Re: [tcpm] draft-ietf-tcpm-accurate-ecn-08 inconsistencies?
Bob Briscoe <ietf@bobbriscoe.net> Fri, 22 March 2019 21:30 UTC
Return-Path: <ietf@bobbriscoe.net>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBF8A130F5C for <tcpm@ietfa.amsl.com>; Fri, 22 Mar 2019 14:30:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bobbriscoe.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LxHq5vHSR_nP for <tcpm@ietfa.amsl.com>; Fri, 22 Mar 2019 14:30:40 -0700 (PDT)
Received: from server.dnsblock1.com (server.dnsblock1.com [85.13.236.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9B65131017 for <tcpm@ietf.org>; Fri, 22 Mar 2019 14:30:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bobbriscoe.net; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date: Message-ID:From:References:Cc:To:Subject:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=9FCZD//XjSjrtA6wrhrMmdCc0hfdJST4zUXJTbZcj4A=; b=2UNgrhhfFe1GiOAWNuLDX6t4b aK9gdy/ZW1Qg87mS/ippLK4BOIa9YKdi88PoUvEKBbHdvOJB8tDdAGfQnDnLZQjFCMddUOMOGAtQV 6NEs4sH1vuHtAkhRoJHTqr8BzH7hyvSS7u+rOLr1kbVO4+/3qFQFFVD0uj0/h2n7a/ECH+3QSvyDw kLaj/iHei8V4Lb8erk8K5A/K1TY5enXh1S4wmDbVw436v5/5RcU0hH2Qax6tHXC6aMMdqh7MgGTzf G97WbNOZsVFBkvulji0pf+AOmzDG7Fkf/qNgbRexySfq882pzXv7/bXCK3/pYs4Eh6e8Pr169iV56 2MG19ZZTA==;
Received: from 198.212.broadband18.iol.cz ([109.81.212.198]:36755 helo=[10.0.0.47]) by server.dnsblock1.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from <ietf@bobbriscoe.net>) id 1h7RkK-0002Pi-75; Fri, 22 Mar 2019 21:30:36 +0000
To: "Tilmans, Olivier (Nokia - BE/Antwerp)" <olivier.tilmans@nokia-bell-labs.com>
Cc: tcpm IETF list <tcpm@ietf.org>
References: <71f6ff55-6b8b-b488-873f-81c0f37dce99@bobbriscoe.net> <AM0PR07MB4819372326EC8F99A7CFFC67E0430@AM0PR07MB4819.eurprd07.prod.outlook.com>
From: Bob Briscoe <ietf@bobbriscoe.net>
Message-ID: <ae56d71b-38e8-2bd8-5ca1-d41c3db5f7f2@bobbriscoe.net>
Date: Fri, 22 Mar 2019 22:30:25 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <AM0PR07MB4819372326EC8F99A7CFFC67E0430@AM0PR07MB4819.eurprd07.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------116D51020A0B15D8E62CA234"
Content-Language: en-GB
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.dnsblock1.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bobbriscoe.net
X-Get-Message-Sender-Via: server.dnsblock1.com: authenticated_id: in@bobbriscoe.net
X-Authenticated-Sender: server.dnsblock1.com: in@bobbriscoe.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/A7Q70tRDg7hsRMqCYd02RHJOVRk>
Subject: Re: [tcpm] draft-ietf-tcpm-accurate-ecn-08 inconsistencies?
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2019 21:30:43 -0000
Olivier,
On 22/03/2019 11:47, Tilmans, Olivier (Nokia - BE/Antwerp) wrote:
> Bob,
>
> Thanks for looking it up.
>
> The perceived difference I had was due to the notes 2/3 in table 3 in
> combination with the s.cep column which led me to believe that all
> values but 0 were acceptable for the final ACK of a statefull opening,
> whereas the syncookies case was stricter.
That is indeed what the notes mean.
That's why note 3 (forward compatibility for CU) applies to the 0b001
case as well as Note 2 (stateless handshake).
>
> The ecn negociation status is embedded in the syn cookies, the 0b001
> ACE is thus not needed/used to remember/identify that classic ecn was
> negociated (at least on Linux).
OK. I'll write this for an implementation-generic case that doesn't
preclude Linux.
>
> It should thus be possible to be more specific about what an AccECN
> server should do when receiving an ACE of 0b001 on the final ACK if it
> had an AccECN state for the connection/didn't find back the ecn bit in
> the syncookie: should it fallback to classic ECN? Disable ECN
> altogether as that is an error state? I doubt this can be safely
> ignored...
> The draft doesn't specify it beyond 'it ought to be impossible'.
You're right, I haven't given behaviour in all possibilities.
I think it might help to switch round notes 2 & 3, cos note 2 is more
general than note 3. I've rewritten the notes as follows (in the
authors' github copy for now):
{Note 2}: If the server is in AccECN mode, these values are Currently
Unused but the AccECN server's behaviour is still defined for forward
compatibility. Then the designer of a future protocol can know for
certain what AccECN servers will do with these codepoints.
{Note 3}: In the case where a server that implements AccECN is also
using a stateless handshake (termed a SYN cookie) it will not
remember whether it entered AccECN mode. The values 0b000 or 0b001
will remind it that it did not enter AccECN mode, because AccECN does
not use them (see Section 4.1 for details).
If a stateless server that implements AccECN receives either of these
two values in the ACK, its action is implementation-dependent and
outside the scope of this spec, It will certainly not take the action
in the third column because, after it receives either of these
values, it is not in AccECN mode. I.e., it will not disable ECN (at
least not just because ACE is 0b000) and it will not set s.cep.
I'm avoiding going any deeper, 'cos there's the two cases with & without
ECN, then there's the sub-case with ECE feedback, yada yada.
Bob
Very few IETF protocols are designed for complete future compatibility
like AccECN has been. I am hoping it will be used as an exemplar in future.
>
>
> Best,
> Olivier
> ------------------------------------------------------------------------
> *From:* Bob Briscoe <ietf@bobbriscoe.net>
> *Sent:* Friday, March 22, 2019 9:39:25 AM
> *To:* Tilmans, Olivier (Nokia - BE/Antwerp)
> *Cc:* tcpm IETF list
> *Subject:* draft-ietf-tcpm-accurate-ecn-08 inconsistencies?
> Olivier,
>
> Thanks for pointing out verbally last night at netdev that the spec
> states three different sets of valid values for the 'ACE' field on the
> SYN-ACK and the 3rd ACK of the 3WHS (with stateful or stateless
> handshake).
>
> I promised I would check whether this was deliberate or an editorial
> mistake....
>
> ==SYN/ACK==
> Valid values are 2,3,4 & 6
>
> ==3rd ACK==
> By my reading, the valid values for the 3rd ACK are 2-7 and the draft
> is consistent in both stateful and stateless cases.
> Please tell me if the text is not clear in some way that I cannot see.
>
> ==Ease of Implementation==
> You also mentioned that the values chosen required an awkward set of
> case statements, just to check validity. Yes, there's a gap in the
> sequence - because value 5 (decimal) in the codepoint space on the
> SYN/ACK might have already been used (by RFC3540). However, the
> mapping was chosen to enable a simple algo to match them, and for the
> same function to be used for both SYN/ACK and ACK, as follows: (values
> shown in decimal)
>
> IP ECN f/b
> ACE SYN/ACK ACE 3rd ACK
> 0
> 2
> 2
> 1
> 3
> 3
> 2
> 4
> 4
> 3
> 6
> 6
>
>
> A pseudocode expression for the IP ECN f/b would be:
> bool server; // pseudocode for "I'm receiving the ACK
> of my SYN/ACK"
> unsigned ip_ecn_fb, ace;
> ip_ecn_fb = ( (ace>1 ) && (!server || (ace & 0b101)) ) ? ace - (
> (ace >= 6) ? 3 : 2) : RETURN_INVALID;
>
> What's so hard about that? ;)
>
>
>
>
> Bob
>
>
> --
> ________________________________________________________________
> Bob Briscoehttp://bobbriscoe.net/
--
________________________________________________________________
Bob Briscoe http://bobbriscoe.net/
- [tcpm] draft-ietf-tcpm-accurate-ecn-08 inconsiste… Bob Briscoe
- Re: [tcpm] draft-ietf-tcpm-accurate-ecn-08 incons… Tilmans, Olivier (Nokia - BE/Antwerp)
- Re: [tcpm] draft-ietf-tcpm-accurate-ecn-08 incons… Bob Briscoe