IETF Logo Mail Archive

Re: [tcpm] IETF 114 TCPM WG - NG TCPM Yang Model

Gyan Mishra <hayabusagsm@gmail.com> Mon, 08 August 2022 21:46 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AD48C157B4B for <tcpm@ietfa.amsl.com>; Mon, 8 Aug 2022 14:46:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AVUgANdJdXRT for <tcpm@ietfa.amsl.com>; Mon, 8 Aug 2022 14:46:26 -0700 (PDT)
Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09713C15A732 for <tcpm@ietf.org>; Mon, 8 Aug 2022 14:46:26 -0700 (PDT)
Received: by mail-pl1-x62b.google.com with SMTP id z19so9722168plb.1 for <tcpm@ietf.org>; Mon, 08 Aug 2022 14:46:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=RC64f924Fa6Gdr6k6MA0USacpNidPZKXSCg/jmUgn0s=; b=dVcbuidm/u/zHBDnrOSQkyqmefhvd2hmCtxahTYLrtgrN/JGFhXvPNZMbfZWkJtrau pnT9CpQEuvEUzyHrlgMa01qK6HKkc1rfYVL9OleHpmE0lYxegzc3M2wnJMNGiWfKFyyz 5Pb7kL+zaZEXC8McfSRWI/Xt+MHWuylgO5Xg3j2Gsx6eYWCaZPsUl9NJFmdXnxjb4S0S 3bR5iPFDT++fOXGaMqXaZhTLrZB715fyTO6L9k4SjN3R5ozBVV+EvPBw3sbe/TPLcynP kIHoN5WJ4t6YVRBc2dxFPadkytvjmnXPBg8BFXtn7Bxt2gUTuEicFH2aPMsEzNcEMs2i /TWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=RC64f924Fa6Gdr6k6MA0USacpNidPZKXSCg/jmUgn0s=; b=4vfv/26IL4pn8kKmXW+I8NhnNhTfjsKf4mbzsGtLiBx+UNCNLI8J4NJF3TnMsqds0f sidXYwyanXD9M9/O21Zr/2VHfYLzXLLmT5hVnYaca3fp57r9lqbGauqoA+aiUmhrc9aa h99spc9z43swBMbWyqdhxQCAR6Hxj9OX3C4ZftwL2ziI1dolPYa8osX50qlem7TD8jmm vpq/fuhURppcLVdqALhrJw19fjud8oryIF9eLMq++ahL5/pEXSrq5NJWIz57eBVwYi87 Ua/fGO6JE94nkFf+e88BzwkwXayQDznYfHX+2/Ks+YPEdpbeFlyMpRfDo+/ue67d8oie YC8w==
X-Gm-Message-State: ACgBeo1dxMpw1JXirnXagsIZonn7R8uOCN0V0PoGCKY1fXPBHhM5Apml CzT/fYtBSfvBlz7MqND5jB2kSFubPmCFKikpDBo=
X-Google-Smtp-Source: AA6agR7NyCuQXZ7MdKux33R9TzSAFoiBRlPzm2UpEK4o+hlxOM04nl221TWfk8A7s96eQKB3t0/oI6SYKhCM0uHJlDo=
X-Received: by 2002:a17:902:8bc5:b0:16c:f48b:d5b5 with SMTP id r5-20020a1709028bc500b0016cf48bd5b5mr21096173plo.128.1659995185436; Mon, 08 Aug 2022 14:46:25 -0700 (PDT)
MIME-Version: 1.0
References: <CAJhXr9-zcJg99ML3MSNMTvRFiT_BLzJihQucAdX8MZGDZ84dWw@mail.gmail.com> <CABNhwV1wz2Uhx+DWjabzVz8GAhQD78NFKhq2az=E7dhnxTC-Ww@mail.gmail.com> <A8851A57-748D-4504-97B6-677807EE0DB6@lurchi.franken.de> <EF72E595-0B1E-4AD9-BDFE-603B9B200F0D@strayalpha.com> <CABNhwV1OZawGXbH4d9RGx0KWKoiKLdZnNPq1gOcSfMQeie3q4Q@mail.gmail.com> <0D8E1E5A-5CD1-4302-8FE9-21EFF9847199@strayalpha.com> <CABNhwV363kikY+9Brvwn3pF=5Hh0VCQHyYqPxSNFzS3q-3H2Gw@mail.gmail.com> <8C844A10-F028-42B4-804D-78FA4A03B860@strayalpha.com> <CABNhwV01iRaMQah4eBS7KDWz2_5qnWTPFOm-=RR-eih=9+knYA@mail.gmail.com> <CAOj+MMFmBV+04POE9OQHKsM8y0-dKfd2bEMMg61MwqHd-cQmHQ@mail.gmail.com>
In-Reply-To: <CAOj+MMFmBV+04POE9OQHKsM8y0-dKfd2bEMMg61MwqHd-cQmHQ@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 08 Aug 2022 17:46:14 -0400
Message-ID: <CABNhwV1eT4-aK_yn0y7zzserqRzqaPPMtJ6aBJNCEtWRydFwmQ@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
Cc: Jeffrey Haas <jhaas@pfrc.org>, Michael Tuexen <michael.tuexen@lurchi.franken.de>, Susan Hares <shares@ndzh.com>, "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>, tcpm IETF list <tcpm@ietf.org>, "touch@strayalpha.com" <touch@strayalpha.com>
Content-Type: multipart/alternative; boundary="0000000000005b5cb305e5c1bfa1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/kelQnkadlWOmg_8lVa0IYfm5FAs>
Subject: Re: [tcpm] IETF 114 TCPM WG - NG TCPM Yang Model
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Aug 2022 21:46:30 -0000

Hi Robert

I have been monitoring and posted to the thread this topic about a NG TCP
Yang model to help detect the TCP Zero window state and then take action
with the send timer proposal.

Alternatively as you mentioned the TCP_USER_TIMEOUT timer to help reset the
Stuck TCP connection proposed by Enke.

It did not seem there was yet consensus on the thread to use the TCP
timeout timer to reset the connection over the send timer draft.

I think handling at the TCP layer makes sense then messing with BGP.

So from the Yang model monitoring aspect here, if we go the route of using
the TCP timeout to reset the connection as opposed to the send timer draft,
in both cases we still have the problem of trying to detect the zero window
condition which is where the Yang model comes into play.

So I think the Yang model would be useful to first detect the occurrence of
the zero window condition as well as you mentioned report the critical TCP
FSM timers and when they expire and cause connection resets.

Kind Regards

Gyan

On Mon, Aug 8, 2022 at 5:19 PM Robert Raszuk <robert@raszuk.net> wrote:

> Hi Gyan,
>
> As you perhaps are watching the IDR discussion there is a proposal not to
> monitor zero windows on the client side.
>
> Instead we do believe that stuck TCP connections should be handled by TCP
> itself preferably with the use of TCP_USER_TIMEOUT timer.
>
> So all I would expect from the YANG model here would be to report critical
> TCP FSM timers when they expire and cause connection resets.
>
> Thx,
> Robert
>
>
>
>
>
>
> On Mon, Aug 8, 2022 at 11:14 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:
>
>>
>> Hi Joe
>>
>> Our main concern is how best to monitor the occurrence of TCP Zero window
>> on the BGP client so that we can take action and reset the peer.
>>
>> So any and all TCP parameters that can help provide us better insight
>> into connection state is what we are after.
>>
>> Also if there is anything proactive as far as tx and rx buffer and if the
>> buffer is depleting or system resource issues writing to the buffer that is
>> causing the window to collapse to be able to possibly proactively monitor
>> leading up to the zero window.
>>
>> Thanks
>>
>> Gyan
>>
>> On Mon, Aug 8, 2022 at 11:16 AM touch@strayalpha.com <
>> touch@strayalpha.com> wrote:
>>
>>> See below inline:
>>>
>>> On Aug 7, 2022, at 4:31 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>>>
>>>
>>> Replies below
>>>
>>> On Sat, Aug 6, 2022 at 11:25 AM touch@strayalpha.com <
>>> touch@strayalpha.com> wrote:
>>>
>>>> Replies below...
>>>> —
>>>> Dr. Joe Touch, temporal epistemologist
>>>> www.strayalpha.com
>>>>
>>>> On Jul 29, 2022, at 8:14 AM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>>>>
>>>> Hi Joe
>>>>
>>>> Responses in-line
>>>>
>>>> On Tue, Jul 26, 2022 at 10:13 PM touch@strayalpha.com <
>>>> touch@strayalpha.com> wrote:
>>>>
>>>>> Notes below.
>>>>>
>>>>> > On Jul 26, 2022, at 6:19 PM, Michael Tuexen <
>>>>> michael.tuexen@lurchi.franken.de> wrote:
>>>>> >
>>>>>
>>>> ...
>>>>
>>>> > • All TCP flags and respective states.
>>>>> > Do you mean the TCP flags SYN, FIN, PSH, ... Does a YANG module all
>>>>> to describe
>>>>> > packets sent and received?
>>>>>
>>>>> I can’t see how this can model the TCP flags; all it should be
>>>>> modeling is the states of the connection. The model is for TCP, not TCP
>>>>> packets.
>>>>
>>>>
>>>>     Gyan> Agreed that we want to model the TCP states not the packets.
>>>>
>>>>
>>>> Then you need to consider only the parameters passed via socket options
>>>> that control those flags, not the flags themselves.
>>>>
>>>
>>>     Gyan> Understood.  Yes so what we ar looking for is the state of the
>>> socket connection and and control flags for each state of the socket
>>> connection.
>>>
>>>
>>> Socket options are OS state, not TCP state.
>>>
>>> I don’t know if there is a common framework for them, though, esp. given
>>>> the IETF (incorrectly) abandoned the idea of the abstract user interface as
>>>> part of a protocol definition, at least for decades.
>>>>
>>>
>>>     Gyan> I don’t know either.  Would the common framework be based on
>>> the  TCP FSM and socket connection states and related flags?
>>>
>>>
>>> The TCP FSM is already part of the current TCP YANG model.
>>>
>>> Flags, again, are not endpoint states - they are packet contents.
>>>
>>> Socket connection states are tightly coupled to TCP FSM (though not
>>> identical), but these are OS-specific.
>>>
>>> ...
>>>>
>>>>
>>>    Gyan> Understood and agreed there is no CC specific to BGP
>>>
>>>>
>>>> So if this is all aimed at helping BGP figure out when TCP isn’t making
>>>> progress,
>>>>
>>>
>>> Gyan> Yes that is the goal
>>>
>>> it seems like an impossibly large task (too many CC algs).
>>>>
>>>
>>> Gyan> If we can hone in on the popular CC Alg used today by routers and
>>> computers would be a start.
>>>
>>>
>>> I think you may be missing the point. Rather than trying to figure out
>>> the common CC algs and parameterize them, why not explain what you really
>>> want to know about the connection?
>>>
>>> Again, IMO, if this is really about trying to instrument an endpoint so
>>> that all possible attacks can be detected, it’s a non-starter to me.
>>>
>>> Are there particular parameters you think would be beneficial for BGP to
>>>> know about TCP and can they be abstracted away from specific
>>>> implementations?
>>>>
>>>
>>> Gyan> The main parameters are the TCP socket connection state and
>>> related header flags, TCP Congestion control algorithms common ones used by
>>> routers and computers, and looking at the TCP parameters list, timestamps,
>>> CC, Quick start, User timeout, ECN.
>>>
>>>
>>> Again you mention header flags. Those are set by TCP based on connection
>>> state and user commands, but they are NOT properties of the connection
>>> itself. The rest of the list is just the set of everything om the endpoint
>>> that MIGHT be useful.
>>>
>>> https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml
>>>
>>>
>>> Those are code points used in TCP messages, not parameters to the TCP
>>> protocol.
>>>
>>> —
>>>
>>> I continue to see a disconnect here. There is a difference between TCP
>>> endpoints, TCP messages, and OS (i.e., socket) endpoints. TCP YANG models
>>> should reflect TCP endpoints; Netconf/YANG is not a packet inspection or
>>> packet debugging tool. And some of what you want to know refers to a
>>> socket, not TCP at all.
>>>
>>> Joe
>>>
>>> --
>>
>> <http://www.verizon.com/>
>>
>> *Gyan Mishra*
>>
>> *Network Solutions A**rchitect *
>>
>> *Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*
>>
>>
>>
>> *M 301 502-1347*
>>
>> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *

*Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*



*M 301 502-1347*

v2.23.0 | Report a Bug | By Email