More ECN verification failure modes #2198

martinthomson · 2018-12-17T02:42:18Z

There's a perverse situation in which ECN verification results in another problem.

That situation is where the largest acknowledged is lower on packet that is sent later. AND that packet acknowledges more packets so that the counts are higher. AND that packet is reordered ahead of packets with higher largest acknowledged. This results in the verification failing on the second packet to arrive (counts are lower because it's an older ACK, but the largest acknowledged is higher).

A fix is to never decrease the largest acknowledged when sending an ACK frame. Another is to disable validation if the packet containing the ACK is not higher-numbered than the last packet containing an ACK. The question is whether we care enough to recommend either fix...

@gloinul, WDYT?

gloinul · 2018-12-17T12:57:46Z

Maybe we need to bring back my proposed text to actually look that the PN of the packet containing the ACK frame is the highest received so far, else do not perform ECN verification. It requires a single state variable, and likely one per packet status boolean (wasReordered) to use during processing.
This I think got removed for more shorter and "elegant" text. That way all these reording things goes away. Without the reordering the ECN counters will never go backwards, even if an ACK, only ACKs what was an gap in what been acked so far.

gloinul · 2018-12-19T09:06:31Z

#2205 if there is a requirement for the ACK frame to always include a largest acknoweldge equal to largest received then the above can't happen. The the later reordered packet will have the same largest acknowledged as the later arriving, but sent later. Thus, the ECN verification check would be that Largest Acknowledged MUST increase for verification to happen. Or one actually looks at the PN of the packet of the ACK frame to ensure that they arrive in order.

gloinul · 2018-12-20T11:09:22Z

I think the best in this case is to not preform vierfication for out of order ACKs.

The current sentence in Section 13.3.2 (-17):
"Counts MUST NOT be verified if the ACK frame does not increase the largest received packet number at the endpoint."

Which I interpret to mean that what PN the ACK reference (sender-receiver direction), rather than the PN of the receiver to sender direction. Can you @martinthomson fix that? That way #2205 can focus on the other aspect and ignore ECN as it would not care.

ianswett · 2018-12-20T15:08:09Z

@gloinul That would be my preference as well.

Fixes #2198

martinthomson added design An issue that affects the design of the protocol; resolution requires consensus. -transport labels Dec 17, 2018

ianswett added a commit that referenced this issue Dec 20, 2018

Don't verify ECN counts for out of order ACKs

4152d7b

Fixes #2198

ianswett mentioned this issue Dec 20, 2018

Don't verify ECN counts for out of order ACKs #2215

Merged

janaiyengar mentioned this issue Dec 20, 2018

Largest acked in ACK frame MUST NOT decrease #2205

Closed

martinthomson closed this as completed in #2215 Dec 24, 2018

mnot added the has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list. label Mar 5, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

More ECN verification failure modes #2198

More ECN verification failure modes #2198

martinthomson commented Dec 17, 2018

gloinul commented Dec 17, 2018

gloinul commented Dec 19, 2018

gloinul commented Dec 20, 2018

ianswett commented Dec 20, 2018

More ECN verification failure modes #2198

More ECN verification failure modes #2198

Comments

martinthomson commented Dec 17, 2018

gloinul commented Dec 17, 2018

gloinul commented Dec 19, 2018

gloinul commented Dec 20, 2018

ianswett commented Dec 20, 2018