Re: handling a QUIC accept backlog
Martin Thomson <martin.thomson@gmail.com> Wed, 21 February 2018 23:50 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91080120724 for <quic@ietfa.amsl.com>; Wed, 21 Feb 2018 15:50:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cqi98lqUUZ6H for <quic@ietfa.amsl.com>; Wed, 21 Feb 2018 15:50:44 -0800 (PST)
Received: from mail-ot0-x22b.google.com (mail-ot0-x22b.google.com [IPv6:2607:f8b0:4003:c0f::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 901C91200E5 for <quic@ietf.org>; Wed, 21 Feb 2018 15:50:44 -0800 (PST)
Received: by mail-ot0-x22b.google.com with SMTP id k7so2387018otj.0 for <quic@ietf.org>; Wed, 21 Feb 2018 15:50:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=96dN6jIeYnt/mYmSEhqukualw/Mal7qBJXFKjmM+pO0=; b=rmJRFiDEr+YCovphZzBHs9ti+4rKYWgMA6wqSl4rj90aXHaO8J9WmZ4smyiua3wPQB WaFSSWoqRBvoTtAcOKw0E9bz1RvmuFc5fqsiL+PgJ7IHNXduUWmBA1F3u2/GdAFiDtFO O7OPchuemhsJOSilBJ1B3cXkMpiswNdZ8C5x3vOZn+qi9JxB/F4RMC8ndalg18mSgEGf /M+Pw6L8SRDLrxhONUzeDc19cZa0mziJe3zX7YJSyb0K7ZYkr29YKwKFqS/+Ccmtg1LF fyZFHuHMIkxX8W+b6ZWCXBtNpZKG2oh80TlJm9IRPGLlucEulYniKI5R5Jq4XnHnm4Dz M3mQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=96dN6jIeYnt/mYmSEhqukualw/Mal7qBJXFKjmM+pO0=; b=kwg6G50Delb4neYiUdPcoRZXC7rOnP+3JhTdIRyfRnewoIy5dCyZN6eFSmh81RctIo CSKcUm/wNYf3PoYgus4fjzokDT6Raxic4IayfNTSO9jW9HTcfTevaACdM+B0eDSa/DdT fGK6C069+xuAq5WocWuZTqLfmQSh29ADQoPTCs5fqT8XkkVGd0a6cgJrk4uFccBLsaQ/ fNvWyQ0k7fLAoNKDIj/NnwZ2XbWyAJooh3BIZlb65Z8/6eLXtqUAHeSuuK8OGYCHJJqW cXOQedJVFLhsNc0cFi6mafpMxW0CUjJ3FMND26GhiiW/FyBXyrY2SOya8XfyVWG+EWTy tASA==
X-Gm-Message-State: APf1xPA36bWvk3qC6J0nSpMsRrqkVUkCFeb8qJ7Y6VRSHvYkkLLWdHaz E8KTn8+gIhmBDCAOwXm00ycpna3wm3lQSpV8rgI=
X-Google-Smtp-Source: AH8x227n04LDUxknBrWgREDW611jofpu0FnV8R23RZNw66NYr05YD8gZW50oImH31Q6CDTdgYCLEJtsIUqjwXvwDgWg=
X-Received: by 10.157.0.74 with SMTP id 68mr3563421ota.392.1519257043795; Wed, 21 Feb 2018 15:50:43 -0800 (PST)
MIME-Version: 1.0
Received: by 10.157.16.85 with HTTP; Wed, 21 Feb 2018 15:50:43 -0800 (PST)
In-Reply-To: <0467B015-09FC-456D-BB6F-29B5F308C4E4@tik.ee.ethz.ch>
References: <CAOYVs2p=wdOMLxdMatoY4f=P3ZMCNOBHeg4-ep+dNJ8TRM7zEA@mail.gmail.com> <0467B015-09FC-456D-BB6F-29B5F308C4E4@tik.ee.ethz.ch>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 22 Feb 2018 10:50:43 +1100
Message-ID: <CABkgnnXAUkowNsuPQ7h=94DfcS02mHgSdSoqOFL_WG6G-2JeCw@mail.gmail.com>
Subject: Re: handling a QUIC accept backlog
To: Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>
Cc: Marten Seemann <martenseemann@gmail.com>, QUIC WG <quic@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/6u064-HplohuCKLhNXS4-N2fV_4>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2018 23:50:46 -0000
Marten's question is a design one, I think. But as an operational practice, some additional documentation elsewhere could help. I don't think that I had any expectation, but it seems like a good idea to have some way that a server can signal "not now". That increases DoS risk (to the other discussion this week), but I think that in terms of our agreed principle on trying to stop that sort of attack, we shouldn't worry too much about that right now. Dropping Initial packets works. It's probably something to do in the extreme case. CONNECTION_CLOSE is probably better (better yet if we had an "I'm overloaded" code, PR wanted). Retry doesn't really work unless you think an extra round trip will cool things down enough. If you get to the point of receiving Handshake, then CONNECTION_CLOSE is all you really have, but you probably want to avoid doing that (because you already sunk a ton of effort into the first round of Handshake messages). Note that a server with too many connections can (and probably should) use HTTP Alternative Services to shed load, but that won't necessarily help in the short term. On Thu, Feb 22, 2018 at 5:13 AM, Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch> wrote: > Hi Martin, > > I think that could fit well in the applicability doc. If people agree, please go ahead and file an issue or a PR. > > As a general note, both the applicability and the manageability statements are outdated, as things are so much in move still and therefore we didn’t put effort in to sync up with every revision. As soon as things (especially around the wire image and handshake) have settle a bit more, we will do an update. > > Mirja > > > >> Am 21.02.2018 um 17:39 schrieb Marten Seemann <martenseemann@gmail.com>: >> >> When using a socket API for a QUIC server, it can happen that there are more incoming connections than the server can accepts at that moment. I imagine that a server will implement some sort of queue containing connections that have the handshake completed. Do we need any guidance on what should happen when that queue is full? >> >> There are multiple ways how a server could handle this situation: >> >> • Drop all Initial packets. >> • Send a CONNECTION_CLOSE as a response to an Initial. >> • Reply with Retries to Initial packets, but drop Handshake packets. >> • Something more sophisticated? >> Should we write anything about this in the spec, or is this something that implementations have to figure out for themselves without any guidance? >> >
- handling a QUIC accept backlog Marten Seemann
- Re: handling a QUIC accept backlog Mirja Kühlewind
- RE: handling a QUIC accept backlog Praveen Balasubramanian
- RE: handling a QUIC accept backlog Mikkel Fahnøe Jørgensen
- Re: handling a QUIC accept backlog Martin Thomson