Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13
Michael Tuexen <michael.tuexen@lurchi.franken.de> Wed, 22 November 2023 10:57 UTC
Return-Path: <michael.tuexen@lurchi.franken.de>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A638BC14CE4D for <tcpm@ietfa.amsl.com>; Wed, 22 Nov 2023 02:57:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gbsZtUD0KjCp for <tcpm@ietfa.amsl.com>; Wed, 22 Nov 2023 02:56:59 -0800 (PST)
Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 514F3C14CE2F for <tcpm@ietf.org>; Wed, 22 Nov 2023 02:56:57 -0800 (PST)
Received: from smtpclient.apple (unknown [IPv6:2003:a:e03:d412:a42c:def5:5b8f:bb56]) (Authenticated sender: lurchi) by drew.franken.de (Postfix) with ESMTPSA id B9CD1721E280D; Wed, 22 Nov 2023 11:56:48 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.200.91.1.1\))
From: Michael Tuexen <michael.tuexen@lurchi.franken.de>
In-Reply-To: <fc2d032a-eed3-536a-7131-f4c8ba697136@linux.alibaba.com>
Date: Wed, 22 Nov 2023 11:56:47 +0100
Cc: tcpm@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <2765BAF2-21F2-4A6B-A12D-47E5B43A4CCC@lurchi.franken.de>
References: <fc2d032a-eed3-536a-7131-f4c8ba697136@linux.alibaba.com>
To: "D. Wythe" <alibuda@linux.alibaba.com>
X-Mailer: Apple Mail (2.3774.200.91.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/v_ixYrT2Slzwmds98G-IblOwXmU>
Subject: Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Nov 2023 10:57:01 -0000
> On Nov 22, 2023, at 09:24, D. Wythe <alibuda@linux.alibaba.com> wrote: > > > Hi all, > > I am D. Wythe from Alibaba, currently conducting research on EDO. I would like to report an issue > involving certain middleboxes that may have an impact on EDO. > > We have observed that some middleboxes incorrectly copy unknown TCP options from SYN packets into the SYN-ACK packets. Just to be crystal clear here: You know that middleboxes are doing this or could it also be the endpoint? Best regards Michael > We believe this behavior is entirely incorrect, although we are uncertain of the reasons behind it. > > Here is an example of a TCP SYN packet I constructed with an unknown SYN TCP option: > > local.32218 > remote.http: Flags [S], seq 4026107292, win 8192, options [unknown-100 0x01020304,nop,nop], length 0 > remote.http > local.32218: Flags [S.], seq 3220955308, ack 4026107293, win 8192, options [unknown-100 0x01020304,nop,nop], length 0 > > Unfortunately, this is not an isolated incident. We have observed several publicly available services on the internet > exhibiting the same incorrect behavior. > > We would like to know if anyone else has encountered similar issues and how you perceive the impact of EDO in this scenario > (we believe it may result in the server interpreting the TCP options as application data). > > Additionally, is there any possibility of adding an explicit notification when one side detects a violation of the EDO protocol. > This could potentially prevent all segments from being discarded by restricting the peer from further extending the TCP header. > > > Best regards, > D. Wythe > > > > > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www.ietf.org/mailman/listinfo/tcpm
- [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 rs.ietf
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 Yoshifumi Nishida
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 Michael Tuexen
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 rs.ietf
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 Yoshifumi Nishida
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 Joe Touch
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 Joe Touch
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe
- Re: [tcpm] Comments to draft-ietf-tcpm-tcp-edo-13 D. Wythe