Re: [tcpm] 793bis: TCP Quiet Time
Matt Mathis <mattmathis@google.com> Thu, 19 December 2019 05:39 UTC
Return-Path: <mattmathis@google.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD450120073 for <tcpm@ietfa.amsl.com>; Wed, 18 Dec 2019 21:39:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.499
X-Spam-Level:
X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a6sz1emf7zN4 for <tcpm@ietfa.amsl.com>; Wed, 18 Dec 2019 21:39:37 -0800 (PST)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD96B120018 for <tcpm@ietf.org>; Wed, 18 Dec 2019 21:39:37 -0800 (PST)
Received: by mail-io1-xd30.google.com with SMTP id r13so4509701ioa.3 for <tcpm@ietf.org>; Wed, 18 Dec 2019 21:39:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mj+VLcHSc1E65pfppZGYL0Fe6zlNBMInccMPTIX5ySE=; b=A+S6FyzlJ3csyWzipzw5w99QLTJYTnk3eaSF0oHsHwqdSQPHCQCwGNP6ZGyKiJ897s h6uK0gsfudJtwr14l/JDCc3zeuY+xTeSEOc7oZVYMAlaqgGiBTeJaB/X88P/AzU3yuj0 5Xlf1aXhFA+aa3rQaakx5W09H79XqOw2tGcBpiOfSn55d2Beto2gS/EYRvKkhL/fRa9B O/ETZZUQUksIKGgos6Zpl781X/8cFxewkVLtzs05txPb2Fboqn3VqKjLzxVtaZpqsObB LtMjh7S00S5XLZSmE2U3dCFvFz6mIUx0myN6nZvfO7iC72ObZQYCVGn7A6VQAExEcoBZ Vgcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mj+VLcHSc1E65pfppZGYL0Fe6zlNBMInccMPTIX5ySE=; b=dXSCYLw82zDrb6WquCt+NAlCCqyk+IhyBypIbeiE9adcJya7cG3KLxJyf3Bj9/Dxym izJ24LZ6dJ7FHTDHjJsmXvMtJFFAe/oeslwwzqSlc/foOS3bWQsqKUPyQjHAO/yyFQF5 u7BG+acXov/Xs//9eE1MVThS46sCnVTlFUzdkpXxVpWdsODYOHRHo48dnZcK9mv7rSYL yrSDU5edYbWpTPRwYjDNJxQmc0n2OoaaSWmOR2KdBGMtTD+Fyg8rYDKZZ1qd8DCEaIe2 wH/AENdj2QygY7wb59CEPWTElUi71TUvqJ4CEn3WCroCmXRuUNMP47vgdvoAW6TIi/DY /fMQ==
X-Gm-Message-State: APjAAAU6ePMikR5hH9EOILU0uqbmc7YLZHop6WYIOt9Q/nBRWOx3Zdme yODFcmNfDHm4MleZdW7SkBHB80gVq8PJd5U9jLTsfw==
X-Google-Smtp-Source: APXvYqwXOvmBbW6oIVpdFiX/N65z2orjE+dn1bJNajYRKoBItnSsQ/x1eiSddQ0h4LgII5gnlebWakfY7z94baYFbRI=
X-Received: by 2002:a5d:899a:: with SMTP id m26mr4616456iol.241.1576733976773; Wed, 18 Dec 2019 21:39:36 -0800 (PST)
MIME-Version: 1.0
References: <5D669BDA.3000506@erg.abdn.ac.uk> <5D66A044.3060904@erg.abdn.ac.uk> <5d11289c-0174-8a5e-7f47-b0110564a601@mti-systems.com> <CAK6E8=e6QYTdcc4K=JT2PnuzmJGBWhfcRPydhaUiq24nM77mVQ@mail.gmail.com> <CADVnQyn1odkbtB1-GETZYtCy66AoaD9FkSg-OBTD=h_6ou0NhA@mail.gmail.com>
In-Reply-To: <CADVnQyn1odkbtB1-GETZYtCy66AoaD9FkSg-OBTD=h_6ou0NhA@mail.gmail.com>
From: Matt Mathis <mattmathis@google.com>
Date: Wed, 18 Dec 2019 21:39:23 -0800
Message-ID: <CAH56bmA0GW7mFcr_AxMr0ad=OSkyv8rHSTGJ9BguQr_Qocaz_g@mail.gmail.com>
To: Neal Cardwell <ncardwell=40google.com@dmarc.ietf.org>
Cc: Yuchung Cheng <ycheng=40google.com@dmarc.ietf.org>, "tcpm@ietf.org" <tcpm@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000097938c059a07fc1e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/j9fr-GmlmeDDNCkDbcr_a9xuG2M>
Subject: Re: [tcpm] 793bis: TCP Quiet Time
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 05:39:40 -0000
I am under the impression that web servers do something different:
Normally the client sends the FIN, and the server holds FIN wait, but often
discards it before 2MSL to reduce memory pressure, however if the server
receives a new SYN for the same connection 4tuple (before it is discarded),
the server has the option to continue in the same sequence space, one byte
after the FIN.
I haven't looked, but what happens if a connection is in FIN wait, and a
new SYN arrives?
Thanks,
--MM--
The best way to predict the future is to create it. - Alan Kay
We must not tolerate intolerance;
however our response must be carefully measured:
too strong would be hypocritical and risks spiraling out of
control;
too weak risks being mistaken for tacit approval.
On Wed, Dec 18, 2019 at 8:16 PM Neal Cardwell <ncardwell=
40google.com@dmarc.ietf.org> wrote:
> On Wed, Dec 18, 2019 at 8:28 PM Yuchung Cheng
> <ycheng=40google.com@dmarc.ietf.org> wrote:
> >
> > On Wed, Dec 18, 2019 at 1:33 PM Wesley Eddy <wes@mti-systems.com> wrote:
> > >
> > > I don't think I noticed anyone responding to Gorry's comment below, and
> > > I haven't made any alterations in the 793bis draft with regard to this
> > > (other than fixing some spelling mistakes). I wanted to pull this into
> > > its own thread in case other people have thoughts or would like to
> > > discuss further what the quiet time concept's relevance is in 2020.
> > I probably am missing something. What's the issue of the text? Linux
> > to my knowledge does
> > not implement this quiet time.
> > But there are other injection attacks or basic checksum issues etc to
> > corrupt TCP. (Serious) application that solely relying on TCP's
> > integrity is signing up for troubles already ...
>
> I would agree with Yuchung's remarks and the general point that the
> "TCP Quiet Time Concept" from RFC 793 does not seem to be of practical
> importance today, from a number of perspectives:
>
> o I'm not aware of any major TCP implementation that actually follows
> the "TCP Quiet Time" approach.
>
> o Most production applications AFAIK end up using SO_REUSEADDR,
> indicating a need to reuse ports quickly and a lack of concern about
> this kind of issue with old packets ending up mixed into new
> connections.
>
> o Applications that care about this should be using cryptography.
>
> o Users today expect to be able to reboot a machine and get back on
> the network in less than 2 minutes.
>
> best,
> neal
>
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm
>
- [tcpm] review of rev 14 of RFC 793 bis part 1 of … Gorry Fairhurst
- [tcpm] review of rev 14 of RFC 793 bis part 2 of … Gorry Fairhurst
- Re: [tcpm] review of rev 14 of RFC 793 bis part 2… Joe Touch
- Re: [tcpm] review of rev 14 of RFC 793 bis part 2… Joe Touch
- Re: [tcpm] review of rev 14 of RFC 793 bis part 2… Gorry Fairhurst
- Re: [tcpm] review of rev 14 of RFC 793 bis part 2… Gorry Fairhurst
- Re: [tcpm] review of rev 14 of RFC 793 bis part 1… Wesley Eddy
- Re: [tcpm] review of rev 14 of RFC 793 bis part 1… Gorry Fairhurst
- Re: [tcpm] review of rev 14 of RFC 793 bis part 1… Rodney W. Grimes
- Re: [tcpm] review of rev 14 of RFC 793 bis part 1… Wesley Eddy
- Re: [tcpm] review of rev 14 of RFC 793 bis part 1… Jonathan Morton
- Re: [tcpm] review of rev 14 of RFC 793 bis part 1… Rodney W. Grimes
- [tcpm] 793bis: TCP Quiet Time Wesley Eddy
- Re: [tcpm] 793bis: TCP Quiet Time Yuchung Cheng
- Re: [tcpm] 793bis: TCP Quiet Time Neal Cardwell
- Re: [tcpm] 793bis: TCP Quiet Time Matt Mathis
- Re: [tcpm] 793bis: TCP Quiet Time Joe Touch
- [tcpm] 793bis: variable MTU Wesley Eddy
- [tcpm] 793bis: reset generation section Wesley Eddy
- [tcpm] 793bis: IPv6 jumbograms Wesley Eddy
- [tcpm] 793bis: IP ID Wesley Eddy
- Re: [tcpm] 793bis: IP ID David Borman
- Re: [tcpm] 793bis: variable MTU Gorry Fairhurst
- Re: [tcpm] 793bis: IP ID Gorry Fairhurst
- Re: [tcpm] 793bis: IP ID Michael Tuexen
- Re: [tcpm] 793bis: TCP Quiet Time Matt Mathis
- [tcpm] 793bis: dead gateway detection Wesley Eddy
- [tcpm] 793bis: delayed ACKs Wesley Eddy
- Re: [tcpm] 793bis: IP ID David Borman
- Re: [tcpm] 793bis: IP ID Joe Touch
- Re: [tcpm] 793bis: IP ID David Borman
- Re: [tcpm] 793bis: IP ID Joe Touch
- Re: [tcpm] 793bis: IP ID Joe Touch
- Re: [tcpm] 793bis: delayed ACKs Yuchung Cheng
- Re: [tcpm] 793bis: TCP Quiet Time Fernando Gont
- Re: [tcpm] 793bis: IP ID Fernando Gont
- Re: [tcpm] 793bis: IP ID Joe Touch
- Re: [tcpm] 793bis: TCP Quiet Time Joe Touch
- Re: [tcpm] 793bis: TCP Quiet Time Matt Mathis
- Re: [tcpm] 793bis: TCP Quiet Time Fernando Gont
- Re: [tcpm] 793bis: TCP Quiet Time Fernando Gont
- Re: [tcpm] 793bis: IP ID Gorry Fairhurst
- Re: [tcpm] 793bis: IP ID Fernando Gont
- Re: [tcpm] 793bis: IP ID Joe Touch
- Re: [tcpm] 793bis: IP ID Fernando Gont
- Re: [tcpm] 793bis: IP ID Joe Touch
- Re: [tcpm] 793bis: IP ID Fernando Gont
- Re: [tcpm] 793bis: IP ID Joe Touch