Re: [tcpm] Meeting Notes // TCP silent close issue
"touch@strayalpha.com" <touch@strayalpha.com> Sat, 20 November 2021 21:07 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 3537D3A0917
for <tcpm@ietfa.amsl.com>; Sat, 20 Nov 2021 13:07:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.318
X-Spam-Level:
X-Spam-Status: No, score=-1.318 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001,
SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001]
autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id WzsbWUfs-ZoL for <tcpm@ietfa.amsl.com>;
Sat, 20 Nov 2021 13:07:26 -0800 (PST)
Received: from server217-1.web-hosting.com (server217-1.web-hosting.com
[198.54.114.226])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id EA09E3A0919
for <tcpm@ietf.org>; Sat, 20 Nov 2021 13:07:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To:
From:Subject:Mime-Version:Content-Type:Sender:Reply-To:
Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
bh=PslcvvdWINm0KwcUfv5xJCat4E0RAvbAEqD8g+dew2k=; b=6/wIZZ+GOx1RANGmWG009Ovc8t
sYGeQXFkzgzsXPFBKxLtTNvgaTugbLNTkUO1YW5YaZB+pJBPtux6N5IylimRlW7F17ChawOxV37O6
uyisOwz3AJvg3dl+5V8Vmtw4UuHM33tlHL8xTI8J9q+br4NEjSO6QVHkariQOG1TvM4/cBWQdctTC
ce6qca6MOV5TV+JLa4LJv0jicckBYM8a95HBbCig9Mmr5+ceq0sUixxpWZD+S6JdYtjOdj9jZH3uM
QVQRv+bIBcq2BhZc7+xMwey2oOFYi2MCbTQQBsmnZ6EcOYBE6stvqLMwyfGYt2dyeUXXh6qKQgOiz
8QJr+cDg==;
Received: from cpe-172-114-237-88.socal.res.rr.com ([172.114.237.88]:55020
helo=smtpclient.apple)
by server217.web-hosting.com with esmtpsa (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2)
(envelope-from <touch@strayalpha.com>)
id 1moXZw-005Sli-9U; Sat, 20 Nov 2021 16:07:25 -0500
Content-Type: multipart/alternative;
boundary="Apple-Mail=_B973EE55-D58E-4496-B65A-41E9F3CDB158"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.20.0.1.32\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <CAAK044TFU1+FVCNPZPxj6b2biZvipyCGa9WNfD9XTTHZZdR+VA@mail.gmail.com>
Date: Sat, 20 Nov 2021 13:07:19 -0800
Cc: Extensions <tcpm@ietf.org>
Message-Id: <69ABB460-FF81-4CBF-A562-285E8560382B@strayalpha.com>
References: <96A7D17B-D8EC-4724-8E2B-532FEDD3C4B8@fh-muenster.de>
<C8B8411B-9332-4A0C-BDF6-C440EC391408@strayalpha.com>
<CAAK044TFU1+FVCNPZPxj6b2biZvipyCGa9WNfD9XTTHZZdR+VA@mail.gmail.com>
To: Yoshifumi Nishida <nsd.ietf@gmail.com>
X-Mailer: Apple Mail (2.3693.20.0.1.32)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse,
please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id:
touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/RI1qr3TkiX8Crv40Wfizlptd2WQ>
Subject: Re: [tcpm] Meeting Notes // TCP silent close issue
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>,
<mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>,
<mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Nov 2021 21:07:30 -0000
Notes below… > On Nov 15, 2021, at 11:49 PM, Yoshifumi Nishida <nsd.ietf@gmail.com> wrote: > > Hi Joe, everyone, > > On Fri, Nov 12, 2021 at 8:58 AM touch@strayalpha.com <mailto:touch@strayalpha.com> <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote: > Hi, all, > > I noticed the discussion on TCP “silent close”, but didn’t recall seeing any discussion on this topic on the list, so I figured I’d start one. > > (Incidentally, a question to the chair: aren’t topics with meeting times slots supposed to have at least been discussed on the list or drafted?) > > The issue, AFAICT, is that: > - an app with a huge number of TCP connections crashes > - so the OS sends out that huge number of FINs > - which a burden on the OS and network > - if the entire OS crashes, no FINs get sent out > - so why not let that happen when the apps crash? > > This is addressed in TIME_WAIT discussions already, e.g.: > > T. Faber, J. Touch and W. Yue, "The TIME-WAIT state in TCP and its effect on busy servers," IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320), 1999, pp. 1573-1583 vol.3, doi: https://doi.org/10.1109/INFCOM.1999.752180 <https://doi.org/10.1109/INFCOM.1999.752180> > > The reason is RFCs 793 and 1122 both require hosts to avoid new connections for the TIME_WAIT period during a reboot, ensuring the safety of the orphan TCP connections on the remote systems. > > So, in this case, it would be OK for the OS to avoid sending out the burst of FINs, but *ONLY* if it also ensured those connection identifiers (at least) remained in TIME_WAIT. I.e., it would be possible for the OS to simply put them in TIME_WAIT and then allow the TCBs to be garbage collected either during a scan of TCBs or when a new connection on the same socket pair occurs. That can happen one of two ways: > - put the TCBs in TIME_WAIT directly (or perform equivalent bookkeeping) > - have the OS pause new connections for the TIME_WAIT period, i.e., emulating the reboot pause > > While I basically agree with what you're proposing here, I would like to think about something extra. > In a nutshell, I am thinking that TIME_WAIT is a bit outdated mechanism given that most TCP connections today use TLS. We can’t rely on TLS; it’s not required and is defined as an application on top of TCP, rather than being integrated into it. > As I wrote in my old I_D (https://datatracker.ietf.org/doc/html/draft-nishida-tcpm-disabling-paws-00#section-3.3 <https://datatracker.ietf.org/doc/html/draft-nishida-tcpm-disabling-paws-00#section-3.3>), > if a connection uses TLS, I think we can distinguish the packets from old connections. By the time TLS sees it, it’s too late; TCP has already acted on it (e.g., ACKd it, etc.). Joe
- [tcpm] Meeting Notes tuexen
- Re: [tcpm] Meeting Notes // TCP silent close issue touch@strayalpha.com
- Re: [tcpm] Meeting Notes // TCP silent close issue tuexen
- Re: [tcpm] Meeting Notes // TCP silent close issue touch@strayalpha.com
- Re: [tcpm] Meeting Notes // TCP silent close issue Scharf, Michael
- Re: [tcpm] Meeting Notes // TCP silent close issue Yoshifumi Nishida
- Re: [tcpm] Meeting Notes // TCP silent close issue touch@strayalpha.com
- Re: [tcpm] Meeting Notes // TCP silent close issue Yoshifumi Nishida