IETF Logo Mail Archive

Re: [tsvwg] draft-ietf-udp-options issues from IETF 104

Tom Herbert <tom@herbertland.com> Mon, 15 July 2019 23:14 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 037191201A8 for <tsvwg@ietfa.amsl.com>; Mon, 15 Jul 2019 16:14:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wPv9vYEYtDfQ for <tsvwg@ietfa.amsl.com>; Mon, 15 Jul 2019 16:14:56 -0700 (PDT)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A7241201C6 for <tsvwg@ietf.org>; Mon, 15 Jul 2019 16:14:56 -0700 (PDT)
Received: by mail-ed1-x534.google.com with SMTP id d4so17020252edr.13 for <tsvwg@ietf.org>; Mon, 15 Jul 2019 16:14:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=FnTqYOXlCtcQJTRsFtYP1gqjU/rFUjx/womWd7rYaj8=; b=ovdELJRNNwDLUxxpohHUv9Hl5w5gKJpx4Fj1rrVS5VIjMuUFGsT/egmpYJBYfeIQjO aBpe99Cfgc6KB/3LxV7d8uCSVQ3ClknEGIzyUlZ8OXNyCmIjIYJGNXLineZ5XUfEx6tp 1Hg4mm6AD++FpLFp+sYvIOQhEadXXWixhMhP/h0hqL7v0t4xv6da4ATfupv314K3jJtL 8uj2xXEpDrrtoV8iiz0cAexktMSxf96IVm4eHoy1h//m1sKrAI5maGSfPH3WvBIKSbpJ R6wBMcymlHPfhJFv5zRvSc8kFi5VfDdCMFbzKJ+qxQOtPsxTb2k5SutM/T9hPx+Oo45M Vn0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=FnTqYOXlCtcQJTRsFtYP1gqjU/rFUjx/womWd7rYaj8=; b=K/bhkckUyNsq7doSMbuQ0rxhq78C1n/wY13pS2y4F8idNZz2fUKoH6tI9vs+V2SMAj mmcsTMLD1Q90zus10DxJab0CDHw3mxtzVDjbkgA8/ZjuIX+yT6wqO2o9yKVxDUA5LShC HJGXvMtgslAO8Dee4j74+5L4fQgAW7SWwG0l0iU8mzHEUXrKfEJboKJ01Xe8rSO6cdVM OYGfiDClJEbri5SLl5gjVOLzAT8ft7sS2egIZ+dap5nY6Slz5iBQwn0BC164uMLPE+nO zK6Pt6T5kTyJpsLPrTBv+/50xU51AmPVwmmkxnq2zp4x2ONT/cZg0gjeBoCWt7crc9lC f+Cw==
X-Gm-Message-State: APjAAAXH4ZwLjUl68PTWlu6BSg6orACF4RwQ1hpQHNkDwrgNBsZuEZR4 RGmYWIfgMUeuk9Cy+vN2YssuEC+HKaABW40jZ80=
X-Google-Smtp-Source: APXvYqzfvlBMnl5qOB+hp49NYJORupo3FW+R9OJzPVC6siPyRfEhsQz91Svsihbq/W/uPqbcieAerOCm0WeqpNm7ApI=
X-Received: by 2002:a17:906:8591:: with SMTP id v17mr22770999ejx.244.1563232494756; Mon, 15 Jul 2019 16:14:54 -0700 (PDT)
MIME-Version: 1.0
References: <CAPDqMeq9GjEQKukH1pZOTdE50e_rc3U6gpdxT-5qrS5phD0RGw@mail.gmail.com> <646D45AD-D79B-4BD2-A084-7DA97CE2C415@strayalpha.com> <7EC37B50-45D5-4CF1-B113-205E55BF244E@strayalpha.com> <CALx6S34s7L7xo+26bt5Cdaqi4Es5Aci42GHk1WNKzugr5st-Gw@mail.gmail.com> <B525BF50-EFCC-44A5-A604-6CDDA914A1CB@strayalpha.com> <CAPDqMep3R6z9PRKkHyOvrh6sV9n5Sc0B++-zVz0FYJCwE6swrQ@mail.gmail.com> <E42A2AE2-F499-465E-BDE6-5EFC0AB20042@strayalpha.com> <CE03DB3D7B45C245BCA0D24327794936306138E9@MX307CL04.corp.emc.com> <CAPDqMeoyNb7vQTdqxLpZpnKb9S7QKeDJNLyQJBmq95yXhB+xfQ@mail.gmail.com> <7D365770-64FE-40BC-901D-B4D7DF6B484B@strayalpha.com> <20190713182554.GB39770@clarinet.employees.org> <CALx6S36mH2M6SYnRSecWXa7k_d1u8O43+CXE-=KqeO0x2e5+qw@mail.gmail.com> <82FF6486-FABF-4D2C-B5E2-178779C720A4@strayalpha.com> <CALx6S34YhtgNNJtHazqJdsGRhiMa4PQXiSOuDz0JhqqyHWfNyA@mail.gmail.com> <757FDD92-EC4A-4AC2-B491-74B75119A951@strayalpha.com> <CALx6S36XCUs-oQVBSBX_KTg5qN4fgTBrrgqZqmwBwo75J3UqUA@mail.gmail.com> <3b6db46d21ac1bb7e6c6761df7501c92@strayalpha.com> <CALx6S37L0gxaUmE5FT=ByvETY6FnzqXDPMU++RpCQaqpwPXEyA@mail.gmail.com> <4bfbcce574679f741e47cacd87919de1@strayalpha.com> <CACL_3VE_DkRQdBMYc7pW2oB88p7dE-B6Ev7JPfhxA7nUX7tZKA@mail.gmail.com> <193984167bc0b98ffe22da4efe803159@strayalpha.com>
In-Reply-To: <193984167bc0b98ffe22da4efe803159@strayalpha.com>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 15 Jul 2019 16:14:43 -0700
Message-ID: <CALx6S35RObHJpvO06OV+Ysk+SD53VARyjQP8qV5T=BMjTp=qKQ@mail.gmail.com>
To: Joe Touch <touch@strayalpha.com>
Cc: "C. M. Heard" <heard@pobox.com>, tsvwg <tsvwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/K0FTRYqBba7fUU5Wqk3YWchbzPw>
Subject: Re: [tsvwg] draft-ietf-udp-options issues from IETF 104
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 23:15:04 -0000

On Mon, Jul 15, 2019 at 3:01 PM Joe Touch <touch@strayalpha.com> wrote:
>
>
>
>
>
> On 2019-07-15 14:43, C. M. Heard wrote:
>
> ...
> > NOTE2: *as repeatedly already noted*, again - GIVEN THIS CONTEXT -
> > there is no utility in the additional pre-option header proposed in
> > draft-herbert-udp-space-hdr-01.
>
> Actually, there is something in the draft that IMO has great utility --
> not the pre-option header per-se, but the **functionality** provided by
> the draft's protocol header packet format. Specifically, that packet
> format allows options to share fate with the payload data that they
> accompany (i.e., either both are accepted and processed or neither is).
>
>
> How is that true? We can't redefine the UDP checksum, which covers the payload.
>
> A legacy receiver doesn't care about the surplus area and can ignore it. At which point, whether the surplus is corrupted or not, a legacy receiver will accept it.
>
> A UDP-option-aware receiver would do the same thing with OCS (as currently defined) as with the one in draft-herbert. Remember, OCS was already redefined before the last IETF to have the same "zero out" property as in draft-herbert-00.
>
>
> ...
> Besides defining a UDP surplus header (USH, Section 2), the draft also
> defines two variations of is usage: a protocol trailer variant (Section
> 2.1) and a protocol header variant (Section 2.2).
>
> In the trailer variant the UDP user data (and padding bytes as needed
> for alignment) precede the USH and trailing options appear at the the
> offset indicated by the UDP Length. It applies only when UDP Length > 8.
> It provides functionality similar to the packet format defined in
> draft-ietf-tsvwg-udp-options-07.
>
> In the header variant the UDP Length is set to 8. The USH immediately
> follows the UDP header (with no padding), the options are next, and the
> payload is last. This is functionally similar to what you get if you
> start with draft-ietf-tsvwg-udp-options-07 and add a "user data" option
> that consumes all trailing bytes, like the modified FRAG proposed in
> https://mailarchive.ietf.org/arch/msg/tsvwg/Wv--BLVMPAX6g5umok9BQsXAEGg.
>
> One can reasonably ask, why on earth would we want both formats? My
> answer is that they provide different but complementary functions.
>
>
> Didn't you just prove they're equivalent to, in essence, LITE and non-LITE?
>
>
> - The trailer variant can be sent to a legacy receiver with a reasonable
> expectation that the user data will be processed normally and the
> options will be ignored.
>
>
> that's how UDP options already work...
>
>
> ...
> - The header variant can be used to safely send options that need to
> share the fate of the payload data that they accompany (the options
> and payload share the same checksum, so both will be discarded if
> the checksum fails).
>
>
> How is this not LITE?
>
> Note, however, that a packet still shows up (albeit zero length) with either approach. So this isn't exactly the same as true fate-sharing.
>
>
> Options that cause the payload to be handled
> differently when they are present fall into that category. Examples
> include FRAG (for obvious reasons), ACS (as data failing the alternate
> checksum would normally be discarded instead of being passed to the
> application), and AE (as data failing authentication or decryption would
> normally be discarded instead of being passed to the application).
>
> Note that draft-herbert-udp-space-hdr-01 stipulates that options which
> cause the payload to be handled differently when they are present may
> reside in the header variant only.
>
> Why is this important?
>
> Clearly, for legacy receivers, options in the trailer cannot be
> guaranteed to share fate with the payload because they discard all
> options. Similarly, if a new option option that affects data
> handling is defined in the future, option-aware receivers that do
> not recognize it will skip over it. These issues can in principle
> be dealt with by insisting (as draft-ietf-tsvwg-udp-options-07 does)
> that options that are not safe to ignore must not be sent without
> prior knowledge (obtained by negotiation or configuration) that the
> target receiver can properly handle them.
>
> BUT, it's not just legacy receivers that feel the impact; option-aware
> receivers treat the entire options trailer as being absent if the option
> checksum fails. If the UDP checksum passes, and there are options that
> change the handling of the preceding payload data, then that data will
> be handled incorrectly. In other words, a correctly implemented receiver
> that recognizes all options nonetheless has the potential to pass
> corrupted data to the application. In my opinion that's not acceptable.
>
>
> That's not a feature of draft-herbert vs the exising UDP options; that is a choice in Sec 8 of udp-options.
>
> We chose to have that case ignore options to emulate legacy receivers; if that's not what we want, we change that rule.
>
> If that rule is changed, then you'd get the fate sharing you seek.
>
> But you can't have it both ways - with either solution. They're the same here. Either failed options means "act like legacy" or it means "fail", but that means that incorrect options would succeed in a legacy receiver but fail in an options-aware one - EITHER WAY.
>
>
>
> AFAICT, draft-ietf-tsvwg-udp-options-07 currently has no means for
> providing the fate-sharing of options and payload.
>
> '
> It does, as shown above.
>
>
>
>
>
> The protocol header
> format in draft-herbert-udp-space-hdr-01 does. I'd like to see
> draft-ietf-tsvwg-udp-options-07 revised to provide that functionality.
>
> I have my own ideas on how best to do that, but I am going to hold them
> in abeyance for a later time because I think it's much more important
> for us to discuss whether I am correct to insist on the need for an
> option and payload fate-sharing capability for protocol correctness.
>
>
> I agree with that - let's decide what functionality we want and THEN figure out how to deliver it. Or at least separate those two discussions where possible.
>
> However, header/trailer is a misnomer. It's really about whether and how much to use LITE.
>
I disagree. We have at least thirty years experience with protocol
_headers_ on the Internet. All implementations have been tuned for
them, and it would be naive to think that introducing protocol
trailers in data path protocols won't cause issues with established
deployment (some have already been highlighted). IMO, it is a very
relevant and pertinent question as to whether IETF wants to pursue
protocol trailers in data path protocols at this time.

Tom

> Joe
>

v2.23.0 | Report a Bug | By Email