IETF Logo Mail Archive

RE: Expected Client Response to SERVER_BUSY

Nick Banks <nibanks@microsoft.com> Thu, 21 February 2019 15:43 UTC

Return-Path: <nibanks@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C80512F1A2 for <quic@ietfa.amsl.com>; Thu, 21 Feb 2019 07:43:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4T-MczaQbnAF for <quic@ietfa.amsl.com>; Thu, 21 Feb 2019 07:43:11 -0800 (PST)
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (mail-eopbgr680119.outbound.protection.outlook.com [40.107.68.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B04C8129284 for <quic@ietf.org>; Thu, 21 Feb 2019 07:43:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Zlv0xMMPcYcZZx5Qll5FfkD4k6pCFKcY4iAon+ltxm4=; b=WcwIuKjEJd/FdETAqAcQSXTUGq+c/r3LjwNllL1SzzCbPSlePNfR553ICxVYDFWiX4XTlWqCxyRWd2YbpBoum+xynRgQgmOvXpAZ48v+74c5b0o2i03ktwkzd15exDQS7UmYWN45/ow7mrpSxduBAjeTOXfd/9bWUS4j7wZqU9M=
Received: from CY4PR21MB0854.namprd21.prod.outlook.com (10.173.192.143) by CY4PR21MB0471.namprd21.prod.outlook.com (10.172.121.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.9; Thu, 21 Feb 2019 15:43:07 +0000
Received: from CY4PR21MB0854.namprd21.prod.outlook.com ([fe80::ccd2:aa1d:e646:fa46]) by CY4PR21MB0854.namprd21.prod.outlook.com ([fe80::ccd2:aa1d:e646:fa46%3]) with mapi id 15.20.1665.002; Thu, 21 Feb 2019 15:43:07 +0000
From: Nick Banks <nibanks@microsoft.com>
To: Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>, Töma Gavrichenkov <ximaera@gmail.com>
CC: Praveen Balasubramanian <pravb@microsoft.com>, IETF QUIC WG <quic@ietf.org>, Roberto Peon <fenix@fb.com>
Subject: RE: Expected Client Response to SERVER_BUSY
Thread-Topic: Expected Client Response to SERVER_BUSY
Thread-Index: AdTInrfRZAbJSsLZSlWCCrlUkiWX7AAgkIeAAACdzgAAAbynAAAAN6coAACOYoAAAIKXwAAAszQAAAatwwAAAd27AP//i/wAgACqDQCAARZXgP///4vg
Date: Thu, 21 Feb 2019 15:43:07 +0000
Message-ID: <CY4PR21MB08547DE83CD0670F804D9B45B37E0@CY4PR21MB0854.namprd21.prod.outlook.com>
References: <CY4PR21MB0854341128C64E450E7C2DA2B37C0@CY4PR21MB0854.namprd21.prod.outlook.com> <CAKcm_gPmQiMhzfXnkEB4u+X+84bCbL8FE3Lj3ZdPPQBBu+4uPg@mail.gmail.com> <1AF7E952-4542-4C40-8652-BFFBFA61784A@trammell.ch> <CAKcm_gN11=DcV2v-JrX+Ym88D7P1Ey3rDvYomTf1seemsWDSwA@mail.gmail.com> <CY4PR21MB0854D8F7383CDF72EEDAE9FBB37D0@CY4PR21MB0854.namprd21.prod.outlook.com> <CALZ3u+Zmau+167msd9+OGcU+V00+__yLK83ByNEqvWhm7yFORg@mail.gmail.com> <CY4PR21MB0854E1E9AAF564CD8B12305CB37D0@CY4PR21MB0854.namprd21.prod.outlook.com> <CALZ3u+b_NqyrSAkqiuXnnVVL+T0XiExPDUP5JyuzvZVaXqHtCA@mail.gmail.com> <a861dc7b-c1a4-fa72-649a-4f98050aa6f5@huitema.net> <CALZ3u+YxHeVuF-27pjO6gGZ__RT7Y9cAx0vE+x-n8vJbWM+L6g@mail.gmail.com> <CC1D0429-A09E-4844-90B9-2C053FE583E8@fb.com> <CALZ3u+Y1X0XxfbbiAH1S-fajz3nXybGP3tqED6tYQmsihzCzQw@mail.gmail.com> <FCB33D12-C23D-4F5F-BF26-5CA7DF911DEA@tik.ee.ethz.ch>
In-Reply-To: <FCB33D12-C23D-4F5F-BF26-5CA7DF911DEA@tik.ee.ethz.ch>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=nibanks@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-02-21T15:43:05.9306986Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=787fdfda-8e50-415c-bb94-724a5dc19c05; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic
x-originating-ip: [2001:4898:80e8:1:9831:2783:bd10:60a9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e9b271e2-ad67-4b4a-38f6-08d6981346cc
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:CY4PR21MB0471;
x-ms-traffictypediagnostic: CY4PR21MB0471:
x-ms-exchange-purlcount: 1
x-microsoft-exchange-diagnostics: 1;CY4PR21MB0471;23:rw3usKpm+mhaUHJIV6RNyRYyA5fgihy8tYJtHWnG5YAricL/NtTtPrlmSZnRGmD0Na4cMnJKJwlQUcaXA6hJRucjo7IY6x4bb1RRcVggNHp7Oscr4w4/IIHYCHlxI8XlJu/N9kVZgxXPt/J0O3w+5WWDqswOgZ3Hmas4rGKAucPCtTh4bRqa9AegfzRVfv6tslZU++N5VlxGVlwbtntr7UG6PV4z6E/BC4zN2RQx55LHLlYmQhz8UzNT+Ix805yZzZDw0WPzwO7pqDVnUBiCpae3JzFcECgtcxDzoxpKeonDaezJS2LLktjie+EgV4f+wopfoBpdwERGeOqNcEQQFZSDK+NvwhiLHLc1JZICqeq/91U7x5OISkgZHoAYB5PFiiK+F2K/GqAB79n8CWp2VAu7yDw5vRlIQOvLLxhalMZ9N7PHRlpthuaMIL6xv2sNqFbaDcmRGR7iMZt+784/PkeLG/jYL3SOTUIPzcSWXyRZFGWTPMEy/4JSQJWZ44C36wMn6pco/I+nvjsxE/VjVM6C8D+7rVBgcAcKsBDIUkDFGA3jEVWU965m9xyMulzAJnSiMipb9j0qzNnyw37JCOCzOLQJzC8Il5338dDtpZb7rboqB2xkdWyoqvgYxv+Pmq7EqswXeI0OGN2LuVQr9NaQX2i7BumklqjFNNPRpHzhMT/CPsBgIbyK0n9y7pRyoVpRYKOdZC0Tyk7Aczmui2phldkSs4K4X888YAovKY75eiY8+uuiSu98DBPRVW6NrI6DstmeyszcYVqAUsFJSsQBDE43FopJVe4FIzpMUjI+RZfsYzXzgfCX8JLq70vXpKbhPlVE72RUO6IjAYky6J/N+BdYgE5kIobs13piWjzzdVlsj40wc41jmpGCyqE2nbvjqCaP4oQCJSYKrfMkSHT3pgxPP3a/M5cSGb30Jy0Oh2t1ltMAeM0Q9umfK7P5Or5pHrK2Fbr1kusDfOXj4qd9OVo+vRH8cWGXQD2hmiwEkzfyKWKWB1W046/lLsqcGd+gAPh5Z8zJxXh948ru0a3e7p6U3wT5vfN7XhfVhwfuzMvbWWvpqCWOEcN4gcdI6Teha1+a48z9dTEQ8n0pnAodTE+Do8CbJSj8tsegC9EL7wDYzGQm30baIuqqHa9A4s9bHyeuf1zfqVV6fh/A0xL6SeXitFTU+I8YpUBoiwNX2gknspyHuNx93asc7P7KOY30Ly9fWHYkVIgJcJ0bSQT2U4+FA7vAj3tfgVpRIXoKfzw7xh/2LV8i4UtKHOGUkw96ponW1WlawtqS/axQScKnRAjyHzWXwdyABHrf5kHMR4QoWqXBNmXsiV8QT+Wai6dSpGi+pwb9SdeCqy1npD6wDlv2cUou3rXyQhWJpqWRANMTX3GjuB/hr3fHlHq+xBPjRNEl9WhVmvS6p41kuY+ssYL7QkXuUpShF4ZqQao=
x-microsoft-antispam-prvs: <CY4PR21MB0471357CFBE9B489938D54D8B37E0@CY4PR21MB0471.namprd21.prod.outlook.com>
x-forefront-prvs: 09555FB1AD
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(396003)(136003)(39860400002)(366004)(13464003)(199004)(189003)(14454004)(478600001)(10290500003)(2906002)(8990500004)(97736004)(102836004)(53546011)(6506007)(966005)(6346003)(316002)(22452003)(25786009)(10090500001)(99286004)(4326008)(71190400001)(71200400001)(446003)(14444005)(46003)(476003)(86612001)(11346002)(256004)(186003)(66574012)(86362001)(5660300002)(486006)(8676002)(8936002)(53936002)(105586002)(33656002)(305945005)(7736002)(68736007)(81156014)(81166006)(6246003)(229853002)(110136005)(6116002)(54906003)(93886005)(76176011)(106356001)(55016002)(6306002)(9686003)(74316002)(7696005)(6436002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0471; H:CY4PR21MB0854.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=nibanks@microsoft.com;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: UREtfwh0+VvVBMxQcmP1i6h96mCu2/24/HOEKj9JHUZy4nnadGuavb/wtnI6VO0HiN7ghnBL9LhH6b1JhOWtx7IhKoN6YeQVx9A4kvYXkzEsEEPWmbIYH+59F34DGbb59txrAfkF9WlNkGYUbt0qbQYztNu4g1Egk9DJbKWwkP4P8/Ict7BhWydGc7IijClpBgv4b2AckpwK83bpw4yIs20m5afCx5BbvkcP2viz0tsIz9ljkj+wE/4iP2i5Vi7qjfxPkU26+nEhmqNxcVe5cADNyaO863izMtLZn9i8ZR0uRG8l90C2RLSTpGlqsw19hevgqw6KtUtFR0CWbdJwbnu5k35uS7ElNrJ+/IHMb8IZBLANwH5/igkKLgNybFduL0gne+Zp+Aps2Mnf9bssmILIeGLsjbSQ33IRU3fc76c=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e9b271e2-ad67-4b4a-38f6-08d6981346cc
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Feb 2019 15:43:07.7982 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0471
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/3yQNZkn1dEbDtPZZilwy0w22-co>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 15:43:14 -0000

I read that section, generally, as you should support fallback to TCP. No real specifics.

I'm asking if we should add more. As Ian had already alluded to the client might take the Alt-Svc into account when falling back. How is it supposed to decide what to do if that says QUIC is available, but right now they just get a SERVER_BUSY error from QUIC?

It might be worth calling out a few possible scenarios that might be encountered and recommend a course of action. I can think of several scenarios that a client might encounter that might be interested to describe:

1. Client gets no response ever.
2. Client only gets a response after a long time.
3. Client gets some kind of protocol error in response (bad middlebox?).
4. Client gets a valid connection close in response.
5. Client handshake eventually fails (perhaps tampered with).

Thanks,
- Nick 

-----Original Message-----
From: QUIC <quic-bounces@ietf.org> On Behalf Of Mirja Kühlewind
Sent: Thursday, February 21, 2019 7:33 AM
To: Töma Gavrichenkov <ximaera@gmail.com>
Cc: Praveen Balasubramanian <pravb@microsoft.com>; IETF QUIC WG <quic@ietf.org>; Roberto Peon <fenix@fb.com>
Subject: Re: Expected Client Response to SERVER_BUSY

As pointer out earlier in this thread there is text in https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-quic-applicability%2F&amp;data=02%7C01%7Cnibanks%40microsoft.com%7C0084d6c04e284f76cfd508d69811e099%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636863599903286321&amp;sdata=KO36Bt6jX5Xe%2B379FOfLYviKQNPRhJrwILSQr6oPKSA%3D&amp;reserved=0 (section 2). 

Do you think anything else is needed?



> Am 20.02.2019 um 23:56 schrieb Töma Gavrichenkov <ximaera@gmail.com>:
> 
> > This mechanism provides a very low CPU cost fast fallback to TCP 
> > under DoS attacks until all infrastructure can support QUIC natively
> 
> There are [a] few use cases when switching from TCP to QUIC v1 (in its current state) is not feasible because of huge operational costs. So it would be a more long term solution than that, probably till v2 or even further.
> 
> > anything we do to allow non-malicious ones to respond appropriately 
> > requires pre-sharing, or for the connection to succeed
> 
> The question here is basically how to ensure the latter given a X00 Gbps attack scale if you're neither Facebook nor Google.
> 
> > In some circumstances, falling back to TCP may be something that the 
> > application shouldn't do
> 
> Well, maybe, but then IMO the consequences of not being able to benefit from switching to TCP if you're doing certain things with QUIC should be outlined in the spec. Again, this is an application-level thing *now*, but formerly the transport used to take full care of it, and the change in that sort of breaks the habit of the users.
> 
> --
> Töma

v2.23.0 | Report a Bug | By Email