IETF Logo Mail Archive

RE: FIN + RST behavior

"Lubashev, Igor" <ilubashe@akamai.com> Mon, 27 March 2017 04:32 UTC

Return-Path: <ilubashe@akamai.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96307128BE1 for <quic@ietfa.amsl.com>; Sun, 26 Mar 2017 21:32:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uHbpN6qLb1zX for <quic@ietfa.amsl.com>; Sun, 26 Mar 2017 21:32:10 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02F50126CD8 for <quic@ietf.org>; Sun, 26 Mar 2017 21:32:09 -0700 (PDT)
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.20/8.16.0.20) with SMTP id v2R4RMAL027943; Mon, 27 Mar 2017 05:32:08 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=jfSVCEHN/lEnevvFr36iu0Gt6dsGrv2VZ9IHENcrGQ4=; b=JXs9/tu8zoOWP1a4+GhUjkJWfQQSYNJ4f/dPztAfNRhob++Ncq0JQiHX+DeVBphTNxuP WlIqiB+vYlvJ/aYUiD98IIlKDoH7zPVcff25Ja21s/cTxUFcGQvDhK+n1O6USvpO8Zuw lTI40ZUXZ0udyV8HCrfpFS7B7rBxuRGwkD85WbLgbQ6uN1Qn649FiqOZQHadNJEym6Lu 4iKQfWjGcoSYmyjIBbc2tW2e3PZ5WexFl7Fl/ICP+XxcjHKANANwLDCN0/Dk40hUL6N5 9V7+LOqykASRxiFnxiW6BqZ0vA5rOxvswhWENnbrNUIzRxBxRlEXTbNsKUKG5SK6v9jh cQ==
Received: from prod-mail-ppoint2 (a184-51-33-19.deploy.static.akamaitechnologies.com [184.51.33.19] (may be forged)) by m0050093.ppops.net-00190b01. with ESMTP id 29dgpqqf8n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 27 Mar 2017 05:32:08 +0100
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v2R4QCDJ013909; Mon, 27 Mar 2017 00:32:06 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.31]) by prod-mail-ppoint2.akamai.com with ESMTP id 29dkvu8mps-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 27 Mar 2017 00:32:06 -0400
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com (172.27.123.105) by usma1ex-dag1mb6.msg.corp.akamai.com (172.27.123.65) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sun, 26 Mar 2017 21:32:05 -0700
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com ([172.27.123.105]) by usma1ex-dag1mb5.msg.corp.akamai.com ([172.27.123.105]) with mapi id 15.00.1178.000; Mon, 27 Mar 2017 00:32:05 -0400
From: "Lubashev, Igor" <ilubashe@akamai.com>
To: Subodh Iyengar <subodh@fb.com>, "martin.thomson@gmail.com" <martin.thomson@gmail.com>
CC: "quic@ietf.org" <quic@ietf.org>
Subject: RE: FIN + RST behavior
Thread-Topic: FIN + RST behavior
Thread-Index: AQHSo1zPcZTZN/tlZkuJR+NHZURtjKGh2eCAgAA5O4CAAHPJAIAAZdGA///G0xCAAPb5gIAASu9pgAPln4D//+nl0A==
Date: Mon, 27 Mar 2017 04:32:05 +0000
Message-ID: <5ff7c87db6294103ad0baae2f94dee8a@usma1ex-dag1mb5.msg.corp.akamai.com>
References: <MWHPR15MB1455B5E6D4F4FAC8411927E4B63C0@MWHPR15MB1455.namprd15.prod.outlook.com> <CABkgnnVRo_mT7sPO=xvmMdS-6wAJoSpARp+FG1R8i-RQWqE8Lg@mail.gmail.com> <MWHPR15MB145521D729498455F923679EB63F0@MWHPR15MB1455.namprd15.prod.outlook.com>, <CABkgnnVZCp8QBVPe81_9=JsrsAYLpy2KkWtfgY9pWcspoKBMSw@mail.gmail.com> <MWHPR15MB1455956FFF7AB6730C1E345CB63F0@MWHPR15MB1455.namprd15.prod.outlook.com>, <8dde9f5fac4440a8ac6c04e27efc042f@usma1ex-dag1mb5.msg.corp.akamai.com>, <MWHPR15MB14556C117E35F0F38E366125B63F0@MWHPR15MB1455.namprd15.prod.outlook.com>, <250e9b58e5294fca8e5a7e7a4c3643c8@usma1ex-dag1mb5.msg.corp.akamai.com> <MWHPR15MB1455388350826978E960683DB6300@MWHPR15MB1455.namprd15.prod.outlook.com>
In-Reply-To: <MWHPR15MB1455388350826978E960683DB6300@MWHPR15MB1455.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.33.106]
Content-Type: multipart/alternative; boundary="_000_5ff7c87db6294103ad0baae2f94dee8ausma1exdag1mb5msgcorpak_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-27_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703270037
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-27_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703270037
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/h0VI1cnSI9TCOQE3bMRXZTVJrN4>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 04:32:14 -0000

For the record, I was not trying to describe my understanding of the current stream limit, just my thinking of what it should be.


>> We are only protecting reassembly buffers here
> Isn't that what the connection flow control window and the stream flow control window is for?

You are correct that connection flow control window protects the aggregate amount of data committed to the reassembly buffers.  The max number of concurrent streams controls the number of reassembly buffers (supposedly, there could be significant fixed costs per reassembly buffer).


>> while there are any unacked sent bytes.

Yes, I withdraw that alternative and would go with something like "streams that have sent any bytes and (have unacked bytes or RST_STREAM or if there was no STREAM+FIN sent)".


The size or number of write buffers should not be controlled by some static pre-negotiated number.  This is likely to be something that the sender can (and will want to) control dynamically (just like write buffers are controlled dynamically by the kernel under memory pressure).


-          Igor


From: Subodh Iyengar [mailto:subodh@fb.com]
Sent: Sunday, March 26, 2017 3:27 PM
To: Lubashev, Igor <ilubashe@akamai.com>; martin.thomson@gmail.com
Cc: quic@ietf.org
Subject: Re: FIN + RST behavior


> We are only protecting reassembly buffers here
Isn't that what the connection flow control window and the stream flow control window is for?



> must count the stream toward his concurrency limit while there are any unacked sent bytes. (By peer, I mean "an endpoint".)

If this is the correct interpretation of how concurrency limit is accounted for in the current draft, then it seems like it provides is no better protection than the flow control window.

The real value of a stream concurrency limit would be to be able to protect the stream state table and to allow senders to protect their write buffers. Sure, senders can slow themselves down, however putting that local limit on yourself is another complexity in addition to the other sender side limits like congestion control, and a tradeoff between throughput and buffer build-up.

It seems like the draft could benefit from is explicit signaling of the available concurrent limit similar to the flow control window which is explicitly signaled. Then we can actually have the peer advertise a concurrent limit whenever it feels like it's ready to receive more streams, which would make this way easier to account for resource usage in the state table and allow the receiver to expand this limit in the future.



Subodh

________________________________
From: Lubashev, Igor <ilubashe@akamai.com<mailto:ilubashe@akamai.com>>
Sent: Friday, March 24, 2017 5:56:41 AM
To: martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>; Subodh Iyengar
Cc: quic@ietf.org<mailto:quic@ietf.org>
Subject: RE: FIN + RST behavior

I am not thinking about it from the perspective of the initiator of a stream. I am really thinking about a stream having two independent directions. It is the sender of the bytes (on a stream initiated by him or by the peer, does not matter) that must count the stream toward his concurrency limit while there are any unacked sent bytes. (By peer, I mean "an endpoint".)

The management of retransmit buffers is a local concern of the sender. If the buffers grow too large, the local app would not get a chance to write more into them. We are only protecting reassembly buffers here. If we also want to protect a table containing state for active streams, we would need to modify the definition for concurrent streams to "number of streams that this endpoint has sent any data on and still have unacked data or fin, or unacked rst".

- Igor

-----Original Message-----
From: Subodh Iyengar [subodh@fb.com]
Received: Friday, 24 Mar 2017, 12:28AM
To: Lubashev, Igor [ilubashe@akamai.com]; Martin Thomson [martin.thomson@gmail.com]
CC: quic@ietf.org<mailto:quic@ietf.org> [quic@ietf.org]
Subject: Re: FIN + RST behavior

@Lubashev, Igor<mailto:ilubashe@akamai.com>



>Concurrency limit is about the amount of local resources a remote peer can consume.



Let's say that for every stream there is an initiator (who is subject to stream limit) and a peer.
Aren't the retransmission buffers which the peer has to hold onto until the initiator ACKs them also a part of the local resources here?



An initiator who doesn't ACK any bytes from the server forces a peer to keep state for it. However it could send it's own FIN which is ACKed normally.



My question generally here is that with the current state machine seems that it's difficult for both peers to get a consistent view of what each side thinks that the

open peer streams have. The peer should only release the retransmission buffers when it knows all of the data + FIN has been ACKed, and I think that's when it should release

the stream limit. However the initiator needs to know when this happens so it would need to keep track of the ACKs for the ACKs it sent. Unidirectional streams seem to make this simpler.

>To be put precisely, the concurrency limit can be defined as "the max number of streams with non-zero unACKed bytes sent by that peer".

I'm not sure I understand your meaning here or maybe I'm confused by what you consider as the peer.
Can't the initiator just send a FIN and get an ACK for the FIN, however never ACK the peer's frames? In this case the initiator would have "zero UNACKed bytes" but the peer would not.


Subodh

________________________________
From: Lubashev, Igor <ilubashe@akamai.com<mailto:ilubashe@akamai.com>>
Sent: Thursday, March 23, 2017 11:27:29 AM
To: Subodh Iyengar; Martin Thomson
Cc: quic@ietf.org<mailto:quic@ietf.org>
Subject: RE: FIN + RST behavior

Concurrency limit is about the amount of local resources a remote peer can consume.  It is not about how much local resources can be consumed by the local application - these limits can be enforced without any help from the protocol.

So concurrency limit is really the number of concurrent in-progress streams that a peer is willing to receive.  This maps well with unidirectional streams, but this is not a requirement.  To be put precisely, the concurrency limit can be defined as "the max number of streams with non-zero unACKed bytes sent by that peer".  This means, peers can negotiate separate concurrency limits.


-          Igor

From: Subodh Iyengar [mailto:subodh@fb.com]
Sent: Thursday, March 23, 2017 1:09 PM
To: Martin Thomson <martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>>
Cc: quic@ietf.org<mailto:quic@ietf.org>
Subject: Re: FIN + RST behavior


>  The client can consider its own resources to be available for use by
the server as soon as it receives the FIN and processes it.  If this
were a server resource, then you are right, it's not that simple
because the client can't assume that the server has released state
yet.

Ya in the case of the previous example, it is a server resource since it's a client initiated stream.
@Martin Thomson<mailto:martin.thomson@gmail.com> I'm starting to like your proposal of unidirectional streams more and more :)



Subodh



________________________________
From: QUIC <quic-bounces@ietf.org<mailto:quic-bounces@ietf.org>> on behalf of Martin Thomson <martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>>
Sent: Thursday, March 23, 2017 4:04:46 AM
To: Subodh Iyengar
Cc: quic@ietf.org<mailto:quic@ietf.org>
Subject: Re: FIN + RST behavior

On 23 March 2017 at 15:10, Subodh Iyengar <subodh@fb.com<mailto:subodh@fb.com>> wrote:
> How does the client know when the server has released a slot in it's
> concurrency limit? The server can't immediately release this when it sends
> out the FIN because it still must keep state until it receives all the
> ACKs for the stream. I think the client need to keep track of the ACK of the
> ACKs of all the server sent bytes in the stream, which would be a bit sad.


The client can consider its own resources to be available for use by
the server as soon as it receives the FIN and processes it.  If this
were a server resource, then you are right, it's not that simple
because the client can't assume that the server has released state
yet.

v2.23.0 | Report a Bug | By Email