IETF Logo Mail Archive

Re: [v6ops] Fwd: I-D Action: draft-vyncke-v6ops-happy-eyeballs-cookie-00.txt

Mark ZZZ Smith <markzzzsmith@yahoo.com.au> Fri, 31 October 2014 04:29 UTC

Return-Path: <markzzzsmith@yahoo.com.au>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 284301A8A9F for <v6ops@ietfa.amsl.com>; Thu, 30 Oct 2014 21:29:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.203
X-Spam-Level: *
X-Spam-Status: No, score=1.203 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9nEHxBoVKbcb for <v6ops@ietfa.amsl.com>; Thu, 30 Oct 2014 21:29:33 -0700 (PDT)
Received: from nm33-vm3.bullet.mail.gq1.yahoo.com (nm33-vm3.bullet.mail.gq1.yahoo.com [98.136.216.242]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5DD91A8A83 for <v6ops@ietf.org>; Thu, 30 Oct 2014 21:29:33 -0700 (PDT)
Received: from [127.0.0.1] by nm33.bullet.mail.gq1.yahoo.com with NNFMP; 31 Oct 2014 04:29:33 -0000
Received: from [216.39.60.180] by nm33.bullet.mail.gq1.yahoo.com with NNFMP; 31 Oct 2014 04:26:33 -0000
Received: from [66.196.81.174] by tm16.bullet.mail.gq1.yahoo.com with NNFMP; 31 Oct 2014 04:26:33 -0000
Received: from [98.139.212.219] by tm20.bullet.mail.bf1.yahoo.com with NNFMP; 31 Oct 2014 04:26:32 -0000
Received: from [127.0.0.1] by omp1028.mail.bf1.yahoo.com with NNFMP; 31 Oct 2014 04:26:32 -0000
X-Yahoo-Newman-Property: ymail-4
X-Yahoo-Newman-Id: 900746.79405.bm@omp1028.mail.bf1.yahoo.com
Received: (qmail 77879 invoked by uid 60001); 31 Oct 2014 04:26:32 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com.au; s=s1024; t=1414729592; bh=zoKKJxIgP3M5SaIRgJ+XbAEFD+Ub9nd1VgfgWFi/V/E=; h=References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=EKdasRj329IAK0+34ENspI9Gp7Vmf+KMCZUBQkDrSiSlvz4YvtNAkFAZIQ2jZRg+GHAxMzdayr0QdKUY8JB4Y/z64hLO5cZaHVKwvq0ugKWmDdrXWkC0ZQ+ljtNQLv7N0+qPVzanyR9LSafaOpwrjjtTVnrsZCJvFbhjWj97rAo=
X-YMail-OSG: FNesC7YVM1nq5DwBILhDBSoJmkIFUKODpdMCfK3mEaqSIwF a3WraUtU9PzFNrLmXi8_iUPFhNVKCWITBFpivTYRFNinuvvQUrUUunXVXDP_ _NuAUoGBB5AWq5SZEdakgzG0HtwaoGV2jvMwMmNjT8f6Ofh8h6OYivGeYHLO Jj3TabJATxRwhWn6mfGe7nMmbaslYNAuZfdbcXPggb21AbgTIPMUTbFqZDMV udQmpd3it0oZKmu9sbSgQklWKXsegUp5ubpP.KYUTydOyBwo_odR2npEPXnA 3f4AMzbxTrGR2s0AZ0l3uiy7Q.I8leM3r7MVhlw6KVVaEO5X_LrhRevEyPJk m.LdoYsDCBGUu.n09WYLFazMa08zpRq7Ug7Z0deFJMIdOscwbydDUdB1RGnx BR0WuhG9LzyzxgxYyPPjtE6UHukNXppyatVh3_Ajy9_vDT__Qflyr0xdwFeO 79l5q0Cjcleim2q.1_.7pMMv3g6HQotNNbjXiwehsI_SDEXm0.lwvadWuOxf MwQRNGye4rexHeG_O6QKfVa_TdgzYcPqhfKs527LXsiamOXK4IcVO8xPvokW wFY8-
Received: from [150.101.221.237] by web162204.mail.bf1.yahoo.com via HTTP; Thu, 30 Oct 2014 21:26:32 PDT
X-Rocket-MIMEInfo: 002.001, CgoKCgo.X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KPiBGcm9tOiBGcmVkIEJha2VyIChmcmVkKSA8ZnJlZEBjaXNjby5jb20.Cj5UbzogRXJpayBOeWdyZW4gPGVyaWsraWV0ZkBueWdyZW4ub3JnPiAKPkNjOiBJUHY2IE9wZXJhdGlvbnMgPHY2b3BzQGlldGYub3JnPiAKPlNlbnQ6IFdlZG5lc2RheSwgMjkgT2N0b2JlciAyMDE0LCA4OjE5Cj5TdWJqZWN0OiBSZTogW3Y2b3BzXSBGd2Q6IEktRCBBY3Rpb246IGRyYWZ0LXZ5bmNrZS12Nm9wcy1oYXBweS1leWViYWxscy1jb29raWUtMDAudHh0Cj4BMAEBAQE-
X-Mailer: YahooMailWebService/0.8.203.733
References: <20141027195522.23487.548.idtracker@ietfa.amsl.com> <5A5248BF-9E86-4B90-B344-C2DE1A3A8B56@cisco.com> <CAKC-DJhMf72D4wUcSL1_t_mSBLHotNm2KPE4v8OW94wfpHMN5w@mail.gmail.com> <71D94EF2-2740-4BC8-BA1D-40A667A9BD8E@cisco.com>
Message-ID: <1414729592.66054.YahooMailNeo@web162204.mail.bf1.yahoo.com>
Date: Thu, 30 Oct 2014 21:26:32 -0700
From: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
To: "Fred Baker (fred)" <fred@cisco.com>, Erik Nygren <erik+ietf@nygren.org>
In-Reply-To: <71D94EF2-2740-4BC8-BA1D-40A667A9BD8E@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/HBbW5SutCp4apD1-mZkdSmTDw6A
Cc: IPv6 Operations <v6ops@ietf.org>
Subject: Re: [v6ops] Fwd: I-D Action: draft-vyncke-v6ops-happy-eyeballs-cookie-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Oct 2014 04:29:35 -0000





>________________________________
> From: Fred Baker (fred) <fred@cisco.com>
>To: Erik Nygren <erik+ietf@nygren.org> 
>Cc: IPv6 Operations <v6ops@ietf.org> 
>Sent: Wednesday, 29 October 2014, 8:19
>Subject: Re: [v6ops] Fwd: I-D Action: draft-vyncke-v6ops-happy-eyeballs-cookie-00.txt
> 
>
>
>
>
>On Oct 28, 2014, at 2:07 PM, Erik Nygren <erik+ietf@nygren.org> wrote:
>
>On Tue, Oct 28, 2014 at 10:29 AM, Fred Baker (fred) <fred@cisco.com> wrote:
>
>I would be interested in folks’ view of this. Is this interesting?
>>
>
>
>This is mentioned in section 8.2 of rfc6883 but keeps coming up over and over again
>
>so may be worth calling out more clearly.  I'd title it in some way that didn't make it seem like
>a happy eyeball specific issue.
>
>It's not just a happy eyeballs issue.  It also happens with dual-stack environments where cookies or session or authentication tokens span origins where some servers are dual-stack and some are IPv4-only.   (For example, an auth granting service grants bearer tokens locked to the client IP address and then the client connects to some other service on a different hostname and passes along the tokens.  Even absent Happy Eyeballs these can be on different IP versions.)

I'd think Multipath TCP could also cause these issues, as the MPTCP subflows are not limited to the IP protocol that application 'thinks' it is talking. Even MPTCP subflows of the same IP version to the same destination across session might end up with this issue if the subflows come up in different order.


>
>
>
>An important thing, in my mind, is that Happy Eyeballs isn’t fundamentally about IPv4 and IPv6, it’s about multihoming, which is to say that I have more than one address and more than one route, and it is conceivable that one or more of my addresses or routes doesn’t work. If I am multihomed in the sense of having multiple IPv4 paths, I can have the same problems, and I can have the same problems if I am IPv6-only but have multiple upstreams.
>
>
>
>
>
>The large-scale NAT/CGN issue does make this not just an IPv6 issue.  At least some systems I've seen then check the IP in the cookie to make sure it's in the same /24 rather than the exact same IP, but that doesn't help in the dual-stack world.
>>
>>Another issue beyond Happy Eyeballs is that privacy addressing bites you here as well for cookies that are used across different TCP connections spanning a privacy address rotation.
>>
>>
>>Having some more clear "don't do this" to point people to would be good, but I suspect we'll have many years of cleaning up applications doing this.
>>
>
>
>_______________________________________________
>v6ops mailing list
>v6ops@ietf.org
>https://www.ietf.org/mailman/listinfo/v6ops
>
>
>

v2.23.0 | Report a Bug | By Email