IETF Logo Mail Archive

Re: Is CONNECTION_CLOSE frame Ack-eliciting?

Marten Seemann <martenseemann@gmail.com> Wed, 05 June 2019 16:26 UTC

Return-Path: <martenseemann@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26BE81200FA for <quic@ietfa.amsl.com>; Wed, 5 Jun 2019 09:26:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.008
X-Spam-Level:
X-Spam-Status: No, score=-0.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nYu_ieWwwhi9 for <quic@ietfa.amsl.com>; Wed, 5 Jun 2019 09:25:59 -0700 (PDT)
Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1402712004E for <quic@ietf.org>; Wed, 5 Jun 2019 09:25:58 -0700 (PDT)
Received: by mail-lj1-x243.google.com with SMTP id j24so23744614ljg.1 for <quic@ietf.org>; Wed, 05 Jun 2019 09:25:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NaoqN1YRPrv0q7oubEi+A0wZc116dwPLi1jorQ6haAs=; b=vMav83vaRZo4q6g5kftybMjZACrA1E4Wnx2e/nikCz1IX9eCxpmcxHEyIEChNvSvib injZreSAyir2kks/JQDKK5NetktxpO7CQuyffABfmzEQI46AnABEP7jMHOszcSbqmH50 DQ4YEQqkFSVVvebiFig4vPsGSIxbiW1CNUuyvRgnAHVs5WqDHnYQSAjem8zIg3yJSo/g R8oZIxoWaXUju14cmfj0+tRQrqcLOq2O0ktGeyV3/wf4N0/BVTITw6Pr7Sx5cOl885cq 6coh0dxtiu54f5ci2hHiLAInK6N3h3oMitEmR2PwSf5XQwd2/6NvFUewes/WqlC4ePHN +oaA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NaoqN1YRPrv0q7oubEi+A0wZc116dwPLi1jorQ6haAs=; b=lRSQ3xBE38g9DYY+7EFgw3Q+0Ivxv6XY43L9gC8W+3JbBhqJpdFFxO3/jaK+Kdy1Y2 hfV5d5wgILRk0EozU48WZbtHAj8/1Z0ebR/HDBJ3ZUrxIx1eIg3xDu5vmUeq3loMs5TH d9ESjyrUdM04cgWlLW7fIkvdPNIq2xGzIy20tAHC/V79N1qWnaeTEa2uN3T0t+Fpje8G q16E/tzja9KDLa5ZsMM6n/maJjuxhkjGNF6YjWXU1f1l6v2G+s4cc9YU0B4zVsRQFoZx FPxV0XwRptA0Mde+4RYYY2NBowEh0buH6Q9wK1bzUuhk9CPY81UtngoCrXzHicKVXOeW Lz9w==
X-Gm-Message-State: APjAAAXADitxsRzrdIQBFL7WpaOi0BNseo866BE169ZV69NRw96KPRVV +Y+vWRUMQUqxGdQkoPLrlQlzvc4cJB721/DTBFw=
X-Google-Smtp-Source: APXvYqzpBj5vAIa7kMjPBueKnbCYuS+Z6jX913dEkDY0ZMQKHAMoJx89FJsaIPzQ/XFUq/VMPwYQE562cV9k7mnr+wA=
X-Received: by 2002:a2e:b04c:: with SMTP id d12mr6757069ljl.218.1559751957054; Wed, 05 Jun 2019 09:25:57 -0700 (PDT)
MIME-Version: 1.0
References: <CAG9+TpaByVDQZujwtRo9LHcqFn2cOxmy09y-JmVOAzMVroagVw@mail.gmail.com> <CAKcm_gO7A8gq7a234D8DF-yAre-7_rubJsn10bPXsS6eQPW5zg@mail.gmail.com> <BL0PR2101MB10437A1A42141B3481712B95B3160@BL0PR2101MB1043.namprd21.prod.outlook.com> <CAN1APdfvQ9iewtPz0GBvyONaHfBNpyp28Q4rY97=o6ranmGD2g@mail.gmail.com> <CAKcm_gP=yjZXSJ39pv=zJw8T+Uvvf6CCocY9gWmO6NU90ACavw@mail.gmail.com> <CAN1APdeVD7ummf=fEvsjBDMOrGRxvbwmtnRi--rO8p39Jp0wtw@mail.gmail.com>
In-Reply-To: <CAN1APdeVD7ummf=fEvsjBDMOrGRxvbwmtnRi--rO8p39Jp0wtw@mail.gmail.com>
From: Marten Seemann <martenseemann@gmail.com>
Date: Thu, 06 Jun 2019 00:25:45 +0800
Message-ID: <CAOYVs2ohkoMWqxYPO4JAm2oyBEYQjDuvgmqyNH5kWiRXS29Tgg@mail.gmail.com>
Subject: Re: Is CONNECTION_CLOSE frame Ack-eliciting?
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Ian Swett <ianswett@google.com>, Nick Banks <nibanks@microsoft.com>, IETF QUIC WG <quic@ietf.org>, Jiuhai Zhang <jiuhai.zhang@gmail.com>
Content-Type: multipart/alternative; boundary="00000000000056892d058a960dfc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/dY2sQ8_uu5TW_YQS720LHca0i08>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2019 16:26:02 -0000

It doesn't really make sense to send a CONNECTION_CLOSE frame in response
to a CONNECTION_CLOSE, since in the closing state an endpoint retains "only
enough information to generate a packet containing a CONNECTION_CLOSE frame
and to identify packets as belonging to the connection", i.e. an endpoint
won't even open the packet (but it might reply with another
CONNECTION_CLOSE).
Of course, and endpoint can send as many packets after this as it wants
(there's no way it could be penalized for misbehaving), although I'm not
sure why we're explicitly allowing sending CONNECTION_CLOSE as a response.

I'm not really sure what the benefit is of sending an ACK frame bundled
with a CONNECTION_CLOSE. There's nothing the receiving peer can do in
reaction to receiving that ACK - the connection is already closed.
Furthermore, it would be wrong to conclude that all stream data has been
processed by the application. An ACK for a STREAM frame only means that the
STREAM frame was processed by the QUIC stack, not by the application.

On Thu, Jun 6, 2019 at 12:03 AM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
wrote:

> 10.3: "After receiving a CONNECTION_CLOSE frame, endpoints enter the
> draining state. An endpoint that receives a CONNECTION_CLOSE frame MAY send
> a single packet containing a CONNECTION_CLOSE frame before entering the
> draining state, using a CONNECTION_CLOSE frame and a NO_ERROR code if
> appropriate."
>
> On 5 June 2019 at 17.58.19, Ian Swett (ianswett@google.com) wrote:
>
> Nick, I agree that bundling an ACK with a CONNECTION_CLOSE is useful, and
> our implementation does that as well.
>
> However, it seems like the existing text indicates you'd never expect to
> get a CONNECTION_CLOSE in response to a CONNECTION_CLOSE?  Or am I
> misreading the text about draining?
>
> On Wed, Jun 5, 2019 at 10:08 AM Mikkel Fahnøe Jørgensen <
> mikkelfj@gmail.com> wrote:
>
>> CONNECTION_CLOSE can be response to CONNECTION_CLOSE and that response
>> can contain other frames.. So technically you can ACK a connection close.
>>
>> Doing so might actually make sense if the original closer take that as a
>> signal to drain faster.
>>
>>
>> On 5 June 2019 at 16.00.16, Nick Banks (
>> nibanks=40microsoft.com@dmarc.ietf.org) wrote:
>>
>> Ian,
>>
>>
>>
>> I have encountered issues both in local automated tests and during
>> interop, where one side gets everything it wants and then cleanly closes
>> the connection. The issues arise because the peer hasn’t received the ACK
>> for that last exchange. For that reason, winquic always encodes its latest
>> ACK state with (always frames before) the CONNECTION_CLOSE frame. This
>> doesn’t increase the size of the packet much, and it’s up to the receiver
>> if they want to process the ACKs or not; but it helps these kind of
>> scenarios.
>>
>>
>>
>> A simple example test case:
>>
>>
>>
>> Client: Open one bidirectional stream, send data on it, FIN it, and
>> verify the peer does the same. Then close the connection.
>>
>> Server: Accept one bidirectional stream, receive all data on it and echo
>> it back. Verify all data is sent successfully.
>>
>>
>>
>> The “Verify all data is sent successfully” fails if you don’t send ACKs
>> with CONNECTION_CLOSE. So, I personally think it’s a good idea to recommend
>> including ACKs. I know it doesn’t provide any guarantees in the presence of
>> packet loss, so ideally you don’t design an app protocol on top of this,
>> but it does make things a little nicer, IMO.
>>
>>
>>
>> Thank,
>>
>> - Nick
>>
>>
>>
>> *From:* QUIC <quic-bounces@ietf.org> *On Behalf Of* Ian Swett
>> *Sent:* Wednesday, June 5, 2019 6:48 AM
>> *To:* Jiuhai Zhang <jiuhai.zhang@gmail.com>
>> *Cc:* IETF QUIC WG <quic@ietf.org>
>> *Subject:* Re: Is CONNECTION_CLOSE frame Ack-eliciting?
>>
>>
>>
>> Technically, yes.  But connections don't send any packets after
>> processing a CONNECTION_CLOSE frame, so you would never receive and ACK for
>> it.
>>
>>
>>
>> From:
>> https://tools.ietf..org/html/draft-ietf-quic-transport-20#section-10.1
>> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-quic-transport-20%23section-10.1&data=02%7C01%7Cnibanks%40microsoft.com%7Ca3e4b3be88064c15350408d6e9bc9185%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636953393451363725&sdata=bi9%2FDh3XZuUgM%2B23tC54csAhdE5RQENRTQzgj5%2B%2BPlM%3D&reserved=0>
>>
>> "The draining state is entered once an endpoint receives a signal that
>>
>>    its peer is closing or draining.  While otherwise identical to the
>>    closing state, an endpoint in the draining state MUST NOT send any
>>    packets.  Retaining packet protection keys is unnecessary once a
>>    connection is in the draining state."
>>
>>
>>
>> On Wed, Jun 5, 2019 at 8:04 AM Jiuhai Zhang <jiuhai.zhang@gmail.com>
>> wrote:
>>
>> In https://tools.ietf.org/html/draft-ietf-quic-recovery-20#section-2
>> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-quic-recovery-20%23section-2&data=02%7C01%7Cnibanks%40microsoft.com%7Ca3e4b3be88064c15350408d6e9bc9185%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636953393451363725&sdata=420rgTO4Iud8HbpF8KvvANjFfPFP%2BtwAnjVS7KszGb4%3D&reserved=0>
>>
>> Ack-eliciting Frames:  All frames besides ACK or PADDING are
>>
>>       considered ack-eliciting.
>>
>>  Is CONNECTION_CLOSE frame Ack-eliciting?
>>
>> Should endpoint responds a ACK frame when receiving a CONNECTION_CLOSE frame?
>>
>>

v2.23.0 | Report a Bug | By Email