IETF Logo Mail Archive

Re: [QUIC] Network Path Requirements for QUIC

Jana Iyengar <jri@google.com> Sat, 18 June 2016 03:11 UTC

Return-Path: <jri@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13D9E12D776 for <quic@ietfa.amsl.com>; Fri, 17 Jun 2016 20:11:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.126
X-Spam-Level:
X-Spam-Status: No, score=-4.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p-E30eUFTpVS for <quic@ietfa.amsl.com>; Fri, 17 Jun 2016 20:11:07 -0700 (PDT)
Received: from mail-yw0-x22d.google.com (mail-yw0-x22d.google.com [IPv6:2607:f8b0:4002:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 781D112B01A for <quic@ietf.org>; Fri, 17 Jun 2016 20:11:07 -0700 (PDT)
Received: by mail-yw0-x22d.google.com with SMTP id w195so1699008ywd.0 for <quic@ietf.org>; Fri, 17 Jun 2016 20:11:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fsaIsFRn3d/i9YCUz/5GgdISqKBgxk/Vee/tQ7RCFTo=; b=MO8nx1/wFQ4khdj+EA/Vw4E09rEz4O8N6C9wasLNDBM5b/9Sp6tudXuavwGTzThr7R j5ac61pDV6z2Bvq1g0xM/90LWjDzxQDiHppHNkOmfxBywLlsFRegaOH5X61b8LPtjxhN b6P0d/KkkoZdI2oMAFveRiKGRDcw4yUoAiVejVrKfKB286osMC9syVsFuJ8N2l4gtaj6 7IgtwWA9lKjLXzKweKUp1ol5YWY/15IuWc69eFkjBwupvegpWT4jJ9DzGUnmr1H556ju H/Bpgln9mybnFwQ0EIaSuun2K11ddRCnk/OEmbAod8lC9YnrIdB9eITmRLp+EcKFWz5g 6RNQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fsaIsFRn3d/i9YCUz/5GgdISqKBgxk/Vee/tQ7RCFTo=; b=UolM1ljltSl40WvRp1dUXVrbZ3VYN7GXgJxli1rlbyGxRW5bcC0Gei2+QsAU7iYiwP wI3a2HL9FrNN4aWhALDF2XK0Y/7XF0ns0Zdq1mBXhSblrOZjGqtSGVYmmFarqo305DRs vX7lQ8DEBtz+2765c6TMovUUQcxxr8vxOe70QyEVxv/qpOQ7lMKH53NsMemINRsXfEQJ uLLd31dhi5/XgGF26xZyFysxBoKKT75CNnYIaRNL+7o/TdGB0d6uknvtrSy4NJk+ygav WOeeOdovJe6nv3a1TPnXeelt0WAECXF2u/6Et997QSNFfpm23dqXe1pcL7xIVgPLxih7 gWeg==
X-Gm-Message-State: ALyK8tJz9uVkgAbVvpWUbueVXphzNXeIFwzndZ9t8i4DWcxXxbwYKoeF++TFaZMkMJQasmOglqeypZ4PNF3QJgse
X-Received: by 10.13.223.151 with SMTP id i145mr3005930ywe.189.1466219466355; Fri, 17 Jun 2016 20:11:06 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.219.83 with HTTP; Fri, 17 Jun 2016 20:11:05 -0700 (PDT)
In-Reply-To: <AA57AD2E-6634-4460-8D78-09482DD6C5B0@trammell.ch>
References: <D8376C9E-FD28-4FE3-B40A-D2BD58D2B4B7@cisco.com> <9D5D60A1-869C-495A-8C2A-7BEAAE93D2B3@cisco.com> <DM2PR0301MB0655F1B2DC19EC23BEA36BE4A8540@DM2PR0301MB0655.namprd03.prod.outlook.com> <D96C08FC-916F-4130-9FEE-114264CA5FDA@cisco.com> <CA+9kkMDm0UYq71LVWRG9jFRy2Be-gmF16jvONusZNBhuDew0WQ@mail.gmail.com> <A61CC0ED-5FA5-47C9-AA3B-B3D429D7CA20@cisco.com> <CAGD1bZYSpXVoyUJwd=3oNVxRk1Agc=jjJiEr2wuH18FHhsx9hg@mail.gmail.com> <B9E3E345-235D-476C-8079-4E5AB0564A9E@cisco.com> <CAGD1bZa1DODT4hSOogeVLwd_vc__ydX82tcTTRqA3fhSMPuDOA@mail.gmail.com> <DC0D9145-DB82-462B-B765-AA6245E6050B@cisco.com> <CY1PR0301MB06492D878878FA2D71803B67A8560@CY1PR0301MB0649.namprd03.prod.outlook.com> <36A34F1E-7673-4A5D-9263-DCE246276C85@cisco.com> <AA57AD2E-6634-4460-8D78-09482DD6C5B0@trammell.ch>
From: Jana Iyengar <jri@google.com>
Date: Fri, 17 Jun 2016 20:11:05 -0700
Message-ID: <CAGD1bZZ=hAY=dy0w=Y=aCdg11vcfvrkeJ2iVAxSPX4PnZKYzvw@mail.gmail.com>
To: Brian Trammell <ietf@trammell.ch>
Content-Type: multipart/alternative; boundary="001a114e4a2474d471053584d2ed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/_wrYNfpJv2kc2WP28Iq_BL-d3qU>
Cc: Christian Huitema <huitema@microsoft.com>, "quic@ietf.org" <quic@ietf.org>, "Joe Hildebrand (jhildebr)" <jhildebr@cisco.com>
Subject: Re: [QUIC] Network Path Requirements for QUIC
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list to discuss QUIC standardization <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jun 2016 03:11:10 -0000

>
>
> Given that, would the following change to the charter (adding one sentence
> to the paragraph for focus area one) be acceptable?
>
> OLD:
>
> The first of these is the core transport work, which will describe the
> wire format, along with the mechanisms for connection establishment, stream
> multiplexing, data reliability, loss detection and recovery, congestion
> control, version negotiation, and options negotiation. Work on congestion
> control will describe use of an existing congestion controller as a default
> scheme for QUIC. QUIC is expected to support rapid iterability and
> experimentation, and this work will describe a versioning process that
> enables distributed experimentation with QUIC.
>
> NEW:
>
> The first of these is the core transport work, which will describe the
> wire format, along with the mechanisms for connection establishment, stream
> multiplexing, data reliability, loss detection and recovery, congestion
> control, version negotiation, and options negotiation. This work will
> consider deployability, manageability and diagnosability of the wire
> format, including how the wire format will be processed by devices on path.
> Work on congestion control will describe use of an existing congestion
> controller as a default scheme for QUIC. QUIC is expected to support rapid
> iterability and experimentation, and this work will describe a versioning
> process that enables distributed experimentation with QUIC.




> Indeed, I would hope that manageability and diagnosability -- which
> includes enabling firewalls to keep state, and making it possible to
> differentiate attack traffic -- are requirements for any IETF transport
> protocol going forward.
>

I'm fine with adding this text. That said, I don't think this requirement
that you mention for any IETF transport is clear. What state are we talking
about? I don't know of a clear definition of "attack traffic", though I
very much agree that network operators have to deal with this problem for
UDP. Without concrete requirements, it's hard to define a solution in the
transport.

- jana

The discussion below, I think, needs to happen in the WG. General guidance
> here can come from PLUS (and indeed, I see a lot of points raised in the
> SPUD-derived requirements document draft-trammell-spud-req in Joe's list
> below), but the detailed evaluation of these aspects of how the protocol
> will interact with devices on path in the specific case of QUIC are a
> matter for QUIC. I believe the suggestion above allows that work to happen.
>
>
> Cheers,
>
> Brian
>
>
> >> I heard two common requirements, "marking the beginning and end of a
> flow," because that helps firewalls and load balancers manage resource, and
> "assessing consent," because that helps differentiating between regular
> traffic and attack traffic. Is there more?
> >
> > If you want the processing to be efficient (and not ossify something
> unintended), being able to separate QUIC traffic from non-QUIC UDP traffic
> easily would be useful.  Otherwise, path devices are likely to grab
> whatever version number they see as the discriminant.
> >
> > If “marking the beginning of a flow” also includes being able to tell
> easily which side intended to initiate the conversation, then that’s fine.
> >
> > The protocol needs to ensure that a path element can associate further
> traffic on a QUIC connection with the beginning of the flow.
> >
> > There probably needs to be recommendations for time-outs, particularly
> around the end of the flow.
> >
> > The protocol doc needs to describe what happens with associated ICMP.
> >
> > The protocol needs to say what happens when a network or host receives a
> QUIC packet it wasn’t expecting.
> >
> > We need to think about return routability.
> >
> > The protocol needs to keep in mind that state will be generated in the
> network, so that as we add multi-path extensions (for example), we don’t
> just start sending traffic on a new path without first starting a new flow.
> >
> > It is possible that we might want to describe what a load balancer
> should do when it drops QUIC state due to a timeout (or when it is *about*
> to drop state).  We might want it to send a hint to one or both of the
> endpoints, to avoid having to diagnose mid-stream black holes.  Some load
> TCP load balancers send RSTs in both directions in this case, for example.
> >
> > We should analyze the known attacks on TCP (at least) to ensure that
> QUIC is not immediately vulnerable to the sorts of things we’ve already
> fixed over the last 40 years.
> >
> > There are probably a couple of others, and I’m open to modifying the
> list as people see fit.  Alternately, if we can find a way to describe
> these kind of discussions in a way that does not bring in the explicit path
> communication bits that we explored in SPUD, I think the charter would be
> easier to understand.
> >
> >>> QUIC will not be able to be deployed on some networks, such as the
> >>> one I'm on right now, unless we describe the changes that are necessary
> >>> for the network devices that are currently blocking it.
> >>
> >> There are such networks. But there also are networks today that block
> outgoing TCP connections, because of some policy considerations. We don't
> change TCP for that. We simply accept that these networks are making a
> tradeoff. They care so much about some of their policies that they are
> willing to forego some of the value of the Internet. That's probably fine.
> Over time, the cost/advantage balance of the tradeoff will change, and the
> policies will probably evolve.
> >
> > Are you saying that people will want QUIC so much that they will open
> their firewalls up to all UDP traffic in both directions?  Or that the
> terrible timing-based heuristics we have for generic UDP will be enough for
> a large enterprise?  Or that the current protocol description, without
> discussion and analysis, should be presumed to be perfect in this regard?
> >
> > For once, we have a chance to do some thoughtful engineering before a
> protocol is fully specified to consider how it will be deployed, baking
> decades of learning into the design.  I think the approach that the TLS
> working group has been doing on TLS 1.3 to consider attack vectors,
> backward-compatibility, etc. is a model for what is needed from a protocol
> of QUIC’s potential impact.
> >
> > --
> > Joe Hildebrand
> >
> > _______________________________________________
> > QUIC mailing list
> > QUIC@ietf.org
> > https://www.ietf.org/mailman/listinfo/quic
>
>
> _______________________________________________
> QUIC mailing list
> QUIC@ietf.org
> https://www.ietf.org/mailman/listinfo/quic
>
>

v2.23.0 | Report a Bug | By Email