IETF Logo Mail Archive

RE: Treatment of ICMP for PMTU

Lucas Pardue <Lucas.Pardue@bbc.co.uk> Fri, 06 July 2018 15:00 UTC

Return-Path: <Lucas.Pardue@bbc.co.uk>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F0D5130FE6 for <quic@ietfa.amsl.com>; Fri, 6 Jul 2018 08:00:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3wCXoOz0d6Ua for <quic@ietfa.amsl.com>; Fri, 6 Jul 2018 08:00:46 -0700 (PDT)
Received: from mailout1.telhc.bbc.co.uk (mailout1.telhc.bbc.co.uk [132.185.161.180]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43AF5130EBA for <quic@ietf.org>; Fri, 6 Jul 2018 08:00:46 -0700 (PDT)
Received: from BGB01XI1011.national.core.bbc.co.uk (bgb01xi1011.national.core.bbc.co.uk [10.161.14.15]) by mailout1.telhc.bbc.co.uk (8.15.2/8.15.2) with ESMTP id w66F0fRI027765; Fri, 6 Jul 2018 16:00:41 +0100 (BST)
Received: from BGB01XUD1012.national.core.bbc.co.uk ([10.161.14.10]) by BGB01XI1011.national.core.bbc.co.uk ([10.161.14.15]) with mapi id 14.03.0389.001; Fri, 6 Jul 2018 16:00:40 +0100
From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, IETF QUIC WG <quic@ietf.org>, Martin Duke <martin.h.duke@gmail.com>, "Lubashev, Igor" <ilubashe@akamai.com>
Subject: RE: Treatment of ICMP for PMTU
Thread-Topic: Treatment of ICMP for PMTU
Thread-Index: AdQOVlbAt8rn27zdQrag9H62mpvY5wABihw5AANGU0AABKuwsgAJFrAwAAfLncD///9AgIAM8sy8
Date: Fri, 06 Jul 2018 15:00:40 +0000
Message-ID: <7CF7F94CB496BF4FAB1676F375F9666A3BB6B21B@bgb01xud1012>
References: <924fbd75dbcf4d62a9062570b0d2ba5a@ustx2ex-dag1mb5.msg.corp.akamai.com> <7CF7F94CB496BF4FAB1676F375F9666A3BB5B9DC@bgb01xud1012> <2f0e251a9b274272968a8b3053d3a3a5@ustx2ex-dag1mb5.msg.corp.akamai.com> <7CF7F94CB496BF4FAB1676F375F9666A3BB5BA29@bgb01xud1012> <4674cc2be90e4b5b9056cc63a0735664@ustx2ex-dag1mb5.msg.corp.akamai.com> <7CF7F94CB496BF4FAB1676F375F9666A3BB5BA9B@bgb01xud1012>, <CAN1APdeH5yQELW9wv4Oj=UtaVcC=zCNz6su8_R-hrB3T8_Yp2w@mail.gmail.com>
In-Reply-To: <CAN1APdeH5yQELW9wv4Oj=UtaVcC=zCNz6su8_R-hrB3T8_Yp2w@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.19.161.212]
x-exclaimer-md-config: c91d45b2-6e10-4209-9543-d9970fac71b7
x-tm-as-product-ver: SMEX-12.5.0.1300-8.2.1013-23950.006
x-tm-as-result: No-10.415000-8.000000-10
x-tmase-matchedrid: z5DqD3Ob671xGyfbWjfsSxuurbgYp+HQgqd6JzaZubNJ/oIGXyyX8lTN qf3EQ8oxtzDrWJxEioOtnzrv0kNb2rjxJMcFZasFe5NWR5iixe2ZEoWHC6Rh/WO8D0RGuSzoSMw 7yiQ5hNxDwvRMVQLpjp/+EYQomaZlE6V/2dtg4KaN2XH+kPpjjJl/lu28zzkBcqpbvFV4XbTEZK HidzhUXKGwVXCCwVeTPGiD7E7pfUe2L7ZGrRpjDYa7OiQBC9buq6/EYzBxkJhtgXN8SPjcGMlMl 7WSd81b1CCGjlHZzRvp2/WQkTTCMi+JsPJdMSAFuIwLnB3Aqp1zBvBK5TfUrXLQ6+4hpEnp152a 4j27Jxh8iaF9fJvREBSG2FrT70yKntqpoQEvC7WimtMQe97AAJv8tNLRPUrWXwDLkmwDcf16+4Y 3holm5UBs56dzQBBaK7D2LgnL7xIZgd/Sc3gU4wz4VsCc1YW+Xeyujb7aXgRJTQZkUumNMcprMg +WQ2Ii1bxH3i2X13jiFNektabfg200sCPwNg7wFVfH7j3N9bcS12tj9Zvd831Dn+DKecbWV/w6z 6RQQ8Bm0OGqVvbkV6um06i1BvtxwLBOSQNcHqxc/msUC5wFQTPsdZKCLP2mum5eVh8PBT+jxYyR Ba/qJcaUO+wtQNbap0Bff6m2gascRx2FqmzvFUry688VPywtdbd7xtU5YSNNX5RhnD7Y3uO998a qqyTO
x-tm-as-user-approved-sender: Yes
x-tm-as-user-blocked-sender: No
x-tmase-result: 10--10.415000-8.000000
x-tmase-version: SMEX-12.5.0.1300-8.2.1013-23950.006
Content-Type: multipart/alternative; boundary="_000_7CF7F94CB496BF4FAB1676F375F9666A3BB6B21Bbgb01xud1012_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/QeoFJUr_vOcZSuEziTsnjuSk_t4>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jul 2018 15:00:49 -0000

Mikkel, Igor,

In case you don't follow HTTPbis: I have published an I-D [1] [2] that surveys options for tunneling of UDP and IP. It presents some options for framing but it is not exhaustive. There's a slot on the agenda to discuss things there.

I added a HoL section in response to your earlier comments. I'm looking for input on whether such tunneling should depend on partial reliability in QUIC (bearing in mind that there may be some desire to support TCP-based HTTP).

Kind regards
Lucas

[1] https://tools.ietf.org/html/draft-pardue-httpbis-http-network-tunnelling-00
[2] https://lists.w3.org/Archives/Public/ietf-http-wg/2018JulSep/0025.html

________________________________
From: QUIC [quic-bounces@ietf.org] on behalf of Mikkel Fahnøe Jørgensen [mikkelfj@gmail.com]
Sent: 28 June 2018 11:07
To: Lucas Pardue; IETF QUIC WG; Martin Duke; Lubashev, Igor
Subject: RE: Treatment of ICMP for PMTU

I think QUIC needs a tunnel extension frame.


On 28 June 2018 at 11.25.20, Lucas Pardue (lucas.pardue@bbc.co.uk<mailto:lucas.pardue@bbc.co.uk>) wrote:

Igor Lubashev wrote:

>I think I see what you are talking about.
>
>At least the way it is specced in H2 and HTTP/QUIC, CONNECT proxies forward
>data streams, not packets. Hence, MTU concept on a tunnel-stream is
>meaningless. The text says it explicitly: "Note that the size and number of TCP
>segments is not guaranteed to map predictably to the size and number of
>HTTP DATA or QUIC STREAM frames." From the client's perspective there is
>only one PMTU that is relevant -- the one to the proxy. The proxy will keep
>tracks of the PMTUs to the CONNECT endpoints itself and will generate TCP
>segments accordingly.

Right, that's how I was seeing it.

>Trying to design a CONNECT-like method to proxy an entire QUIC connection
>over a single QUIC stream would create HOLB for QUIC packets to and from
>the proxy. Some sort of a partially reliable QUIC stream could help here.

Both you and Mikkel have identified HOL as something that needs more thought. Thanks. Mikkel's view is a little more extreme, to paraphrase "HOL is enough to make QUIC not QUIC". I've taken the view that it may be desirable to tunnel QUIC over TLS/TCP too (perhaps using HTTP/2 frames), so I view HOL avoidance as an optimisation rather than a requirement. Partial reliability (of streams, or of some new frame type) could help solve that puzzle. Now I think about it, a complimentary mitigation could be to reserve a set of tunnel-streams to provide some basic multiplexing. However, the complexity of that might not be worth it.

>This proxying scheme would require an extension to CONNECT to open a
>UDP/IP tunnel instead of a TCP/IP tunnel. That extension would also mandate
>that HTTP/QUIC DATA frame corresponds to a UDP frame. I suspect that it
>would be a very good idea for such a proxy to add a new frame for providing
>ICMP-like explicit PMTU feedback to the sender (why leave the sender
>guessing and probing, if the PMTU is already known to the proxy?).

This is good feedback. Thanks!

Kind regards
Lucas

v2.23.0 | Report a Bug | By Email