not (contracts) or should not (performance) serve you if you change to a totally different network attachment, but changes within the same network attachment (e.g. Ethernet to Wi-Fi, roaming to a different VLAN) would still be okay.  Those are probably rare enough we could abstract away to "don't change interface."

This makes me wonder how far we'd get if disable_active_migration could differentiate "don't change port" or "don't change interface."  Would we still need to give different answers based on handshake vs. SPA address?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: