Re: Closing on CONNECTION_CLOSE
Jana Iyengar <jri@google.com> Thu, 27 July 2017 15:35 UTC
Return-Path: <jri@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B2C3129B34 for <quic@ietfa.amsl.com>; Thu, 27 Jul 2017 08:35:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cWVHUtzi8PoA for <quic@ietfa.amsl.com>; Thu, 27 Jul 2017 08:35:51 -0700 (PDT)
Received: from mail-pg0-x22f.google.com (mail-pg0-x22f.google.com [IPv6:2607:f8b0:400e:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 527D8124217 for <quic@ietf.org>; Thu, 27 Jul 2017 08:35:51 -0700 (PDT)
Received: by mail-pg0-x22f.google.com with SMTP id k190so33963598pgk.5 for <quic@ietf.org>; Thu, 27 Jul 2017 08:35:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=cyg0Ym8fBkyUiqkQSqZpt/4XB2eAqysTStgYlplz4oc=; b=bjcrYyaoAiIiJKGnLNEINsPBrbxsu6MnVuknrVnNqaNUJnfKxkV8Ib4GE6frej9GUV MJ9f9TgiPlaz2HJQBBGHTfBmcOlqqTRIIIdrkJsaR3hmuveMo83ajTDVnGinvgH4479G FT+cA+gV70PGAmEMpno5v1F5aIMdxzoafoKEVZ5SHWalzDVJZ1y3+GYa/kxmdSMWKW8D GVbmQOzHhGGvjKRoDPLk0C/f6HfoIlcKAOHZc2KJ5aNk66SGOtNqTEZ4EXatIMRNGOE5 QTICWY7alJJ9zmpM6pbAMBO8Zq0C/u9s8nQkVTUYDwootp4Vc0/voZ/xymFN7aE4i4ZA 6d5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=cyg0Ym8fBkyUiqkQSqZpt/4XB2eAqysTStgYlplz4oc=; b=gla5fBDZYoLTxPd7ZlCe8B8yLuRqR9TY83+XM8X9nIUdMqlJRTBBln0kt4ftOUd27Y 2BS8gINFX7+4VxwuXIIDf3YOmq3spE60Wowk6MU699cdnORPz9C6FEnVqwuW9F5Ll3GV C0sXo4ijJY5+9kYJZRSr+4RLymywQUTQReIkZ1f75P9MA4FMwP90lhTYiDhXatfBWXUM nef8761t8GQy+aU0CTJovHGR+RdgDG5ICIVELoj2gU1EzeWUkg2rSzYpCK4jNwkjt3Hv zxfXZT/MtG9R4P92y9Vmxv7vGbQGsT31m3D3IOfWdMB0DV4csi3lJm16LfbsFdB2utja pS0A==
X-Gm-Message-State: AIVw113YVSDwV4IJ1BNZS7udB0/Xj/yNsBvHuvFbRPaE4M3eXbn/FPSj Qi7tBXBAJl/sQ1La1mIWycMrS5Rdh2/f
X-Received: by 10.84.216.81 with SMTP id f17mr4975933plj.117.1501169750355; Thu, 27 Jul 2017 08:35:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.153.19 with HTTP; Thu, 27 Jul 2017 08:35:49 -0700 (PDT)
Received: by 10.100.153.19 with HTTP; Thu, 27 Jul 2017 08:35:49 -0700 (PDT)
In-Reply-To: <CABcZeBP3s=XrOXjzN=SvjrYkc-eSUAx8BZXTO-BFAQW-55TXzw@mail.gmail.com>
References: <CABcZeBP_Xh1QC9Qxhy5HYiMiTfknPs7Yp7+X_KnQE1O-juxJ5g@mail.gmail.com> <cb7caadd-73bd-6505-7a57-4b0271fb66d2@huitema.net> <DB5PR07MB1237960D04442972441D9B8B84BE0@DB5PR07MB1237.eurprd07.prod.outlook.com> <CAKcm_gOSSWOiY7S3KCW4674KO76PxoFmcTbFSsbO-71aQmCXHg@mail.gmail.com> <CABcZeBP3s=XrOXjzN=SvjrYkc-eSUAx8BZXTO-BFAQW-55TXzw@mail.gmail.com>
From: Jana Iyengar <jri@google.com>
Date: Thu, 27 Jul 2017 15:35:49 +0000
Message-ID: <CAGD1bZYEOxSXaw3cMBZTjkdwCVyJ+cca6fhY0Rh1OaGiB0ihSA@mail.gmail.com>
Subject: Re: Closing on CONNECTION_CLOSE
To: Eric Rescorla <ekr@rtfm.com>
Cc: IETF QUIC WG <quic@ietf.org>, "Swindells, Thomas (Nokia - GB/Cambridge, UK)" <thomas.swindells@nokia.com>, Ian Swett <ianswett@google.com>, Christian Huitema <huitema@huitema.net>
Content-Type: multipart/alternative; boundary="94eb2c19a6a8b84b9105554e517f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/HyjPTfd97VP8XBcQd29jrqFS2gQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jul 2017 15:35:53 -0000
I'm also in favor of the RST model. Subodh -- to your point about time_wait, this dovetails with a timeout we need to have in place for regular connection close, where we must allow for retransmissions to be sent and for responses to peer's retransmissions. (It's what I call DRAIN_TIME). So basically, once a connection close is sent, the sender waits for DRAIN_TIME and then discards state. The receivers sends an ack and immediately discards state on receipt. As ekr notes, receipt of this ack could circumvent the DRAIN_TIME timeout. TCP time wait accounts for network lifetime of packets, which we don't have to handle, since once both sides are torn down, there's no danger of an old connection interfering with a new one. That said, I'm still thinking about if it's possible for an old packet circling the network to create connection state when received after all state is torn down... If we want to ensure that doesn't happen, we'd want to account for network lifetime (2 msl). On Jul 27, 2017 7:59 AM, "Eric Rescorla" <ekr@rtfm.com> wrote: > I just filed a PR for this at: > https://github.com/quicwg/base-drafts/pull/705 > > It explicitly permits duplication. > > -Ekr > > > On Thu, Jul 27, 2017 at 7:51 AM, Ian Swett <ianswett@google.com> wrote: > >> I would recommend sending an identical packet every time, since there's >> no value to encrypting a new one with a new packet number, but it increases >> the amount of state you have to keep and the CPU to respond to spurious >> packets. >> >> On Thu, Jul 27, 2017 at 10:47 AM, Swindells, Thomas (Nokia - >> GB/Cambridge, UK) <thomas.swindells@nokia.com> wrote: >> >>> > > However, this isn't that big a deal, because as >>> > > noted above, you can throw away the connection and just send a stored >>> > > packet, or alternately, just send public reset (or just go silent). >>> Should/would you have to generate a newly encrypted packet with a new >>> packet number each time (as per other retransmissions)? >>> Or is this a special case because it is the final packet and so doesn't >>> matter if it is duplicated? >>> >>> >> >
- Closing on CONNECTION_CLOSE Eric Rescorla
- Re: Closing on CONNECTION_CLOSE Ian Swett
- Re: Closing on CONNECTION_CLOSE Christian Huitema
- Re: Closing on CONNECTION_CLOSE Subodh Iyengar
- Re: Closing on CONNECTION_CLOSE Eric Rescorla
- Re: Closing on CONNECTION_CLOSE Willy Tarreau
- RE: Closing on CONNECTION_CLOSE Swindells, Thomas (Nokia - GB/Cambridge, UK)
- Re: Closing on CONNECTION_CLOSE Ian Swett
- Re: Closing on CONNECTION_CLOSE Eric Rescorla
- Re: Closing on CONNECTION_CLOSE Jana Iyengar
- Re: Closing on CONNECTION_CLOSE Eric Rescorla
- Re: Closing on CONNECTION_CLOSE Dmitri Tikhonov
- Re: Closing on CONNECTION_CLOSE Patrick McManus
- Re: Closing on CONNECTION_CLOSE Christian Huitema
- Re: Closing on CONNECTION_CLOSE Mikkel Fahnøe Jørgensen