IETF Logo Mail Archive

Server's Preferred Address

Mike Bishop <mbishop@evequefou.be> Thu, 05 April 2018 17:19 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 279A512DA46 for <quic@ietfa.amsl.com>; Thu, 5 Apr 2018 10:19:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q_H5I-fZNGfZ for <quic@ietfa.amsl.com>; Thu, 5 Apr 2018 10:19:30 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0095.outbound.protection.outlook.com [104.47.38.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29F441271DF for <quic@ietf.org>; Thu, 5 Apr 2018 10:19:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ai/d4EjCdEIqKh0FQ7HB4N7FnZLn3a017tsDYKkBUGQ=; b=IF7aJ0FGeVc6i5M53kbBGjrSenMc8DhpusnNHEJdvSL3kEzfRvu/DE2ueA/OhysgOpHpF/9quPDfwMB7vk0B5WBE5MH6tds0krJmYRIQW6tQNFM5/njGlvc1Ds335pHZJcVRMVlaPKiQ4m0QnF4yfbH8EZjKSbfcZfFe3cx3XD0=
Received: from SN1PR08MB1854.namprd08.prod.outlook.com (10.169.39.8) by SN1PR08MB1373.namprd08.prod.outlook.com (10.162.1.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.631.10; Thu, 5 Apr 2018 17:19:27 +0000
Received: from SN1PR08MB1854.namprd08.prod.outlook.com ([fe80::e9d8:1358:e716:ba77]) by SN1PR08MB1854.namprd08.prod.outlook.com ([fe80::e9d8:1358:e716:ba77%13]) with mapi id 15.20.0653.013; Thu, 5 Apr 2018 17:19:27 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: IETF QUIC WG <quic@ietf.org>
Subject: Server's Preferred Address
Thread-Topic: Server's Preferred Address
Thread-Index: AdPM/yWWCvy2v59cR66uoZGAhfklJA==
Date: Thu, 05 Apr 2018 17:19:26 +0000
Message-ID: <SN1PR08MB185489DC70881C810110B987DABB0@SN1PR08MB1854.namprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [38.134.241.6]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN1PR08MB1373; 7:6BipCPhaKx+c2Pykm0ZH4CAP30rl0hpmSImkVto0qNryiLpIocO1oRaMSC/t/NGxjKovLGjQuS3vDeSS2I5Zcxl+9PwuY38ztoZGuW004SXSZUOIDXl9WSXIPrO/aWfM80pZcBHGkXFf+aJySSXXdJOj7QN0br6LgDpXJqNcS+euNsJpXFxfksqDt4O5nsk1pwMG/kMGpvfADqS1+y39jLh/5YXDGJAC08m0pPC32FeAA1DfG86Kd7bClfOj8nMZ
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: b0af59e8-d1a4-4314-be12-08d59b19626c
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(7021125)(5600026)(4604075)(3008032)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(2017052603328)(7153060)(7193020); SRVR:SN1PR08MB1373;
x-ms-traffictypediagnostic: SN1PR08MB1373:
x-microsoft-antispam-prvs: <SN1PR08MB13733E9F7294A6BAD1944450DABB0@SN1PR08MB1373.namprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231221)(944501327)(52105095)(6041310)(20161123560045)(20161123564045)(20161123558120)(2016111802025)(20161123562045)(6072148)(6043046)(201708071742011); SRVR:SN1PR08MB1373; BCL:0; PCL:0; RULEID:; SRVR:SN1PR08MB1373;
x-forefront-prvs: 06339BAE63
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(346002)(376002)(396003)(39830400003)(39380400002)(199004)(189003)(53936002)(3846002)(6916009)(54896002)(5660300001)(9686003)(68736007)(790700001)(74316002)(6306002)(97736004)(7736002)(6116002)(105586002)(33656002)(14454004)(6436002)(55016002)(478600001)(8936002)(106356001)(102836004)(6506007)(8676002)(81166006)(99286004)(86362001)(25786009)(66066001)(81156014)(59450400001)(186003)(316002)(7696005)(3660700001)(74482002)(3480700004)(2900100001)(26005)(476003)(2906002)(3280700002)(486006)(5250100002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR08MB1373; H:SN1PR08MB1854.namprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:0; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-microsoft-antispam-message-info: ByaBTo29RGjxGKnqQ0YcXgudO3QH16acnq7BHi4WYHBPZtAaAoYdrFrRAS7g7k28XLN6FaJf0KDvCiCVVl1Tg20LfMrAjyehLody5GrlaVME/l0Xznu0HNaBYlUtoaurO19EEvKVxHeMB/KupgxC6qmkQXmISGgysxF05SWG3lQXb4LW7SBbeUSK9uw8xty6yJMUnpaXqEnh7SrNERGf31T72SLO07ASUQQm6A6kJb5M/mcn8f/pbYhJlc5jugZfX2mLpian4aJZJSAwJREw+eZMWP7ncZD0OKR4EMklvLCPTcDROps5MKm89/bzNO6ztipSd9o+v21kqivCKb/9CLgZnJGPYNQUc1McULoRFlHX7rxjKh4VdOH4DqmyPt1x7j8m8hgs+NW8w8BDSSytzbPeKccWLHHgnvzYwdCabxs=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_SN1PR08MB185489DC70881C810110B987DABB0SN1PR08MB1854namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: b0af59e8-d1a4-4314-be12-08d59b19626c
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Apr 2018 17:19:26.8386 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR08MB1373
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/YUhqI2To3fxCO5yOUA0zcD43DqQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2018 17:19:33 -0000

As we walk along the spectrum from fixed 4-tuple for the life of a connection to full multipath, #560 requested a solution to the problem of Anycast IP addresses.  There are some large server deployments where the front-end addresses are Anycast-based.  However, for a connection-oriented protocol, you want to be "sticky" to the server endpoint that you did the handshake with.  Currently, that's addressed with some amount of re-forwarding internally and some amount of tolerated connection breakage.  This gets more painful if we support connection migration, as the same Anycast address likely hits a different server from your new IP address.

PR#1251 builds on the path verification approach to enable servers to hand off to a unicast IP address if desired.  It adds a transport parameter in which the server supplies:

  *   IP version
  *   IP address
  *   UDP port
  *   Connection ID (possibly empty)
  *   Stateless Reset Token

At the end of the handshake, the client SHOULD perform path validation on the supplied address; if it succeeds, it transitions to the new address.  If it fails, it just stays on the original (presumably Anycast) address and takes the risk that the connection will fail when routing changes.  (The SHOULD is a matter of some contention - servers want to be able to rely on this, but can't actually tell whether the client's path validation failed or was never attempted.)

It's important to note that this isn't full server migration - it's a step in that direction, but this is scoped strictly to the server making one change attempt to an address it provides at a specified time.  However, this isn't something that has seen broad discussion, so I wanted to raise it for the WG's consideration.

(If we want to tackle server migration, I think the next piece would be a frame that carries essentially the same information, requesting the client to make a probe attempt.  This helps deal with NATs by making clients speak first, but it assumes that the server always maintains control of both addresses during a transition.  To support full P2P, where both sides could be make-after-break, you basically need something like ICE.)

v2.23.0 | Report a Bug | By Email