RE: Unrecoverable loss pattern

Nick Banks <> Sun, 25 February 2018 17:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8B3481270AE for <>; Sun, 25 Feb 2018 09:51:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mldQzA-ApRSQ for <>; Sun, 25 Feb 2018 09:51:46 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2026A126D05 for <>; Sun, 25 Feb 2018 09:51:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=FogxcXkF6e85ZRUAKVl4MjUqez4Q9WsU1m/83Jho9SI=; b=FxIqW6Mmt4f/3XT0WwqYOEOCkxcmV6GFQbiLJqgbkbS2eXPrbAh8oS6G6RW6qBmkqNPSanAd4rbZ6R4x2YbhfJmr+Rok+ECEOm8sWhJpMAUtIipvXSQCZJ6owvXSQVS/wHKVHaeKAXhYQ93/M+61fe8UE9W3+Wi1ThIFixrScmY=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.567.2; Sun, 25 Feb 2018 17:51:44 +0000
Received: from ([]) by ([]) with mapi id 15.20.0567.002; Sun, 25 Feb 2018 17:51:44 +0000
From: Nick Banks <>
To: Marten Seemann <>
Subject: RE: Unrecoverable loss pattern
Thread-Topic: Unrecoverable loss pattern
Thread-Index: AQHTrkSWFslkSBt3zkyfQlKulmkzQqO1VDuwgAAD8oCAAAzPLQ==
Date: Sun, 25 Feb 2018 17:51:44 +0000
Message-ID: <>
References: <> <>, <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR21MB0771; 7:ogOPW2nO4ecZ4MV9S6YLvptNCrqxYbPsvQlR2ArLuy9Ezp0xVYlQGK21U2pdIUM8imW+o0+wLqevrzzaFXZwpit8Ctq7figRHTr70Brq0WLlzVSNaJXC4D7UsghJDUY/xVbtGF4CFSWFIcYfl/r6KZKG48C/AiLRlVZWO1QcGap9Aq3/FlYDoVdqNcytutbQO3b/twaAbAPnTvb3crOpQ7frrH96f/klATCQ5CUvd62FzSZVj6Ybd7bpeu5Nx69d
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 8af45be8-7565-4ec2-87bf-08d57c786f48
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603307)(7193020); SRVR:BN6PR21MB0771;
x-ms-traffictypediagnostic: BN6PR21MB0771:
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(89211679590171)(85827821059158);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(61425038)(6040501)(2401047)(5005006)(8121501046)(3002001)(3231220)(944501187)(52105095)(93006095)(93001095)(10201501046)(6055026)(61426038)(61427038)(6041288)(20161123560045)(20161123558120)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:BN6PR21MB0771; BCL:0; PCL:0; RULEID:; SRVR:BN6PR21MB0771;
x-forefront-prvs: 05947791E4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(376002)(39860400002)(396003)(346002)(39380400002)(199004)(189003)(54896002)(9686003)(33656002)(106356001)(55016002)(6436002)(316002)(6346003)(26005)(14454004)(102836004)(2900100001)(186003)(1411001)(77096007)(7696005)(22452003)(66066001)(236005)(76176011)(478600001)(6246003)(7116003)(6506007)(53546011)(5660300001)(99286004)(59450400001)(8936002)(229853002)(3480700004)(25786009)(86362001)(68736007)(7736002)(81156014)(105586002)(86612001)(10290500003)(8676002)(81166006)(6916009)(74316002)(53936002)(10090500001)(97736004)(2950100002)(8990500004)(3846002)(3280700002)(4326008)(2906002)(3660700001)(39060400002)(6116002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR21MB0771;; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is );
x-microsoft-antispam-message-info: HMbF9fiBeZkkol8+Kj8DgExCymRH3NpO8Gt3zz7XFSCeEQdcSGC5hvZqP8rpE0ZKoqjJ9uMs9z+e+jear//A6dC+NGNisFPKNunT/BD/fYqCKfkuHvA1U/biRHLdb9JvLFmsgdhmyqtKRNIqf2Uf9fbrA+pEIxNN4f1A6F46Pu8=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN6PR21MB017882F0266B8C6F39475D28B3C20BN6PR21MB0178namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8af45be8-7565-4ec2-87bf-08d57c786f48
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Feb 2018 17:51:44.7112 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR21MB0771
Archived-At: <>
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 25 Feb 2018 17:51:48 -0000

Why not? Since the server didn’t get the last handshake packet, it will continue to process unprotected packets. So, when the client retransmits the last handshake message in an unprotected packet, the server processes it. Then everything should continue as usual.

Sent from my Windows 10 phone
[HxS - 15254 - 16.0.9029.2104]

From: Marten Seemann <>;
Sent: Sunday, February 25, 2018 9:02:03 AM
To: Nick Banks
Subject: Re: Unrecoverable loss pattern

I don’t think this will fix the problem. All handshake packets (sent by the server) were received by the client and acknowledged (in the first 1-RTT packet sent by the client).

On Mon 26. Feb 2018 at 00:52, Nick Banks <<>> wrote:
Perhaps 6.1.2 should be changed just to say the server must continue to process unprotected packets until all the handshake packets are received, and remove the part about receiving an ACK that acknowledges its handshake messages?

- Nick

From: QUIC <<>> On Behalf Of Marten Seemann
Sent: Sunday, February 25, 2018 6:26 AM
To: QUIC WG <<>>
Subject: Unrecoverable loss pattern

I’ve been playing around with QUIC loss recovery and in my tests I’m encountering one specific loss pattern which it seems impossible to recover from. It's pretty rare, because there are a couple of conditions that must be fulfilled for it to occur:

1. Client and server perform the handshake, no packets are lost so far. Client and server both arrive at the CONNECTED state, and the server receives all ACKs for handshake packets it sent. The client receives ACKs for all handshake packets except for the one containing the FINISHED message is lost (the packet containing the ACK for the FINISHED is lost).
2. The client starts using 1-RTT keys, and it sends two packets: First, a packet only containing an ACK, and then a packet containing stream data (e.g. a request). The request packet is then lost.
3. The server receives the ACK in the 1-RTT packet, and it stops accepting unencrypted packets according to 6.1.2 of the TLS draft. It doesn’t generate an ACK in response, since the packet only contained an ACK.
4. The client is now missing acknowledgements for two packets: the (unencrypted) packet containing the FINISHED message, and the (1-RTT) packet containing the request. It runs its loss recovery algorithm (OnLossDetectionAlarm), and since there is one outstanding handshake packet, it retransmit all outstanding handshake packets.

Now we’ve run into a situation we can’t recover from: The server won’t even open packet sent as a retransmission (since these packets are unencrypted, and arrive after it already received a 1-RTT packet), and the client will never retransmit the request packet. Furthermore, the server won't send any other packets, since it's just waiting for a request from the client.

I think the solution for this is to also retransmit 1-RTT packets in a case like this. Can we just apply the normal retransmission rules in OnLossDetectionAlarm, even if there are still handshake packets outstanding?