Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Amplification limit in recovery #1862

Merged
merged 10 commits into from
Oct 21, 2018
Merged

Amplification limit in recovery #1862

Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
d2c9ae5
Amplification limit in recovery
ianswett Oct 17, 2018
0cc808b
Update draft-ietf-quic-recovery.md
ianswett Oct 17, 2018
1730b2d
Update draft-ietf-quic-recovery.md
martinthomson Oct 17, 2018
e7c83d2
Crypto retransmission timer
ianswett Oct 17, 2018
360869e
Update draft-ietf-quic-recovery.md
ianswett Oct 17, 2018
97f8bf2
Update draft-ietf-quic-recovery.md
ianswett Oct 17, 2018
b523410
Client always sends
ianswett Oct 18, 2018
289a942
Update draft-ietf-quic-recovery.md
martinthomson Oct 19, 2018
d2f45ff
Update draft-ietf-quic-recovery.md
martinthomson Oct 19, 2018
dd7fc95
Update draft-ietf-quic-recovery.md
martinthomson Oct 19, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
84 changes: 34 additions & 50 deletions draft-ietf-quic-recovery.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -300,10 +300,10 @@ timer for TCP as well, and this document incorporates this advancement.

Timer-based loss detection recovers from losses that cannot be handled by
ack-based loss detection. It uses a single timer which switches between
a crypto handshake retransmission timer, a Tail Loss Probe timer and
Retransmission Timeout mechanisms.
a crypto retransmission timer, a Tail Loss Probe timer and Retransmission
Timeout mechanisms.

### Crypto Handshake Timeout
### Crypto Retransmission Timeout

Data in CRYPTO frames is critical to QUIC transport and crypto negotiation, so a
more aggressive timeout is used to retransmit it.
Expand All @@ -318,12 +318,27 @@ is available, or if the network changes, the initial RTT SHOULD be set to 100ms.
When an acknowledgement is received, a new RTT is computed and the timer
SHOULD be set for twice the newly computed smoothed RTT.

When crypto packets are sent, the sender SHOULD set a timer for the crypto
When crypto packets are sent, the sender MUST set a timer for the crypto
timeout period. Upon timeout, the sender MUST retransmit all unacknowledged
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
timeout period. Upon timeout, the sender MUST retransmit all unacknowledged
retransmission interval. Upon timeout, the sender MUST retransmit all unacknowledged

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doc uses timeout and timeout period fairly consistently, so I'd like to keep it as is.

CRYPTO data by calling RetransmitAllUnackedCryptoData(). On each consecutive
expiration of the crypto timer without receiving an acknowledgement for a new
packet, the sender SHOULD double the crypto handshake timeout and set a timer
for this period.
CRYPTO data if possible.

Until the server has validated the client's address on the path, the number of
bytes it can send is limited, as specified in {{QUIC-TRANSPORT}}.
If not all unacknowledged CRYPTO data can be sent, then all unacknowledged
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that you mean to say instead

If all CRYPTO data is acknowledged, and there is nothing for the client to send, then it sends another Initial packet.

What that packet contains clearly doesn't matter (though an ACK would be perfectly OK, as would repeating information that the server already has), so I don't think we need to stipulate that explicitly. Otherwise, this is a little ambiguous - and maybe in conflict with what we did in #1843 and the next paragraph.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This paragraph talks about the server's behavior, not the client's?

CRYPTO data sent in Initial packets should be retransmitted. If no bytes
can be sent, then no alarm should be armed until bytes have been received from
the client.

Because the server could be blocked until more packets are received, the
client MUST start the crypto retransmission timer even if there is no
unacknowledged CRYPTO data. If the timer expires and the client has no
CRYPTO data to retransmit and does not have Handshake keys, it SHOULD send
an Initial packet in a UDP datagram of at least 1200 octets.
If the client has Handshake keys, it SHOULD send a Handshake packet.

On each consecutive expiration of the crypto timer without receiving an
acknowledgement for a new packet, the sender SHOULD double the crypto
retransmission timeout and set a timer for this period.

When crypto packets are outstanding, the TLP and RTO timers are not active.

Expand Down Expand Up @@ -460,9 +475,9 @@ delayed acknowledgement should be generated after processing incoming packets.
### Crypto Handshake Data

In order to quickly complete the handshake and avoid spurious retransmissions
due to crypto handshake timeouts, crypto packets SHOULD use a very short ack
delay, such as 1ms. ACK frames MAY be sent immediately when the crypto stack
indicates all data for that encryption level has been received.
due to crypto retransmission timeouts, crypto packets SHOULD use a very short
ack delay, such as 1ms. ACK frames MAY be sent immediately when the crypto
stack indicates all data for that encryption level has been received.

### ACK Ranges

Expand Down Expand Up @@ -539,8 +554,8 @@ are described in this section.
loss_detection_timer:
: Multi-modal timer used for loss detection.

handshake_count:
: The number of times all unacknowledged handshake data has been
crypto_count:
: The number of times all unacknowledged CRYPTO data has been
retransmitted without receiving an ack.

tlp_count:
Expand Down Expand Up @@ -616,7 +631,7 @@ follows:

~~~
loss_detection_timer.reset()
handshake_count = 0
crypto_count = 0
tlp_count = 0
rto_count = 0
if (kUsingTimeLossDetection)
Expand Down Expand Up @@ -706,7 +721,7 @@ Pseudocode for OnAckReceived and UpdateRtt follow:
if (rto_count > 0 &&
smallest_newly_acked > largest_sent_before_rto):
OnRetransmissionTimeoutVerified(smallest_newly_acked)
handshake_count = 0
crypto_count = 0
tlp_count = 0
rto_count = 0

Expand Down Expand Up @@ -763,37 +778,6 @@ duration of the timer is based on the timer's mode, which is set in the packet
and timer events further below. The function SetLossDetectionTimer defined
below shows how the single timer is set.

#### Crypto Handshake Timer

When a connection has unacknowledged crypto packets, the crypto handshake timer
is set and when it expires, all unacknowledged CRYPTO data is retransmitted.

When stateless rejects are in use, the connection is considered immediately
closed once a reject is sent, so no timer is set to retransmit the reject.

Version negotiation packets are always stateless, and MUST be sent once per
handshake packet that uses an unsupported QUIC version, and MAY be sent in
response to 0-RTT packets.

#### Tail Loss Probe and Retransmission Timer

Tail loss probes {{?TLP}} and retransmission timeouts {{?RFC6298}}
are timer based mechanisms to recover from cases when there are
outstanding retransmittable packets, but an acknowledgement has
not been received in a timely manner.

The TLP and RTO timers are armed when there are no unacknowledged crypto
packets. The TLP timer is set until the max number of TLP packets have been
sent, and then the RTO timer is set.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you mean to delete all of this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I believe it's duplicative of the more detailed text above.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK. It seemed entirely unrelated, but I see we have text on both elsewhere.


#### Early Retransmit Timer

Early retransmit {{?RFC5827}} is implemented with a 1/4 RTT timer. It is
part of QUIC's time based loss detection, but is always enabled, even when
only packet reordering loss detection is enabled.

#### Pseudocode

Pseudocode for SetLossDetectionTimer follows:

~~~
Expand Down Expand Up @@ -838,16 +822,16 @@ Pseudocode for SetLossDetectionTimer follows:

### On Timeout

QUIC uses one loss recovery timer, which when set, can be in one of several
modes. When the timer expires, the mode determines the action to be performed.
When the loss detection timer expires, the timer's mode determines the action
to be performed.

Pseudocode for OnLossDetectionTimeout follows:

~~~
OnLossDetectionTimeout():
if (crypto packets are outstanding):
// Crypto handshake timeout.
RetransmitAllUnackedCryptoData()
// Crypto retransmission timeout.
RetransmitUnackedCryptoData()
crypto_count++
else if (loss_time != 0):
// Early retransmit or Time Loss Detection
Expand Down