IETF Logo Mail Archive

Re: [tsvwg] Rregarding soft-state and UDP options

Joe Touch <touch@strayalpha.com> Sun, 05 January 2020 19:21 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C37F41200A3 for <tsvwg@ietfa.amsl.com>; Sun, 5 Jan 2020 11:21:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.219
X-Spam-Level:
X-Spam-Status: No, score=-1.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YztNJ-2avLNV for <tsvwg@ietfa.amsl.com>; Sun, 5 Jan 2020 11:21:56 -0800 (PST)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DE12120086 for <tsvwg@ietf.org>; Sun, 5 Jan 2020 11:21:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Transfer-Encoding:Content-Type:Sender: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gEIasFImmuMOBVVCkYjDCp7jJ2oyu6O2L5lyXX8hRuI=; b=vZLKdojfVJJS/KLJSSijTlvOCx xUKfXD+kFcDfA1BhMZf40E4gYB8KjNCYZrLkcD+AwNwTb1AhZNQSdGmng7wIOGNvvW59xzoivpDEU N45o2U6Zl0hzvkIL1ORWplPJpFgJHFKt2MR4LpXwovd2JmSlsjqKShc+CfWnzrT6xHuzAN6Ot82lD dVNcPrIcS5TOv4anpPogt0gA6kvlfsZE2Qsx/vA/ChPs+s3xQaHDwapVX6pAPDkpY5ok9ibKbaBwI QglEI1aJ5WbdtTZxnAgO1kToqqINgBiI8ZKVXpa5wWeudLaJjIVGB7/baVyohqYHWIL5thOXx8NGc apSfnE6g==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:50039 helo=[192.168.1.5]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <touch@strayalpha.com>) id 1ioBTD-002Byb-7X; Sun, 05 Jan 2020 14:21:55 -0500
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <CALx6S37oZK8urwN-TCpZxs9F_+QXzobT8-rObPH112NkqSpUVQ@mail.gmail.com>
Date: Sun, 05 Jan 2020 11:21:50 -0800
Cc: "C. M. Heard" <heard@pobox.com>, TSVWG <tsvwg@ietf.org>
Message-Id: <418EE20D-387B-48C1-BC08-614D28D7849E@strayalpha.com>
References: <CALx6S37oZK8urwN-TCpZxs9F_+QXzobT8-rObPH112NkqSpUVQ@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
X-Mailer: iPhone Mail (17C54)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/cshJK7in5k6n4vpubKTS8CBln8A>
Subject: Re: [tsvwg] Rregarding soft-state and UDP options
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jan 2020 19:21:58 -0000

Malformed packets are dropped as with TCP and the base UDP spec. 

And original UDP design goal here refers to the original requirements for this update. 

Finally, consistency with legacy receivers as a default is critical until explicitly negotiated at the app later otherwise. Because until then a sender doesn’t know what receiver it’s dealing with. 

Joe

> On Jan 5, 2020, at 11:15 AM, Tom Herbert <tom@herbertland.com> wrote:
> 
> On Sun, Jan 5, 2020 at 8:25 AM Joe Touch <touch@strayalpha.com> wrote:
>> 
>> Just to dive a little into the TCP example, additionally:
>> 
>> On Jan 4, 2020, at 7:10 PM, C. M. Heard <heard@pobox.com> wrote:
>> 
>> Since you brought it up, let's compare and contrast the operation of TCP-AO and TCP-MD5 with that of UDP-AE, in the case that an endpoint erroneously (due, e.g., to a misconfiguration) attempts to initiates an exchange containing the option with a peer that does not understand it.
>> 
>> For TCP-AO or TCP-MD5, the listener will receive a SYN segment with the option. Since it does not understand the option, it will return a SYN-ACK that does not contain the option.
>> 
>> 
>> The presence of unknown TCP options **NEVER** causes a SYN to be ignored, discarded, or to generate a RST. It is simply ignored.
>> 
>> It is the result of *state exchange* that enables the endpoints to know when to use - or not use - those options. It is the responsibility of the sender to know what options to use; the receiver is ALWAYS ALLOWED TO INGORE OPTIONS that it hasn’t confirmed by state exchange - even after a connection is established.
>> 
>> E.g., even if the side opening the connection, sending the SYN+AO were to ignore the reply (SYN-ACK without AO, never RST), let’s look at what happens to the connection afterwards. Let’s say the side opening the connection decides to include AO anyway. The receiver WOULD CONTINUE TO IGNORE OPTIONS IT DOESN’T UNDERSTAND.
>> 
>> See RFC1122, Sec 4.2.2.5.
>> 
>> Your subsequent claim is incorrect, as per the citations below:
>>> Seeing a SYN-ACK without the option, the initiator will return a RST segment.
>> 
>> RFC2385 for TCP-MD5, Sec 2.0:
>> 
>>   Unlike other TCP extensions (e.g., the Window Scale option
>>   [RFC1323]), the absence of the option in the SYN,ACK segment must not
>>   cause the sender to disable its sending of signatures.  This
>>   negotiation is typically done to prevent some TCP implementations
>>   from misbehaving upon receiving options in non-SYN segments.  This is
>>   not a problem for this option, since the SYN,ACK sent during
>>   connection negotiation will not be signed and will thus be ignored.
>>   The connection will never be made, and non-SYN segments with options
>>   will never be sent.  More importantly, the sending of signatures must
>>   be under the complete control of the application, not at the mercy of
>>   the remote host not understanding the option.
>> 
>> 
>> RFC5925 for TCP-AO, Sec 11:
>> 
>>   TCP-AO does not include a fast decline capability, e.g., where a SYN-
>>   ACK is received without an expected TCP-AO and the connection is
>>   quickly reset or aborted.
>> 
>> 
>> —
>> 
>> For UDP, the original design goal was to follow this behavior, i.e., that the receiver always ignores options it doesn’t understand individually.
> 
> Since when was options considered in the design of UDP? I'm looking at
> RFC768 and see nothing about this.
> 
>> That’s largely because options overall can be ignored - there’s no way to “unring the bell”. Even if we bury options or user data inside the FRAG+LITE, the *ONLY* correct behavior is to have the receiver see a zero-length UDP packet arrival.
>> 
>> There is NO way to prevent that for legacy receivers - and thus there should be no way to do otherwise for option-aware receivers. The best we should ever try to do is to make option-aware receivers see what legacy receivers see in that case (unknown options) - a blank packet.
> 
> Joe,
> 
> As discussed before, the fact that a legacy receiver can receive a
> blank packet is potentially problematic. We cannot eliminate the
> possibility that zero length UDP packets don't have some detrimental
> side effect by some receiving application. We're accepting that the
> risk of this is small, but this behavior is far from optimal and if
> there were a way to ensure that legacy receivers dropped packets with
> UDP options we'd do that. Forcing option-aware receivers to have this
> same sub-optimal behavior just to be consistent with legacy receivers
> makes no sense.
>> 
>> So regardless of any rules, we MUST NOT try to declare any rule where the receiver “sees NO packet”.
>> 
> Your draft doesn't meet this requirement. e.g. "Option lengths MUST
> NOT exceed the IP length of the packet. If this occurs, the packet
> MUST be treated as malformed and dropped".
> 
> Tom
> 
>> Joe
>>

v2.23.0 | Report a Bug | By Email