Re: Proposal: Increase QUIC Amplification Limit to 5x
Paul Vixie <paul@redbarn.org> Wed, 31 July 2024 00:53 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86F23C14F6E9 for <quic@ietfa.amsl.com>; Tue, 30 Jul 2024 17:53:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redbarn.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EVuIk54-gKrT for <quic@ietfa.amsl.com>; Tue, 30 Jul 2024 17:53:02 -0700 (PDT)
Received: from util.redbarn.org (util.redbarn.org [24.104.150.222]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BC87C14CE39 for <quic@ietf.org>; Tue, 30 Jul 2024 17:53:02 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [24.104.150.213]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.redbarn.org", Issuer "RapidSSL TLS RSA CA G1" (not verified)) by util.redbarn.org (Postfix) with ESMTPS id E4F26160BB0; Wed, 31 Jul 2024 00:53:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=redbarn.org; s=util; t=1722387181; bh=2FTgl+dL92Vy+P4y77C1u/+SBAi66bjpA9j9SBwpQEI=; h=Date:Subject:In-Reply-To:References:From:To; b=tAYr9zJVYhTGvFbyS4sExvRPWSgPm3icL20AyYL7tVyQVm6SZ8s+ectt4l62Um7kJ Q9s+q4IzslaEJcHmYzARjWQcb4qAMXlw0/rQQM60cq+Juv6a4ZLyJeXo+jm5cMA8N8 117ScV7QRuZfy4Cxvd3mtZRDrKKqWDi2iUqDz0C4=
Received: from [192.168.1.149] (unknown [172.102.121.22]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 5D0DAC3F22; Wed, 31 Jul 2024 00:53:01 +0000 (UTC)
Date: Tue, 30 Jul 2024 17:52:59 -0700
Subject: Re: Proposal: Increase QUIC Amplification Limit to 5x
Message-ID: <4aac2fae-ddc6-453c-b974-751a7a37967c@redbarn.org>
In-Reply-To: <BL1PR21MB31152570F4497EBE91B3AF9FB3B02@BL1PR21MB3115.namprd21.prod.outlook.com>
References: <BL1PR21MB31152570F4497EBE91B3AF9FB3B02@BL1PR21MB3115.namprd21.prod.outlook.com>
From: Paul Vixie <paul@redbarn.org>
To: IETF QUIC WG <quic@ietf.org>, Nick Banks <nibanks=40microsoft.com@dmarc.ietf.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--_com.boxer.email_5440458947986416"
Message-ID-Hash: 26I2Y4U3LS2YA5PCA5X7PRNQK5T6ZCCI
X-Message-ID-Hash: 26I2Y4U3LS2YA5PCA5X7PRNQK5T6ZCCI
X-MailFrom: paul@redbarn.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-quic.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/D-i89UTasxOThrVouOD6Qi_4Nx8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Owner: <mailto:quic-owner@ietf.org>
List-Post: <mailto:quic@ietf.org>
List-Subscribe: <mailto:quic-join@ietf.org>
List-Unsubscribe: <mailto:quic-leave@ietf.org>
Do we know a reason why the system's behavior won't move beyond the new limit the same way it moved beyond the old one? If it's some bizarre kind of leaky bucket let's have the showdown now rather than later when everything is larger and ossification has begun. p vixie On Jul 30, 2024 07:16, Nick Banks <nibanks=40microsoft.com@dmarc.ietf.org> wrote: Hello Folks, We’ve had this discussion on Slack in the past, and I wanted to bring it here to get some additional feedback. As some of you know, I have a project on GitHub (microsoft/quicreach) that is a simple ping-like reachability tool for QUIC, and I run a periodic action to test the top 5000 hostnames for QUIC-reachability and then breaks the handshake down by whether it (a) requires multiple round trips, (b) exceeds the specified amplification limit or (c) connects in 1-RTT under the limit. It produces this dashboard: The main point in sending this email is to focus on the large percentage of servers that are ignoring the 3x amplification limit today, and what we should do (if anything) about that. I ran a quick experiment (PR) this morning to test how the breakdown would look if we had different amplification limits (3x, 4x, 5x) and found that if we used a 5x limit we would find ourselves in a place where most servers are now under the limit. So, my ask to the group is if we should more officially bless a 5x limit as ‘Ok’ for servers to use. This would more impact those servers that currently take multiple round trips because they are correctly enforcing the 3x limit on themselves, resulting in longer handshake times. If we say they can/should change their logic from 3x to 5x, then their handshake times will improve, and largely things will speed up for clients when using QUIC. Personally, I’d like to update MsQuic to use this new limit based on this data, but I wanted to get a feel from the group first. Thanks, - Nick Sent from Outlook
- Proposal: Increase QUIC Amplification Limit to 5x Nick Banks
- RE: Proposal: Increase QUIC Amplification Limit t… Nick Banks
- Re: Proposal: Increase QUIC Amplification Limit t… Matthias Waehlisch
- Re: Proposal: Increase QUIC Amplification Limit t… Paul Vixie
- Re: Proposal: Increase QUIC Amplification Limit t… Christian Huitema
- Re: Proposal: Increase QUIC Amplification Limit t… Ian Swett
- RE: Proposal: Increase QUIC Amplification Limit t… Nick Banks
- Re: Proposal: Increase QUIC Amplification Limit t… Martin Thomson
- Re: Proposal: Increase QUIC Amplification Limit t… Roberto Peon