IETF Logo Mail Archive

RE: preferred_address outside of handshake

Mike Bishop <mbishop@evequefou.be> Thu, 26 September 2019 18:18 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5526B1200F9 for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 11:18:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8npflbJvGPSG for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 11:18:43 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-eopbgr740117.outbound.protection.outlook.com [40.107.74.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E47B01200EB for <quic@ietf.org>; Thu, 26 Sep 2019 11:18:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UWAKlhHBpmRCn6UvwdiXyu4XgivXKg8Ky/QLdJVQ5xpDxPoYkTpHvEJOsUxvdyEkIt78olnNShiSOk3i4lbGJhS3ZcVFg3nXtPdrk2Ho2cuw0IsJAoLYmhpUL/lg9AgWE479FljdZcmgqlLEobtG5qd0D8lqiJy5n9pYzSNdelGHhi2lcGQgnhX1aohfeq9RG7sice9mRVpj4lW64wtqONIMHJgqFhlc2wQVMXO1gmcokdbX6VjLQhVNeeSCW79MwFKsCpQP3JIWNUbBXLKiR10PVmvkxwBrKDBYODOo6T9zqnuY8+m9N927lAM96AUjXIiu+jfY5X1x3TRuVWlUrg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bo9MbA1crrjIaApIpFODXGwGfAnkNt6HomiMLRNrJVc=; b=JQ5ZH+UVhGOPo8gqog4hSjFrwhYNQ8S92XGeveXT8wTVrHk+YhLGYhn9sk/aVDe7au59KgIzq4kNn7u2pvh3kRGUxrHvfOT3CZIaT6oc1RthLsOz+ReO7aSUgidzbwEV1wmZfnKgLC855BHbJIvoqnn6PjFnOn8t9YMTWacwzm+SkCFXeViaL2sJ9wRlg38Nc2u11P04hb+XudOETx3LZOPXQPSRUSDR3PImimRRAnY97lpjsmYr218fPd2IwoI8dN2wHnpLyzjmI2xRVI27X2owsQzt5LRqDsi/VnVWBjBIoWwaIdRWfA886f9RQEe/gFrUYbKtRy2xwUKdFcQjbw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bo9MbA1crrjIaApIpFODXGwGfAnkNt6HomiMLRNrJVc=; b=lSCJaekgQR7DId4aGAFiFEj4dPXX79ZOzJX8928NBrhQ9FimWpvh/19SiFpQvRLD/Jhr1nc1pHWB+f+xYYaGup20aj0vIgsqoulB4JsvTAmnMZI0LFJcVuBmMRBF7I4Lx47DTlffWVBUM8DEnhSlvq4dhZYfiYsKV2ROByatVbY=
Received: from BN6PR2201MB1202.namprd22.prod.outlook.com (10.174.80.146) by BN6PR2201MB1444.namprd22.prod.outlook.com (10.174.85.165) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.24; Thu, 26 Sep 2019 18:18:39 +0000
Received: from BN6PR2201MB1202.namprd22.prod.outlook.com ([fe80::288b:d6ec:1e00:c3c]) by BN6PR2201MB1202.namprd22.prod.outlook.com ([fe80::288b:d6ec:1e00:c3c%12]) with mapi id 15.20.2284.028; Thu, 26 Sep 2019 18:18:39 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Jana Iyengar <jri.ietf@gmail.com>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
CC: Luke Curley <kixelated@gmail.com>, QUIC WG <quic@ietf.org>
Subject: RE: preferred_address outside of handshake
Thread-Topic: preferred_address outside of handshake
Thread-Index: AQHVbFRDWCLp+6CqnUmFk/rOq98Olact0T8AgAEyUgCAD1CSwA==
Date: Thu, 26 Sep 2019 18:18:39 +0000
Message-ID: <BN6PR2201MB120249170A5FE05084F93ED0DA860@BN6PR2201MB1202.namprd22.prod.outlook.com>
References: <CAHVo=Zm-0m6dttMfLRSLVNq19PHy1VhzTW0e4p+thVc_ZT0s+g@mail.gmail.com> <CAN1APdf=_VfVaepkC5fnCo_1AjUMV72QxhdRk=qcbeA7rBO+iQ@mail.gmail.com> <CACpbDceVHVhca-PgH7PqybYPNp_jFnrNDxZK-VzREnZvXV5Qaw@mail.gmail.com>
In-Reply-To: <CACpbDceVHVhca-PgH7PqybYPNp_jFnrNDxZK-VzREnZvXV5Qaw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [2600:2b00:931f:a301:ad10:cc00:8cc7:f6a6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c5089ef7-9f55-4c98-8d85-08d742adf4b3
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600167)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN6PR2201MB1444;
x-ms-traffictypediagnostic: BN6PR2201MB1444:
x-microsoft-antispam-prvs: <BN6PR2201MB144467BF0FC9C1949D0DC317DA860@BN6PR2201MB1444.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0172F0EF77
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(376002)(346002)(366004)(396003)(39830400003)(199004)(189003)(5070765005)(102836004)(55016002)(66574012)(9686003)(6306002)(74316002)(99286004)(33656002)(54896002)(440504004)(517774005)(5660300002)(229853002)(7696005)(7736002)(508600001)(71200400001)(71190400001)(2906002)(4326008)(236005)(86362001)(25786009)(6116002)(486006)(46003)(14454004)(446003)(110136005)(52536014)(11346002)(66946007)(66556008)(66476007)(66446008)(64756008)(6436002)(790700001)(54906003)(316002)(6246003)(8676002)(186003)(476003)(76176011)(8936002)(76116006)(14444005)(256004)(53546011)(6506007)(81156014)(81166006); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR2201MB1444; H:BN6PR2201MB1202.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: GiN6p5vwjZ4SMtCAcR2U6N34OHsMikKLsG4AsjIkAZ2fPASQTrnvslmOjh6rThUhXShbeleEgpCQ3tV4RP1iKskWE3SDaDFgo83raFbEEPrwAz0TGPP2f62RN9BoRtPvXztGfJAa6y8AhnJaatbJoBtNMJAg6pl5296jUTFKi1JijpOcRlg+WlFV4Penjt2B8wGBx4cZAfh/Jrtb0iY2Av6vD8/jeCskeZsyhBJ4nQ0mAyGR5R94x46abbUeSX9H/r9RrL6XjdATJ1FMjUNM3plCdlBpxhDgTbhW+6wBPwEnWOv3iroaMJjGpXv/8zq+Xb432UPnnGoYmNoRxz2Y9QqPhH0HrBPT2yJY3orGoLzrBXq8OaZdr8D3+XPGFp3rlFs/iJe5q35k+7KHM3vZkThGeLNMLLokqW4cFu3IrBY=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN6PR2201MB120249170A5FE05084F93ED0DA860BN6PR2201MB1202_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: c5089ef7-9f55-4c98-8d85-08d742adf4b3
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Sep 2019 18:18:39.6168 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: C36TpAJRPwt5bsNndc9Ek9iQ21wlFfptS4a9/jlWKDVk/0Qpu856I67dcaWlXtC40XqTPeoKZ/TlyrE9W2mw4w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR2201MB1444
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/lq7i3wd_2S0CfAWqz7AmaNNrBWU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Sep 2019 18:18:45 -0000

We’ve talked about what would be involved in server migration.  Given the reality of NAT behavior, the client usually needs to be the party actually changing what address it’s communicating with, even if it’s the server that’s changing.  A server migration implementation would probably include a frame that looks a lot like a preferred address transport parameter, asking the client to please probe the new path and switch if successful.  However, it was a deliberate decision not to open the door further for v1.  One of the features that might be considered for v2 or extensions is more extensive migration or multipath support, but we’re not there yet.

From: QUIC <quic-bounces@ietf.org> On Behalf Of Jana Iyengar
Sent: Monday, September 16, 2019 8:23 PM
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Luke Curley <kixelated@gmail.com>; QUIC WG <quic@ietf.org>
Subject: Re: preferred_address outside of handshake

Luke,

I agree with what Mikkel said. To your point, this parameter was meant specifically for the anycast case, but not the more general case. Doing the more general server migration is a complex beast. We'll see what happens in the future with QUICv2, but I don't think we should pursue this general case right now.

- jana

On Sun, Sep 15, 2019 at 11:07 PM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com<mailto:mikkelfj@gmail.com>> wrote:
This lands under migration.

It was deliberate choice to only allow clients to migrate in QUIC v1 to avoid excessive complexity and because the most common use case are mobile clients connecting to stationary servers.

There is an inherent feed-back problem in allow both to migrate. Even seeming simple problems such as allowing both peers to change encryption keys has caused at lot of design discussions and change.

QUIC v2 will likely explore multi-path connections and server migration.

Kind Regards,
Mikkel Fahnøe Jørgensen


On 16 September 2019 at 08.02.05, Luke Curley (kixelated@gmail.com<mailto:kixelated@gmail.com>) wrote:
Hey guys,

I've spent the last few days reading the QUIC spec and it's amazing. One thing I love is preferred_address as it gives the server the ability to redirect traffic from an anycast address to a unicast address (among other uses). This would obsolete DNS load balancing in many cases!

However, it's only possible to use preferred_address during the handshake. If there was a frame that behaved the same way, then it would be possible to migrate traffic to another address. This would be extremely useful; you could migrate to another port for graceful restarts or another IP address (including anycast!) to drain the entire host.

This is almost possible today as the new server can send packets (from a new address) and cause the client to initiate a PATH_CHALLENGE. However, this won't always work when the client is behind a NATs. What you really need is the client to punch a hole in the NAT by explicitly telling the client when to initiate a PATH_CHALLENGE.

What about something like PATH_CHALLENGE_REQUEST, containing similar information as preferred_address? I even think this frame should replace preferred_address as it's not a critical handshake parameter.


Thanks!

v2.23.0 | Report a Bug | By Email