New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When can the connection ID be omitted? #659
Comments
See Transport parameters
See also #645 Note that as long as the SCID cannot be mapped to CCID, then 5-tuple uniqueness is necessary, and addding the connection ID is of limited value to end-points, but may help middle boxes. If SCID were mapped to CCID, the connection ID could be used to associate connection state on any transport, but this not currently possible: |
So how does an endpoint know that its five tuple is sufficient to identify the connection at the peer? When a bunch of clients behind a CGN get mapped to the same source IP and port, and they decide to omit the CID, the server can't tell them apart. |
Every NAT I'm aware of gives each flow a different port, otherwise there's no way to know what IP/port to send the packet to inside the NAT. Given that, omitting the connection ID in the server to client direction seems quite safe. It's when an IP/port is not sufficiently identifying(usually clusters of servers) when connection id becomes critical. |
Sure, so the assumption is that client <IP, port> pairs are unique. So what guidance do we give server implementations about omitting CIDs? Should they be aggressive about it? Should they only do it in some case; and which? Separately, what about clients? Are there cases when then MUST/SHOULD/MAY omit CIDs? I'm missing guidance text in the document. At the moment, the draft specifies the possibility to omit and a bit, but not much more. |
i imagine that one type of communication is that client always sends CID, so that packet can be forwarded to correct backend server instance, but the response in server's response CID can be omitted. |
That's a reasonable assumption, but the text in the draft at the moment permits either side to omit or not omit CIDs on most packets without any guidance. |
The definition of the truncate_connection_id was correct, but the name was poor (it implied that part of the connection ID was included) and it wasn't referenced from the critical part of the document (the short header definition). This corrects both of those oversights. Closes #659.
I guess we could add more guidance in the applicability statement because this is rather a configuration question when you deploy quic on your servers than an implementation questions. And I guess we need a configuration knob for this. |
The current draft doesn't really talk much about when the connection ID can be omitted. Is this a unilateral unidirectional decision by a sender? Is it negotiated somehow? How are connections being identified in the absence of a connection ID? Are there cases when connection IDs need to be sent again after having been omitted? Etc., etc.
The text was updated successfully, but these errors were encountered: