[tcpm] Comments on Soft Errors I-D: draft-ietf-tcpm-tcp-soft-errors-06
Gorry Fairhurst <gf@erg.abdn.ac.uk> Mon, 02 July 2007 15:29 UTC
Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5NqH-0002vH-Kt; Mon, 02 Jul 2007 11:29:33 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5NqG-0002tN-K2 for tcpm@ietf.org; Mon, 02 Jul 2007 11:29:32 -0400
Received: from [2001:630:241:204:203:baff:fe9a:8c9b] (helo=erg.abdn.ac.uk) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5NpE-000674-Qi for tcpm@ietf.org; Mon, 02 Jul 2007 11:29:32 -0400
Received: from [139.133.204.42] (ra-gorry.erg.abdn.ac.uk [139.133.204.42]) (authenticated bits=0) by erg.abdn.ac.uk (8.13.4/8.13.4) with ESMTP id l62FQJjp006518 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NOT); Mon, 2 Jul 2007 16:26:20 +0100 (BST)
User-Agent: Microsoft-Entourage/11.3.3.061214
Date: Mon, 02 Jul 2007 11:31:54 +0200
From: Gorry Fairhurst <gf@erg.abdn.ac.uk>
To: tcpm@ietf.org
Message-ID: <C2AE92AA.7486%gf@erg.abdn.ac.uk>
Thread-Topic: Comments on Soft Errors I-D: draft-ietf-tcpm-tcp-soft-errors-06
Thread-Index: Ace8lDVfc+AUoCiHEdyERQAKlc/qXg==
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-ERG-MailScanner: Found to be clean
X-ERG-MailScanner-From: gf@erg.abdn.ac.uk
X-Spam-Status: No
X-Spam-Score: -2.8 (--)
X-Scan-Signature: 93e7fb8fef2e780414389440f367c879
Cc: Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Fernando Gont <fernando@gont.com.ar>
Subject: [tcpm] Comments on Soft Errors I-D: draft-ietf-tcpm-tcp-soft-errors-06
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org
The document looks in good shape, and seemed easy to read to me.
Here are a few comments on the latest draft, really relating to
congestion-control and increased state.
Best wishes,
Gorry
In Section 3.2 (Problems that may arise with Dual Stack IPv6 on by Default):
There may also be drawbacks in this approach --- e.g. this creates
additional host state, and could also establish additional context state for
other devices along the network path (NAT. Firewall, link compressors,
encryption devices, etc).
Similarly, section 5 does not speak of the effects of a non-standard
approach on the network. One question I have relates to the behaviour of a
parallel and/or successive strategy to exploit multiple IP bindings. If I
understand, this opens a (potentially) large number of connections, to see
which succeeds. This seems to me to be injecting extra SYN packets into the
network, and therefore can potentially waste network resources.
If these connections are in series, each is opened one after another, after
a "fixed" time (i.e. not exponentially backed-off)... which generates more
state or more packets/rtt than using the standard algorithm.
When connections are opened in parallel, this is even more noted. In an
extreme case, this could look like a syn-attack or lead to congestion-based
loss. Are these concerns valid? Is this only used for a single IPv4 and an
equivalent IPv6 address? Are there limitations that would mitigate these
effects if I had many candidate addresses?
----
The remaining comments are editorial, for the author to consider in their
next rev:
INTRODUCTION, paragraph 14:
- Could consider to tighten English a little.
CURRENT:
This document describes a non-standard, but widely implemented,
modification to TCP's handling of ICMP soft error messages, that
rejects pending connection-requests when those error messages are
received. This behavior reduces the likelihood of long delays
between connection establishment attempts that may arise in a number
of scenarios, including one in which dual stack nodes that have IPv6
enabled by default are deployed in IPv4 or mixed IPv4 and IPv6
environments.
SUGGESTION:
This document describes a non-standard, but widely implemented,
modification to TCP's handling of ICMP soft error messages, which
rejects pending connection-requests when these error messages are
received. This behavior reduces the likelihood of long delays
between connection establishment attempts that may arise in a number
of scenarios, including one in which dual stack nodes that have IPv6
enabled by default are deployed in IPv4, or mixed IPv4 and IPv6
environments.
Section 1., paragraph 2:
In the Internet architecture, the Internet Control Message Protocol
(ICMP) [RFC0792] is one fault isolation technique to report network
error conditions to the hosts sending datagrams over the network.
- Add the IPv6 ICMP reference too here?
Section 3.2., paragraph 1:
- Language could perhaps be improved.
CURRENT:
A particular scenario in which the above sketched type of problem may
occur regularly is that where dual stack nodes that have IPv6 enabled
by default are deployed in IPv4 or mixed IPv4 and IPv6 environments,
and the IPv6 connectivity is non-existent
[I-D.ietf-v6ops-v6onbydefault].
SUGGESTION:
A particular scenario in which the problems outlined above
can occur regularly arises where dual stack nodes (with IPv6 enabled
by default) are deployed in IPv4 or mixed IPv4 and IPv6 environments,
and the IPv6 connectivity is non-existent.
[I-D.ietf-v6ops-v6onbydefault].
Section 4.1., paragraph 0:
Could Add: Section 5 discusses drawbacks to changing this behaviour.
Section 4.2., paragraph 1:
- Language could perhaps be improved.
OLD:
A more conservative approach than simply treating soft errors as hard
errors as described above would be to abort a connection in the SYN-
SENT or SYN-RECEIVED states only after an ICMP Destination
Unreachable has been received a specified number of times, and the
SYN segment has been retransmitted more than some specified number of
times.
SUGGESTION:
An approach that is more conservative than simply treating soft errors
as hard
errors, as described above, would be to abort a connection in the SYN-
SENT or SYN-RECEIVED states only after an ICMP Destination
Unreachable has been received a specified number of times, and the
SYN segment has been retransmitted more than some specified number of
times.
Section 5, paragraph 1:
- Capital E?
CURRENT:
+----------------------------------+--------------------------------+
| Time Exceeded (codes 0 and 1) | Time exceeded (codes 0 and 1) |
^
Section 5.3., paragraph 1:
CURRENT:
Some NATs respond to an unsolicited inbound SYN segment with an ICMP
soft error message. If the system sending the unsolicited SYN
segment implements the workaround described in this document, it will
abort the connection upon receipt of the ICMP error message, thus
probably preventing TCP's simultaneous open through the NAT from
succeeding. However, it must be stressed that those NATs described
in this section are not BEHAVE-compliant, and therefore should
implement REQ-4 of [I-D.ietf-behave-tcp] instead.
SUGGESTION:
Some NATs respond to an unsolicited inbound SYN segment with an ICMP
soft error message. If the system sending the unsolicited SYN
segment implements the workaround described in this document, it will
abort the connection upon receipt of the ICMP error message, thus
probably preventing TCP's simultaneous open through the NAT from
succeeding. However, it must be stressed that the NATs described
in this section are not BEHAVE-compliant, and therefore should
implement REQ-4 of [I-D.ietf-behave-tcp] instead.
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm
- [tcpm] Comments on Soft Errors I-D: draft-ietf-tc… Gorry Fairhurst
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Joe Touch
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Lloyd Wood
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Joe Touch
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Gorry Fairhurst
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Joe Touch
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Lloyd Wood
- Re: [tcpm] Comments on Soft Errors I-D: draft-iet… Gorry Fairhurst