IETF Logo Mail Archive

Re: [tsvwg] I-D Action: draft-ietf-tsvwg-sctp-dtls-encaps-03.txt

Joe Touch <touch@isi.edu> Mon, 12 May 2014 16:24 UTC

Return-Path: <touch@isi.edu>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB0D51A0765 for <tsvwg@ietfa.amsl.com>; Mon, 12 May 2014 09:24:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9UaVWxt9thcC for <tsvwg@ietfa.amsl.com>; Mon, 12 May 2014 09:24:55 -0700 (PDT)
Received: from darkstar.isi.edu (darkstar.isi.edu [128.9.128.127]) by ietfa.amsl.com (Postfix) with ESMTP id D26FE1A0732 for <tsvwg@ietf.org>; Mon, 12 May 2014 09:24:44 -0700 (PDT)
Received: from [10.133.205.183] (UAPublic-35.guest.arizona.edu [206.207.225.35]) (authenticated bits=0) by darkstar.isi.edu (8.13.8/8.13.8) with ESMTP id s4CGOJfw020461 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 12 May 2014 09:24:22 -0700 (PDT)
Message-ID: <5370F5B3.6020601@isi.edu>
Date: Mon, 12 May 2014 09:24:19 -0700
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
References: <53190AEC.2010209@isi.edu> <625217B1-E56E-48B4-9E1F-B5A8E13C5034@lurchi.franken.de> <CC705408-7F7B-459B-B100-B2B056AD936C@lurchi.franken.de> <53444401.9030905@isi.edu> <146DE290-E6FA-4719-BE2C-EDCDF9FA6904@lurchi.franken.de> <53445AEE.9070303@isi.edu> <1FC35FE3-5891-4B79-97BF-1603CCF67692@lurchi.franken.de> <53457BA3.5030707@isi.edu> <F05EC513-2E30-46ED-9807-F1DB3B1384B8@lurchi.franken.de> <5345BD4F.5070007@isi.edu> <35E3EA2E-46C7-40C0-8AEA-4B5C4B3FF901@lurchi.franken.de> <535061C5.3030206@isi.edu> <6C98A0A7-4727-4B53-A78B-186AEAAF15D1@lurchi.franken.de> <53515469.3010703@isi.edu> <8E12C59B-6F68-46CA-81EE-270122677E65@lurchi.franken.de>
In-Reply-To: <8E12C59B-6F68-46CA-81EE-270122677E65@lurchi.franken.de>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: http://mailarchive.ietf.org/arch/msg/tsvwg/XgyB1k87c2fUAIPVDICjFI659R4
Cc: tsvwg WG <tsvwg@ietf.org>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-sctp-dtls-encaps-03.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 May 2014 16:25:00 -0000

It might be useful to see the updated document at this point.

I think the bottom line is the conclusion point below - this doc needs 
to be careful about what it requires/assumes from other layers, and if 
it's implementation-dependent, present the approach as "SHOULD, where 
implementations permit" and address what to do when this is not the case.

Joe

On 5/11/2014 2:45 PM, Michael Tuexen wrote:
> On 18 Apr 2014, at 18:35, Joe Touch <touch@isi.edu> wrote:
>
>> Cutting down a bit...
> Thanks a lot, sorry for the delay. See me comments in-line.
>
> Best regards
> Michael
>>
>> On 4/18/2014 4:39 AM, Michael Tuexen wrote:
>> ...
>>>>> That is why we write in this document that when you run SCTP over DTLS
>>>>> as defined in this document, you MUST use the PLMTUD.
>>>>
>>>> At the DTLS layer.
>>>
>>> Either at the DTLS layer or at the SCTP layer.
>>
>> How would an implementer know what to do per se? If they built this using userland SCTP, which they could AFAICT, they might not know.
>>
>> IMO, that means you should say something more like:
>>
>> 	- if you know, it can be at either layer
>> 	- one layer MUST do it
> Based on discussions, my current text reads :
>
> 4.  General Considerations
>
>     An implementation of SCTP over DTLS MUST implement and use a path
>     maximum transmission unit (MTU) discovery method that functions
>     without ICMP to provide SCTP/DTLS with an MTU estimate.  An
>     implementation of "Packetization Layer Path MTU Discovery" [RFC4821]
>     either in SCTP or DTLS is RECOMMENDED.
>
> Doesn't this address your comment?
>
> Please note that
> http://tools.ietf.org/html/draft-ietf-rtcweb-data-channel-08
> states that the PMTUD is done by SCTP when SCTP over DTLS is used
> for data channels.
>
> Maybe I should resubmit my current version such that we have the
> same document to discuss? There have been some changes based on
> discussions... What do you think? This would not imply that
> I don't want to address the still open points, just to make the
> discussion easier.
>>
>>>>> So this document
>>>>> mandates what to do, it refers to other specs how to do it, but the
>>>>> other documents don't mandate it.
>>>>> Isn't that a valid way of doing it?
>>>>
>>>> The way you describe it in Sec 4 is (emphasis mine):
>>>>
>>>>    If path MTU discovery is performed by the *DTLS* layer, the method
>>>>    described in [RFC4821] MUST be used.
>>>>
>>>> But RFC4821 doesn't talk about DTLS. That's what's confusing me. It only talks about SCTP, and gives two methods - one using pads and one at the user level (like TCP).
>>>>
>>>>    For probe packets, the
>>>>    extension defined in [RFC6520] MUST be used.
>>>>
>>>> Now you're back to talking about DTLS.
>>>
>>> Have a look at
>>> https://tools.ietf.org/html/rfc4821#section-10.4
>>> Since DTLS is running on top of UDP, it qualifies as an
>>> application in the sense of that section, I think.
>>> In the second paragraph it talks about packets similar
>>> to SCTP HB plus PAD. This is exactly what is described in
>>> https://tools.ietf.org/html/rfc6520#section-4
>>
>> That's far too vague to qualify as a "method" that you can tie to a MUST, IMO. I would expect that your doc ought to give the needed details, "inspired" by 4821.
> By repeating the text of RFC 4821?
>>
>>>> I think what you might want to say is that:
>>>>
>>>>    If path MTU discovery is performed by the DTLS layer, the method
>>>>    described in [RFC4821] as for SCTP using a PAD in the extension
>>>>    described in [RFC6520] MUST be used.
>>>
>>> OK. I'm fine with that text.
>>
>> You might need a little more (not sure; I'll let the SCTP folks decide). I just don't know if that's enough detail to qualify as a standards requirement.
> I think that is enough...
>>
>>>> ---
>>>>
>>>>    If path MTU discovery is performed by the *SCTP* layer and IPv4 is used
>>>>    as the network layer protocol, the DTLS implementation MUST allow the
>>>>    DTLS user to enforce that the corresponding IPv4 packet is sent with
>>>>    the DF bit set.
>>>>
>>>> Now I don't know where to do discovery - in DTLS or SCTP. That's not a mandate; that's two alternatives.
>>>
>>> Since it is "performed by the SCTP layer", SCTP is sending the probe packets. It usea
>>> the ones defined in http://tools.ietf.org/html/rfc4820. However, the requirement for
>>> the DTLS layer is to expose the control of the DF bit.
>>> Any suggestion how to make that clearer?
>>
>> As noted above:
>>
>> a) say "do X or Y, but you MUST do one of these"
>>
>> b) give the details a little more of how to do things in either case.
> Hmm. I'm not sure what is missing compared to
> https://tools.ietf.org/html/rfc4821#section-10.2
> and
> https://tools.ietf.org/html/rfc4821#section-10.4
>>
>> ...
>>>>> What I don't understand:
>>>>> * A compressed message can be larger than the original uncompressed. So it won't fit.
>>>>
>>>> Then your compression is broken. A compressed message should never be larger than uncompressed - ever.
>>>
>>> Really? If you present some random data, the compression won't give you anything (there
>>> is no redundancy). Some compression algorithms add an overhead. So the compressed message would
>>> be larger. Or am I wrong?
>>
>> That's a really bad compression algorithm. A reasonable one should leave things alone (with no overhead) if it can't make things better.
> Hmm. Possible. But
> http://tools.ietf.org/html/rfc5246#section-6.2.2
> contains in the second paragraph:
> Compression must be lossless and may not increase the content length
> by more than 1024 bytes.
> So at least at the specification level, the above is explicitly covered.
>>>>> * If SCTP sends the probe packets, doesn't this mean that the probe packets
>>>>>    must bypass compression?
>>>>
>>>> At the SCTP layer; SCTP can't force lower layers to bypass compression.
>>>
>>> Correct.
>>> So assume SCTP send probe packets and the padding is constant data. So it is highly
>>> compressible. Wouldn't SCTP then conclude that you can send a large message without
>>> fragmentation? If SCTP takes that as the PMTU, it would fragment user messages for
>>> that boundary, compression might not be as efficient and you would need IP fragmentation.
>>
>> PMTUD is supposed to tell you when a segment of a given size at a given layer *can get there*. If it gets there, then the MTU is valid.
> I agree.
>>
>> E.g., PMTUD won't tell you that ATM has 53-byte cells with 48-byte payloads either.
> I agree. But I don't get the point...
>>
>> ...
>>>>> I don't think we can define a DTLS API in TSVWG... At least this is not in the scope
>>>>> of this document.
>>>>
>>>> Sure, but then you're stuck with SCTP only assuming it can
>>>> interact  with DTLS as if it were a DTLS user. DTLS users can't set DF.
>>>
>>> Why? It depends on the implementation of DTLS...
>>
>> Then you can't require it in a standards doc.
> Hmm. Then we can't deal with PMTUD at all... I would like to tell people what to
> do if the implementation allows it...
>>
>> Joe
>>
>

v2.23.0 | Report a Bug | By Email