Re: New Plaintext QUIC-LB Design

Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Fri, 15 January 2021 20:18 UTC

Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAA193A1149 for <quic@ietfa.amsl.com>; Fri, 15 Jan 2021 12:18:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.097
X-Spam-Level:
X-Spam-Status: No, score=-1.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JU7snUTe8MjU for <quic@ietfa.amsl.com>; Fri, 15 Jan 2021 12:18:08 -0800 (PST)
Received: from mail-lj1-x231.google.com (mail-lj1-x231.google.com [IPv6:2a00:1450:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63E043A1141 for <quic@ietf.org>; Fri, 15 Jan 2021 12:18:08 -0800 (PST)
Received: by mail-lj1-x231.google.com with SMTP id e7so11729996ljg.10 for <quic@ietf.org>; Fri, 15 Jan 2021 12:18:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=3HZ1hYgev0miCbbh4LQcaxl8FWGUuFypfiVU12CwHWQ=; b=kXf2X++KkoGC9GelIZtJAwXAieMJPij2FxH8mDXb+NjoX97Qrkc/CxEFrQ5ZCIr4k6 RE1Ql0rGfI17YweMUbIYpHzoSfdQ8rUyY9N/7OpdJfoJRnd7LqD8xmzknmfc7xipeQhs sS+UBuaIhaUSLMI5hQgnFQhT/YD0ewULotFdq5l9rp5HBJUliQJxy43LNJFyYitbspXn NTkn4A8Y2uk/uJJeyQNuGLLUT+CUrLzP1c18p9gI0vwecYy8q9TndHQe0bOLbpjAzgz2 7OZ9UJkjYUCxtGkLuj+yStlcExZjKGUpbf/wbHbbKnV7azwk+rzBrbwuWgcHHB98Xm/Z xW1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=3HZ1hYgev0miCbbh4LQcaxl8FWGUuFypfiVU12CwHWQ=; b=ThYJY9dYTn70lCvdINBXf/HLBCV5+aRLBjSeGFtu0YMi9GHY9JB0RTvEQF/MG54b9v 6tsUjcgwhejHshuNIzJ4ke+HwZtWNpcIO4M8jo2Up3SZ0UyGViDOQ4uDjyocnVK6Xjnb 3bizo5xIBh5MGrj3WIJJLsT7WvioI/HnR6wEN7qIqVq7kmelv4CxUWJBsgKwvhBAVT3g c8wTDO+f7zRNeB7mWMv9f8Gz5xdwcEhJSnh5juJhUsnZkCmNOovbInHGWXFPT/V9HtmW IbXsez6bbfM+huVgHZ8Ap2peC+9uBMhD4aLslhFnYl298j5/gYKuJrMxzjUehJjEs32z N9kg==
X-Gm-Message-State: AOAM533UpLgJU2s8dF5jx8GBlTJzutj98P0wcC7J/VgrS+iSdm0db2u0 Muq3oBVf0X8E+QDwPl+Fu5YYNeTwsdEDtw==
X-Google-Smtp-Source: ABdhPJxGw3qnrsU92VYnGXSnr79KWq9ey6pF1p9lybLkJL5HW9bku7FchLy44zRtbwVCTI2bzpKVaw==
X-Received: by 2002:a2e:9645:: with SMTP id z5mr6040299ljh.36.1610741886472; Fri, 15 Jan 2021 12:18:06 -0800 (PST)
Received: from [192.168.8.100] (109.59.218.219.mobile.3.dk. [109.59.218.219]) by smtp.gmail.com with ESMTPSA id j26sm1010217lfh.251.2021.01.15.12.18.05 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 15 Jan 2021 12:18:05 -0800 (PST)
From: =?utf-8?Q?Mikkel_Fahn=C3=B8e_J=C3=B8rgensen?= <mikkelfj@gmail.com>
Message-Id: <D7415808-034A-4E93-9329-2BC8F1F116E7@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F4AF6F60-3BFB-49B0-B846-A0FBDEEF464E"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Subject: Re: New Plaintext QUIC-LB Design
Date: Fri, 15 Jan 2021 21:18:04 +0100
In-Reply-To: <CAM4esxS8mqf5F6ZAW_JPrwg4gHWdtk=OMtRnwfJeuOH9JhoiqA@mail.gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, IETF QUIC WG <quic@ietf.org>
To: Martin Duke <martin.h.duke@gmail.com>
References: <CAM4esxRRp5=-YvcPsCdsgB=8O=_RAXq05Ldma0smGsjy95T4=g@mail.gmail.com> <6B05568D-1905-4416-904C-2EEC25491920@gmail.com> <CAM4esxSyn7uEiUsYvtiUbQ=4Qt-Bp+yLYBK+re+a+V3ea0BjcQ@mail.gmail.com> <B4D950F6-452A-4CFC-9707-DC1C9B3AB49B@gmail.com> <EB8897FC-1A57-4C45-ABDE-B87E36E519E8@gmail.com> <03ba27b1-3d27-d66b-4fc0-a952c24c993d@huitema.net> <CAM4esxToXBrKezEc3WVWpZFmNLVgVBX+==N77OyjmvEfvJ+kTA@mail.gmail.com> <527d1ec7-c354-5756-6f02-c8058c560b3a@huitema.net> <CAM4esxSVn9zdsur8E6EUGJTusE5DTkQOz7N1+VXm6aZ2v1Zzow@mail.gmail.com> <CAM4esxS8mqf5F6ZAW_JPrwg4gHWdtk=OMtRnwfJeuOH9JhoiqA@mail.gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/huDrkep9TsUQO5C2BqbsVkRzPnU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jan 2021 20:18:11 -0000

I would be hesitant to introduce a situation where a load balancer is forced to use memory, especially memory it doesn’t fully control. It may be fine as a choice, but not the only choice.

Aside from potential attacks, there is also the hardware cost/complexity. SHA256 and AES is pretty standard in almost anything, but lots of RAM is a cost driver.

It is really hard to estimate crypto vs lookup overhead, but it is far from a given that lookup will be faster once the tables grow large.

Less coordination is a good thing though. I’m afraid that without out of band payload to coordinate, there will have to be a choice between configuration and state.

Mikkel

> On 15 Jan 2021, at 21.04, Martin Duke <martin.h.duke@gmail.com> wrote:
> 
> To muddy this discussion a little further, after a little more thinking I believe there's a way to generalize this approach to all three of the original algorithms, encrypted or unencrypted, so there is never a need to manually allocate server IDs.
> 
> Again, the main tradeoff here is simpler configuration vs. more complexity and state at the load balancer.
> 
> As a document organization matter, rather than have six different algorithms I would prefer to specify three with a separate section describing the two separate ways to allocate a server ID.
> 
> But it is not too late to yell "stop" at this multiplicity of options if people feel the tradeoffs are clear-cut in one way or the other.
> 
> On Mon, Jan 11, 2021 at 6:50 PM Martin Duke <martin.h.duke@gmail.com <mailto:martin.h.duke@gmail.com>> wrote:
> Yes. Do you have an alternate suggestion?
> 
> On Mon, Jan 11, 2021 at 5:54 PM Christian Huitema <huitema@huitema.net <mailto:huitema@huitema.net>> wrote:
> 
> 
> On 1/11/2021 5:22 PM, Martin Duke wrote:
>> Perhaps I should make some edits for clarity!
>> 
>> On Mon, Jan 11, 2021, 16:52 Christian Huitema <huitema@huitema.net <mailto:huitema@huitema.net>> wrote:
>> I am looking at the text of section 4.2, and I am not sure how I would implement that. What should be the value of the config rotation bits in CID created by the server?
>> 
>> Any config includes the corresponding CR bits, and when generating the CID it would use those bits.
>> 
>> The confusing part is that, for this algorithm, a usable SID has to be extracted from any CID, hence all the weird stuff about CIDs with undefined configs.
>> 
>> Aside from that, it's like PCID: any server-generated CID uses the CR bits in the config, optional length encoding, SID, server-use octets.
>> 
>> 
>> Should the 6 other bits in the first octet be set to a CID Len or to a random value?
>> 
>> It depends on the rest of the config, as with the other algorithms.
>> 
>> Issss the timer set when the server ID is first added to the table, or is the timer reset each time a packet is received with that CID? In the latter case, is it reset when any packet is received, or only when a "first initial" packet is received?
>> 
>> When any packet is received with that SID (not CID), the expiration is refreshed.
> OK. So we can have the following:
> 
> 1) Server learns of Server-ID = X.
> 
> 2) Server creates new CID with that server ID, uses it to complete handshake.
> 
> 3) Client maintains a long running connection with that CID.
> 
> 4) Server keeps receiving messages with CID pointing to server-ID = X
> 
> 5) server-ID=X never expires.
> 
> Is that by design?
> 
> -- Christian Huitema
> 
> 
>