Skip to content

Commit e7b455c

Browse files
authored
Update draft-ietf-quic-transport.md
Addressed Martin T's 01/12 comments.
1 parent 9fbcca3 commit e7b455c

File tree

1 file changed

+28
-23
lines changed

1 file changed

+28
-23
lines changed

draft-ietf-quic-transport.md

Lines changed: 28 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1198,23 +1198,28 @@ The fields of a GOAWAY frame are as follows:
11981198

11991199
# Packetization and Reliability {#packetization}
12001200

1201-
The maximum packet size for QUIC is the maximum size of the entire UDP payload,
1202-
including the public header, encrypted payload, and any authentication fields.
1203-
All QUIC packets SHOULD be sized to fit within the path's MTU to avoid IP
1204-
fragmentation. To optimize bandwidth efficiency, endpoints MAY use Path MTU
1205-
Discovery ({{!RFC1191}}, {{!RFC1981}}) or Packetization Layer Path MTU
1206-
Discovery ({{!RFC4821}}) for detecting the path's MTU, setting the maximum
1207-
packet size appropriately, and storing the result of previous PMTU
1208-
determinations. In the absence of these mechanisms, the recommended default
1209-
maximum packet size is 1350 bytes for IPv6 and 1370 bytes for IPv4.
1210-
1211-
All handshake packets MUST include a PADDING frame if necessary to bring the
1212-
packet to the maximum size the endpoint is enforcing. Furthermore, all IPv4
1201+
The Path Maximum Transmission Unit (PTMU) is the maximum size of the entire IP
1202+
header, UDP header, and UDP payload. The UDP payload includes the QUIC public
1203+
header, encrypted payload, and any authentication fields.
1204+
1205+
All QUIC packets SHOULD be sized to fit within the estimated PMTU to avoid IP
1206+
fragmentation or packet drops. To optimize bandwidth efficiency, endpoints MAY
1207+
use PMTU Discovery ({{!RFC1191}}, {{!RFC1981}}) or Packetization Layer PMTU
1208+
Discovery ({{!RFC4821}}) for detecting the PMTU, setting the PMTU appropriately,
1209+
and storing the result of previous PMTU determinations.
1210+
1211+
In the absence of these mechanisms, QUIC endpoints SHOULD use a default PMTU of
1212+
1398 octets. Assuming the minimum IP header size, this results in a UDP payload
1213+
length of 1350 octets for IPv6 and 1370 octets for IPv4.
1214+
1215+
Both the QUIC client and server MUST send at least one handshake packet of size
1216+
equal to the estimated PMTU, and receive an acknowledgment for that packet. This
1217+
could require a PADDING frame to increase the packet size. PMTU-size, IPv4
12131218
handshake packets SHOULD have the DF bit set.
12141219

1215-
QUIC endpoints that implement any kind of MTU discovery SHOULD maintain an
1220+
QUIC endpoints that implement any kind of PMTU discovery SHOULD maintain an
12161221
estimate for each combination of local and remote IP addresses (as each pairing
1217-
may have a different maximum MTU in the path).
1222+
could have a different maximum MTU in the path).
12181223

12191224
A sender bundles one or more frames in a Regular QUIC packet. A sender MAY
12201225
bundle any set of frames in a packet. All QUIC packets MUST contain a packet
@@ -1268,26 +1273,26 @@ frames), the receiving peer MAY send an ACK frame after a reasonable number
12681273
Strategies and implications of the frequency of generating acknowledgments are
12691274
discussed in more detail in {{QUIC-RECOVERY}}.
12701275

1271-
## Special Considerations for Path MTU Discovery
1276+
## Special Considerations for PMTU Discovery
12721277

12731278
Traditional ICMP-based path MTU discovery in IPv4 ({{!RFC1191}} is potentially
1274-
vulnerable to off-path attacks that succesfully guess the IP/port 4-tuple and
1279+
vulnerable to off-path attacks that successfully guess the IP/port 4-tuple and
12751280
reduce the MTU to a bandwidth-inefficient value. TCP connections mitigate this
12761281
risk by using the (at minimum) 8 bytes of transport header echoed in the ICMP
12771282
message to validate the TCP sequence number as valid for the current
12781283
connection. However, as QUIC operates over UDP, in IPv4 the echoed information
1279-
may consist only of the IP and UDP headers, which usually has insufficient
1284+
could consist only of the IP and UDP headers, which usually has insufficient
12801285
entropy to mitigate off-path attacks.
12811286

12821287
As a result, endpoints that implement PMTUD in IPv4 SHOULD take steps to mitigate
1283-
this risk. For instance, an application may:
1288+
this risk. For instance, an application could:
12841289

1285-
* Set the IPv4 Don't Fragment (DF) bit on a small number of packets per RTT, so
1286-
that most invalid ICMP messages arrive when there are no DF packets
1287-
outstanding.
1290+
* Set the IPv4 Don't Fragment (DF) bit on a small proportion of packets, so that
1291+
most invalid ICMP messages arrive when there are no DF packets outstanding.
12881292

1289-
* Store additional information from the IP or UDP headers (for example, the IP
1290-
ID or UDP checksum) to further authenticate incoming Packet Too Big messages.
1293+
* Store additional information from the IP or UDP headers from DF packets (for
1294+
example, the IP ID or UDP checksum) to further authenticate incoming Packet Too
1295+
Big messages.
12911296

12921297
# Streams: QUIC's Data Structuring Abstraction {#streams}
12931298

0 commit comments

Comments
 (0)