Re: [Spud] States in draft-trammell-plus-statefulness-00

"Christian Huitema" <> Mon, 14 November 2016 17:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9EE5A12940D for <>; Mon, 14 Nov 2016 09:27:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.621
X-Spam-Status: No, score=-2.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dc1BPI-HvHtX for <>; Mon, 14 Nov 2016 09:27:50 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6EC071298A4 for <>; Mon, 14 Nov 2016 09:21:19 -0800 (PST)
Received: from ([]) by with esmtps (TLSv1:AES256-SHA:256) (Exim 4.86) (envelope-from <>) id 1c6KwV-0005dQ-GL for; Mon, 14 Nov 2016 18:21:18 +0100
Received: from [] ( by with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <>) id 1c6KwQ-0003Jx-TJ for; Mon, 14 Nov 2016 12:21:14 -0500
Received: (qmail 9871 invoked from network); 14 Nov 2016 17:21:10 -0000
Received: from unknown (HELO icebox) ([]) (envelope-sender <>) by (qmail-ldap-1.03) with ESMTPA for <>; 14 Nov 2016 17:21:09 -0000
From: "Christian Huitema" <>
To: "'Brian Trammell'" <>, "'Dave Dolson'" <>
References: <> <>
In-Reply-To: <>
Date: Mon, 14 Nov 2016 09:21:05 -0800
Message-ID: <03b101d23e9b$7c883540$75989fc0$>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQKf862m8oZQa9APzsImua+wBtT6LQEXHGdBnzSPuEA=
Content-Language: en-us
X-Filter-ID: s0sct1PQhAABKnZB5plbIVbU93hg6Kq00BjAzYBqWlUcW8ntawmIBRrYFzUH2lbvx1wTMkEUUoeb KIhkyzl2dNEAmMBmHDUmmY+3eqwn6k80HbLcIXRK+rCYHS2Pxr4sUvWQm1ERVuodk8O3ETzMD7FL knUxWH0C4yisWo0g2KibTEgoa6PTvhjKOiVft2q6dcmtTcWSOKD5RASVzg27isAXVRQgHbLLzV7b 3SwTZqt5kYwBFjHSX1ySASMY7Q8kVWau65pVsnZkx/s3iU5HXZFVgpT1b21uZVckGp0ccOY/32e+ 5fVqy4sN42wuoCbdc1pXJXxpAbEqfV7bN3pyp/i885J4uw2WezmviQauN2SLBDMrD7q/cJogwbqz suok2jmyqSBZG+RxUC8CBX34LAZIe8Pggnek1xH/TgvWD0MaKXvNWrRcSD72jROfhu6vZJ0Q4x+0 GOxZvoENDONKwZkjGlUCvU6ZAmJB8zrNH9DxX8G2bApANEDRnSX/sJx0Uf5/xO8dap3thvg9e/eV ioOoT5f9zNwjlArtXM+EHVKnG+eTs8kbKBy2XcsLzqKfmJdDwLTy7ggkbtiREBmTEN9TLrF9l3It GfA/WrnALV6YO2/mqpOb7Q80SeXyngcEZA0ovkdUHlhxng/6M5IV+I73x9yTpqy088VxyqIsKLEe bp9tI6dJK7GvNGOBzee8
Authentication-Results:; auth=pass smtp.auth=
X-SpamExperts-Outgoing-Class: unsure
X-SpamExperts-Outgoing-Evidence: Combined (0.22)
X-Classification: unsure/combined
X-Recommended-Action: accept
Archived-At: <>
Subject: Re: [Spud] States in draft-trammell-plus-statefulness-00
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Session Protocol Underneath Datagrams <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 14 Nov 2016 17:27:52 -0000

Hash: SHA1

On Sunday, November 13, 2016 5:56 PM, Brian Trammell wrote:
> Not yet defined; I'll be talking about this in QUIC tomorrow; see also my slides for that talk at 

The basic connection state machine can be informed by arrival of packets in either direction and timeouts. This is indeed how most NAT handle UDP today, and it is independent of the protocol on top of UDP. It is also fairly robust to route changes, as the new traffic will naturally open the flows in the new route. The main drawbacks come from the use of timers. Too long and they use too much resource in the middle, too short and they require inefficient keep-alive traffic. On the other hand, since endpoints may well just drop off a route without notice, we know that timers are needed in any case. So, we could frame the problem simply as "can we find an alternative to timers for state management." 

My preference would be for standardizing some well-known magic packets with meanings like "keep me alive for another N minutes" or "drop me now", and to rely on bidirectionality to avoid vulnerability to spoofing attacks. Then, the onus would be on end to end protocol to incorporate or work around these magic packets.

The natural temptation is to go analyze the end-to-end protocol, but it can lead to complex code and ossification. I really wonder whether PLUS should do specific work for QUIC, by opposition to "generic work applicable to any UDP based protocol."  I am concerned that implementing protocol-specific logic in the middle of the network leads to ossification of that protocol, and in fact we saw hints of that with boxes that tried to recognize the version number field in QUIC. When the version number changes, these boxes detected an error and started blocking packets. Of course, this was incorrect behavior, but ossification precisely starts there, incorrect behavior distributed all around the network. 

The other concern is that if all the logic is protocol specific, then you need different logic for QUIC, DTLS, RTP, COAP and what have you. This makes the boxes more complex and more error prone, not to mention potential attack surface if these boxes attempt to parse complex protocols. Also, it creates another form of ossification, in which it becomes very hard for our grandchildren to develop the successor to QUIC.

- -- Christian Huitema

Comment: Using gpg4o v5.0.7.7563 -
Charset: utf-8