IETF Logo Mail Archive

Re: Closing on CONNECTION_CLOSE

Subodh Iyengar <subodh@fb.com> Thu, 27 July 2017 14:09 UTC

Return-Path: <prvs=8381ad4d51=subodh@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D919B131A4F for <quic@ietfa.amsl.com>; Thu, 27 Jul 2017 07:09:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.719
X-Spam-Level:
X-Spam-Status: No, score=-2.719 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=Zo7jikaE; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=iX+62w5W
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZU77tiObUdYA for <quic@ietfa.amsl.com>; Thu, 27 Jul 2017 07:09:02 -0700 (PDT)
Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30E12131C3C for <quic@ietf.org>; Thu, 27 Jul 2017 07:09:02 -0700 (PDT)
Received: from pps.filterd (m0109332.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v6RE8oYL021194; Thu, 27 Jul 2017 07:08:55 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=facebook; bh=97zpydG5fy06goRxynS7qqK/9UJvh49EgV0g4iLfQe8=; b=Zo7jikaEq1p85XjiJ+4wfYO/REQeaTF3/SBLqFUNhwYyHSDTS9RLtnshGPh1h5PoFu5u nGVEiwezAduHSKcMUjuohJ8GDp0fTUx7tt1Zts38ADurASbczj2oeWsxH1kta3MXmvdx HjFNmrGjn8FddTSU7uW03uhIzS29xF/uqyM=
Received: from maileast.thefacebook.com ([199.201.65.23]) by mx0a-00082601.pphosted.com with ESMTP id 2bydmerph9-1 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 27 Jul 2017 07:08:55 -0700
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (192.168.183.28) by o365-in.thefacebook.com (192.168.177.26) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 27 Jul 2017 10:08:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=97zpydG5fy06goRxynS7qqK/9UJvh49EgV0g4iLfQe8=; b=iX+62w5WE3hKa8AE98/rZwbgt/UexOsMGNzcouIOHhjuAVCo0dNqtzjmbEuun4seDduFxqZJvnoEQmx8x2PFeYGGbM+/iK+GR8HRbAvbUfHt4LYxkthunDwmH6ytqFQ7vHsh6hwreCGPaZe8lMIH3yDKWhCSbqpxZDVgH5hZFU8=
Received: from MWHPR15MB1455.namprd15.prod.outlook.com (10.173.234.145) by MWHPR15MB1456.namprd15.prod.outlook.com (10.173.234.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1282.10; Thu, 27 Jul 2017 14:08:33 +0000
Received: from MWHPR15MB1455.namprd15.prod.outlook.com ([10.173.234.145]) by MWHPR15MB1455.namprd15.prod.outlook.com ([10.173.234.145]) with mapi id 15.01.1282.021; Thu, 27 Jul 2017 14:08:33 +0000
From: Subodh Iyengar <subodh@fb.com>
To: Christian Huitema <huitema@huitema.net>, "quic@ietf.org" <quic@ietf.org>
Subject: Re: Closing on CONNECTION_CLOSE
Thread-Topic: Closing on CONNECTION_CLOSE
Thread-Index: AQHTBt8BY44EN83ZV0KhVSU38MiR6aJntD6AgAAAgeM=
Date: Thu, 27 Jul 2017 14:08:33 +0000
Message-ID: <MWHPR15MB14558B64A6166EB2C3E66F03B6BE0@MWHPR15MB1455.namprd15.prod.outlook.com>
References: <CABcZeBP_Xh1QC9Qxhy5HYiMiTfknPs7Yp7+X_KnQE1O-juxJ5g@mail.gmail.com>, <cb7caadd-73bd-6505-7a57-4b0271fb66d2@huitema.net>
In-Reply-To: <cb7caadd-73bd-6505-7a57-4b0271fb66d2@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2620:10d:c091:200::ba12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR15MB1456; 20:wvkQfN6GVdPpQrsgyyH5QnzbL4/KlXwV4HRBJZEVNPVM3iI/2DhbN6aWujlMgfCRi2DpmHvMO5G594i2EjG8Sm8qO1UehRZxQAKMY5BHT2lBUCU+apDThXrWGewx6IMWIs8m76yKfxpTSwis7KU2Sa1lXgkG68w1PNxYahEjQt8=
x-ms-office365-filtering-correlation-id: a2186885-4978-42f5-fe71-08d4d4f8f761
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:MWHPR15MB1456;
x-ms-traffictypediagnostic: MWHPR15MB1456:
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-microsoft-antispam-prvs: <MWHPR15MB145625F286621F1C47F50E64B6BE0@MWHPR15MB1456.namprd15.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(3002001)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123562025)(20161123560025)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:MWHPR15MB1456; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:MWHPR15MB1456;
x-forefront-prvs: 03818C953D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39450400003)(39840400002)(39400400002)(39850400002)(39410400002)(24454002)(199003)(189002)(377454003)(53546010)(3660700001)(8676002)(8936002)(2906002)(81166006)(81156014)(5660300001)(6436002)(9686003)(7696004)(25786009)(54896002)(99286003)(55016002)(6246003)(53936002)(86362001)(102836003)(7116003)(3280700002)(6116002)(189998001)(7736002)(97736004)(2950100002)(2900100001)(478600001)(14454004)(229853002)(38730400002)(77096006)(2501003)(101416001)(68736007)(6506006)(105586002)(76176999)(54356999)(33656002)(50986999)(106356001)(74316002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1456; H:MWHPR15MB1455.namprd15.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR15MB14558B64A6166EB2C3E66F03B6BE0MWHPR15MB1455namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2017 14:08:33.1423 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1456
X-OriginatorOrg: fb.com
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-07-27_07:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/8hH2zf26ScCSXilfS-W090gRKFI>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jul 2017 14:09:04 -0000

> The only downside I'm really aware of is that the closing side
has to keep state for something like 2MSL (so that it can properly
respond to late packets), rather than being able to clean up on
receiving an ACK

I favor the RST model as well.
You'll end up having to keep a loss timeout even in the FIN model because
of ACKs being lost / the remote side shutting for unrelated reasons / silently closing
their connection.

However what is the right response to late packets? The only response I can think of
is to resend the connection close if you still have the connection state. Is there anything
else that could be sent that I'm missing?

As an aside on the topic of TIME_WAIT itself:

The reason I'm aware that TIME_WAIT exists in TCP is to protect us from the local port
being re-bound to another connection and the data from the old connection interfering with
the new connection. With QUIC this seems less of an issue though because a
combination of (connection id + packet type + packet encryption) can be used to determine whether or
not the packet was valid to be received in the context of a new connection. Going with the
philosophy of dropping packets on the floor that are malformed that martin proposed during
the last WG meeting, do we even need a TIME_WAIT state in QUIC?

The advantage of TIME_WAIT that I see is this ability to send the CONNECTION_CLOSE in a timely
manner to prevent the client from needing to retry till the RTO limit and realize the connection
needs to be closed. However if we go with the close model of graceful close always driven by the app, then
this won't be a common case and we might deliver a PUBLIC RESET instead of a CLOSE.

Subodh


________________________________
From: QUIC <quic-bounces@ietf.org> on behalf of Christian Huitema <huitema@huitema.net>
Sent: Thursday, July 27, 2017 7:02:33 AM
To: quic@ietf.org
Subject: Re: Closing on CONNECTION_CLOSE



On 7/27/2017 6:47 AM, Eric Rescorla wrote:
> The specification seems kind of vague on this point (there is a big
> TODO for TIME_WAIT) and in places suggests retransmission [1] I had
> previously assumed the FIN-like model but after talking to Ian this
> morning I think the RST-like model is better. It's easier to implement
> because you don't need to manage a post-close state machine on either
> side. The only downside I'm really aware of is that the closing side
> has to keep state for something like 2MSL (so that it can properly
> respond to late packets), rather than being able to clean up on
> receiving an ACK. However, this isn't that big a deal, because as
> noted above, you can throw away the connection and just send a stored
> packet, or alternately, just send public reset (or just go silent).
>
> Given that ID1 does include CONNECTION_CLOSE, albeit with limited
> semantics, it would be good to resolve this soon. Are there people who
> want to argue in favor of the FIN-like model?

Yes the text is vague. My ID1 code implements the RST behavior --
immediate close on receipt, no ACK. It seemed natural.

I have yet to implement a proper zombie state, but that would be needed
whether we want the RST or FIN semantic, since FIN packets can be lost.

RST behavior is cleaner there: repeat the RST frame if packets are still
received after some timeout.

--
Christian Huitema

v2.23.0 | Report a Bug | By Email