Re: [Spud] States in draft-trammell-plus-statefulness-00

Eliot Lear <> Mon, 14 November 2016 17:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 805851294BA for <>; Mon, 14 Nov 2016 09:58:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -16.019
X-Spam-Status: No, score=-16.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id j8teALqINuRn for <>; Mon, 14 Nov 2016 09:58:30 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F24F11294CE for <>; Mon, 14 Nov 2016 09:58:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=2962; q=dns/txt; s=iport; t=1479146310; x=1480355910; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=pqGrj2SxxRy1uwNql+IT0wxp48Py9OAMj9FsHqJkCZA=; b=cL8L0R2itnHvo8Jbb4RjvpoYWSLgWjBUFkyo8lCq1zb4lh9YoEpEX26A O8CfQc1tzBo8f/mvWjmcDI5CO2kp6g+zeoCGPALkkw6h409GbYgrKFXPU tXcdz2kOFv7uHtighzxAr4jiv/ASbtal2yiZPjH1tOoldTMvh2oWshOna g=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.31,491,1473120000"; d="asc'?scan'208";a="649934899"
Received: from (HELO ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Nov 2016 17:58:28 +0000
Received: from [] ([]) by (8.14.5/8.14.5) with ESMTP id uAEHwR8u011407; Mon, 14 Nov 2016 17:58:27 GMT
To: Christian Huitema <>, "'Brian Trammell'" <>, "'Dave Dolson'" <>
References: <> <> <03b101d23e9b$7c883540$75989fc0$>
From: Eliot Lear <>
Message-ID: <>
Date: Mon, 14 Nov 2016 18:58:26 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <03b101d23e9b$7c883540$75989fc0$>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="up46ssM1hSSrkv1MvLSAkRDsrfwwBd6Xh"
Archived-At: <>
Subject: Re: [Spud] States in draft-trammell-plus-statefulness-00
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Session Protocol Underneath Datagrams <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 14 Nov 2016 17:58:31 -0000

Hi Christian,

On 11/14/16 6:21 PM, Christian Huitema wrote:
> On the other hand, since endpoints may well just drop off a route
> without notice, we know that timers are needed in any case. 

Yes, needing them and waiting for them to fire off are two different
things, right?  It's better to have a mechanism that cleans up sooner
than later.  If we have that mechanism then we use fewer resources
(memory) per flow on average and that in turn means supporting more flows...

> So, we could frame the problem simply as "can we find an alternative
> to timers for state management."

> My preference would be for standardizing some well-known magic packets
> with meanings like "keep me alive for another N minutes" or "drop me
> now", and to rely on bidirectionality to avoid vulnerability to
> spoofing attacks. Then, the onus would be on end to end protocol to
> incorporate or work around these magic packets.

The nice thing about TCP being stateful, however, is that the middlebox
has reason to trust how an end device is going to handle something that
is outside the state machine.  It's really well defined.  That's the
good part.  The bad part is that then the state machine is ossified.