IETF Logo Mail Archive

QUIC Address Extension for NAT detection

Tommy Pauly <tpauly@apple.com> Wed, 13 March 2019 16:19 UTC

Return-Path: <tpauly@apple.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF37213107E for <quic@ietfa.amsl.com>; Wed, 13 Mar 2019 09:19:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5ECASgPpyrZo for <quic@ietfa.amsl.com>; Wed, 13 Mar 2019 09:19:41 -0700 (PDT)
Received: from nwk-aaemail-lapp02.apple.com (nwk-aaemail-lapp02.apple.com [17.151.62.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05C52130FC7 for <quic@ietf.org>; Wed, 13 Mar 2019 09:19:40 -0700 (PDT)
Received: from pps.filterd (nwk-aaemail-lapp02.apple.com [127.0.0.1]) by nwk-aaemail-lapp02.apple.com (8.16.0.27/8.16.0.27) with SMTP id x2DGHgmX059080 for <quic@ietf.org>; Wed, 13 Mar 2019 09:19:40 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=mime-version : content-type : sender : from : subject : message-id : date : cc : to; s=20180706; bh=lRl5nljZGDPEW/pBQ65sx9LqEQG/P9W3xgJtttpu5WQ=; b=DBEraKe1GRC+yRwaItAQkO4/o5ncEwqrFddO3UMAxvaCeyawZ/F5Xz4/hzYplOw8520f yyC1OyiqJeKcSBGWrz227a7Tyw2f+O35phjQ1YYw7/Se+VWSsvHCqDXSOIaq5ub4nu4S jFWylRC8RaNIrTWuSMY+34pprayTdtOhlpDZo9lfjLi5QsTiFypXDUNaRL/kCeycnrIi +HpyK8v+CMzjY/n7XcPh9sMEHZGGRr5zXwBzicvlwPz2xDAkC1i8VJok+21vMlhzy/Vm zE54r1Hb0B2/cr8UnhjCwdaQpn35z4/SmnlxTQrkd2VklWbMmAcDj1kQiOxKHnIEAKS7 Ow==
Received: from ma1-mtap-s01.corp.apple.com (ma1-mtap-s01.corp.apple.com [17.40.76.5]) by nwk-aaemail-lapp02.apple.com with ESMTP id 2r4axte30q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <quic@ietf.org>; Wed, 13 Mar 2019 09:19:40 -0700
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_eZE65BDpChO2jK+ogZ7A6w)"
Received: from nwk-mmpp-sz10.apple.com (nwk-mmpp-sz10.apple.com [17.128.115.122]) by ma1-mtap-s01.corp.apple.com (Oracle Communications Messaging Server 8.0.2.3.20181024 64bit (built Oct 24 2018)) with ESMTPS id <0POB00M3VC0QZKD0@ma1-mtap-s01.corp.apple.com> for quic@ietf.org; Wed, 13 Mar 2019 09:19:40 -0700 (PDT)
Received: from process_milters-daemon.nwk-mmpp-sz10.apple.com by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.2.3.20181024 64bit (built Oct 24 2018)) id <0POB00H00BTTFM00@nwk-mmpp-sz10.apple.com>; Wed, 13 Mar 2019 09:19:39 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 4fc7fc2a6ed6f60e40832e4273217f25
X-Va-E-CD: f93febb52e7973003872ba84c3c90bcd
X-Va-R-CD: 51130a7a7a332783347e2cafd8613e03
X-Va-CD: 0
X-Va-ID: 752b2021-ccec-4b72-9794-7b1bad80b807
X-V-A:
X-V-T-CD: ad9399c1dd33874217dd92d101f0d74f
X-V-E-CD: f93febb52e7973003872ba84c3c90bcd
X-V-R-CD: 51130a7a7a332783347e2cafd8613e03
X-V-CD: 0
X-V-ID: 270e2439-d1fa-4b1b-b974-fa8bb66d0c87
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-03-13_10:,, signatures=0
Received: from tpauly.scv.apple.com (tpauly.scv.apple.com [17.192.171.37]) by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.2.3.20181024 64bit (built Oct 24 2018)) with ESMTPSA id <0POB00B0LC0RMM10@nwk-mmpp-sz10.apple.com>; Wed, 13 Mar 2019 09:19:39 -0700 (PDT)
Sender: tpauly@apple.com
From: Tommy Pauly <tpauly@apple.com>
Subject: QUIC Address Extension for NAT detection
Message-id: <3E6E5A5B-C1B1-4ABF-89AB-C5FAF634F080@apple.com>
Date: Wed, 13 Mar 2019 09:19:38 -0700
Cc: Chris Wood <cawood@apple.com>, Eric Kinnear <ekinnear@apple.com>
To: QUIC WG <quic@ietf.org>
X-Mailer: Apple Mail (2.3526.1)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-13_10:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/bZCIdPDlH6npL_S3DHgyUxy4IT4>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2019 16:19:44 -0000

We recently posted a draft that defines a proposed extension to QUIC that allows peers to request their perceived IP address and port from their peer, effectively allowing NAT detection along a path:

QUIC Address Extension
https://datatracker.ietf.org/doc/draft-pauly-quic-address-extension/ <https://datatracker.ietf.org/doc/draft-pauly-quic-address-extension/>

We have posted a corresponding document in TLS that provides the same mechanism for TLS/TCP connections:

TLS Client Network Address Extension
https://datatracker.ietf.org/doc/draft-kinnear-tls-client-net-address/ <https://datatracker.ietf.org/doc/draft-kinnear-tls-client-net-address/>

One of the benefits specific to QUIC from detecting a NAT is that it helps determine whether or not NAT rebindings are expected to create “fake” migration events. It also helps a client know whether or not rotating CIDs and local ports will be of use to obfuscate a client’s connections.

If you have any thoughts on use cases for this information, or the mechanism, we’d love to hear them!

Best,
Tommy

v2.23.0 | Report a Bug | By Email