Re: [Stackevo] [Spud] Fwd: New Version Notification for draft-trammell-spud-req-01.txt
Tom Herbert <tom@herbertland.com> Wed, 21 October 2015 16:25 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: stackevo@ietfa.amsl.com
Delivered-To: stackevo@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A3F41A6EE4 for <stackevo@ietfa.amsl.com>; Wed, 21 Oct 2015 09:25:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YmsgIWor4HF8 for <stackevo@ietfa.amsl.com>; Wed, 21 Oct 2015 09:24:59 -0700 (PDT)
Received: from mail-ig0-f174.google.com (mail-ig0-f174.google.com [209.85.213.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC9C31A21C0 for <stackevo@iab.org>; Wed, 21 Oct 2015 09:24:58 -0700 (PDT)
Received: by igbkq10 with SMTP id kq10so97871326igb.0 for <stackevo@iab.org>; Wed, 21 Oct 2015 09:24:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=VtTmVtiit99BjEVlwTSjI41FpkSFwREvlCdFJEnuTWo=; b=IVzsxpNwgOEQIureTNlfIIPVlCzprjQWvy3/XOxXpS6gPGzeQJO87Wo6kSLMjnI6pm hDiyKrjR5DbJ6VcguUggiGb/y6Gw4hofSADGbnSSVvpUQ2wQjeowaCSRN1trTaZbsk27 TYQW7bc1TJKrNXX/sTeyPo6n6qdQex2vrJ0Md/mTakKdn6DEqma6fXioY7kIiAfYY6rR lwPQ44R5KQ9rTobiC08kuPE72+raNidsVfhrdFnZvg/r0UK4Blnw6yB3OMEsh6OCv3yA QdGgY6h8mVWUkfvKLg9McxYBvC84Llt9nLJ+LEZ55ItSrz5u9r94gjaiQZH2GlbceMQv Y/Vg==
X-Gm-Message-State: ALoCoQl5eBLClzZYUnqbATdRGIAA54YI3Bc7aNKrqj2BaVksz+htpRctUhS4y0Usz4cUQjt1k/SM
MIME-Version: 1.0
X-Received: by 10.50.56.113 with SMTP id z17mr10929917igp.65.1445444698215; Wed, 21 Oct 2015 09:24:58 -0700 (PDT)
Received: by 10.107.41.83 with HTTP; Wed, 21 Oct 2015 09:24:58 -0700 (PDT)
In-Reply-To: <0243038A-FE56-417D-AE71-0DA46A5A2FEB@trammell.ch>
References: <20151019202940.26420.35311.idtracker@ietfa.amsl.com> <0243038A-FE56-417D-AE71-0DA46A5A2FEB@trammell.ch>
Date: Wed, 21 Oct 2015 09:24:58 -0700
Message-ID: <CALx6S34pYPkAeD=0NnqO0MVPm2oUA4bJ2uy_ZdUO0-7hLddRTw@mail.gmail.com>
From: Tom Herbert <tom@herbertland.com>
To: Brian Trammell <ietf@trammell.ch>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/stackevo/rpS3msAWV-4cNJEoMzBop9EPlZY>
Cc: Stackevo <stackevo@iab.org>, stackevo-discuss@iab.org, spud@ietf.org
Subject: Re: [Stackevo] [Spud] Fwd: New Version Notification for draft-trammell-spud-req-01.txt
X-BeenThere: stackevo@iab.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IP Stack Evolution Program Mailing List <stackevo.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/stackevo>, <mailto:stackevo-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stackevo/>
List-Post: <mailto:stackevo@iab.org>
List-Help: <mailto:stackevo-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/stackevo>, <mailto:stackevo-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2015 16:25:01 -0000
On Tue, Oct 20, 2015 at 12:58 PM, Brian Trammell <ietf@trammell.ch> wrote: > Greetings, all, > > We've submitted a new revision -01 of the SPUD requirements document, following discussion in Prague and on the list in August (yes, it's taken us quite a while to get back to this). We seem to be... slowly... converging on a set of requirements here. > > In addition, we're collecting general architectural issues that would effect *any* attempt to build explicit cooperation between endpoints and on-path devices into a potential future IAB document, draft-trammell-stackevo-explicit-coop. Our intention is that these two documents evolve together, with explicit-coop being input to architectural guidance and this requirements document input to future protocol engineering efforts. One section (on in- versus out-of-band signaling) which was pretty general has been largely moved into explicit-coop. Otherwise, have a look at the diff to see what has changed. > > There is one big open issue from the discussion in August, not really addressed differently in -01 than in -00, which I'd like to try to summarize (my view of) and see if we can converge on, related to the scope of tube identifiers in multipath, multicast, and anycast environments. > > For unicast on a single path without mobility, it seems pretty clear (to me, at least) that tube identifiers should be scoped to a unidirectional 5-tuple; i.e., that the reverse side of a flow has a different tube ID, and that tube IDs need not be global. Unidirectional scope is made necessary by asymmetric routing -- the set of devices relevant to a tube in one direction is not the same as the set in the other. Local scope is made necessary by privacy requirements -- the tube ID should not expose information about the identity of the user unless the path actually needs it, and global tube IDs would do that. > > There should be a facility for truly unidirectional traffic to expose that one side of a bidirectional tube is related to the other side, but this would be an explicit app to path declaration on tube setup. > > For multipath/mobility, obviously there is a need for there to be a connection/session identifier to link 5-tuples to each other. But this is clearly a different thing than the tube ID, for a couple of reasons: (1) different paths of a multipath session might want to expose different declarations to their paths; and (2) path declarations are scoped to a tube as well, and the different paths of a multipath session will themselves have different properties. > > What I think we need here is a separate session ID concept, which spans multiple flows and indeed might span multiple tubes, and could be exposed to the path using SPUD depending on whether or not it's in the endpoint's interest to make the service quality vs. linkability tradeoff. (Of course, multipath transports supporting mobility this way could also use such a session ID inside the crypto veil, if there's no win to sharing with the path. But they can't decide to do this if SPUD mandates they use the tube ID in this way.) > > Multicast is a related problem. The simple solution seems to be to pretend there *is* no problem, keep tube IDs scoped to the uni-5-tuple, and simply say that path to application declarations are of limited utility when the destination address is multicast. App to path still works in this case. Making tube IDs unidirectional simplifies this. Indeed, the main reason I don't advocate the "pretend there is no problem" solution with multicast is that we tend to get into trouble when we do so. > > The thread briefly touched on what SPUD can do for anycast -- letting the path know that one particular tube setup "won" for instance. I think this could definitely be a SPUD application, implemented with application declarations and paths that take info from the tube ACK to route that tube back along the path it came from, but enough needs to happen to all the middleboxes and routers along the path in order to make sessions "anycast-stable", that it's probably not a "core" feature. > > Thoughts? > >From the introduction: "By notifying the path that a particular transport using UDP maintains session state and explicitly signals session start and stop using the substrate, the using protocol may reduce or avoid the need for heartbeat traffic." I think an important question might be rather 2WHS is sufficient, or 3WHS is going to be needed to mitigate DDOS attacks on stateful middleboxes (i.e. to avoid the SPUD equivalent of a SYN attack). Tom > Thanks, cheers, > > Brian > >> Begin forwarded message: >> >> From: internet-drafts@ietf.org >> Subject: New Version Notification for draft-trammell-spud-req-01.txt >> Date: 19 Oct 2015 22:29:40 CEST >> To: "Mirja Kuehlewind" <mirja.kuehlewind@tik.ee.ethz.ch>, "Brian Trammell" <ietf@trammell.ch> >> >> >> A new version of I-D, draft-trammell-spud-req-01.txt >> has been successfully submitted by Brian Trammell and posted to the >> IETF repository. >> >> Name: draft-trammell-spud-req >> Revision: 01 >> Title: Requirements for the design of a Substrate Protocol for User Datagrams (SPUD) >> Document date: 2015-10-19 >> Group: Individual Submission >> Pages: 16 >> URL: https://www.ietf.org/internet-drafts/draft-trammell-spud-req-01.txt >> Status: https://datatracker.ietf.org/doc/draft-trammell-spud-req/ >> Htmlized: https://tools.ietf.org/html/draft-trammell-spud-req-01 >> Diff: https://www.ietf.org/rfcdiff?url2=draft-trammell-spud-req-01 >> >> Abstract: >> The Substrate Protocol for User Datagrams (SPUD) BoF session at the >> IETF 92 meeting in Dallas in March 2015 identified the potential need >> for a UDP-based encapsulation protocol to allow explicit cooperation >> with middleboxes while using new, encrypted transport protocols. >> This document proposes an initial set of requirements for such a >> protocol, and discusses tradeoffs to be made in further refining >> these requirements. >> >> >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> The IETF Secretariat >> > > > _______________________________________________ > Spud mailing list > Spud@ietf.org > https://www.ietf.org/mailman/listinfo/spud >
- [Stackevo] Fwd: New Version Notification for draf… Brian Trammell
- Re: [Stackevo] Fwd: New Version Notification for … Mirja Kühlewind
- Re: [Stackevo] [Spud] Fwd: New Version Notificati… Tom Herbert