Re: [Taps] TAPS Transports and ICMP
Karen Elisabeth Egede Nielsen <karen.nielsen@tieto.com> Thu, 16 July 2015 07:01 UTC
Return-Path: <karen.nielsen@tieto.com>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAF2A1B3683 for <taps@ietfa.amsl.com>; Thu, 16 Jul 2015 00:01:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uHuIRiNeL8RH for <taps@ietfa.amsl.com>; Thu, 16 Jul 2015 00:01:12 -0700 (PDT)
Received: from mail-ie0-x234.google.com (mail-ie0-x234.google.com [IPv6:2607:f8b0:4001:c03::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 782041B3681 for <taps@ietf.org>; Thu, 16 Jul 2015 00:01:12 -0700 (PDT)
Received: by ieik3 with SMTP id k3so50156939iei.3 for <taps@ietf.org>; Thu, 16 Jul 2015 00:01:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tieto.com; s=google; h=from:references:in-reply-to:mime-version:thread-index:date :message-id:subject:to:cc:content-type; bh=L6iyZxJVe/H1SX5Y6dhg0Lg5ILLVGz+yY4ur7/Zo2N0=; b=zfLgq4rbRCb2AfHJ1UNdyb2F/KCt+KeBp9NCjDrmXa93ebIaoj+9vZJJWMFyvlnX9H HWWpR7JrDQXzcCnuxLI0tgzUAF1D1LMvVyT1bDmn9mXRhZCpX6g+XOpa0j014XMlwI2W QJiYJbpFavfgFea01kR+Nf3E14w1mTYWzeos4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:references:in-reply-to:mime-version :thread-index:date:message-id:subject:to:cc:content-type; bh=L6iyZxJVe/H1SX5Y6dhg0Lg5ILLVGz+yY4ur7/Zo2N0=; b=Spisl7uuJIfiRY2AEykC0wWpQ/1eigO8CeCB+IgwO8kPVOTcgHCq3XoJ8F3FBtSNyS j2QjuFx2K6D1VnIwJbe2EsdJtXa7tQOHkYxmDkqmvMGgb7uvLz7gTNXub2MyhU9PnDps DtLAl3igA3C8KWtjsCr/L4Lt3lKObhBsaMJFhFOBKm7RMHuyCkdvRGvnZQCm4qIEWc4H ++YvLIcPbjCylkjdhjPmdcF9RGy2clTxe7+aWlglJBkxFt4C0YIQeFH9JwEZaNkkaAOG kP/UA6WVTAKnRMrQ9JNf/wBzghGy4VbxOUq3cdfHfz6R2By/CHzOPYlL1QSkMydql8aF LQ8w==
X-Gm-Message-State: ALoCoQmdoIOxaMsB9m+OIhsnjzqIly1+i4bm/0KVkNX+PJfh3D+5dgceUuD1ududpt06VIR+aJcnOkt9hwf6Bci6mDZQ0d1vkxrBaWBYWV/BLOeNRF4pU30=
X-Received: by 10.50.66.167 with SMTP id g7mr2500060igt.22.1437030071932; Thu, 16 Jul 2015 00:01:11 -0700 (PDT)
From: Karen Elisabeth Egede Nielsen <karen.nielsen@tieto.com>
References: <00597CB8-D128-408A-8F35-BA98CDF45A62@cisco.com> <55707211.8010609@isi.edu> <26B9DE0B-4D38-430D-A9A1-921CD0067C70@cisco.com> <5570988A.6040208@isi.edu> <97FD8853-7345-40E9-A523-8AF53FB2303B@lurchi.franken.de> <2b5eb97add78e6c5b3c91b94080479da@mail.gmail.com> <55A6A53C.3010009@isi.edu>
In-Reply-To: <55A6A53C.3010009@isi.edu>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQE86SdgORCvliHFE703NIXCziGWLQKpHUkGAiiw3coBaHzujgJBSMcpAhGHtOcCr5vwOp6ba0uQ
Date: Thu, 16 Jul 2015 09:01:10 +0200
Message-ID: <b12ebf1f4f628e0cc38787a035ac0b92@mail.gmail.com>
To: Joe Touch <touch@isi.edu>, Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
Content-Type: text/plain; charset="UTF-8"
X-DomainID: tieto.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/taps/WDq7R-DmvSxUilZBDRntjcGamh8>
Cc: "Pal Martinsen (palmarti)" <palmarti@cisco.com>, taps@ietf.org
Subject: Re: [Taps] TAPS Transports and ICMP
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussions on Transport Services <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2015 07:01:14 -0000
HI Joe, I generally agree with your comments, but the situations is not necessarily as bad as you say. Please see below. BR, Karen >-----Original Message----- >From: Taps [mailto:taps-bounces@ietf.org] On Behalf Of Joe Touch >Sent: Wednesday, July 15, 2015 8:24 PM >To: Karen Elisabeth Egede Nielsen; Michael Tuexen >Cc: Pal Martinsen (palmarti); taps@ietf.org; touch@isi.edu >Subject: Re: [Taps] TAPS Transports and ICMP > > > >On 7/15/2015 4:16 AM, Karen Elisabeth Egede Nielsen wrote: >... >>>>> Any pitfalls with ICMP when doing SCTP? >>>> >>>> In many ways, SCTP subsumes similar requirements as TCP, but that's >>>> probably buried in the SCTP docs. >>> It is. See >>> https://tools.ietf.org/html/rfc4960#appendix-C >>> >> >> [Karen ] In this context then it is noteworthy to observe that SCTP >> defacto API (spec or implementations, I know) does not prescribe for >> that the SCTP transport passes information of received ICMP messages >> (any kind/type/code) up to SCTP User. >> Here SCTP is significantly different from UDP and TCP defacto APIs. >> >> For security reasons SCTP demands for hard reaction to receipt of >> protocol unreachable, but that is a protocol feature not an api issue. > >Agreed, however the other ways that SCTP doesn't pass validated ICMPs to >the user seems like a mistake to me. > [Karen ] I agree and we have for our SW recently discussed as to whether we should implement such notification following the UDP and TCP semantics. But at present none of our applications has the need (on why that is, see below). >In particular, destination unreachables can cause the SCTP connection to go [Karen ] MAY force. And this MAY of the RFC I (and we) believe is questionable. We believe that for an implementation to support this MAY the implementation MUST implement dormant state handling as described (right now) in the SCTP Failover draft = SCTP continues to transmit data also when the destinations are considered unreachable. (and our SCTP implementations do this). Further we think that the appropriate soft reaction to ICMP destination unreachable is to increment the path error counter, NOT to mark the destination as INACTIVE. Hopefully we will see these things be clarified in future SCTP drafts or ideally in the eventual RFC4960 revision. >into a dead state (mark the dest unreachable or increment the path error >counter) without indicating anything to the user. > [Karen ] The state is not dead if "appropriate" dormant state handling is implemented. >This seems incorrect to me, given the number of other ways in which SCTP can >shut down a connection (heartbeat failure, retransmission failre) and is >supposed to pass that info to the user. > [Karen ] I agree that when the association is closed as a direct result of receipt of ICMPs then this should be communicated to the Users. The envisaged approach (from our side) is to define a new error code for the sac_error of the SCTP_ASSOC_CHANGE (the notification of comm_LOST): sac_error: If the state was reached due to an error condition (e.g., SCTP_COMM_LOST), any relevant error information is available in this field. This corresponds to the protocol error codes defined in [RFC4960]. Right now we have the possibility to use proprietary error codes here, but we would like to go beyond that of course. For the destination error counter the information goes into the spc_error of the SCTP_PEER_ADDR_CHANGE (the notification of destination address unreachability). PLEASE allow me to explain the abstract API in terms of a concrete one. I do understand the difference. The new thing is that the abstract transport API, which if nothing else exists in our heads and in our overall modeling, now with TAPS, may be defined as a concrete one. And I agree with everybody else that this is a good exercise and that it is doomed to (correct and) improve things substantially. >So, IMO, this is a great example of why studying these APIs as abstractions is >important and would have prevented this (IMO) oversight. [Karen ] We have studied this. But is only bringing this to the IETF now. Possibly to be addressed for RFC4960 revision. > >Or can someone in the SCTP team explain why shutting connections down >due to other reasons is a user signal but validated ICMP signals are not? [Karen ] NA. > >Joe > >_______________________________________________ >Taps mailing list >Taps@ietf.org >https://www.ietf.org/mailman/listinfo/taps
- [Taps] TAPS Transports and ICMP Pal Martinsen (palmarti)
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Pal Martinsen (palmarti)
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Pal Martinsen (palmarti)
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Pal Martinsen (palmarti)
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Pal Martinsen (palmarti)
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Karen Elisabeth Egede Nielsen
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Karen Elisabeth Egede Nielsen
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Karen Elisabeth Egede Nielsen
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Karen Elisabeth Egede Nielsen
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Karen Elisabeth Egede Nielsen
- Re: [Taps] TAPS Transports and ICMP Michael Tuexen
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Joe Touch
- Re: [Taps] TAPS Transports and ICMP Karen Elisabeth Egede Nielsen