Expected Client Response to SERVER_BUSY
Nick Banks <nibanks@microsoft.com> Tue, 19 February 2019 22:11 UTC
Return-Path: <nibanks@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49286130F4D for <quic@ietfa.amsl.com>; Tue, 19 Feb 2019 14:11:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uGT9z_juiUn2 for <quic@ietfa.amsl.com>; Tue, 19 Feb 2019 14:11:14 -0800 (PST)
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (mail-eopbgr710120.outbound.protection.outlook.com [40.107.71.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EE51128BCC for <quic@ietf.org>; Tue, 19 Feb 2019 14:11:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=StUlg1SXGYkHmpY5Qw6dx5oaAgvpGtmipEYmN/SMCOU=; b=PvQZKPXMOmKuxUSfZuQn2QPZpdr0m/Ev+doLSTHuqom8FKXnAgeXVes8twWZPDgd0YSSU5lFHiCFnaKs3n1ygeDCenAwTUSYFURrkSPQvgvNu23xrqD/kMw6PS/62jgrEbVOpDTj2uOP6O7G28achKLEIRB9Oc05xf4Ltc2g9KU=
Received: from CY4PR21MB0854.namprd21.prod.outlook.com (10.173.192.143) by CY4PR21MB0773.namprd21.prod.outlook.com (10.173.192.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.2; Tue, 19 Feb 2019 22:11:12 +0000
Received: from CY4PR21MB0854.namprd21.prod.outlook.com ([fe80::ccd2:aa1d:e646:fa46]) by CY4PR21MB0854.namprd21.prod.outlook.com ([fe80::ccd2:aa1d:e646:fa46%3]) with mapi id 15.20.1665.002; Tue, 19 Feb 2019 22:11:12 +0000
From: Nick Banks <nibanks@microsoft.com>
To: IETF QUIC WG <quic@ietf.org>
Subject: Expected Client Response to SERVER_BUSY
Thread-Topic: Expected Client Response to SERVER_BUSY
Thread-Index: AdTInrfRZAbJSsLZSlWCCrlUkiWX7A==
Date: Tue, 19 Feb 2019 22:11:12 +0000
Message-ID: <CY4PR21MB0854341128C64E450E7C2DA2B37C0@CY4PR21MB0854.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=nibanks@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-02-19T22:11:11.1368746Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=1bb6e3a3-087f-4ba8-bdd1-a91996d4b014; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic
x-originating-ip: [2001:4898:80e8:8:de02:373b:ea82:c41a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c3f6396a-f7c5-4ee4-cd41-08d696b728c7
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:CY4PR21MB0773;
x-ms-traffictypediagnostic: CY4PR21MB0773:
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0773; 23:lBWXV/IVctotZMCes24oiu7qhQp0OWrxjnKVuBJLEdvdh3AF2w+YFzSARfho/9S29kkqaqVM5J5gkxBMv5Z7Dtw9Cfry81ZcLHfszykpMdFSwBDl+O2QUYyqTWsiG3lEsBsa7H9KiAtTd5lnXeEgsutDw2L9YvSiryUPwv2KaywN/gnXnTuPJLvPxvDz1FHU+l/bCn2uSBnBUM1cGrXsQ6NrUbLZMIa2BObi9iH0j8eCGfcMP3vBUBYrTvkSRaYOtLMEqN95vrNTYgA1mrDcUkim6abE4iJAtIkD8Olq2tLrjGEWfjdAA2fnptk5F6LWksyAI1gIGcG268arKn5/VEJT+WtCTj6OrFvoK/7Br7V8HnVZqLkW/RBVjyATSQ7o1wQ6frmfXZovXuea9O74fQu09P0E1Y2cmOj6lOVjHK3Ki7pUrxjeIWDtE6C7vDLRS3jl6eqbq7nta89pqmxrmudKlsGQW3YET8Vd1mfYqxMPU5JaTRKHfALK0v2zVcypDAVDlVzj/B1hKhBnMK5FpzccW4yzfOkoJUtlV7RVxbB7oI4a9+gCnhQr4GU2mo/WJkRrRVCTuiOGjjCqDCMPiS0mByyfxKVRzPmI965gRG3mhLHGin6p47f3bP1wsAU00jU0dHe37UytkRFg+SjiJIfy/HHWc5VejR0/9kVoeFq8BMurfDysWQICYxkwpzEfCaXIv5lAnmCEg4NHLgXA5+fyJpU96C2tGaz0haoxC7B0Rll3EIZwHFQrnOcPc/HPd80oBQjxNrLrLjR+DEbjc4MQWU8Ek9mVXeVzAE0xNfZlppIHGwziSrn8XRDRxp6B+Px51jHDyqjR5ktzP9LVrwgS32dm0RvusxceVQuF79n6ndavkzsMMTZxC8QFRSwYxi3JmGqr95AOi7GUQeREFLwCumZk0evwZUwZT9dZunKzctG+cyxNBHH0UmkxSgLHD86EIOp9cNtchQSf551XqUM8PUCsfcWVHsBamHOxaae83qA8iYeLPLTbjBILz87/f3DG3ZQS9tPaRy4V/CzBerujM2onx6TJeFTQA34GjGCZcM/Sav16mqpHLgKpHtXrNKq+1zeacYKhrJKvMGOZ91cJNfSuWTaGbqBzqZOj9mKdh2JqFanJ7Qfv3lI+wbLa+5eYjSaznBvdeYnoYoxmZMgq2Nv0xCiP99nAzio/JCM70GNfY5/cMJufrYTGRaSKbYAe10uor0hcOkzVyn2vdw==
x-microsoft-antispam-prvs: <CY4PR21MB0773A95051F5C52D3BB153BFB37C0@CY4PR21MB0773.namprd21.prod.outlook.com>
x-forefront-prvs: 09538D3531
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(39860400002)(376002)(136003)(366004)(346002)(199004)(189003)(55016002)(102836004)(22452003)(6346003)(9686003)(54896002)(6306002)(53936002)(6506007)(25786009)(8990500004)(476003)(486006)(74316002)(71190400001)(8936002)(10290500003)(106356001)(256004)(14454004)(14444005)(71200400001)(97736004)(105586002)(86612001)(86362001)(478600001)(6116002)(790700001)(81166006)(81156014)(7736002)(8676002)(9326002)(7696005)(6916009)(316002)(5660300002)(10090500001)(2906002)(6436002)(46003)(186003)(99286004)(68736007)(33656002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0773; H:CY4PR21MB0854.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=nibanks@microsoft.com;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 4U+JTgsK30WlQfk3FvP19m2Bt+HG64OFBKhEZdq/Obs18ezsGNSThDW2ey3KulUwZR4wdlS6pAd838qlDwdshsIa14myMYox3VuxWq2VBcoAMbn/GmyKGv1D5SOgUMD18L/7nX3onolcVpkUuc87d4/uoqjZgZnQyK4g/tiWsj2YzAPLkSpQhaZzE1hDNIqhzYs2V2ozR41C3PPT9gd4rImjdv2B35PFr8Y1Sxbj4guMQdZGDKtasTL/nVUy4eYZKJhOq6DpLGZfbSnyJIVIFcwqdUjR9Djg3fpKfTI5Yzjin868f/W1VKYkPco3DSNB/5pqzsXC+k9r4niwx3nVR2mM36VQW/tiOHnyi9V63zKOyVhIg1LrUtRWTO57Es/rcR2ZXA1MgpNA/Dd3eqjqu5vtYYDJkmJpGXGl6bCRCqo=
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0854341128C64E450E7C2DA2B37C0CY4PR21MB0854namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c3f6396a-f7c5-4ee4-cd41-08d696b728c7
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Feb 2019 22:11:12.5777 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0773
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/QchBhIvD94kzVPQUMPk8MAo2g_M>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Feb 2019 22:11:16 -0000
Hello Folks, I've been looking at interim DDoS mitigation strategies for QUIC until we can have a more complete and QUIC aware DDoS and LB solution. One thing I came up with is just trying to force the client to fallback to TCP. Eventually, we will use Stateless Retry but that still requires a good bit of design work and cooperation between the offload device and the backend server. Until that is complete, a simple solution could be a device in path just responding to new QUIC connection attempts (while an attack is in progress) with a connection close frame containing the SERVER_BUSY error. The logic to implement a simple device to do that should be quite trivial. To that end, I was trying to figure out what the expected client response to any immediate (in the first RTT) connection close packets/frames would be and it seems we don't have anything in the spec. What about SERVER_BUSY specifically? Is the client supposed to retry a new connection attempt? Should they fallback to TCP immediately? Should we say anything in the spec? Thanks, - Nick
- Expected Client Response to SERVER_BUSY Nick Banks
- Re: Expected Client Response to SERVER_BUSY Ian Swett
- Re: Expected Client Response to SERVER_BUSY Brian Trammell (IETF)
- Re: Expected Client Response to SERVER_BUSY Ian Swett
- RE: Expected Client Response to SERVER_BUSY Nick Banks
- Re: Expected Client Response to SERVER_BUSY Töma Gavrichenkov
- RE: Expected Client Response to SERVER_BUSY Nick Banks
- Re: Expected Client Response to SERVER_BUSY Töma Gavrichenkov
- Re: Expected Client Response to SERVER_BUSY Christian Huitema
- Re: Expected Client Response to SERVER_BUSY Ian Swett
- RE: Expected Client Response to SERVER_BUSY Nick Banks
- Re: Expected Client Response to SERVER_BUSY Töma Gavrichenkov
- Re: Expected Client Response to SERVER_BUSY Roberto Peon
- RE: Expected Client Response to SERVER_BUSY Praveen Balasubramanian
- Re: Expected Client Response to SERVER_BUSY Roberto Peon
- Re: Expected Client Response to SERVER_BUSY Töma Gavrichenkov
- Re: Expected Client Response to SERVER_BUSY Kazuho Oku
- Re: Expected Client Response to SERVER_BUSY Mikkel Fahnøe Jørgensen
- Re: Expected Client Response to SERVER_BUSY Töma Gavrichenkov
- Re: Expected Client Response to SERVER_BUSY Mikkel Fahnøe Jørgensen
- Re: Expected Client Response to SERVER_BUSY Töma Gavrichenkov
- RE: Expected Client Response to SERVER_BUSY Nick Banks
- Re: Expected Client Response to SERVER_BUSY Mirja Kühlewind
- RE: Expected Client Response to SERVER_BUSY Nick Banks
- Re: Expected Client Response to SERVER_BUSY Ian Swett
- Re: Expected Client Response to SERVER_BUSY Mikkel Fahnøe Jørgensen