IETF Logo Mail Archive

Re: [quicwg/base-drafts] Long Header Packets and Routing Connection IDs (#2834)

MikkelFJ <notifications@github.com> Mon, 24 June 2019 20:20 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E681812011E for <quic-issues@ietfa.amsl.com>; Mon, 24 Jun 2019 13:20:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Level:
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uVe5zLDXRhza for <quic-issues@ietfa.amsl.com>; Mon, 24 Jun 2019 13:20:18 -0700 (PDT)
Received: from out-20.smtp.github.com (out-20.smtp.github.com [192.30.252.203]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30B5B1201E9 for <quic-issues@ietf.org>; Mon, 24 Jun 2019 13:20:18 -0700 (PDT)
Date: Mon, 24 Jun 2019 13:20:17 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1561407617; bh=kRWet0JOWRYBWWWxPy9VYRDkIfcTtpy08IOhjknm50A=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=fAp90iv43hcWWVAh95dKmF+y68QFyF5g7ipYVlRmC7n06cr5Wsbgnd+QJwf/iRhhH FNMbbYsWjClhcJlQaO4ybpK1/U/JVxV4hgorjSkDHIRddd4aqgFQF2SwxnA4iyN9px mzZ6l0/Xw/S03c8/pPvNqanVDub0hiX1MeCv5awc=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK4JQLOYKXMV7KDN3D53DZRQDEVBNHHBWZGHNE@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2834/505164170@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2834@github.com>
References: <quicwg/base-drafts/issues/2834@github.com>
Subject: Re: [quicwg/base-drafts] Long Header Packets and Routing Connection IDs (#2834)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d1130811697d_620e3f8f1b0cd96c20953b"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/yl7e7fse9vwhOqgJf6DdH99mbtk>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jun 2019 20:20:20 -0000

I'm a bit of a loss here because I thought the OCID was only in the first packet and not in all long headers (and perhaps in 0-RTT/HelloRetry - we can discuss these separately). But assuming you have OCID in anything but the very first packet:

The first user created CID is name OCID for original CID. This one is random, or supposed to be. It cannot be trusted, and it does not contain routing information nor reliable entropy.

If the LB is to use CID for routing, OCID cannot be used, but it is important to know that it is an OCID. This is the information that I want in the invariants.

If the OCID only appears in the first packet there is no state. If it can be used in multiple packets (and not a retransmitted first packet), then routing must be consistent. There is help in the OCID so you must either use another CID if possible, or some other mechanism.

If that other mechanism is 5-tuple, you need to store state, or you need to route consistently. And you have to do it until you know that you have a useful CID.

If instead you can trust a server assigned CID on anything but the first packet things start to improve. Since we don't have a full handshake, any CID is a bit dubious still, but then CID's are always dubious to external observers. The important part is that the receiver can reject. The server can reject a server assigned CID.


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2834#issuecomment-505164170

v2.23.0 | Report a Bug | By Email