[tsvwg] Martin's AD Review of draft-ietf-tsvwg-natsupp-22
Martin Duke <martin.h.duke@gmail.com> Thu, 01 April 2021 00:31 UTC
Return-Path: <martin.h.duke@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07EE03A3CE3; Wed, 31 Mar 2021 17:31:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YdbwVks6AnD6; Wed, 31 Mar 2021 17:31:49 -0700 (PDT)
Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F4BC3A3CE8; Wed, 31 Mar 2021 17:31:43 -0700 (PDT)
Received: by mail-il1-x133.google.com with SMTP id h7so620339ilj.8; Wed, 31 Mar 2021 17:31:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=VjVVjv/o9qYV20Z1jY9t74A+f+j2j699lKyVDspyRrE=; b=aI7glcoL/iobSP/tpM0yUxWjaqUJH7MEzMOsFSqYZLLUOiy5jqCgE38hgnjAQE1ows unW5B/YcAv9CPcG+wTlO76TvStTfru+yb7oFg1MW6uuPOcN9HRIEgJmkXhYd/CARGxh8 7GQk2HebSDkXJ8PA7Wf6Zi7PaoPnVVE3x3iFDmij+Jv+brNRi+J7CmGtdgP0hKoAj5Ya 6Ply3fHhQ/AvYT9bruS00bgUKFDA5lIUDJw1m97CsgOJq0RNz71e/IvB8D0Idurxm7Iv NtnC3JyE7ly1MvaovhH209lw3t+scWNqf/Z9KEAH7nyWk+AenCnEF+9yyTU4tQTh+eNY A4TQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=VjVVjv/o9qYV20Z1jY9t74A+f+j2j699lKyVDspyRrE=; b=egoM8k0RrZNiVjg7TevyPvPcr+0Vo2Ip4MKapTVhNUx8C1jKKCFeA5GOSq4n23kF2x KTM/F/CHQ8V0r2Gaviz3FEanBwNP/GSkOtkh7Cz2jciR103+WiAjhpkDjsYGYV4nJy09 U652XXohmbrhq4ufTO6dNlYV4YgZ02Svh/DwcEqKU8DqdXg5gwAYqJiZltR6t6v7ebmq NSaRXNAXS2FcoJibvaU9If3evCsel1/MCcuBkKYNb/M79XRqtcEQZ28w3tNJXXfuDvIj 9sLh6Np2ItgCOXjVMxsHHjaM1rRb7OG+8VdCWSizVqxJfxFrP8Y4V8cS6v48AA27Zv0U 3ojA==
X-Gm-Message-State: AOAM533hJP6KMwKWe2Qx42+jiStamrmFq7gTWoSrs6dse3Y/TAYfcGmH TUM6GeKRjZxpEalx7Vw7P3Nxj2M7lTZ3PNmLQMJcCtzq2UJ83A==
X-Google-Smtp-Source: ABdhPJxBx9dG77pr28b1KgIey2hDqNEnhFrW9/Tj2gZuc2L31V5KtFPZIZlrMVPyPLC+Ja7qm13v+uQd+t3jQquxGA8=
X-Received: by 2002:a05:6e02:13e8:: with SMTP id w8mr4530799ilj.237.1617237100965; Wed, 31 Mar 2021 17:31:40 -0700 (PDT)
MIME-Version: 1.0
From: Martin Duke <martin.h.duke@gmail.com>
Date: Wed, 31 Mar 2021 17:31:42 -0700
Message-ID: <CAM4esxRmAnjUKPL2tpf+-khKXqg8zb9cbL08ykwHVESHqBfWXQ@mail.gmail.com>
To: tsvwg <tsvwg@ietf.org>, draft-ietf-tsvwg-natsupp.all@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ebb3e505bede5afd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/kiwaDQGvSUj5Oh6mkc4cVlJwuIw>
Subject: [tsvwg] Martin's AD Review of draft-ietf-tsvwg-natsupp-22
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 00:31:52 -0000
This draft is so nice ADs reviewed it twice :-) I broadly agree with Magnus's comments, and have some further ones that may overlap a bit: 1) The draft does not really explain how the endpoint discovers it is behind a NAT and therefore should conduct these NAT-friendly actions. This might be a priori knowledge (via the new socket API), or maybe it receives a private IPv4 address, or is it reliant on receiving ABORTs with M flags? All three? There ought to be something about discovery here. If we're reliant on M-flags, endpoints should in general send the disable-restart parameter in case they're behind a NAT, yes? (Cue Magnus's point about this draft updating 4960). It it's all based on socket API calls, I have real questions about how this would work in practice -- are all applications that use an SCTP socket going to ask the user if they're behind a NAT? 2) A brief summary of restart would be useful. I went to 4960 and found the relevant text scattered through the document. It was hard to quickly get a full understanding of this mechanism, which is especially relevant here. It is not clear to me what an endpoint does differently when restart is disabled, as Magnus said: is it that it never tears down an existing connection based on the new exchange? Sec 6.3.2, on a second reading, at least allowed me to understand (I think) exactly what the problem is. It would be nice to have a clear and concise explanation of the restart ambiguity earlier in the document. 3) In Sec 4.3, it would be great to have numbered figures. But I will struggle through without them: (a) " For an incoming packet containing an INIT chunk a table lookup is made only based on the addresses and port numbers." Why are we looking up addresses? The state table doesn't have them! The diagram doesn't say anything about looking up addresses so I think this is just a typo? (b) " The processing of outgoing SCTP packets containing no INIT chunks" It is not clear to me what happens if the internal address is different on these packets. The internal address is in the state table but is not one of the lookup keys, IIUC. So if all else matches, does this packet go through, or as part of the lookup does it check the internal IP and drop if there is no match? (c) Is it sufficient for the binding table to have one entry for restart support, or should this be separated out per-direction? 4) In Sec 6.2.2, it seems it would be wise for the endpoint to change its port, if ephemeral -- particularly if it's enabled restart. 5) Sec 6.3.1 is awkwardly worded because the truth table for what fields match and what entries there already are more complicated than simply checking all fields . If the first instance of a port-pair has restart disabled, then the NAT need not store the Vtags; any other instance must be rejected. Similarly, if there is already a restart-disabled instance on that port pair, and an enabled instance arrives, the NAT MUST reject it. 6) Does this draft implicitly assume that there is a single External Address? If there is more than one, some of the design elements no longer work: each binding entry needs to record the external address. Also, the requirement in 6.5 that NATs MUST handle fragmentation becomes a DoS vector: the NAT has to reassemble packets, to have the information necessary to rewrite all those fragment addresses (as the necessary vtag is in only one of the fragments). NITS: - Please update the Responsible AD in the shepherd writeup - Sec 1. s/single IPv4 address/single external IPv4 address - Sec 6. s/then the these/then these - Sec 8.4. Why does the remote address change in the example? Is this a typo? Thanks Martin
- [tsvwg] Martin's AD Review of draft-ietf-tsvwg-na… Martin Duke
- Re: [tsvwg] Martin's AD Review of draft-ietf-tsvw… Michael Tuexen