Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-13.txt
"C. M. Heard" <heard@pobox.com> Sun, 27 June 2021 05:14 UTC
Return-Path: <heard@pobox.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F5393A1AD1 for <tsvwg@ietfa.amsl.com>; Sat, 26 Jun 2021 22:14:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wkl3L9h4ZL52 for <tsvwg@ietfa.amsl.com>; Sat, 26 Jun 2021 22:14:04 -0700 (PDT)
Received: from pb-smtp1.pobox.com (pb-smtp1.pobox.com [64.147.108.70]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11A343A1ACF for <tsvwg@ietf.org>; Sat, 26 Jun 2021 22:14:03 -0700 (PDT)
Received: from pb-smtp1.pobox.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 2DA57CDAEF for <tsvwg@ietf.org>; Sun, 27 Jun 2021 01:13:59 -0400 (EDT) (envelope-from heard@pobox.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h= mime-version:references:in-reply-to:from:date:message-id:subject :to:cc:content-type; s=sasl; bh=wa86vd+pL0sLsxs6QQXLFdtxJPNGxGJe y8PNx5luB7E=; b=wBBPV6dFmttlBCK2jsmIBjdflYtBkyVNoGu2E9Ya7MWfSZwh hGt0hszokkAaNDc1pXLjCtw/LgRREaNdQG33kz9X+SDMSGu5+1lXQLYgpnc2yxbw aOr6WJqhQhvZiuWYfRRiWl85kSziW9luZla/YgWDx8wJPXiYGXaSsUUq+g0=
Received: from pb-smtp1.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 11DE5CDAEE for <tsvwg@ietf.org>; Sun, 27 Jun 2021 01:13:59 -0400 (EDT) (envelope-from heard@pobox.com)
Received: from mail-io1-f52.google.com (unknown [209.85.166.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp1.pobox.com (Postfix) with ESMTPSA id 7039ACDAED for <tsvwg@ietf.org>; Sun, 27 Jun 2021 01:13:58 -0400 (EDT) (envelope-from heard@pobox.com)
Received: by mail-io1-f52.google.com with SMTP id b7so17964483ioq.12 for <tsvwg@ietf.org>; Sat, 26 Jun 2021 22:13:58 -0700 (PDT)
X-Gm-Message-State: AOAM533QllEa5kSyoNZxCPzQW86BAuG0czxE5mJSLMpabR7qpynMf2qd +vmdrv9NJMDcjbIQIiwTL8hxxFPrjuVzWmBc47k=
X-Google-Smtp-Source: ABdhPJzyXHBwRhUYftkywFQm7hv75+dx6kDI7JLIs9gUSqLgVXoz40o7yOlUCRn9EshgsvoFGWjFcLJPkxEewhWoBoU=
X-Received: by 2002:a5d:9750:: with SMTP id c16mr15268947ioo.142.1624770837844; Sat, 26 Jun 2021 22:13:57 -0700 (PDT)
MIME-Version: 1.0
References: <162408795080.21706.5548660195641640175@ietfa.amsl.com> <C2C396E7-B728-496E-841B-D9F64004D3E3@strayalpha.com>
In-Reply-To: <C2C396E7-B728-496E-841B-D9F64004D3E3@strayalpha.com>
From: "C. M. Heard" <heard@pobox.com>
Date: Sat, 26 Jun 2021 22:13:45 -0700
X-Gmail-Original-Message-ID: <CACL_3VHC55cdu96=5OuNKmaaXrvDY5wkYid9a+j6=VtQrvJhZg@mail.gmail.com>
Message-ID: <CACL_3VHC55cdu96=5OuNKmaaXrvDY5wkYid9a+j6=VtQrvJhZg@mail.gmail.com>
To: Joseph Touch <touch@strayalpha.com>
Cc: TSVWG <tsvwg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a199f705c5b870aa"
X-Pobox-Relay-ID: 7A311E98-D706-11EB-9F85-8B3BC6D8090B-06080547!pb-smtp1.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/lNK_GY0Dg1wMAR_C2fMYEfwBaRs>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-13.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jun 2021 05:14:10 -0000
On Sat, Jun 19, 2021 at 12:39 AM Joseph Touch wrote: > Here’s a summary - I tried to catch both everything Mike provided feedback > on as well as what I have proposed as a way forward. > This is much appreciated, thank you. My item-by-item responses follow. AFAICT, there are also two things not yet addressed, in addition to ongoing > debate on the changes below: > > - How many frags MUST be supported 2? 4? > > My position is still that the best way forward for general adoption of the spec is not to require anything beyond the ability to accept a datagram consisting of a single UDP fragment (one that is both initial and terminal). I provide a brief rationale in https://mailarchive.ietf.org/arch/msg/tsvwg/dUOTDlF4x6sVijtNGhhO5JJx7RA/. > - Should we change UNSAFE from a single code point to a range (but not > a flag), and if so, what range of codepoints is sufficient (32? 16?) > > I can live with the current approach, but I would much prefer a range of 32 codepoints. If the current approach is retained, I would like to suggest making the description of ENCR a separate subsection so that it appears in the table of contents (it would also be good to get it in the master list of options in Section 5). > - Frag > - Drops integrated checksum > - Includes a start pointer so all per-frag options can come before > the frag data > - Terminal includes an endpointer so options can come after > - This new format means that per-frag options always come before > all FRAG data, which enables zero-copy > > The specification as it stands in -13 will work, but I am not convinced that it is the best solution we could have. 1. One of the stated motivations is to support zero-copy reassembly, by allowing a NIC to DMA the fragment data to host memory. This implies that the NIC in question would need to be able to do header-data split. However, in -13 the combination of OCS + FRAG that precedes the fragment data is of variable length, being different for terminal and non-terminal fragments. Not all NICs implement header-data split for variable length headers (see, e.g., pp. 8-10 of https://netdevconf.info/0x14/pub/slides/62/Implementing%20TCP%20RX%20zero%20copy.pdf). Moreover, I am not convinced that this is an important use case; the conventional format, not using fragments at all, serves the data streaming applications that Joe has in mind just as well. 2. I question the need to allow for every option to be specified as being allowed both per-fragment and per-datagram; most apply to one ot the other ( https://mailarchive.ietf.org/arch/msg/tsvwg/LF9rUkkqkz9gNqya36SW39XgliE/), and thus I question the need to have options both before and after the payload data in a terminal fragment. This is actually a relatively new feature, having been introduced (implicitly) in -09 without discussion on the list; in previous versions (-08 and earlier), options other than OCS were ignored except in the terminal fragment and were applied to the reassembled packet. At a minimum, this deserves a thorough discussion by the WG. 3. By sandwiching the payload data in between other options, the FRAG format in -13 complicates generic checksum offload for encapsulated protocols. Granted that this is relevant only for the case of a self-contained fragment that is both initial and terminal fragment; but that case is important for enabling unsafe options. Given the above, I continue to advocate for the format proposed in https://mailarchive.ietf.org/arch/msg/tsvwg/Wv--BLVMPAX6g5umok9BQsXAEGg/, with the change of including a fixed length of 8 and using two codepoints to distinguish terminal and non-terminal fragments. Finally, there is a lingering editorial matter: the following paragraph crept in during the change from -08 to -09, and it should be removed because (a) the first sentence is wrong and (b) the rest is redundant with the 2nd paragraph of the section. The Fragmentation option (FRAG) combines properties of IP fragmentation and the UDP Lite transport protocol [RFC3828 <https://datatracker.ietf.org/doc/html/rfc3828>]. FRAG provides transport-layer fragmentation and reassembly in which each fragment includes a copy of the same UDP transport ports, enabling the fragments to traverse Network Address (and port) Translation (NAT) devices, in contrast to the behavior of IP fragments. FRAG also allows the UDP checksum to cover only a prefix of the UDP data payload, to avoid repeated checksums of data prior to reassembly. > - OCS > - Uses the standard 2-byte prefix (all but NOP and EOL do) > - Added discussion of RFC 6935 regarding exception to requiring the > UDP checksum and thus OCS > - Allow OCS’s checksum to be precomputed, but still check in the > order options occur > - Occurs over the entire surplus area (doesn’t stop at EOL) > > OK on most points, but I strongly object to the following when OCS is mandatory (as is the case when UDP CS <> 0): Note that a receiver can compute the OCS checksum before processing any UDP options, but that computation would assume OCS is used and would not be verified until the OCS option is interpreted. If I perform the computation before processing any options, and OCS is mandatory, it would be foolish of me to waste any more effort seeking the OCS option in the TLV chain. I already know that the option area is invalid, and I should not try to parse potentially invalid TLVs. It is both unsafe and a waste of cycles. Additionally, the following paragraph, while an improvement over the -12 version, is still not good enough when OCS is optional: >> When present, the OCS SHOULD occur as early as possible, preceded by only NOP options for alignment. When UDP CS == 0, either that SHOULD needs to be changed to a MUST, or the receiver needs to be excused from bothering to check OCS. I must once again question the wisdom of ever parsing a list of TLVs that are not covered by a checksum (and I think IPv6 made quite a big mistake to do so with its options). I'd like to bring up another point that came to my attention during an off-list discussion with Tom Herbert, namely that optional checksums save no work for an implementation that has generic checksum offload; in fact, they create more work by creating more special cases. He makes the point -- convincingly, as far as I am concerned -- that optional checksums are largely a relic of the past. My preference would be to see support for UDP CS == 0 be an option that consenting endpoints may use but that are not required to be implemented. Finally, the next-to-last paragraph still has a typo: As a reminder, use of the UDP checksum is optional when the UDP checksum is zero. When not used, the OCS is assumed to be "correct" for the purpose of accepting UDP packets at a receiver (see Section 7). It should say: As a reminder, use of the OCS is optional when the UDP checksum is zero. When not used, the OCS is assumed to be "correct" for the purpose of accepting UDP packets at a receiver (see Section 7). > - NOP > - Increased max in a row from three to seven > > OK > - AE > - Split into AUTH (safe) and ENCR (UNSAFE) > - AUTH can depend on option data > - ENCR can depend on but not modify option data > - Only one is ever used at a time, though (that’s one reason it was > presented as AE before) > > OK modulo editorial comment above about ENCR > - EOL > - MUST set as zero on transmit, MAY check on receipt, but MUST > ignore otherwise. > - post-EOL always were covered by OCS and still are > > OK > - UDP Length vs extended length > - Always use the smallest format, as Mike suggested > > OK with one question. The spec now says: >> Options using the extended option format MUST indicate extended lengths of 255 or higher; smaller extended length values MUST be treated as an error. What do I do if someone sends me an option that has the extended format but with a length between 4 and 254? Do I skip over just the offending option, or do I drop the entire option area? > - Option length errors > - Corrected to fail only on nonsensical values, otherwise skip as > unknown > > Section 4 still says: >> Option Lengths (or Extended Lengths, where applicable) smaller than the minimum for the corresponding Kind and default format MUST be treated as an error. Such errors call into question the remainder of the option area and thus MUST result in all UDP options being silently discarded. In order to be consistent, the words "Kind and default" should be removed from the first sentence. Also: would it be appropriate to make an exception for FRAG? Normally the whole option area is discarded if a FRAG option is seen when there is conventional UDP data; does the rule for wrong length override that? Note that FRAG is an unsafe option; if it weren't in the base specification, we would insist that it be dropped if unrecognized. Also for OCS; the assumption that it is based on the Internet checksum is pretty much baked in; if I see something with a different length, I don't know how to validate the option checksum, and so I would be inclined to drop the options. > - ACS > - Silently ignored if failed except if configured otherwise > - Unknown lengths treated same as bad checksum > > OK > > - EXP > - Showed extended length format > > OK > > - UNSAFE > - Noted extended length format also applies > - Cannot modify option data > > OK modulo editorial comment about ENCR above, but I would still prefer to have a range of values. > > - UDP-lite > - Removed implied equivalence to FRAG, but retained remainder as > useful context > > OK Thanks and regards, Mike Heard
- [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-… internet-drafts
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Paul Vixie
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Paul Vixie
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Jonathan Morton
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joseph Touch