Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When can the connection ID be omitted? #659

Closed
larseggert opened this issue Jun 23, 2017 · 7 comments
Closed

When can the connection ID be omitted? #659

larseggert opened this issue Jun 23, 2017 · 7 comments
Assignees
@martinthomson @janaiyengar
Labels
-transport editorial An issue that does not affect the design of the protocol; does not require consensus.

Comments

@larseggert
Copy link
Member

The current draft doesn't really talk much about when the connection ID can be omitted. Is this a unilateral unidirectional decision by a sender? Is it negotiated somehow? How are connections being identified in the absence of a connection ID? Are there cases when connection IDs need to be sent again after having been omitted? Etc., etc.
@mikkelfj
Copy link
Contributor

See Transport parameters

An endpoint MAY use the following transport parameters:
truncate_connection_id (0x0004):

The truncated connection identifier parameter indicates that packets sent to the peer can omit the connection ID. This can be used by an endpoint where the 5-tuple is sufficient to identify a connection. This parameter is zero length. Omitting the parameter indicates that the endpoint relies on the connection ID being present in every packet.

See also #645

Note that as long as the SCID cannot be mapped to CCID, then 5-tuple uniqueness is necessary, and addding the connection ID is of limited value to end-points, but may help middle boxes. If SCID were mapped to CCID, the connection ID could be used to associate connection state on any transport, but this not currently possible:
https://tools.ietf.org/html/rfc2549

@mikkelfj mikkelfj mentioned this issue Jun 23, 2017
Closed
@larseggert
Copy link
Member Author

So how does an endpoint know that its five tuple is sufficient to identify the connection at the peer? When a bunch of clients behind a CGN get mapped to the same source IP and port, and they decide to omit the CID, the server can't tell them apart.

@ianswett
Copy link
Contributor

Every NAT I'm aware of gives each flow a different port, otherwise there's no way to know what IP/port to send the packet to inside the NAT. Given that, omitting the connection ID in the server to client direction seems quite safe.

It's when an IP/port is not sufficiently identifying(usually clusters of servers) when connection id becomes critical.

@larseggert
Copy link
Member Author

larseggert commented Jun 26, 2017
edited

Sure, so the assumption is that client <IP, port> pairs are unique. So what guidance do we give server implementations about omitting CIDs? Should they be aggressive about it? Should they only do it in some case; and which? Separately, what about clients? Are there cases when then MUST/SHOULD/MAY omit CIDs?

I'm missing guidance text in the document. At the moment, the draft specifies the possibility to omit and a bit, but not much more.

@chocis
Copy link

chocis commented Jun 26, 2017

i imagine that one type of communication is that client always sends CID, so that packet can be forwarded to correct backend server instance, but the response in server's response CID can be omitted.

@larseggert
Copy link
Member Author

That's a reasonable assumption, but the text in the draft at the moment permits either side to omit or not omit CIDs on most packets without any guidance.

@mnot mnot added the design An issue that affects the design of the protocol; resolution requires consensus. label Jun 27, 2017
@martinthomson martinthomson added editorial An issue that does not affect the design of the protocol; does not require consensus. and removed design An issue that affects the design of the protocol; resolution requires consensus. labels Jun 27, 2017
martinthomson added a commit that referenced this issue Jun 27, 2017
@martinthomson
Clarify how connection ID can be omitted
514b884 
The definition of the truncate_connection_id was correct, but the name
was poor (it implied that part of the connection ID was included) and it
wasn't referenced from the critical part of the document (the short
header definition).  This corrects both of those oversights.

Closes #659.
@martinthomson martinthomson mentioned this issue Jun 28, 2017
Merged
@mirjak
Copy link
Contributor

mirjak commented Jul 10, 2017

I guess we could add more guidance in the applicability statement because this is rather a configuration question when you deploy quic on your servers than an implementation questions. And I guess we need a configuration knob for this.

@nibanks nibanks mentioned this issue Sep 22, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@martinthomson martinthomson

@janaiyengar janaiyengar

Labels
-transport editorial An issue that does not affect the design of the protocol; does not require consensus.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@martinthomson @mnot @mikkelfj @larseggert @chocis @mirjak @janaiyengar @ianswett