IETF Logo Mail Archive

Re: Exercising Version Negotiation

Roberto Peon <fenix@fb.com> Mon, 26 March 2018 19:09 UTC

Return-Path: <prvs=66230deeec=fenix@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75E8C127337 for <quic@ietfa.amsl.com>; Mon, 26 Mar 2018 12:09:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.702
X-Spam-Level:
X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=IttWlQQ/; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=HNcDzJEM
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0tnaq78NapmX for <quic@ietfa.amsl.com>; Mon, 26 Mar 2018 12:09:57 -0700 (PDT)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1AFA6127136 for <quic@ietf.org>; Mon, 26 Mar 2018 12:09:57 -0700 (PDT)
Received: from pps.filterd (m0044008.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w2QJ6dQF026991; Mon, 26 Mar 2018 12:09:53 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=oOfGeGuIzP4OErSR4RH5DAT7kVwqy8aIkMjhTkJf5rw=; b=IttWlQQ/noTnHFoEkhNYSQuV0yhoasAaeM48UOMZIMN0VWmVOLg9Pm6WQdg1jDzTqCEf ggR5UDsBfD3aYJ+7uCrktm8ziDcYb96PccvNCkrtZbMGwFj59/o6nhKYu6WGS4bi2pmf +md+nEqDGUGRG3NGS70v4+UlNlvH9Umi1hk=
Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2gy4qu8c6n-11 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 26 Mar 2018 12:09:53 -0700
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.23) with Microsoft SMTP Server (TLS) id 14.3.361.1; Mon, 26 Mar 2018 12:08:37 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=oOfGeGuIzP4OErSR4RH5DAT7kVwqy8aIkMjhTkJf5rw=; b=HNcDzJEMXEzo+VnoWpREmp4A+Efdgzsqb8VyNd/HVAGbnYpmVhFrs8G1bolc2mNAqQXDc84g2UHQKRk/3eT0Kl13ya5DZ2jt2+2Pol6QCNj2ignsdgBBzUMtTdRDoty8Z2LYQnoRjAFliRe7L+jK4SfUEQw2hpS1qzOCuzmWIk8=
Received: from BY2PR15MB0775.namprd15.prod.outlook.com (10.164.171.11) by BY2PR15MB0168.namprd15.prod.outlook.com (10.163.64.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.609.10; Mon, 26 Mar 2018 19:08:35 +0000
Received: from BY2PR15MB0775.namprd15.prod.outlook.com ([fe80::78a6:3a7a:1195:dd02]) by BY2PR15MB0775.namprd15.prod.outlook.com ([fe80::78a6:3a7a:1195:dd02%13]) with mapi id 15.20.0609.012; Mon, 26 Mar 2018 19:08:35 +0000
From: Roberto Peon <fenix@fb.com>
To: Christian Huitema <huitema@huitema.net>, "quic@ietf.org" <quic@ietf.org>
Subject: Re: Exercising Version Negotiation
Thread-Topic: Exercising Version Negotiation
Thread-Index: AQHTwdYDUZhb3cJH5UigdAPrv4PipqPcS1kAgAAEWICAABZ4AIAAVeCAgADHmYCAAMElAP//liUAgACNhYCAANrygIADL0QA
Date: Mon, 26 Mar 2018 19:08:35 +0000
Message-ID: <B7EA364D-6EA1-4201-AAA9-2039BD56B001@fb.com>
References: <CABcZeBMv5BqZOtgVA2wfqaaGCd94gcNPB9bTXkrvNXXRveU8wA@mail.gmail.com> <CAJ_4DfQ6zqVeUUF7XcoT110kVcP1BJFEtqVR-+FN5XD2UuRMMA@mail.gmail.com> <CABcZeBMVNy151rFntLutSPtctPsd2Ei3Qy-ChuEXVMVpz4pgdQ@mail.gmail.com> <SN1PR08MB1854DD71FDCB9FBA48DD26E9DAA90@SN1PR08MB1854.namprd08.prod.outlook.com> <CAJ_4DfQxcxNGNP9CW3poPqnFgUsrNy269dO2Lf0dvWBFKKsSHg@mail.gmail.com> <CABcZeBNfw6MjjgeqQct11g6Kf=4xy+zVZiBRMwwzhtKB2rWHZg@mail.gmail.com> <CAJ_4DfRCNRHajNfFdedg6O54mjydWt+ooRESJZQ5L0sZmcwmXg@mail.gmail.com> <9A92D490-1F4F-457D-9209-C19E154E4881@fb.com> <CAJ_4DfSNA0wMnvzxSy1bHU5VTdKujP6oZAtwn8DUNwnX97yLDQ@mail.gmail.com> <8ed89135-e878-473a-9c44-d3f1b9ce16b1@huitema.net>
In-Reply-To: <8ed89135-e878-473a-9c44-d3f1b9ce16b1@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.9.0.180116
x-originating-ip: [2620:10d:c090:200::4:191d]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BY2PR15MB0168; 7:7NJWyXuOm6qrXnozkhyFYRCgL9oViD7mIUuSxQw8BLuwFZ3r579bKEYOLX0+0+syCa9p12yAu9UfG5/gdK+ZSPAGbFY33k1DcH71R9JvjNT2cr1O7LeJ5WvGOnwa4cQQogG1ua/BGqQKFYjByVXnVa95biWJ4OKl37M/77riYdPnvsLjNias4sfV8uyM/8Hl4uw7Vrzg7w9vvmGCODgEZyPTxaXmY2J1d2jdr5EO4urnBL6lMag+rednN5ycfrdL; 20:EAp8KggenoKH6Rq2z7yUFcuWhNDHRditV2aiebRj4wVm2poPD5LZ2wp/E+LW4h9+VALT/0EV7VuWBsYpclgakzu4Cjjdebb6e33Bq5ifWStOspZ3ooI7tMCUcjYlWQ/Gn2SUzDyExECKOsDNyJPoEqHUJ2JWxZQrH6Abr0DPX0A=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 4cb809d0-233e-44c5-6ef2-08d5934cf977
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BY2PR15MB0168;
x-ms-traffictypediagnostic: BY2PR15MB0168:
x-microsoft-antispam-prvs: <BY2PR15MB0168B792DA7FAE19A5283CE3CDAD0@BY2PR15MB0168.namprd15.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(10201501046)(3231221)(11241501184)(944501327)(52105095)(6041310)(20161123560045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011); SRVR:BY2PR15MB0168; BCL:0; PCL:0; RULEID:; SRVR:BY2PR15MB0168;
x-forefront-prvs: 06237E4555
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(346002)(396003)(376002)(39380400002)(39860400002)(51444003)(199004)(189003)(5660300001)(6436002)(186003)(7116003)(305945005)(6512007)(82746002)(7736002)(83716003)(8936002)(93886005)(8676002)(81166006)(53936002)(46003)(81156014)(6246003)(68736007)(110136005)(11346002)(86362001)(3480700004)(478600001)(58126008)(102836004)(316002)(446003)(2616005)(106356001)(6116002)(229853002)(76176011)(97736004)(105586002)(25786009)(3280700002)(561944003)(14454004)(33656002)(99286004)(6486002)(2900100001)(53546011)(59450400001)(3660700001)(2906002)(2501003)(36756003)(486005)(5250100002)(476003)(486005)(6506007)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR15MB0168; H:BY2PR15MB0775.namprd15.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: oFXrRPCo8J2SMKy8m3AwqnBzSjf1VBNWsQtRz86vkrsjfAWsy2ezXUgas3a4d0ogMvjGo8nRRHPtDIDW+c73Jq1+6E5XF9S/OF9Fnh/Tk8UNu5jl/REY81ApkATzP8+ByT7DF/migGljRuS6Cc8v4lcofTBfwm/ybWafS1EDmVEZtH+20I8vnpnmDeDbLuez0UR8oSfUDtYxvoeh+pcRtPFyFGIjaz5n7S4hoMQ0B9PLQbDjBHtQsRG0pgFYTL976lkuXIPJgyCLKNVQoNuyeT97rQrDtcy921tZRKGhz1etkF6wazXXXAt7s5pwrtjQ2ORQe3NRDByqk67qsjuRUQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <5A8B3FBCB8B30B48908D36975DF11DA2@namprd15.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4cb809d0-233e-44c5-6ef2-08d5934cf977
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Mar 2018 19:08:35.4007 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR15MB0168
X-OriginatorOrg: fb.com
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-26_09:, , signatures=0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/lYOWr216_Je_iFkaOI9JB40kmRE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2018 19:09:58 -0000

What the user cares about is the quality of the experience. This is influenced by the number of times the version changes for them.
That is de-coupled from the number of versions deployed simultaneously across all users.
Thus, have x == 50%. Use as many versions as equally as possible. Sometimes use both.

So long as the rate of change on an individual user/IP basis is slow enough, the user won't see any real performance penalty or degraded experience.
As an example, I think that changing version negotiation on someone once a week would be pretty safe.

Agreed that we want to teach middle-boxes to not expect a specific version. Agreed we need a Goldilocks value (caveated with above). 
We also want to teach *clients* to not expect a single version. Ekr's suggestion of really deploying two versions makes it likely that most endpoint implementations (and not just middleboxes) would build the appropriate scaffolding to deal with versioning.
-=R

On 3/24/18, 4:31 AM, "QUIC on behalf of Christian Huitema" <quic-bounces@ietf.org on behalf of huitema@huitema.net> wrote:

    On 3/23/2018 10:26 PM, Ryan Hamilton wrote:
    
    > Maybe. :) I'm just trying to get my arms around a concrete proposal.
    > For example, if the server always advertises both versions, but only
    > supports 1 version based on hash(client IP), and those client
    > typically prefer the other version, then they'll incur an extra RTT on
    > every connection, which seems undesirable. But I'm not sure if that's
    > the proposal.
    
    There is of course no way to exercise version negotiation without
    incurring a 1-RTT penalty. Following the "use it or lose it" paradigm,
    we know that if we do not use version negotiation for a while, various
    middle-boxes will "learn" that it is not needed and will start blocking
    VN packets, in the same way that various middle boxes block various ICMP
    packets today. Greasing VN has a cost. If we grease VN for X% of
    connections, X% of connections will suffer an additional 1-RTT delay.
    There is just no way around it.
    
    Let's assume that we will grease VN on X% of connections. How do we
    decide how much that X% is? If it is too low, middle-boxes will learn
    that blocking VN only affects a small fraction of connections. They will
    think that they can block it, and clients will probably react by
    retrying with a different version. Grease fails. If it is too high, too
    many clients suffer. So we need some kind of Goldilocks value, not too
    big, not too high, just right. Anything below 1% will probably be too
    low, but I don't know what would be too high. 5%? 10%? The trade-off is
    not very appealing.
    
    Perhaps we should look at it differently. What do we really want to
    teach to the middle-boxes? I think the message should really be, "do not
    try to lock on a specific version number". And doing that with just two
    versions will not work. The middle boxes will just learn those two
    versions, and we will not be able to introduce a third one. We want to
    see plenty of mostly unpredictable versions proposed by clients, and we
    want these unpredictable version numbers to result in successful
    connections most of the time.
    
    -- Christian Huitema

v2.23.0 | Report a Bug | By Email