IETF Logo Mail Archive

Re: [Spud] Return routability and feedback (was: Questions based on draft-trammell-spud-req-00)

Jana Iyengar <jri@google.com> Tue, 11 August 2015 18:00 UTC

Return-Path: <jri@google.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C366F1ACE50 for <spud@ietfa.amsl.com>; Tue, 11 Aug 2015 11:00:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.088
X-Spam-Level:
X-Spam-Status: No, score=-1.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObT9tjYloqO1 for <spud@ietfa.amsl.com>; Tue, 11 Aug 2015 11:00:00 -0700 (PDT)
Received: from mail-oi0-x229.google.com (mail-oi0-x229.google.com [IPv6:2607:f8b0:4003:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F074E1ACDDF for <spud@ietf.org>; Tue, 11 Aug 2015 10:59:59 -0700 (PDT)
Received: by oiev193 with SMTP id v193so78829552oie.3 for <spud@ietf.org>; Tue, 11 Aug 2015 10:59:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bUOSmEYVPFe64FHjOd3ALYqwV4FmmPupRVDtgmzl2qs=; b=OV4+h2EnjeJN3e0j6sfGGahkK1nts9YRkFA8ySqEBeeWt8mIT4JKmOdrNqYEG4EdpY lwuI/+Zy2ZglQvUCAGt0HoSqFdxCoqWntsYNXQxUc9wnwXdcpw1XYEC5okaOrheV11BD 38yxdacViWln4BwKmkUDRQQQlz4lRx90SPpUWxBImCmFBNsmNTFxmeGGfz4/vE9zCcJP qItssH0E2hAaH+Q2hJZd0EAu5Kl+7WqkczPD3L7xvAj/fnnllWlMSVXdjJp7zbxnarFc xYLSaHN1R251Z/tuyF4hz8wne3zBGrfy69CpLiNbR/O2pDGP3jnlNnVRnhfuv3oPztqC 27ZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=bUOSmEYVPFe64FHjOd3ALYqwV4FmmPupRVDtgmzl2qs=; b=j+LtWBCl7AIR8JXy107Pb0C2+4BXb4CzBdTjY45SJndfl39/VNffmHxBz+lcakZwBO fo9u9sFG6ngMLpsGujxVxOYJ5yTc8MLUosJlp5LVlijdIu6SQjiglwIfIGoEGuLfsncX ZSfU4a0x70EpqmMqLH/VlogPCbdwWk4TJNAd6OpSdSdGIrEOT8KczjJa0nljn0el0qD6 S1T0P2N5dPk04eatnUmxbTw2OLATqDV28APqP4x21n1mqzgzXmSjqyEYnJGRGnXBwoVc asLM/N9euCzL1IqE22M9xgofJqwVKgn+0E2g5NYkoKEVMGYcVcEQxSxd7DivWsRC4L8G gV7A==
X-Gm-Message-State: ALoCoQlEHyM/w7XrsaCY17rlbDJZ0h7ky2GDmbXCr/tP8ZK+mR/3ffMDZmWMSRzhbHWgltPJd7Dw
MIME-Version: 1.0
X-Received: by 10.202.45.195 with SMTP id t186mr15330747oit.75.1439315999394; Tue, 11 Aug 2015 10:59:59 -0700 (PDT)
Received: by 10.76.158.133 with HTTP; Tue, 11 Aug 2015 10:59:59 -0700 (PDT)
In-Reply-To: <0F26B0A9-8042-472D-92B0-9D2822B5D1A3@tik.ee.ethz.ch>
References: <1AFABFF2-B841-4B0D-867C-709683BEDC8D@tik.ee.ethz.ch> <55C9A2D5.9060304@kit.edu> <0F26B0A9-8042-472D-92B0-9D2822B5D1A3@tik.ee.ethz.ch>
Date: Tue, 11 Aug 2015 10:59:59 -0700
Message-ID: <CAGD1bZbQu4GrmZSfgYiGhTMxQLoQmhMG+MiLASvqPFZT0s2FGQ@mail.gmail.com>
From: Jana Iyengar <jri@google.com>
To: =?UTF-8?Q?Mirja_K=C3=BChlewind?= <mirja.kuehlewind@tik.ee.ethz.ch>
Content-Type: multipart/alternative; boundary=001a1137b266dd5bc2051d0cde49
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/paeUjdpQCzihDN5PvcLziWiVxxk>
Cc: Roland Bless <roland.bless@kit.edu>, "spud@ietf.org" <spud@ietf.org>
Subject: Re: [Spud] Return routability and feedback (was: Questions based on draft-trammell-spud-req-00)
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 18:00:06 -0000

A quick thought on explicit close, FWIW. Sending an explicit close packet
often involves a client or a server sending a packet, usually after some
amount of quiescence. When on a cellular device, this requires the device
to pull up the radio and spend energy on sending/receiving a packet that
basically contains little to no information. This design is generally being
eschewed in favor of a connection timeout at the ends, especially when the
endpoints can negotiate on a timeout period.

One way for a middlebox to learn about connection close would be to have an
explicit negotiation in SPUD that is visible to the network... but I don't
think that relying on connection close packets for signaling a connection's
termination is going to be adequate.

On Tue, Aug 11, 2015 at 2:38 AM, Mirja Kühlewind <
mirja.kuehlewind@tik.ee.ethz.ch> wrote:

> Hi Roland,
>
> see below.
>
> > Am 11.08.2015 um 09:23 schrieb Roland Bless <roland.bless@kit.edu>du>:
> >
> > Hi,
> >
> > Am 08.08.2015 um 11:16 schrieb Mirja Kühlewind:
> >> 4) Return routability and feedback —-
> >>
> >> a) 2WHS vs. 3WHS? —> SPUD should/must (?) provide a 2WHS, that means
> >> an ACK in response to the initial packet should be generated by SPUD
> >> even if the overlying protocol does not support this semantic. Note
> >> this mean the ACK may only have a SPUD header but no overlying
> >> protocol data.  This would make all SPUD flows/tubes bidirectional.
> >
> > But potentially hitting different middleboxes along asymmetric paths,
> > i.e., the ACK is routed back along a different path than the initial
> > packet. A 2WHS is also vulnerable against state exhaustion attacks.
> >
> >> Further SPUD should also provided the semantics for an 3WHS but may
> >> only send a third packet if the overlying protocol implements it or
> >> there is another reason for the application to explicitly request a
> >> SPUD-only 3WHS.
> >
> >> From a security perspective, a 3WHS with a DoS protection cookie would
> > be the most reasonable option.
> >
> >> b) Does the semantics of the SPUD protocol need to provide an
> >> explicit start signal as well as start/ack signal? -> Yes, start is
> >> needed to distinguish start and middle of a tube; ack is needed to
> >> finally set up state. However, not clear yet if all SPUD tubes MUST
> >> send a start signal or only SHOULD. If a start was received, however,
> >> a ACK must be sent…?
> >
> > See above. On the one hand an ACK is maybe not enough to set up state. A
> > SYN Flood would otherwise also set up state in the SPUD box. On the
> > other hand, SPUD boxes must be prepared to react to flows/tubes that
> > neither have Start, ACK, or Close due to temporary re-routing events.
> >
> >> c) Should it be possible to send multiple START signal on the same
> >> tube (e.g to re-initiate state)? -> Not clear if this is really
> >> needed
> >
> > I don't think that it is needed, see previous point.
> >
> >> c) Is a stop flag needed/useful? —> Yes (faster state tear-down), but
> >> the overlying protocol must be resilient to it not being sent, not
> >> being received.​
> >
> > I don't understand this, is that different from a close?
>
> No, it’s close. The question is do we need an explicate signal for close
> (and maybe even close/ack) or is it sufficient to just let the state time
> out because middleboxes anyway need a timer as they can never rely on
> seeing a close.
>
> Mirja
>
> >
> > Regards,
> > Roland
> >
> > _______________________________________________
> > Spud mailing list
> > Spud@ietf.org
> > https://www.ietf.org/mailman/listinfo/spud
>
> _______________________________________________
> Spud mailing list
> Spud@ietf.org
> https://www.ietf.org/mailman/listinfo/spud
>

v2.8.7 | Report a Bug | By Email