IETF Logo Mail Archive

Re: Expected Client Response to SERVER_BUSY

Ian Swett <ianswett@google.com> Thu, 21 February 2019 16:00 UTC

Return-Path: <ianswett@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C180B13105F for <quic@ietfa.amsl.com>; Thu, 21 Feb 2019 08:00:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wwHxLZLXfGsm for <quic@ietfa.amsl.com>; Thu, 21 Feb 2019 08:00:52 -0800 (PST)
Received: from mail-wm1-x333.google.com (mail-wm1-x333.google.com [IPv6:2a00:1450:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EC4113108C for <quic@ietf.org>; Thu, 21 Feb 2019 08:00:49 -0800 (PST)
Received: by mail-wm1-x333.google.com with SMTP id x10so9704251wmg.2 for <quic@ietf.org>; Thu, 21 Feb 2019 08:00:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8YmgdrjqrAYJ3WnIxBs0A8QHtyc+0/47Gve2/H31dmI=; b=jXHl97oJeCOqtMGfdx5yWlfgr9dc9Fivsi1gSlM1AfySWCikqPCwUsgLidc+dAfXvi 7r+x97VPvrbF3vhPpEEe1/k7D9XoWsqLqhFHUk3F+0u5kJ/TQONx3zFdU4px4vVCDX2s ggixN5IBOO2a8pmOJ6XfsuoGXlgE7uxOgijnErT+Og61JoWH0AWbDGhl0TcxCnTyCswh 2xWKa7rZl0Fkz9LqDqqGdui90M104C/LheYwosyPX4ew/M4awpwrcFnENbTFnE6LoLcn q92CBT6ynMJ7oC9Z52ZbBCc6ygENLdL3sjZOCo8zrbbFXsKW0rypB1jdH5nx+fozdyN9 nVhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8YmgdrjqrAYJ3WnIxBs0A8QHtyc+0/47Gve2/H31dmI=; b=IufurRXZHL7SR/wCqDZ3Zzy5r9OKrsTMwiV0K5oUb6le/O2KoT5fy5Nb5jSdx2Mahu 1Tn7u19vm62vIkMJwKnZ/dFUH3pwZxxfU5xrAgbzA+Whu68xMYyWuxzBTzLcwZEve17/ eob5BFnNJLMSAcOi9HmS0FUMosaaHO73GFpnnYx5dibHnzV/xpEvtPDfFk+nw/Z8hh32 uFd5xP0mwej0kUsiqZZA8X8ylj6eS/RnwVTBwxDxOo7H1Ju/GuRClLYrItg1qsXrgjma TyAAOymqm6ETCsH+50V7ZX+6NqWXHxB90HN7NLUJUwBOhD5/AQFtrjqB703WIYhY4wbD o2XQ==
X-Gm-Message-State: AHQUAuYUjQk3bGVy6zefTkI6YKSdf5NuIWUDRc0nugGzd3RyIZU0NphX MniqTBB777L3Lc8rxggdpfG82ID/kfdFcgg6N8wwzSq22xo=
X-Google-Smtp-Source: AHgI3IZ+BeM53cqVdjrC6BAVHpcvm/yPTge0nHow3x38fNN7NatG0+/Y0sryszoQO2nO+AV+qERlGMUEOFtNmWS/iwE=
X-Received: by 2002:a1c:f312:: with SMTP id q18mr10925644wmq.106.1550764847257; Thu, 21 Feb 2019 08:00:47 -0800 (PST)
MIME-Version: 1.0
References: <CY4PR21MB0854341128C64E450E7C2DA2B37C0@CY4PR21MB0854.namprd21.prod.outlook.com> <CAKcm_gPmQiMhzfXnkEB4u+X+84bCbL8FE3Lj3ZdPPQBBu+4uPg@mail.gmail.com> <1AF7E952-4542-4C40-8652-BFFBFA61784A@trammell.ch> <CAKcm_gN11=DcV2v-JrX+Ym88D7P1Ey3rDvYomTf1seemsWDSwA@mail.gmail.com> <CY4PR21MB0854D8F7383CDF72EEDAE9FBB37D0@CY4PR21MB0854.namprd21.prod.outlook.com> <CALZ3u+Zmau+167msd9+OGcU+V00+__yLK83ByNEqvWhm7yFORg@mail.gmail.com> <CY4PR21MB0854E1E9AAF564CD8B12305CB37D0@CY4PR21MB0854.namprd21.prod.outlook.com> <CALZ3u+b_NqyrSAkqiuXnnVVL+T0XiExPDUP5JyuzvZVaXqHtCA@mail.gmail.com> <a861dc7b-c1a4-fa72-649a-4f98050aa6f5@huitema.net> <CALZ3u+YxHeVuF-27pjO6gGZ__RT7Y9cAx0vE+x-n8vJbWM+L6g@mail.gmail.com> <CC1D0429-A09E-4844-90B9-2C053FE583E8@fb.com> <CALZ3u+Y1X0XxfbbiAH1S-fajz3nXybGP3tqED6tYQmsihzCzQw@mail.gmail.com> <FCB33D12-C23D-4F5F-BF26-5CA7DF911DEA@tik.ee.ethz.ch> <CY4PR21MB08547DE83CD0670F804D9B45B37E0@CY4PR21MB0854.namprd21.prod.outlook.com>
In-Reply-To: <CY4PR21MB08547DE83CD0670F804D9B45B37E0@CY4PR21MB0854.namprd21.prod.outlook.com>
From: Ian Swett <ianswett@google.com>
Date: Thu, 21 Feb 2019 11:00:33 -0500
Message-ID: <CAKcm_gMJoNLxKA8N-ZhmO-Ac=gzE0eGb9fZsgvLBQGSyiSTttQ@mail.gmail.com>
Subject: Re: Expected Client Response to SERVER_BUSY
To: Nick Banks <nibanks=40microsoft.com@dmarc.ietf.org>
Cc: Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>, Töma Gavrichenkov <ximaera@gmail.com>, Praveen Balasubramanian <pravb@microsoft.com>, IETF QUIC WG <quic@ietf.org>, Roberto Peon <fenix@fb.com>
Content-Type: multipart/alternative; boundary="000000000000da518305826993e0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/fBfKR89c-U_3FpB3xLcEDqKhsWk>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 16:01:02 -0000

When the handshake fails for any reason, Chrome stops attempting to use
QUIC for 5 minutes to that hostname, and if the Alt-Svc is still present 5
minutes later(ie: it hasn't been cleared), then the next request to that
hostname after 5 minutes will try QUIC again.  If that QUIC handshake
fails, Chrome exponentially backs off and waits 10 minutes before trying
again.

An old, but fairly accurate doc describes this:
https://docs.google.com/document/d/1i4m7DbrWGgXafHxwl8SwIusY2ELUe8WX258xt2LFxPM/edit

I think breaking it down by reason makes sense, as you suggest.  If the
handshake fails due to a connection close, not trying that hostname for 5
minutes seems like a reasonable approach.  If you receive no packets in
response, then it might make more sense to assume that UDP 443 is blocked
completely and not try QUIC at all for 5 minutes(unless you have other
active/recent QUIC connections).

This is an area of heuristics, so we should be careful not to over-specify
what a client should do, but I'd be happy to see a bit more detail on the
blackhole and connection close cases at least.  I'm also curious what
people think we should do in response to 3 or 5?

On Thu, Feb 21, 2019 at 10:43 AM Nick Banks <nibanks=
40microsoft.com@dmarc.ietf.org> wrote:

> I read that section, generally, as you should support fallback to TCP. No
> real specifics.
>
> I'm asking if we should add more. As Ian had already alluded to the client
> might take the Alt-Svc into account when falling back. How is it supposed
> to decide what to do if that says QUIC is available, but right now they
> just get a SERVER_BUSY error from QUIC?
>
> It might be worth calling out a few possible scenarios that might be
> encountered and recommend a course of action. I can think of several
> scenarios that a client might encounter that might be interested to
> describe:
>
> 1. Client gets no response ever.
> 2. Client only gets a response after a long time.
>
Defining 'a long time' is hard. I'd avoid trying to specify behavior for
this case separately.

3. Client gets some kind of protocol error in response (bad middlebox?).
> 4. Client gets a valid connection close in response.
> 5. Client handshake eventually fails (perhaps tampered with).
>
> Thanks,
> - Nick
>
> -----Original Message-----
> From: QUIC <quic-bounces@ietf.org> On Behalf Of Mirja Kühlewind
> Sent: Thursday, February 21, 2019 7:33 AM
> To: Töma Gavrichenkov <ximaera@gmail.com>
> Cc: Praveen Balasubramanian <pravb@microsoft.com>; IETF QUIC WG <
> quic@ietf.org>; Roberto Peon <fenix@fb.com>
> Subject: Re: Expected Client Response to SERVER_BUSY
>
> As pointer out earlier in this thread there is text in
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-quic-applicability%2F&amp;data=02%7C01%7Cnibanks%40microsoft.com%7C0084d6c04e284f76cfd508d69811e099%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636863599903286321&amp;sdata=KO36Bt6jX5Xe%2B379FOfLYviKQNPRhJrwILSQr6oPKSA%3D&amp;reserved=0
> (section 2).
>
> Do you think anything else is needed?
>
>
>
> > Am 20.02.2019 um 23:56 schrieb Töma Gavrichenkov <ximaera@gmail.com>:
> >
> > > This mechanism provides a very low CPU cost fast fallback to TCP
> > > under DoS attacks until all infrastructure can support QUIC natively
> >
> > There are [a] few use cases when switching from TCP to QUIC v1 (in its
> current state) is not feasible because of huge operational costs. So it
> would be a more long term solution than that, probably till v2 or even
> further.
> >
> > > anything we do to allow non-malicious ones to respond appropriately
> > > requires pre-sharing, or for the connection to succeed
> >
> > The question here is basically how to ensure the latter given a X00 Gbps
> attack scale if you're neither Facebook nor Google.
> >
> > > In some circumstances, falling back to TCP may be something that the
> > > application shouldn't do
> >
> > Well, maybe, but then IMO the consequences of not being able to benefit
> from switching to TCP if you're doing certain things with QUIC should be
> outlined in the spec. Again, this is an application-level thing *now*, but
> formerly the transport used to take full care of it, and the change in that
> sort of breaks the habit of the users.
> >
> > --
> > Töma
>
>

v2.23.0 | Report a Bug | By Email