IETF Logo Mail Archive

Re: [tcpm] IETF 114 TCPM WG - NG TCPM Yang Model

"touch@strayalpha.com" <touch@strayalpha.com> Mon, 08 August 2022 15:16 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96534C14F722 for <tcpm@ietfa.amsl.com>; Mon, 8 Aug 2022 08:16:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.325
X-Spam-Level:
X-Spam-Status: No, score=-6.325 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zB6iBhobtJie for <tcpm@ietfa.amsl.com>; Mon, 8 Aug 2022 08:16:35 -0700 (PDT)
Received: from server217-2.web-hosting.com (server217-2.web-hosting.com [198.54.115.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCA1AC157B3A for <tcpm@ietf.org>; Mon, 8 Aug 2022 08:16:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=1dMhliShWlxCa8azRoQRhJH3nQ6DIrwd1I6hjG+6t3M=; b=W9UiMxPkfbBymHXxyvYrL+3Ig+ rCMSS/W0Iaw3N+cHylIWffzg2Gf62yBjVkq2trc0E7LL8TgS2lr2CHLCTF7rTGJ+AMz2jiEWLdi2Y onD1jqn3V5eoxP0kyFx2QtUIKSPPb5g3envjsd1+nqVR56BWpfBp94aaKLsdTwTVl/HYrYR70gvo1 X4WfrEicQ5fyFaYCZmBRyq/nDGMjyNQwq/ldjSa65pVTcwKryrJnQ3n5uy976Db2UQzkmHREPiv3m Iu45u5dM5UGdyulL/ARaz7gtMBl7BOG8GTO+/80DGYsDTRLNrlsdzCf8r/z8TdOQ2PBM+hfZYy6VS b9ygHqnA==;
Received: from cpe-172-114-237-88.socal.res.rr.com ([172.114.237.88]:63102 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <touch@strayalpha.com>) id 1oL4UV-00D4IM-MU; Mon, 08 Aug 2022 11:16:33 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_65060A12-6323-4D8C-9F45-AAE0D9B62684"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <CABNhwV363kikY+9Brvwn3pF=5Hh0VCQHyYqPxSNFzS3q-3H2Gw@mail.gmail.com>
Date: Mon, 08 Aug 2022 08:16:24 -0700
Cc: Jeffrey Haas <jhaas@pfrc.org>, Michael Tuexen <michael.tuexen@lurchi.franken.de>, Robert Raszuk <robert@raszuk.net>, Susan Hares <shares@ndzh.com>, "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>, tcpm IETF list <tcpm@ietf.org>
Message-Id: <8C844A10-F028-42B4-804D-78FA4A03B860@strayalpha.com>
References: <CAJhXr9-zcJg99ML3MSNMTvRFiT_BLzJihQucAdX8MZGDZ84dWw@mail.gmail.com> <CABNhwV1wz2Uhx+DWjabzVz8GAhQD78NFKhq2az=E7dhnxTC-Ww@mail.gmail.com> <A8851A57-748D-4504-97B6-677807EE0DB6@lurchi.franken.de> <EF72E595-0B1E-4AD9-BDFE-603B9B200F0D@strayalpha.com> <CABNhwV1OZawGXbH4d9RGx0KWKoiKLdZnNPq1gOcSfMQeie3q4Q@mail.gmail.com> <0D8E1E5A-5CD1-4302-8FE9-21EFF9847199@strayalpha.com> <CABNhwV363kikY+9Brvwn3pF=5Hh0VCQHyYqPxSNFzS3q-3H2Gw@mail.gmail.com>
To: Gyan Mishra <hayabusagsm@gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/7lGpwM7GCwaGyq0aizc_kGWJgHI>
Subject: Re: [tcpm] IETF 114 TCPM WG - NG TCPM Yang Model
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Aug 2022 15:16:40 -0000

See below inline:

> On Aug 7, 2022, at 4:31 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
> 
> 
> Replies below 
> 
> On Sat, Aug 6, 2022 at 11:25 AM touch@strayalpha.com <mailto:touch@strayalpha.com> <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
> Replies below...
> —
> Dr. Joe Touch, temporal epistemologist
> www.strayalpha.com <http://www.strayalpha.com/>
> 
>> On Jul 29, 2022, at 8:14 AM, Gyan Mishra <hayabusagsm@gmail.com <mailto:hayabusagsm@gmail.com>> wrote:
>> 
>> Hi Joe 
>> 
>> Responses in-line 
>> 
>> On Tue, Jul 26, 2022 at 10:13 PM touch@strayalpha.com <mailto:touch@strayalpha.com> <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
>> Notes below.
>> 
>> > On Jul 26, 2022, at 6:19 PM, Michael Tuexen <michael.tuexen@lurchi.franken.de <mailto:michael.tuexen@lurchi.franken.de>> wrote:
>> > 
> ...
>> > • All TCP flags and respective states.
>> > Do you mean the TCP flags SYN, FIN, PSH, ... Does a YANG module all to describe
>> > packets sent and received?
>> 
>> I can’t see how this can model the TCP flags; all it should be modeling is the states of the connection. The model is for TCP, not TCP packets.
>> 
>>     Gyan> Agreed that we want to model the TCP states not the packets.
> 
> Then you need to consider only the parameters passed via socket options that control those flags, not the flags themselves.
> 
>     Gyan> Understood.  Yes so what we ar looking for is the state of the socket connection and and control flags for each state of the socket connection.

Socket options are OS state, not TCP state.

> I don’t know if there is a common framework for them, though, esp. given the IETF (incorrectly) abandoned the idea of the abstract user interface as part of a protocol definition, at least for decades.
> 
>     Gyan> I don’t know either.  Would the common framework be based on the  TCP FSM and socket connection states and related flags?

The TCP FSM is already part of the current TCP YANG model.

Flags, again, are not endpoint states - they are packet contents.

Socket connection states are tightly coupled to TCP FSM (though not identical), but these are OS-specific.

>> ...
> 
> 
>    Gyan> Understood and agreed there is no CC specific to BGP
> 
> So if this is all aimed at helping BGP figure out when TCP isn’t making progress,
> 
> Gyan> Yes that is the goal 
> 
> it seems like an impossibly large task (too many CC algs).
> 
> Gyan> If we can hone in on the popular CC Alg used today by routers and computers would be a start.

I think you may be missing the point. Rather than trying to figure out the common CC algs and parameterize them, why not explain what you really want to know about the connection?

Again, IMO, if this is really about trying to instrument an endpoint so that all possible attacks can be detected, it’s a non-starter to me.

> Are there particular parameters you think would be beneficial for BGP to know about TCP and can they be abstracted away from specific implementations?
> 
> Gyan> The main parameters are the TCP socket connection state and related header flags, TCP Congestion control algorithms common ones used by routers and computers, and looking at the TCP parameters list, timestamps, CC, Quick start, User timeout, ECN.

Again you mention header flags. Those are set by TCP based on connection state and user commands, but they are NOT properties of the connection itself. The rest of the list is just the set of everything om the endpoint that MIGHT be useful.

> https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml <https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml>
Those are code points used in TCP messages, not parameters to the TCP protocol.

—

I continue to see a disconnect here. There is a difference between TCP endpoints, TCP messages, and OS (i.e., socket) endpoints. TCP YANG models should reflect TCP endpoints; Netconf/YANG is not a packet inspection or packet debugging tool. And some of what you want to know refers to a socket, not TCP at all.

Joe

v2.23.0 | Report a Bug | By Email