QUIC Connection Close Reliability
Nick Banks <nibanks@microsoft.com> Mon, 23 April 2018 22:06 UTC
Return-Path: <nibanks@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E66DF1200B9 for <quic@ietfa.amsl.com>; Mon, 23 Apr 2018 15:06:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KtU7Wq4Emm4x for <quic@ietfa.amsl.com>; Mon, 23 Apr 2018 15:06:42 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0129.outbound.protection.outlook.com [104.47.33.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6385124B18 for <quic@ietf.org>; Mon, 23 Apr 2018 15:06:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QAp8i+QVUDUZtmzzDNRIBnH2CIZlnS+kex4mgZ23as8=; b=FPyMLbiwvUAGbGNSatr98w/NfrWY1rIkJL/5GH4Q+8uzqLNvTmSfR/YV8W2Rm1ObeMHbN8Xj8ThjUUd9OBOd7h7OcN3dDe/NZfs2vRqjwr9NUrkaMW11ePUfZeDUf9B/FxDzhy+g+9sHcMB8osvYhK86EYBuR/7Q9PzoYXGgA7A=
Received: from DM5PR2101MB0901.namprd21.prod.outlook.com (52.132.132.158) by DM5PR2101MB0936.namprd21.prod.outlook.com (52.132.131.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.715.5; Mon, 23 Apr 2018 22:06:39 +0000
Received: from DM5PR2101MB0901.namprd21.prod.outlook.com ([fe80::ac02:3f79:af:e239]) by DM5PR2101MB0901.namprd21.prod.outlook.com ([fe80::ac02:3f79:af:e239%2]) with mapi id 15.20.0735.004; Mon, 23 Apr 2018 22:06:39 +0000
From: Nick Banks <nibanks@microsoft.com>
To: IETF QUIC WG <quic@ietf.org>
Subject: QUIC Connection Close Reliability
Thread-Topic: QUIC Connection Close Reliability
Thread-Index: AdPbS1oyWnbH2U0CSPiNn9ybMzF86A==
Date: Mon, 23 Apr 2018 22:06:39 +0000
Message-ID: <DM5PR2101MB090161AA6FD645EFFA1A1EFBB3890@DM5PR2101MB0901.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=nibanks@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2018-04-23T22:06:37.3674464Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General
x-originating-ip: [2001:4898:80e8:1::30c]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR2101MB0936; 7:CDHe5EjKilV8E5pW5Mbe45CnzLtiRd56p3boHPOEalTGiwAJqxnGrsQP/h4CB58CyFSj7ZBwRk6kju4rz7oYn8HDFj3I+vHFPPLHbfZMxZKMGQOlsS/1tUVnTyHaeyZAOBRZbYlvGg6GRBxFKJy1kmRkmnxPFHWTJg6XfE30aeTsvxylzqlMuV5cSM5MjDtZXlPzrpuvpZjKC3j4uKxT9Diy/tvkDh2HqXiiF7ggNr/KcnxO7+LHATYcF/ToZci4; 20:8ZkTUResCLlfM+GSG1PG6/3TJGcShjdA7LqwnVcgFsNUDnSoxCguBqtO0qLUiEIOb1Sw7rGB7O20h2r5Ah95t/wO1l2pzQTuwmPmPEa/IyjvGmFAUCnNSkGIJLQZi2MSWjNuc3kHokAhdHjrsUX18xS7TOFfkCwvdDg0DCdXX3o=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7193020); SRVR:DM5PR2101MB0936;
x-ms-traffictypediagnostic: DM5PR2101MB0936:
authentication-results: outbound.protection.outlook.com; spf=skipped (originating message); dkim=none (message not signed) header.d=none; dmarc=none action=none header.from=microsoft.com;
x-microsoft-antispam-prvs: <DM5PR2101MB0936839CF04EC89D42BB512FB3890@DM5PR2101MB0936.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(3231232)(944501410)(52105095)(10201501046)(93006095)(93001095)(6055026)(6041310)(20161123562045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123558120)(6072148)(201708071742011); SRVR:DM5PR2101MB0936; BCL:0; PCL:0; RULEID:; SRVR:DM5PR2101MB0936;
x-forefront-prvs: 06515DA04B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39380400002)(376002)(396003)(346002)(366004)(39860400002)(7736002)(8936002)(3660700001)(6306002)(478600001)(5660300001)(55016002)(33656002)(102836004)(6436002)(9686003)(54896002)(236005)(86362001)(86612001)(59450400001)(6506007)(3280700002)(74316002)(316002)(606006)(6116002)(7696005)(46003)(790700001)(53936002)(2906002)(10290500003)(22452003)(6916009)(5250100002)(8676002)(2900100001)(25786009)(476003)(186003)(81166006)(3480700004); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR2101MB0936; H:DM5PR2101MB0901.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; MLV:sfv;
x-microsoft-antispam-message-info: 9j0tLvcZn20rAdOK2P88jE8mZXQfYy8YTfE3stFrpk+gMP/CqSRLPbmHdWoILe6oyoWMvZSkpinbN5tlq76T3eVjWLxbO8TPqe1U6nCK8uu8kHAN9NIKqxKWKvYD+4nsL6+0hJtPMgVjGzmjkGHeg6rImq3kktC24x+8LqIk4QIsRptHIjDJsI+635Ck2vCK
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR2101MB090161AA6FD645EFFA1A1EFBB3890DM5PR2101MB0901_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: e0606d69-c85e-4924-e648-08d5a9667d32
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e0606d69-c85e-4924-e648-08d5a9667d32
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Apr 2018 22:06:39.3498 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR2101MB0936
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/KZ1xaPzx8Xj76yeSRNP9HTkoUUo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Apr 2018 22:06:45 -0000
Hey Folks, I have been trying to work through an issue with reliability, related to connection close and I am trying to understand if this is a protocol issue for if I need to change my implementation. Suppose you have an application protocol on top of QUIC where each side of the connection may use one or more streams and then immediately, but gracefully, close the connection when they are done with all the streams. In that kind of application protocol, one side of the connection generally ends up closing immediately in response to receiving a FIN on a stream. Then you get into a state where the peer won't necessarily get that FIN acknowledged. Even if the endpoint sends an acknowledgment for the FIN (either as a separate packet or with the close) it's possible that ACK is lost. Ideally (I think), the ACK is sent in the same packet as the close, so you can control the atomic state change on the peer. If the ACK was separate, and lost, but the close wasn't lost, then the peer would treat the stream as abortively closed. A -------- STREAM (w/FIN) ------> B A <------- ACK, APP_CLOSE ------- B But now the issue comes if the ACK/APP_CLOSE packet is lost. Per spec<https://quicwg.github.io/base-drafts/draft-ietf-quic-transport.html#immediate-close>, the endpoint (B) that received the FIN and then closed the connection enters the closing period. While in this state, the spec states that the endpoint SHOULD respond to any packet it receives [without a corresponding close frame] with another packet containing a closing frame. If the endpoint does this, and includes the ACK again as well, I believe everything would work. The peer (A) would retransmit the STREAM packet, which would elicit a new ACK/APP_CLOSE packet from (B). My fear though (from current interop experience) is that everyone will try to short circuit connection closure and just immediately go away. If this behavior isn't completely standard across all implementations, then the application protocol would end up having different results on different implementations. Some implementations, might not send the ACK at all with the initial close, causing the peer (A) to most of the time interpret the stream as aborted. Other times, the endpoint (A) might not continue to send the ACK frame with the close, or just not send anything any more at all, resulting in a timeout on the peer side, also resulting in an abortive closure of the stream. This would probably cause the application protocol to end up creating it's own close semantics, on top of QUIC. Now, folks might not think this is a very important scenario, but I feel we should aim for consistency here. Perhaps I have missed a different solution to the problem. I considered a design that always sends that last ACK with a PING frame, and waits for that to get acknowledged before closing, but I felt it was way too ugly. Thanks, - Nick
- QUIC Connection Close Reliability Nick Banks
- Re: QUIC Connection Close Reliability Martin Thomson
- Re: QUIC Connection Close Reliability Ian Swett