Re: draft-duke-quic-load-balancers-05.txt
Martin Duke <martin.h.duke@gmail.com> Mon, 04 November 2019 22:03 UTC
Return-Path: <martin.h.duke@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 468F5120154 for <quic@ietfa.amsl.com>; Mon, 4 Nov 2019 14:03:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jCejmo6cKDf1 for <quic@ietfa.amsl.com>; Mon, 4 Nov 2019 14:03:34 -0800 (PST)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82CAC1200C4 for <quic@ietf.org>; Mon, 4 Nov 2019 14:03:34 -0800 (PST)
Received: by mail-wr1-x431.google.com with SMTP id n1so18907584wra.10 for <quic@ietf.org>; Mon, 04 Nov 2019 14:03:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1qLThQ+EfDsN5k8g8XrhTeNtRiABo9a6mN6D0G1qGpw=; b=M058+IC0eMRdpBHE4TPJP1uLdPqXnN0fmbbOYaeKKONVKX4SmCNM4zBkZHmuANQtIV w1ZhRwa0yPq53NPN3Ra4t2LWozJ/T613wK2TUOOVfQRufN4N0tU4TihtifYrI7dGky2T v2VFWFTAhuIsJw/YSoy32imyfXunbtygXtezJPoZznWdGtXnZokLpDZoHbUScMrprK6c WvSkNPAucoAtQZZdEg/s4l3WE0YS73H7fzg2CW8NPal39E/80NMj5eYN4rrOj0EUgKt+ NdYoA25BxXlmeCPR+18VXOrQ+5vKD3JUTlZ4ymbZkTwe/SaTFkPmACleHAU5if8UntVO tmGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1qLThQ+EfDsN5k8g8XrhTeNtRiABo9a6mN6D0G1qGpw=; b=XvPvX0cT85xHuGqbPoHAb1G/5kdtgk6F8/PzRxsW8eZmcRkXroklFrPSDH3k4SM5SO xJTIeZLM3+LJUiV+9j8QRd/zu0tuurWHsURz4xMp41DmQRonf0vd4jL1Qb+g29QdoWiv pfacjL2M3QHX+3lOiAgZzQB03tIcuDCKn4hGOwVUlWcxswXzIo77W30BuRPtrx40UW1Y GlTm5tzpuPzoSdiz3iiRFkc9rbnr6RQ4d8i0ZY7HyN3AzXX8VvGJ4Jl/NLv/g41AGksk 2xKk6EuvYSqWeKHG8M/KAchvJlH9T43cw0OoO66zUqcAJIWFTDDXImOeoOXnLW5afoJx hn9w==
X-Gm-Message-State: APjAAAUOWjYozlodL+7xYgbnO/aQC/xBf/vxnh9K6yHM3KHM9E+nGGVP hhFeqSP6mWwX50ND/TI8kFuxNUadaCP9PrP2Kno=
X-Google-Smtp-Source: APXvYqzX3ndJnnTrksyEUZ6JpwCEyD8F4cNsSdJWn9K36b/fymqrKEQI0rsOEwfUTaLv2gcQolTSkrhNbJQrdIbcVV4=
X-Received: by 2002:a05:6000:12c4:: with SMTP id l4mr9452041wrx.110.1572905011097; Mon, 04 Nov 2019 14:03:31 -0800 (PST)
MIME-Version: 1.0
References: <20191028194956.GC420@gmail.com> <CAM4esxTJUFD-G-WUOwZQbgSafpMJXHVtYCm1eF=_1g8tDxru=A@mail.gmail.com> <20191029210428.GA119@gmail.com>
In-Reply-To: <20191029210428.GA119@gmail.com>
From: Martin Duke <martin.h.duke@gmail.com>
Date: Mon, 04 Nov 2019 14:03:19 -0800
Message-ID: <CAM4esxSaZdryVtem=iywADpTUhkjuNAyWgCC3-K1k715j3rQ-w@mail.gmail.com>
Subject: Re: draft-duke-quic-load-balancers-05.txt
To: Sowmini Varadhan <sowmini05@gmail.com>
Cc: IETF QUIC WG <quic@ietf.org>, Nick Banks <nibanks@microsoft.com>, sovaradh@microsoft.com
Content-Type: multipart/alternative; boundary="00000000000073b60705968c7c15"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/zjDGUM_CpfJjSITAi0t2wjfAG4Y>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Nov 2019 22:03:38 -0000
Sowmini, Hopefully draft-06 addresses your concerns. Thanks again for reviewing On Tue, Oct 29, 2019 at 2:04 PM Sowmini Varadhan <sowmini05@gmail.com> wrote: > On (10/29/19 13:25), Martin Duke wrote: > > Hi Sowmini, > > Thanks for the review. I'll file a PR for your editorial changes. > > sounds good, thanks for doing this! > > > 0b11 is 2 bits. The '0b' notation indicates each digit is a bit; '0x' > > would be hexadecimal, where 2 characters = 1 Bytes. > > ah, this is the NIC data-sheet notation, that got me by surprise. > If there is no strong objection, can we just list the code-points > as "11" (I think this is the convention followed in other ietf rfcs, > e.g., 3168, for the ECT code-points). > > > In section 4, it says: " The load balancer SHOULD route Initial and > 0-RTT > > packets from the client using an alternate algorithm". The point here > is > > that the destination CID for these packets is chosen by the client. > It may > > not be long enough to apply the chosen algorithm, so something else > should > > be done. However, " This algorithm SHOULD generate consistent results > for > > Initial and 0RTT packets that arrive with the same source and > destination > > connection ID" so they all end up at the same place. If the LB > doesn't do > > this, then the 0RTT packets will be lost. This is suboptimal but > doesn't > > break the protocol. > > ok, perhaps it would be helpful to add some discussion around this > in the draft. > > [discussion for "Section 4.3.1 refers to "token"] > > This is the QUIC-LB authentication token, which I should clarify. In > any > > case, I don't believe that servers get this token if there's > out-of-band > > configuration, so I need to fix this. > > Ok. > > [discussion around Section 5] > > This is for the benefit of the QUIC server. When the server gets an > > Initial Packet with a Retry token in it, it needs to extract the ODCID > > from that token so that it can send it back in a transport parameter. > If > > the client got a Retry but then doesn't get the ODCID transport > parameter, > > it means there's an unauthorized man in the middle and the client > should > > terminate the connection. > > I see. In general, it would help to provide some context in this section > about why any tweaks in the Retry Service are needed at all, along with > your explanation above. > > Thanks! > > --Sowmini > >
- draft-duke-quic-load-balancers-05.txt Sowmini Varadhan
- Re: draft-duke-quic-load-balancers-05.txt Martin Duke
- Re: draft-duke-quic-load-balancers-05.txt Sowmini Varadhan
- Re: draft-duke-quic-load-balancers-05.txt Martin Duke
- Re: draft-duke-quic-load-balancers-05.txt Sowmini Varadhan