IETF Logo Mail Archive

[tsvwg] Review of draft-ietf-tsvwg-udp-options-32

Martin Duke <martin.h.duke@gmail.com> Tue, 02 April 2024 21:22 UTC

Return-Path: <martin.h.duke@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75728C14E513; Tue, 2 Apr 2024 14:22:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OHn2q_NiZ9JY; Tue, 2 Apr 2024 14:22:48 -0700 (PDT)
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8492C15154F; Tue, 2 Apr 2024 14:22:46 -0700 (PDT)
Received: by mail-qv1-xf2a.google.com with SMTP id 6a1803df08f44-6963cf14771so40036816d6.3; Tue, 02 Apr 2024 14:22:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712092965; x=1712697765; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=VKkuXjTe/AtJLF9zZEzogOco7ud39atsYS1BcUFgc44=; b=DpgCK+G8KlkF032Kfi7dMe/IbpDHG7NEZpVR8QBQH3m4LAOol+Xjr2YCrdecwDVabp rCYUto5CJlvxJF2dj3igpxX2wZdecR1M8QunpfFPy4BqBZKUP39wUA5Ih6LdKyrmu+Ob 2ViMfcsspYrBjX/BfNa2VcrtuG8uvGNXf299x7fRlO5be9Nerm1nuAEPHvMdORAKjNJE lZh2lCyZeBCfDCEg/i8T5MKHLmEApXfOSxA5cbISG4eQPAFBmic2z4w0YkFh2Kq34sv/ YjLzQAthzzaJ9Ocpc23fA8v5ZBjPmtyB6y4+nGWN+uH/cchSfEvBrddVQ4uKxp8ZPtkG 9NeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712092965; x=1712697765; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=VKkuXjTe/AtJLF9zZEzogOco7ud39atsYS1BcUFgc44=; b=Mp3Q+eSRNGJKSMXxTBB8S3MF/M7GXwIpISLugvKVbBqhSzbo8kE3+NgK2foEB+E1ey paGNRwExrK9aDO51QKbtM4o8b6mRuviJRgMn1z6SifDuIwuemoSAH+6tT8REa6T10EuW eBSapQGCAXYiyZWFunDJ/vbwkJuGrAw59kCz0hstJqwT2cpkcCh/WM1VGd/4IIMNycqO Sp97YzvsvOygJQrS85EX5sOZhgmP6c+4Kt4KkhLvInn5ZS8HtUaXnx2C25eQDQwW9H7b VKS6bPSQqbrAjCESTwEK9QfKStqIjTMYYgoRVqtafozSXgE+WRfRRsdexmHyxWrgx43h OV/A==
X-Forwarded-Encrypted: i=1; AJvYcCW6y87fgWxfo3yvfwgBqfF4B7vFvbIOiuP8LxIwaJ+b2OCKN1QtgAv1pmxX7GzuJTP4hMbYjHRZPJ6pw9P9nchCdgDd7jsNIOWKqdD5ZCwFkPgMfqsYim49jQ==
X-Gm-Message-State: AOJu0YwfeRpMDz6JAUvYor8G//8GTvUWnko7VE4HAeza1IvTkljN2Hog zEjA0MjGgvw5LX4FNK6PLOk2Q6sZVcwy7lx4kdNNKPctu3nwCA/fbK+bN+Xm2G4Gr6zdV+YiSdp as6kieuayJt1ZdAsG7LCiaY0cxZGZeV5IEKQ=
X-Google-Smtp-Source: AGHT+IH2Au1mMcM/DQR964VLsFaAcul+rFahGWCLEiZpuKOF/vDiJdF9rZyHSbrEkfWwDXP6AoqNGIVLdDy/Xunm1DM=
X-Received: by 2002:a05:6102:1142:b0:478:3f57:5594 with SMTP id j2-20020a056102114200b004783f575594mr8512404vsg.35.1712092660534; Tue, 02 Apr 2024 14:17:40 -0700 (PDT)
MIME-Version: 1.0
From: Martin Duke <martin.h.duke@gmail.com>
Date: Tue, 02 Apr 2024 14:17:28 -0700
Message-ID: <CAM4esxSpwRF5E3Xc_hotgvCSdKVe4BY_zRUKAzHvW48JEtWqTA@mail.gmail.com>
To: tsvwg <tsvwg@ietf.org>, draft-ietf-tsvwg-udp-options.all@ietf.org
Content-Type: multipart/alternative; boundary="000000000000da9654061523a2e9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/dxL8px2Gri30qw2xTBes5UQohM4>
Subject: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2024 21:22:53 -0000

Here is a somewhat late individual review of the udp-options draft, since I
purposely didn't read it when I thought I'd have to review it as an AD
evaluatoin.

Major comments:
- I'm impressed with the overall cleverness and elegance of this solution,
particularly the use of FRAG to contain unsafe options in a zero-length
datagram.

- I appreciate the work to make this an end-to-end signal, and that UDP has
pre-existing limitations in this regard. I also think the use cases are
probably valuable.

But in 2024, if we want to make rules about what the network can and can't
do, we enforce it with encryption and authentication. I recognize that
these were originally in the draft, and were removed for very good reasons.
But I'm also worried that, if successful:
- This will attract "helpful" middlebox functions like MSS clamping.
- This is an attractive nuisance for various path signaling schemes. They
are going to come here because other avenues (DSCP, IPv6 Extension Headers)
have been blocked. And that eventually UDP options will be blocked for the
same reason that those were blocked. I suppose that enough fortitude in
TSVWG can forestall this happening. Personally, I would strongly encourage
these efforts to use encapsulation, or any other mechanism, to avoid
compromise of the E2E channel you are building here.
- To the extent that new options are "opt-in" by the endpoint, I'm fine
with it. But if we reach a point where identifying signals are required by
the network to participate, that's not so great. I'm not sure that this
architecture has much in the way of safeguards to prevent that outcome.

This isn't really actionable because I genuinely don't know what to do, and
luckily for me, I don't have to decide anymore. But I ask the proponents
and the working group to reflect on this a bit more. And we should
consciously decide, as a community, if path signaling over UDP is a thing
we support or not.

Some minor points:
(11.4) It might be worth clarifying at the start that fragmentation is
purely E2E, not something that routers can do.

(11.4) What if Frag. Start is inconsistent with the location of EOL?

(11.4) 2 fragments/3000 bytes as a minimum will work, of course, but it
seems like an odd number. This seems to be related to the canonical 1500B
MTU, but that would imply that 2 fragments would be 2926 for IPv4 and 2886
in IPv6, if my math is correct. (To be clear, I can live with 3000)

(11.4) "the OCS value of the original packet SHOULD be zero if each
fragment will have a non-zero OCS value"

I don't understand the purpose of this. First, it complicates packet
processing because the full datagram has to use a different OCS
verification path if it's reassembled. Second, if the fragment OCSes are
sufficient, why not simply say that the original packet MUST NOT have an
OCS option?

(11.5) "MDS does not indicate a known path MTU and thus MUST NOT be used to
limit transmissions."

I am not sure what it means "to limit transmissions". Can you elaborate?
What is the purpose of this if not to provide a hint of datagram size? Just
to seed PMTUD?

(11.6) "NOPs are not reported to the user, whether used per-datagram or
per-fragment (as defined in Section 11.4)."

I think this is a cut-and-paste error.

(11.7) Is the token generated by the UDP implementation or the upper layer?
Is there any guidance on how to choose the token (should it be random or
monotonically increasing? Is any method OK as long as they don't repeat?
Given that UDP is connectionless, what would it even mean that it doesn't
repeat?)

Martin

v2.23.0 | Report a Bug | By Email