Re: [tcpm] ECN and synCookie
Krishna Khanal <erkrishna.khanal@gmail.com> Mon, 02 December 2013 10:38 UTC
Return-Path: <erkrishna.khanal@gmail.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43B1F1AE301 for <tcpm@ietfa.amsl.com>; Mon, 2 Dec 2013 02:38:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bpvy-iaxBIgr for <tcpm@ietfa.amsl.com>; Mon, 2 Dec 2013 02:38:07 -0800 (PST)
Received: from mail-ob0-x22a.google.com (mail-ob0-x22a.google.com [IPv6:2607:f8b0:4003:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 0A1741AE17B for <tcpm@ietf.org>; Mon, 2 Dec 2013 02:38:06 -0800 (PST)
Received: by mail-ob0-f170.google.com with SMTP id wp18so12644650obc.29 for <tcpm@ietf.org>; Mon, 02 Dec 2013 02:38:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=JudT+1NwZS2zAGZUmMKknjXIgVKI098jEQtQ8x5UMOU=; b=TK+Tp10xjC58YJMxTtw1ozRV0TXyct1k1NQurasg42f2gDNtwS+V06Sxia2Hle5J5p 8O/eetAId3WEhx4UebzzCEgyh6uIAeR2mFjS308MAayiM70t6R4TxQjPfcDdG/PBomN5 txfgAjOwBGSpGa2GWh2bCwH5emXg1Aj6gMZ0+p9pGcVcAIcuuDw2Wbjd3v1WUkWDX4gw m+PfObbQPoM6v0ubdPrdQk8nHgrOnzp+yFIk7819ILMaEtGoMHY2ukkZ5HAUOm92nhvK T2h1kD7pCNLNOfe9qnd4bGYUhDO2bzvPTbwA1Dm64LuuYLkPf+kdl3geiqwYWX3AuqP0 Fx/A==
MIME-Version: 1.0
X-Received: by 10.60.134.14 with SMTP id pg14mr136627oeb.66.1385980684667; Mon, 02 Dec 2013 02:38:04 -0800 (PST)
Received: by 10.182.135.1 with HTTP; Mon, 2 Dec 2013 02:38:04 -0800 (PST)
In-Reply-To: <012C3117EDDB3C4781FD802A8C27DD4F25EEEF6D@SACEXCMBX02-PRD.hq.netapp.com>
References: <CAPJb4YyPHx6CCC77O2NrfAHmuJcq=HoupaqW7KozWB_Ya3omyw@mail.gmail.com> <012C3117EDDB3C4781FD802A8C27DD4F25EEEF6D@SACEXCMBX02-PRD.hq.netapp.com>
Date: Mon, 02 Dec 2013 16:08:04 +0530
Message-ID: <CAPJb4YxVsB=5OWcDEHCFFqQYckeh84+OvdCWJ_vAiY3=GJ-YtA@mail.gmail.com>
From: Krishna Khanal <erkrishna.khanal@gmail.com>
To: "Scheffenegger, Richard" <rs@netapp.com>
Content-Type: multipart/alternative; boundary="047d7b47286860119804ec8ac660"
Cc: "tcpm@ietf.org" <tcpm@ietf.org>
Subject: Re: [tcpm] ECN and synCookie
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Dec 2013 10:38:09 -0000
Thanks Richard for the details and these link to the drafts. On Thu, Nov 28, 2013 at 4:11 PM, Scheffenegger, Richard <rs@netapp.com>wrote: > Hi Krishna, > > > > as the exact way how a Syn-Cookie is formed is an arbitrary choice by the > server doing this, I don’t see that this couldn’t be achieved. Also, it > doesn’t need any standards action. > > > > > > Changing the Semantics of the TCP ECN handshake however, would change the > semantics; I’m one of the co-authors of the AccECN drafts, where a > different signaling is to be defined. The point you make has not yet > brought forward as a requirement to be included in > http://tools.ietf.org/html/draft-ietf-tcpm-accecn-reqs-04. But as we have > not yet settled on any specific encoding to go with these requirements, > something along the lines below could probably be easily added. > > > > For example, what you ask would probably be easy to implement both with > http://tools.ietf.org/html/draft-kuehlewind-tcpm-accurate-ecn-02 and > http://tools.ietf.org/html/draft-kuehlewind-tcpm-accurate-ecn-option-01 . > > > > You may also look into the work here > http://tools.ietf.org/html/draft-kuehlewind-tcpm-ecn-fallback-01 to see > how it could interact. > > > > > > As a side note, even within RFC3168, your (active open) client would have > two (non-standard) options to convey the use of ECN again back to the > (passive open) server. One would be to set the ECT(0) or ECT(1) codepoint > in the ACK – though RFC1368 doesn’t allow that on pure ACKs; the other one > would be to signal CWR in the pure ACK. However, as both approaches are not > specific (and the use of ECT on pure ACKs may have other implications for > the network), you cann’t rely on the server to react properly. > > > > Of course, any data segment from the client to the server would > legitimately contain ECT(0), ECT(1) or CE, and the server could “late” > enable ECN support after receiving such a segment, if the session was set > up using Syn-Cookies. Up to that point (the first ECN-marked segment from > the client), the server could send regular, non-ECN segments, and I think > such a session would be fully compliant – just not make use of ECN until > the first indication of ECN from the client… > > > > > > Best regards, > > > > Richard Scheffenegger > > > > *From:* tcpm [mailto:tcpm-bounces@ietf.org] *On Behalf Of *Krishna Khanal > *Sent:* Donnerstag, 28. November 2013 06:28 > *To:* tcpm@ietf.org > *Subject:* [tcpm] ECN and synCookie > > > > > > A server with synCookie support generally replies the important options > received on SYN from > > client on its SYN+ACK packet to client after encoding it in its ISS. Since > the number of options > > exchanged in SYN are growing, there are some alternate ways to remember > this, like echoing > > the options in timestamp so that it can be offloaded from ISS. > > > > One of the option exchanged in handshake is ECN. When a server receives a > SYN with ECE+CWR > > set, it replies with ECE. if server has synCookie enabled, it must > remember this on ISS as well. > > > > What about echoing back the ECE option on final ack? If client receives > SYN+ACK with ECE, it can > > set ECE on final ack and send it to server. > > > > With this, there are two advantages: > > 1. no need to encode the ECN capability on syncookie > > 2. if the path is asymmetric (though path can change anytime), client can > inform server about it, > > if the ECE is not set on final ack, server can ignore ECN even if its > enabled. > > > > Were there any discussions in the past on this? Does this make any sense? > > > > Regards, > > Krishna > > > > >
- Re: [tcpm] ECN and synCookie Joe Touch
- [tcpm] ECN and synCookie Krishna Khanal
- Re: [tcpm] ECN and synCookie Scheffenegger, Richard
- Re: [tcpm] ECN and synCookie Krishna Khanal