IETF Logo Mail Archive

Re: [Last-Call] Opsdir last call review of draft-ietf-quic-manageability-14

Lucas Pardue <lucaspardue.24.7@gmail.com> Mon, 07 February 2022 16:25 UTC

Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FFAF3A0D2D; Mon, 7 Feb 2022 08:25:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.846
X-Spam-Level:
X-Spam-Status: No, score=-1.846 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZejYzTb-dWvo; Mon, 7 Feb 2022 08:25:07 -0800 (PST)
Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E78293A0D29; Mon, 7 Feb 2022 08:25:06 -0800 (PST)
Received: by mail-ej1-x633.google.com with SMTP id st12so18814909ejc.4; Mon, 07 Feb 2022 08:25:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wS+qIodFDn5a8e+FA5tGNto4dgZ0T0+y7hUPvew7OsY=; b=fV49bAmDwiy9+m59QC15hLeCSBTm5Um14l+6p9QElulfD0ggt/LcTuJIRLbLlbLXXl ZO4BXz0KxXFcCDJCoh+JW4BLU7s4fYQOqTT+1f7KnPQBYvFK6+XydvCkOMI90Pz8jDSY f+Zksg3gkz8UCl4f2K4exOA/i4gi4BXA8fC5qBWMnLamlLE3YJgTTY/fn/eEsMTbViWb ExfB18/tT3NUNoTfST+Faxba9bjcpJupR8z421+nKzZjo9cWaLiSD2xJ6x9jbBcx4k6y ei4Ki/YMnrVUnUQ6WL5WeSXqWlLUywT61CFQrzBtQBPOLUb/ZKeccat+C52t/VSVRJyc OzoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wS+qIodFDn5a8e+FA5tGNto4dgZ0T0+y7hUPvew7OsY=; b=QeGrBsS2hkubOk7K+mL0Ok2VKHgRNYs6I/veQfEqFR5WaUH3hG3qM3Pw5Sg4uMl6Nb fHvsRY4WLzGvzwaIL61DdN3ALnoSOUlnHMJVZtZUgD+kB+dKWqRoIkyXTKF1PndS1k6v rxeMcsY6qK0a1c0dohuegajn6mOcm0gcBWoXFC8H5JikEfWmNo4dslbcm6PXu4LxZKUz 7fUI2SKa4qxXNedT5Ly+0YNJGJwzzKSDAbPkHjq6mp+B5q8NanSROGL7+hxRfxGTEkYt YlEoIFU814Ve40CCzTNttsJnBkNHKbv3smmm9HXyppLfsxWhxqJrDk+oOayHfkvboO2J Ju0Q==
X-Gm-Message-State: AOAM531sf2l41009VtVM6tLl4MgSlWaS+WEalMmyg687Eh+gPPdIzqBa Nj7tK1+yDPW8QjrTSwMMRdKhFYPyS6KAXxngsZ0=
X-Google-Smtp-Source: ABdhPJyjvraji4hr8qaKlxA1XNdObwa0Ymvep7UwMPbEjmxfv7pRncZ6fUjHaQXzjdXpWdoQHX90r6X/qluwuRw5tQM=
X-Received: by 2002:a17:907:97d0:: with SMTP id js16mr383240ejc.345.1644251103448; Mon, 07 Feb 2022 08:25:03 -0800 (PST)
MIME-Version: 1.0
References: <164409907076.26859.10862027679794424868@ietfa.amsl.com> <CAKKJt-f-ycBSafQkD01gJvkxYP2YYsgfZ9od=JXOxhST=aPs4g@mail.gmail.com>
In-Reply-To: <CAKKJt-f-ycBSafQkD01gJvkxYP2YYsgfZ9od=JXOxhST=aPs4g@mail.gmail.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Mon, 07 Feb 2022 16:24:51 +0000
Message-ID: <CALGR9oawruZohV-0RQ8HzmNTE1pdkHzsTzaGc+iZpMiUGTVjZA@mail.gmail.com>
Subject: Re: [Last-Call] Opsdir last call review of draft-ietf-quic-manageability-14
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Cc: Al Morton <acmorton@att.com>, ops-dir@ietf.org, last-call@ietf.org, draft-ietf-quic-manageability.all@ietf.org, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f1515305d7700a78"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/829zI39INslGjs4qxhJfCkscHD8>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Feb 2022 16:25:10 -0000

Hey,

On the topic of fallback or failover or something else. My 2c with no hats.

On Mon, 7 Feb 2022, 15:36 Spencer Dawkins at IETF, <
spencerdawkins.ietf@gmail.com> wrote:

> I haven't seen anyone else respond to Al's email on this point, so I
> thought I'd share an opinion.
>
> On Sat, Feb 5, 2022 at 4:12 PM Al Morton via Datatracker <noreply@ietf.org>
> wrote:
>
>> Reviewer: Al Morton
>> Review result: Has Issues
>>
>> Hi Mirja and Brian,
>>
>> This is the OPSDIR review of
>>
>>               Manageability of the QUIC Transport Protocol
>>                     draft-ietf-quic-manageability-14
>>
>
> Snip, down to
>
>
>> 4.6.  UDP Blocking, Throttling, and NAT Binding
>>
>> ...
>>    Further, if UDP traffic is desired to be throttled, it is recommended
>>    to block individual QUIC flows entirely rather than dropping packets
>>    indiscriminately.  When the handshake is blocked, QUIC-capable
>>    applications may fail over to TCP.  However, blocking a random
>> [acm]
>> is "fail over" or "fallback" the preferred term?
>> (using only one will help)
>>
>>    fraction of QUIC packets across 4-tuples will allow many QUIC
>>    handshakes to complete, preventing a TCP failover, but these
>> [acm] ... or "failover" preferred?
>>
>>    connections will suffer from severe packet loss (see also
>>    Section 4.5).  Therefore, UDP throttling should be realized by per-
>>    flow policing, as opposed to per-packet policing.  Note that this
>>    per-flow policing should be stateless to avoid problems with stateful
>>    treatment of QUIC flows (see Section 4.2), for example blocking a
>>    portion of the space of values of a hash function over the addresses
>>    and ports in the UDP datagram.  While QUIC endpoints are often able
>>    to survive address changes, e.g. by NAT rebindings, blocking a
>>    portion of the traffic based on 5-tuple hashing increases the risk of
>>    black-holing an active connection when the address changes.
>>
>
> In my mind,
>
>    - "fallback" makes more sense if we are talking about falling back
>    within a single protocol (for example, attempting to use an extension,
>    discovering that the other host doesn't support that extension, and
>    retrying without the extension - or,, also within a single protocol,
>    attempting to use version 9, discovering that the other host doesn't
>    support that extension, and retrying with a different version), and
>    - "failover" makes more sense if we are talking about starting with
>    one protocol (QUIC, in this case) and if that doesn't work, switching to a
>    different protocol (TCP, in this case).
>
> I know we've used both terms somewhat interchangeably during discussions
> about QUIC (and not just discussions about this document), but if one term
> is to be chosen (Al's suggestion, which I agree with), I think what we're
> talking about here is "failover".
>
> Other people may have thoughts, of course.
>

To me this is really an implementation detail.

In HTTP/3's case you might learn of a it via Alt-Svc over TCP and try yo
swtich to it. That could fail and you might "fallback" or really just
ignored a suggestion that turned out to be bogus. Nothing fell over or
failed except an opportunistic connection attempt.

Now add in the alternative discovery mechanism of SVCB and HTTPS record.
Clients would learn the availability of multiple HTTP versions and are
likely to implement different strategies for selecting on or the other.
Imagine a client which learns that on some kinds of network they block
QUIC. Maybe it would just stop bothering to try QUIC on that network
despite any other information available.

There are, of course, other application protocols that run over QUIC. Those
things might have no TCP equivalent. The network operators should not be
trying to introspect such things as application mapping.

All of these things are examples where client agency gives no hope for
others to guess their behaviour. And that's fine. IMO it suffices to say
that a clients can switch to any transport, at any time, for any reason.
That is neither failover or fallback, just choice.

Trying to diagnose network issues based on choice is futile and, if done
naively, could false diagnose problems that do not exist.

Cheers
Lucas


> Best,
>
> Spencer
>

v2.23.0 | Report a Bug | By Email