IETF Logo Mail Archive

Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-13.txt

Tom Herbert <tom@herbertland.com> Sat, 10 July 2021 18:50 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6BED3A1550 for <tsvwg@ietfa.amsl.com>; Sat, 10 Jul 2021 11:50:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OmO_RBxqAjbd for <tsvwg@ietfa.amsl.com>; Sat, 10 Jul 2021 11:49:57 -0700 (PDT)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 603843A1551 for <tsvwg@ietf.org>; Sat, 10 Jul 2021 11:49:57 -0700 (PDT)
Received: by mail-ej1-x62d.google.com with SMTP id i20so23489895ejw.4 for <tsvwg@ietf.org>; Sat, 10 Jul 2021 11:49:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=h1uhC0AzFZpfn0tNn9Z0fs96b0NQWwrzjl+tM4vVvdg=; b=eFrkkZxMMLY7ugtm19tHVlYHXGI8wvn08RPkT4ZApvTKjsbdxgd/bOcBCA2e1Y0Zno rJxZArly5v9IBNyyLBdmwJ7uE9d9cuaGDTaa+ReBirsuWqiiFsHV0fQ2FmqwL6M5bzny MPNp1ZT+EREspucFBCSoTzzdzofHGsuqewM1Yo1czYmqlPl/stjn8XZK02HbatDRvFzu aIYzqI7zGpy5npFjUei5gEefzm0TX39fLKTQRg8tyPccSQPx5eGzpMHt141zDjNfZRhe R3xAXkE4BMktD8rmU5eHjoFeFhcO7Jq1Dfh2gZ4eVGO1khkAsbpgwS77rOTRPt3I+M6+ NWCA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=h1uhC0AzFZpfn0tNn9Z0fs96b0NQWwrzjl+tM4vVvdg=; b=M3Fw4S1o/SAiXZSmApqdVc0GogpUYU1jAcng5WCD9X59yrHtP9+UJGV3b3z8W1B5o2 FUQdne6EOlsW/NWt/PasEscpmFQMy7XcDSvDlqEaPxiB4xBdDzkdWLSp7UjCg2VnQdLR ZvqRQUkufFmyHol5DcBtnPolFFmBphlztBjF0f/PJlJlW8/IhHsVb3kNETNJzoGtTK3v 0owu1cbWcyITv32hyW+2dKHbXnRT/DyOobY0vQXiyVMJh7xaHYGa70aDeaghF/bHPkR+ /0Gmp2g3Zl0/TChXRWEER5IsJIEDqvVCyHXnspQ5X0vN4HSiGSL2RtBJKuJLIUfEPa93 t7AQ==
X-Gm-Message-State: AOAM532GAFuI2wHtCz95Em5qzRJVRiGNfBYq48qXpI7Cu54QnH1ag0fy X0r2CXabBAKmYNMC656T4m3SnrKt8QHuDqKtD5/CtQ==
X-Google-Smtp-Source: ABdhPJwV8vZojLD3aySt2ipjqhGYKtSdRmfchpcPaPuOkTUKhIFKKXtxD7OEgrZw2J/xC1SmhKyCEBXIfLVRNGjnVL8=
X-Received: by 2002:a17:906:498b:: with SMTP id p11mr45115330eju.295.1625942994474; Sat, 10 Jul 2021 11:49:54 -0700 (PDT)
MIME-Version: 1.0
References: <162408795080.21706.5548660195641640175@ietfa.amsl.com> <C2C396E7-B728-496E-841B-D9F64004D3E3@strayalpha.com> <CACL_3VHC55cdu96=5OuNKmaaXrvDY5wkYid9a+j6=VtQrvJhZg@mail.gmail.com> <5086F1C2-55C9-4BD4-BB80-9C247E379204@strayalpha.com> <CALx6S373DmsGAncT8j2rGdpSfQ8q6pZi7iTVw4geZuxQdbA-sA@mail.gmail.com> <6E26E6BD-9AC0-46FF-8BA5-EDA016F840CE@strayalpha.com> <CALx6S352p8rboxD9k3bebLvep0rwk37y5avxbqFaFCsuQ_Nt2w@mail.gmail.com> <FE7B082E-B684-4D0A-B0F7-3761EBC25720@strayalpha.com> <CALx6S36Avgjhz84rKc_=c1DCRsWHquSgztPT_7visUkacj+H8A@mail.gmail.com> <EBBDB369-55D6-4E5B-8FC5-1EDF65A13327@strayalpha.com>
In-Reply-To: <EBBDB369-55D6-4E5B-8FC5-1EDF65A13327@strayalpha.com>
From: Tom Herbert <tom@herbertland.com>
Date: Sat, 10 Jul 2021 11:49:43 -0700
Message-ID: <CALx6S34=TZKNwmBn0xvS7-JFtkbx5w4DyyHTxCDZ_Do20Ea+fA@mail.gmail.com>
To: Joseph Touch <touch@strayalpha.com>
Cc: TSVWG <tsvwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/CxoAZQAEvdgYn8sn_FKNoWxP1Sk>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-13.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Jul 2021 18:50:03 -0000

On Sat, Jul 10, 2021 at 9:09 AM Joseph Touch <touch@strayalpha.com> wrote:
>
> Hi, Tom,
>
> On Jul 10, 2021, at 8:19 AM, Tom Herbert <tom@herbertland.com> wrote:
>
> On Fri, Jul 9, 2021 at 5:15 PM Joseph Touch <touch@strayalpha.com> wrote:
>
> ...
>
> In contrast to checksum calculation, walking TLV lists is still
> considered a major problem for performance.
>
>
> And that’s still required for TCP and IP. We’re no different. That has no impact on checksum offload for UDP, only in option processing.
>
> TCP and IPv4 do not require walking their respective options to
> validate the checksum,
>
>
> OK, we agree on that. So at least we’ve established the use of TLVs isn’t an offload issue.
>
> UDP options does at least when UDP checksum is
> non-zero. If processing UDP options walks the list twice,
>
>
> Only when the SHOULD is not followed; we can certainly add that note.
>
> An implementation could easily walk the TLV and set a flag if options other than OCS or NOP appear. The walk ignores such options until OCS and restarts if OCS works.
>
> So we can note that this “double walk” would incur double work if:
> - options other than OCS and NOP appear before OCS

What if OCS is not present? If we ignore options in the first walk to
account for the possibility that an OCS might be present, doesn't that
mean that once the walk completes and we haven't found the OCS we need
to walk again to actually process all the options?

> AND
> - offloading is used
>
> Without offloading, the walk always occurs twice: once to compute the checksum, once to process options, and the first pass can keep a copy of the OCS value to check before the second pass.
>
> .... Maybe there are other intended methods like
> provisionally processing TLVs and throwing out work when a bad
> checksum is detected or scoreboarding of TLVs, but those options are
> not articulated in the draft nor are there any references to
> implementation that show this.
>
>
> We can mention that possibility, which would be no different than deep conditional processing that many systems alr
>
> But, again, the issue isn’t about offloading, it’s in post-offload processing, and only if the SHOULD is not followed.
>
> At that point, yes, we could do something to avoid that possible issue without impacting those who don’t use OCS, but it’s a lot simpler than has been proposed before. It does revive the idea of a required UDP option header, but it would basically be just an aligned OCS checksum:
>
> - NOPs until 4-byte alignment (note that some wanted 8-byte alignment, so we have to pick)
> - OCS checksum field only (no kind, no length)
>
> If we don’t require alignment, there’s a small amount of additional work. That might not be useful to optimize for because the UDP option space isn’t constrained the way TCP’s is, though.
>
> That overcomes the post-offload issue for OCS, though there’s still a similar post-offload issue for other options (ENCR, AUTH) that matches the same ‘chain’ problem you’ve been concerned about that still in other protocols that use offloading for crypto, e.g., IPsec, TCP-MD5/TCP-AO, etc.
>
> Joe
>

v2.23.0 | Report a Bug | By Email