IETF Logo Mail Archive

RE: Connection ID Space

Mike Bishop <mbishop@evequefou.be> Tue, 30 April 2019 17:50 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C89012031D for <quic@ietfa.amsl.com>; Tue, 30 Apr 2019 10:50:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jIlk11VDtL8u for <quic@ietfa.amsl.com>; Tue, 30 Apr 2019 10:50:24 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-eopbgr770091.outbound.protection.outlook.com [40.107.77.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FF9A12031E for <quic@ietf.org>; Tue, 30 Apr 2019 10:50:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WFdI0ShD+BfbJ+/7G66fxoQE/cgFBwYHJnz+yAxQPH4=; b=jrm4GaQtk5YXPqS73r39ObzuA5lqk8OEhWfFhX3hqBEqHqvYUe+XcTi0dmYuiRKgNqOeINdHACgLp0rKDvXgd62RNAYarSon3fD+1Il5F/ACY/SRw45HzhDLprP09dNIWj9tcuiWEiMjGSAdlFzYOtYwjNEyeR62VfRfawLIdWU=
Received: from CY4PR22MB0983.namprd22.prod.outlook.com (10.171.164.151) by CY4PR22MB0568.namprd22.prod.outlook.com (10.172.138.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1835.15; Tue, 30 Apr 2019 17:50:21 +0000
Received: from CY4PR22MB0983.namprd22.prod.outlook.com ([fe80::5e:10a3:8225:425]) by CY4PR22MB0983.namprd22.prod.outlook.com ([fe80::5e:10a3:8225:425%5]) with mapi id 15.20.1835.010; Tue, 30 Apr 2019 17:50:21 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Martin Duke <martin.h.duke@gmail.com>, Ryan Hamilton <rch@google.com>
CC: IETF QUIC WG <quic@ietf.org>
Subject: RE: Connection ID Space
Thread-Topic: Connection ID Space
Thread-Index: AQHU/Hke5LQf5oR0tESJhMqZbEzX16ZPCC6AgABbDoCABZxCoA==
Date: Tue, 30 Apr 2019 17:50:21 +0000
Message-ID: <CY4PR22MB098376AEF8602968191281A8DA3A0@CY4PR22MB0983.namprd22.prod.outlook.com>
References: <CAM4esxR_mHHu7NhxjSNoDf6Hz42YwGDmG4MiEGXOZJTt-ZoNXg@mail.gmail.com> <CAJ_4DfTLkfgE9tSEDq5AicHqEQrNDJQiwYNnDmxLg7EfKhhkmw@mail.gmail.com> <CAM4esxTdwBeEfRA=OKCkaCuut8GXwOJszqxrGBAWVxkVWzuFmQ@mail.gmail.com>
In-Reply-To: <CAM4esxTdwBeEfRA=OKCkaCuut8GXwOJszqxrGBAWVxkVWzuFmQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [38.134.241.6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 36178aa3-a3ee-42c3-99a6-08d6cd945116
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:CY4PR22MB0568;
x-ms-traffictypediagnostic: CY4PR22MB0568:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <CY4PR22MB05685041F6A167E441C0F42ADA3A0@CY4PR22MB0568.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00235A1EEF
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(136003)(346002)(39830400003)(376002)(396003)(199004)(189003)(3846002)(6116002)(2906002)(66476007)(81156014)(66066001)(790700001)(73956011)(66556008)(76116006)(5660300002)(64756008)(4326008)(81166006)(25786009)(66946007)(66446008)(446003)(508600001)(53936002)(76176011)(8676002)(14454004)(110136005)(52536014)(6246003)(236005)(9686003)(99286004)(97736004)(256004)(11346002)(316002)(33656002)(55016002)(8936002)(74482002)(7736002)(6306002)(7696005)(6436002)(26005)(86362001)(6506007)(186003)(74316002)(486006)(229853002)(476003)(54896002)(102836004)(68736007)(3480700005)(7116003)(606006)(71190400001)(71200400001)(53546011)(14444005); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR22MB0568; H:CY4PR22MB0983.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 5VxfPV6P3iWHlawPPb0hkV/uaWGWIh2u9q0iuDIAfDdz1DE3r1hlaTOzi8OrdvFzKHPt6fLHTeHqHTZ5WxVKs3Y3BxQkQqrsH4h1bVLVQNwAWOFlc8pCwOSAX4flKZXIp7mLeKa00ntCoim248VVeI1h2tVxSZJ0e7c11ZKXnHNaKBxC/MXiCn5R3d7y+o4ugY+atngmh/pGbeDz7dB7a4b+X7g4sE5od08RQ6cApTdljJsRQImgKEWHUzTGJ3WhZ3bG33tE5P+dyd7IBBnU3X0whu+u0Dq1bTzItHmUHSH+F/5irjKhq6d1PMvlaeXnjIvvfQB0dYg6A6Cz1kuQO2qla3O0bNzmD17+CBeb+JvDrL99xAI3OZEs9ad/XeL2MpoImuoMAEd4PK/QDt7cIwWVjn/ANvVYwT/KU0NpOUQ=
Content-Type: multipart/alternative; boundary="_000_CY4PR22MB098376AEF8602968191281A8DA3A0CY4PR22MB0983namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 36178aa3-a3ee-42c3-99a6-08d6cd945116
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Apr 2019 17:50:21.7522 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR22MB0568
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/b6EPgJVyyCK0P8F6SmwXObwVBAY>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Apr 2019 17:50:29 -0000

I’m in the semi-ignoring QUIC-LB camp, as I believe it’s an important problem for other people to solve right now.  (Thanks, Martin!)



I take no particular position on whether the 18 byte maximum is too small; it feels exceptionally large to me, but if we’re getting actual implementation experience that shows otherwise, I’m happy to have the data.  If it needs to change, I agree that Option 2 appears the most futureproof, and if something needs to change in the invariants, this is almost the latest we could possibly do it.  Now or never.



I think Option 1a is to note that the invariants don’t limit the length of CIDs in a given version in short-header packets; a future version could define much larger CIDs to be valid post-handshake.  Coupled with a way to encourage/require clients to move off of the handshake CID immediately post-handshake, this might be sufficient for the real world.



From: QUIC <quic-bounces@ietf.org> On Behalf Of Martin Duke
Sent: Friday, April 26, 2019 9:03 PM
To: Ryan Hamilton <rch@google.com>
Cc: IETF QUIC WG <quic@ietf.org>
Subject: Re: Connection ID Space



Option 2 would be a change to the invariants.



On Fri, Apr 26, 2019, 15:37 Ryan Hamilton <rch@google.com<mailto:rch@google.com>> wrote:

   Do I understand correctly that this would be a change to the invariants?



   On Fri, Apr 26, 2019 at 2:43 PM Martin Duke <martin.h.duke@gmail.com<mailto:martin.h.duke@gmail.com>> wrote:

      Although it is quite late in the day for this objection, I find that we already bumping up against the limits of the 18 byte connection ID.



      Inevitably, this touches on some issues we're exploring in the quic-load-balancers draft<https://github.com/martinduke/draft-duke-quic-load-balancers/blob/master/draft-duke-quic-load-balancers.md>, which isn't adopted, and many of you are no doubt happily ignoring.



      There are basically three uses of the 144 bits of CID entropy in QUIC-LB:



      1) Server ID encoding -- as there are only so many servers one might have, 16 bits is usually enough for this.

      2) "Private" server entropy -- the load balancer doesn't care what the bits are, but they're protected by crypto. The server created and encrypted the CID, so it can use this for its local purposes, but no one else can. The amount of this depends, but if you're using a 256-bit block cipher it's something like 240 bits -- plenty

      3)  "Public" entropy -- not encrypted, these bits are readable by anyone who is familiar with the encoding scheme. With a 16 B encryption block, we have only 16 bits to play with here.



      QUIC-LB is already taking 2 of these last bits for config rotation, which allows server pools to incrementally deploy new CID keys or encoding schemes. So we're down to 14 bits..



      The public entropy is useful for a growing pile of trusted hardware devices that are presumably not going to perform CID decryption. On f5 boxes, we have a hardware disaggregator for the many dataplane processors and threads that are operating. Today, we'd use perhaps 8 of the bits, but in future architectures even 14 might not quite be enough.





      And now, having chatting with Manasi Deval from Intel after her Prague talk about hardware offload, I'm fairly sure we're going to need 4 to cheaply encode the connection ID length, at least for servers that want to use this service.



      If we ever wanted a solution that allowed multiple tiers of load balancing, which is not currently in scope for QUIC-LB, we don't have nearly enough space.



      I see three options:

      1) Ignore the problem -- this may restrict the number of use cases of QUIC in the future, especially as Connection ID lengths are part of the invariants.

      2) Redefine the DCIL and SCIL fields to be half the connection ID length. Thus CIDs would always have even lengths but could run up to 30 Bytes. For what it's worth, this also enables 2B CIDs. This is heavyweight as a diff to the current spec but is the most futureproof. There are, of course, other mappings with different properties but similar bureaucratic costs.

      3) There are two reserved bits in the relevant header types. If we allowed them to not resolve to zero post-protection, and therefore opened them to encode QUIC-LB config rotation in the clear, this would mitigate the problem and I am fairly confident that these bits would vary enough to not ossify. This is a lightweight protocol change but may just partly relieve the pressure we're feeling now.



      What are people's initial attitudes? Unless there is strong consensus for Option #1 I can file an issue and we can get it on an agenda to discuss in person.



      Martin

v2.23.0 | Report a Bug | By Email