IETF Logo Mail Archive

Re: [tcpm] IETF 114 TCPM WG - NG TCPM Yang Model

Gyan Mishra <hayabusagsm@gmail.com> Mon, 08 August 2022 23:14 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 081A0C15BEC6 for <tcpm@ietfa.amsl.com>; Mon, 8 Aug 2022 16:14:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I_bb8Sq8de2v for <tcpm@ietfa.amsl.com>; Mon, 8 Aug 2022 16:14:24 -0700 (PDT)
Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DF7AC14F735 for <tcpm@ietf.org>; Mon, 8 Aug 2022 16:14:24 -0700 (PDT)
Received: by mail-pj1-x1034.google.com with SMTP id t22so10165636pjy.1 for <tcpm@ietf.org>; Mon, 08 Aug 2022 16:14:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=AkaATwdqoTZtInik7IR0Rrcc5HNPbgUxFpQjDlidtjk=; b=k50bDJ3GPjj0vX/ARrYD4CqWmnTqONYt8/l7v0mSCjW/IRUm2DH949f+kcpJqz5F7r TNNPkyv1dopjPJTfL6qUBcZvJLbsLZpD34neOgL/lNxNDgojHTb2ZASm8658ZYdAo7ej JcbXvNcXafUyPCBK3loMshyqj4wxeaPvvIvHg3rxVCFXGCJmMUk9gqE5IfHiPVzNGCaq Q83rcB5d00UKUvhqA98Q2gEEPmzu/dWUOy9ibvczeP5qSzR0+Zl9X9l3qcHMNMQrMMtL Ko82mNpMGlFLW1wG/Nhvme48d7L7JUKdpRr6vMT5omQCsemvnvv34pE78kdUipjthl1U atwg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=AkaATwdqoTZtInik7IR0Rrcc5HNPbgUxFpQjDlidtjk=; b=FEmBahU0d8RCNsWAVWOZg5cUFlQiUoAl03h2xEU2z+VKHl2Clx79+2fTPx20OBjEaB +6b2ibAGHY3PHKVjP8/YW9K4lVrZpTaioRMZNHX5vmkjExdzmyIaN1erhxQx4qcM2HO5 V5HyKwdxhlAdNnosRFwNJkbK6kjGZ1K3nsM1+znevhnxGkOKMV13fFmSBWhAEA7V+Uk5 hukaLK6P7sXpwkapw5Ryebiqa+R70zfQ+dNj/XqK3uzl/lDts/4pQKXN/pt6Y+e3IkEx tTnan6JByvEh5vIdiDIM4YJRaSeiiLbQoiRN6SZkJxv7FvWApXT9qabKGF9MfKgXR7+s VNaw==
X-Gm-Message-State: ACgBeo2gXF0w7WcJXlK9rmU8yfJM7nFqXmoc93S2y2Qpfg2JmoaPNBjO xZIBM2oQvfmUgPnxKi/vrzw3eb0gKuCIxM6DPA0=
X-Google-Smtp-Source: AA6agR5sH4NBzY8HPyHeJPchY+tBgVrNDA+UX7ecJXK9fMYWBYSOq+8xHaCvjYEi60MErdM5vagFKbmLQp69DN9Z630=
X-Received: by 2002:a17:902:f70a:b0:170:c5e7:874c with SMTP id h10-20020a170902f70a00b00170c5e7874cmr4913810plo.109.1660000463872; Mon, 08 Aug 2022 16:14:23 -0700 (PDT)
MIME-Version: 1.0
References: <CAJhXr9-zcJg99ML3MSNMTvRFiT_BLzJihQucAdX8MZGDZ84dWw@mail.gmail.com> <CABNhwV1wz2Uhx+DWjabzVz8GAhQD78NFKhq2az=E7dhnxTC-Ww@mail.gmail.com> <A8851A57-748D-4504-97B6-677807EE0DB6@lurchi.franken.de> <EF72E595-0B1E-4AD9-BDFE-603B9B200F0D@strayalpha.com> <CABNhwV1OZawGXbH4d9RGx0KWKoiKLdZnNPq1gOcSfMQeie3q4Q@mail.gmail.com> <0D8E1E5A-5CD1-4302-8FE9-21EFF9847199@strayalpha.com> <CABNhwV363kikY+9Brvwn3pF=5Hh0VCQHyYqPxSNFzS3q-3H2Gw@mail.gmail.com> <8C844A10-F028-42B4-804D-78FA4A03B860@strayalpha.com> <CABNhwV01iRaMQah4eBS7KDWz2_5qnWTPFOm-=RR-eih=9+knYA@mail.gmail.com> <CAOj+MMFmBV+04POE9OQHKsM8y0-dKfd2bEMMg61MwqHd-cQmHQ@mail.gmail.com> <CABNhwV1eT4-aK_yn0y7zzserqRzqaPPMtJ6aBJNCEtWRydFwmQ@mail.gmail.com> <09DFC5A9-F539-42A2-8F71-57D43282F03F@strayalpha.com>
In-Reply-To: <09DFC5A9-F539-42A2-8F71-57D43282F03F@strayalpha.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 08 Aug 2022 19:14:12 -0400
Message-ID: <CABNhwV1L3Y=xpbEf2Bx_QUNO94HDwXET-mV1xPeOamfWJCTuXg@mail.gmail.com>
To: "touch@strayalpha.com" <touch@strayalpha.com>
Cc: Jeffrey Haas <jhaas@pfrc.org>, Michael Tuexen <michael.tuexen@lurchi.franken.de>, Robert Raszuk <robert@raszuk.net>, Susan Hares <shares@ndzh.com>, "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>, tcpm IETF list <tcpm@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f9e77e05e5c2f90c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/nDgrFXCpq6WOX_0sjTBD0yl3bRk>
Subject: Re: [tcpm] IETF 114 TCPM WG - NG TCPM Yang Model
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Aug 2022 23:14:29 -0000

Agreed.

Thanks

Gyan
On Mon, Aug 8, 2022 at 6:18 PM touch@strayalpha.com <touch@strayalpha.com>
wrote:

> FWIW, I agree with Robert. If what you are tracking is connection
> progress, then the existing timeout is the best indicator - esp. because
> there can be other reasons TCP doesn’t make progress.
>
> As to “handling this at the TCP layer”, the timeout would do exactly that
> already. At best, it seems you might like to know remotely that such a
> timeout has triggered.
>
> Joe
>
> —
> Dr. Joe Touch, temporal epistemologist
> www.strayalpha.com
>
> On Aug 8, 2022, at 2:46 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>
>
> Hi Robert
>
> I have been monitoring and posted to the thread this topic about a NG TCP
> Yang model to help detect the TCP Zero window state and then take action
> with the send timer proposal.
>
> Alternatively as you mentioned the TCP_USER_TIMEOUT timer to help reset
> the Stuck TCP connection proposed by Enke.
>
> It did not seem there was yet consensus on the thread to use the TCP
> timeout timer to reset the connection over the send timer draft.
>
> I think handling at the TCP layer makes sense then messing with BGP.
>
> So from the Yang model monitoring aspect here, if we go the route of using
> the TCP timeout to reset the connection as opposed to the send timer draft,
> in both cases we still have the problem of trying to detect the zero window
> condition which is where the Yang model comes into play.
>
> So I think the Yang model would be useful to first detect the occurrence
> of the zero window condition as well as you mentioned report the critical
> TCP FSM timers and when they expire and cause connection resets.
>
> Kind Regards
>
> Gyan
>
> On Mon, Aug 8, 2022 at 5:19 PM Robert Raszuk <robert@raszuk.net> wrote:
>
>> Hi Gyan,
>>
>> As you perhaps are watching the IDR discussion there is a proposal not to
>> monitor zero windows on the client side.
>>
>> Instead we do believe that stuck TCP connections should be handled by TCP
>> itself preferably with the use of TCP_USER_TIMEOUT timer.
>>
>> So all I would expect from the YANG model here would be to report
>> critical TCP FSM timers when they expire and cause connection resets.
>>
>> Thx,
>> Robert
>>
>>
>>
>>
>>
>>
>> On Mon, Aug 8, 2022 at 11:14 PM Gyan Mishra <hayabusagsm@gmail.com>
>> wrote:
>>
>>>
>>> Hi Joe
>>>
>>> Our main concern is how best to monitor the occurrence of TCP Zero
>>> window on the BGP client so that we can take action and reset the peer.
>>>
>>> So any and all TCP parameters that can help provide us better insight
>>> into connection state is what we are after.
>>>
>>> Also if there is anything proactive as far as tx and rx buffer and if
>>> the buffer is depleting or system resource issues writing to the buffer
>>> that is causing the window to collapse to be able to possibly proactively
>>> monitor leading up to the zero window.
>>>
>>> Thanks
>>>
>>> Gyan
>>>
>>> On Mon, Aug 8, 2022 at 11:16 AM touch@strayalpha.com <
>>> touch@strayalpha.com> wrote:
>>>
>>>> See below inline:
>>>>
>>>> On Aug 7, 2022, at 4:31 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>>>>
>>>>
>>>> Replies below
>>>>
>>>> On Sat, Aug 6, 2022 at 11:25 AM touch@strayalpha.com <
>>>> touch@strayalpha.com> wrote:
>>>>
>>>>> Replies below...
>>>>> —
>>>>> Dr. Joe Touch, temporal epistemologist
>>>>> www.strayalpha.com
>>>>>
>>>>> On Jul 29, 2022, at 8:14 AM, Gyan Mishra <hayabusagsm@gmail.com>
>>>>> wrote:
>>>>>
>>>>> Hi Joe
>>>>>
>>>>> Responses in-line
>>>>>
>>>>> On Tue, Jul 26, 2022 at 10:13 PM touch@strayalpha.com <
>>>>> touch@strayalpha.com> wrote:
>>>>>
>>>>>> Notes below.
>>>>>>
>>>>>> > On Jul 26, 2022, at 6:19 PM, Michael Tuexen <
>>>>>> michael.tuexen@lurchi.franken.de> wrote:
>>>>>> >
>>>>>>
>>>>> ...
>>>>>
>>>>> > • All TCP flags and respective states.
>>>>>> > Do you mean the TCP flags SYN, FIN, PSH, ... Does a YANG module all
>>>>>> to describe
>>>>>> > packets sent and received?
>>>>>>
>>>>>> I can’t see how this can model the TCP flags; all it should be
>>>>>> modeling is the states of the connection. The model is for TCP, not TCP
>>>>>> packets.
>>>>>
>>>>>
>>>>>     Gyan> Agreed that we want to model the TCP states not the packets.
>>>>>
>>>>>
>>>>> Then you need to consider only the parameters passed via socket
>>>>> options that control those flags, not the flags themselves.
>>>>>
>>>>
>>>>     Gyan> Understood.  Yes so what we ar looking for is the state of
>>>> the socket connection and and control flags for each state of the socket
>>>> connection.
>>>>
>>>>
>>>> Socket options are OS state, not TCP state.
>>>>
>>>> I don’t know if there is a common framework for them, though, esp.
>>>>> given the IETF (incorrectly) abandoned the idea of the abstract user
>>>>> interface as part of a protocol definition, at least for decades.
>>>>>
>>>>
>>>>     Gyan> I don’t know either.  Would the common framework be based on
>>>> the  TCP FSM and socket connection states and related flags?
>>>>
>>>>
>>>> The TCP FSM is already part of the current TCP YANG model.
>>>>
>>>> Flags, again, are not endpoint states - they are packet contents.
>>>>
>>>> Socket connection states are tightly coupled to TCP FSM (though not
>>>> identical), but these are OS-specific.
>>>>
>>>> ...
>>>>>
>>>>>
>>>>    Gyan> Understood and agreed there is no CC specific to BGP
>>>>
>>>>>
>>>>> So if this is all aimed at helping BGP figure out when TCP isn’t
>>>>> making progress,
>>>>>
>>>>
>>>> Gyan> Yes that is the goal
>>>>
>>>> it seems like an impossibly large task (too many CC algs).
>>>>>
>>>>
>>>> Gyan> If we can hone in on the popular CC Alg used today by routers and
>>>> computers would be a start.
>>>>
>>>>
>>>> I think you may be missing the point. Rather than trying to figure out
>>>> the common CC algs and parameterize them, why not explain what you really
>>>> want to know about the connection?
>>>>
>>>> Again, IMO, if this is really about trying to instrument an endpoint so
>>>> that all possible attacks can be detected, it’s a non-starter to me.
>>>>
>>>> Are there particular parameters you think would be beneficial for BGP
>>>>> to know about TCP and can they be abstracted away from specific
>>>>> implementations?
>>>>>
>>>>
>>>> Gyan> The main parameters are the TCP socket connection state and
>>>> related header flags, TCP Congestion control algorithms common ones used by
>>>> routers and computers, and looking at the TCP parameters list, timestamps,
>>>> CC, Quick start, User timeout, ECN.
>>>>
>>>>
>>>> Again you mention header flags. Those are set by TCP based on
>>>> connection state and user commands, but they are NOT properties of the
>>>> connection itself. The rest of the list is just the set of everything om
>>>> the endpoint that MIGHT be useful.
>>>>
>>>> https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml
>>>>
>>>>
>>>> Those are code points used in TCP messages, not parameters to the TCP
>>>> protocol.
>>>>
>>>> —
>>>>
>>>> I continue to see a disconnect here. There is a difference between TCP
>>>> endpoints, TCP messages, and OS (i.e., socket) endpoints. TCP YANG models
>>>> should reflect TCP endpoints; Netconf/YANG is not a packet inspection or
>>>> packet debugging tool. And some of what you want to know refers to a
>>>> socket, not TCP at all.
>>>>
>>>> Joe
>>>>
>>>> --
>>>
>>> <http://www.verizon.com/>
>>> *Gyan Mishra*
>>> *Network Solutions A**rchitect *
>>> *Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*
>>>
>>>
>>> *M 301 502-1347*
>>>
>>> --
>
> <http://www.verizon.com/>
> *Gyan Mishra*
> *Network Solutions A**rchitect *
> *Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*
>
>
> *M 301 502-1347*
>
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm
>
>
> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *

*Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*



*M 301 502-1347*

v2.23.0 | Report a Bug | By Email