IETF Logo Mail Archive

Re: [tsvwg] I-D Action: draft-ietf-tsvwg-sctp-dtls-encaps-03.txt

Joe Touch <touch@isi.edu> Fri, 18 April 2014 16:36 UTC

Return-Path: <touch@isi.edu>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6362C1A0423 for <tsvwg@ietfa.amsl.com>; Fri, 18 Apr 2014 09:36:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.172
X-Spam-Level:
X-Spam-Status: No, score=-2.172 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.272] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m5E9ANpqixuE for <tsvwg@ietfa.amsl.com>; Fri, 18 Apr 2014 09:36:30 -0700 (PDT)
Received: from darkstar.isi.edu (darkstar.isi.edu [128.9.128.127]) by ietfa.amsl.com (Postfix) with ESMTP id 7F4D11A041E for <tsvwg@ietf.org>; Fri, 18 Apr 2014 09:36:30 -0700 (PDT)
Received: from [192.168.1.93] (pool-71-105-87-112.lsanca.dsl-w.verizon.net [71.105.87.112]) (authenticated bits=0) by darkstar.isi.edu (8.13.8/8.13.8) with ESMTP id s3IGZpti020754 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 18 Apr 2014 09:35:55 -0700 (PDT)
Message-ID: <53515469.3010703@isi.edu>
Date: Fri, 18 Apr 2014 09:35:53 -0700
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
References: <53190AEC.2010209@isi.edu> <625217B1-E56E-48B4-9E1F-B5A8E13C5034@lurchi.franken.de> <CC705408-7F7B-459B-B100-B2B056AD936C@lurchi.franken.de> <53444401.9030905@isi.edu> <146DE290-E6FA-4719-BE2C-EDCDF9FA6904@lurchi.franken.de> <53445AEE.9070303@isi.edu> <1FC35FE3-5891-4B79-97BF-1603CCF67692@lurchi.franken.de> <53457BA3.5030707@isi.edu> <F05EC513-2E30-46ED-9807-F1DB3B1384B8@lurchi.franken.de> <5345BD4F.5070007@isi.edu> <35E3EA2E-46C7-40C0-8AEA-4B5C4B3FF901@lurchi.franken.de> <535061C5.3030206@isi.edu> <6C98A0A7-4727-4B53-A78B-186AEAAF15D1@lurchi.franken.de>
In-Reply-To: <6C98A0A7-4727-4B53-A78B-186AEAAF15D1@lurchi.franken.de>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: http://mailarchive.ietf.org/arch/msg/tsvwg/zh4Ozqa6ePqSG0L2JyL4tjv6QuY
Cc: tsvwg WG <tsvwg@ietf.org>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-sctp-dtls-encaps-03.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Apr 2014 16:36:32 -0000

Cutting down a bit...

On 4/18/2014 4:39 AM, Michael Tuexen wrote:
...
>>> That is why we write in this document that when you run SCTP over DTLS
>>> as defined in this document, you MUST use the PLMTUD.
>>
>> At the DTLS layer.
 >
> Either at the DTLS layer or at the SCTP layer.

How would an implementer know what to do per se? If they built this 
using userland SCTP, which they could AFAICT, they might not know.

IMO, that means you should say something more like:

	- if you know, it can be at either layer
	- one layer MUST do it

>>> So this document
>>> mandates what to do, it refers to other specs how to do it, but the
>>> other documents don't mandate it.
>>> Isn't that a valid way of doing it?
>>
>> The way you describe it in Sec 4 is (emphasis mine):
>>
>>    If path MTU discovery is performed by the *DTLS* layer, the method
>>    described in [RFC4821] MUST be used.
>>
>> But RFC4821 doesn't talk about DTLS. That's what's confusing me. It only talks about SCTP, and gives two methods - one using pads and one at the user level (like TCP).
>>
>>    For probe packets, the
>>    extension defined in [RFC6520] MUST be used.
>>
>> Now you're back to talking about DTLS.
 >
> Have a look at
> https://tools.ietf.org/html/rfc4821#section-10.4
> Since DTLS is running on top of UDP, it qualifies as an
> application in the sense of that section, I think.
> In the second paragraph it talks about packets similar
> to SCTP HB plus PAD. This is exactly what is described in
> https://tools.ietf.org/html/rfc6520#section-4

That's far too vague to qualify as a "method" that you can tie to a 
MUST, IMO. I would expect that your doc ought to give the needed 
details, "inspired" by 4821.

>> I think what you might want to say is that:
>>
>>    If path MTU discovery is performed by the DTLS layer, the method
>>    described in [RFC4821] as for SCTP using a PAD in the extension
>>    described in [RFC6520] MUST be used.
 >
> OK. I'm fine with that text.

You might need a little more (not sure; I'll let the SCTP folks decide). 
I just don't know if that's enough detail to qualify as a standards 
requirement.

>> ---
>>
>>    If path MTU discovery is performed by the *SCTP* layer and IPv4 is used
>>    as the network layer protocol, the DTLS implementation MUST allow the
>>    DTLS user to enforce that the corresponding IPv4 packet is sent with
>>    the DF bit set.
>>
>> Now I don't know where to do discovery - in DTLS or SCTP. That's not a mandate; that's two alternatives.
 >
> Since it is "performed by the SCTP layer", SCTP is sending the probe packets. It usea
> the ones defined in http://tools.ietf.org/html/rfc4820. However, the requirement for
> the DTLS layer is to expose the control of the DF bit.
> Any suggestion how to make that clearer?

As noted above:

a) say "do X or Y, but you MUST do one of these"

b) give the details a little more of how to do things in either case.

...
>>> What I don't understand:
>>> * A compressed message can be larger than the original uncompressed. So it won't fit.
>>
>> Then your compression is broken. A compressed message should never be larger than uncompressed - ever.
 >
> Really? If you present some random data, the compression won't give you anything (there
> is no redundancy). Some compression algorithms add an overhead. So the compressed message would
> be larger. Or am I wrong?

That's a really bad compression algorithm. A reasonable one should leave 
things alone (with no overhead) if it can't make things better.

>>> * If SCTP sends the probe packets, doesn't this mean that the probe packets
>>>    must bypass compression?
>>
>> At the SCTP layer; SCTP can't force lower layers to bypass compression.
 >
> Correct.
> So assume SCTP send probe packets and the padding is constant data. So it is highly
> compressible. Wouldn't SCTP then conclude that you can send a large message without
> fragmentation? If SCTP takes that as the PMTU, it would fragment user messages for
> that boundary, compression might not be as efficient and you would need IP fragmentation.

PMTUD is supposed to tell you when a segment of a given size at a given 
layer *can get there*. If it gets there, then the MTU is valid.

E.g., PMTUD won't tell you that ATM has 53-byte cells with 48-byte 
payloads either.

...
>>> I don't think we can define a DTLS API in TSVWG... At least this is not in the scope
>>> of this document.
>>
>> Sure, but then you're stuck with SCTP only assuming it can
>> interact  with DTLS as if it were a DTLS user. DTLS users can't set DF.
 >
> Why? It depends on the implementation of DTLS...

Then you can't require it in a standards doc.

Joe

v2.23.0 | Report a Bug | By Email