DPLPMTU merge tweaks #3702
DPLPMTU merge tweaks #3702
Conversation
This set of changes seeks to: * Complete the transfer of DPLPMTUD text from the DPLPMTUD-RFC-to-be to this ID. * Separate PMTUD from DPLPMTUD where they differ. * Seek consistent language for packet sizes within these sections.
That would be good, the change was unintended. Co-authored-by: ianswett <ianswett@users.noreply.github.com>
I like that:-) Co-authored-by: ianswett <ianswett@users.noreply.github.com>
Co-authored-by: Martin Thomson <mt@lowentropy.net>
This looks good Co-authored-by: ianswett <ianswett@users.noreply.github.com>
This looks good Co-authored-by: Martin Thomson <mt@lowentropy.net>
This looks good Co-authored-by: Martin Thomson <mt@lowentropy.net>
This looks good Co-authored-by: Martin Thomson <mt@lowentropy.net>
That would be OK. DPLPMTUD only handles PTB messages. Co-authored-by: Martin Thomson <mt@lowentropy.net>
Co-authored-by: Martin Thomson <mt@lowentropy.net>
Typo fixed. Co-authored-by: Martin Thomson <mt@lowentropy.net>
Fix for /application data/
Seems correct Co-authored-by: Martin Thomson <mt@lowentropy.net>
martinthomson
added
design
Understood, and corrected. Co-authored-by: Martin Thomson <mt@lowentropy.net>
Changes to resolve description of probe packets and need to explain the maximum size.
draft-ietf-quic-transport.md
Outdated
| From the perspective of DPLPMTUD, QUIC transport is an acknowledged | ||
| packetization layer (PL). A sender can therefore enter the DPLPMTUD BASE state | ||
| when the QUIC connection handshake has been completed and the endpoint has | ||
| established a 1-RTT key. |
There was a problem hiding this comment.
I think we agreed to remove the 1-RTT clause (as not needed)?
There was a problem hiding this comment.
Yep. Missed that in my pass. Corrected.
| packets ({{long-header}}) contain source connection IDs, and long header packets | ||
| are not decrypted or acknowledged by the peer once the handshake is complete. | ||
|
|
||
| One way to construct a PMTU probe is to coalesce (see {{packet-coalesce}}) a |
There was a problem hiding this comment.
Re-reading this: Is this only for PMTUD?
The text seems to describe a probe packet that is ack-eliciting, which may mean it can be used with PLPMTUD?
Should we say PMTUD/DPLPMTUD
There was a problem hiding this comment.
Yeah, this should be either.
draft-ietf-quic-transport.md
Outdated
| DPLPMTU probe packets are ack-eliciting packets. Probe packets that use the | ||
| PADDING frame therefore implement "Probing using padding data", as defined in | ||
| Section 4.1 of {{!DPLPMTUD}}. Endpoints could limit the content of probe | ||
| packets to PING and PADDING frames as packets that are larger than the current |
There was a problem hiding this comment.
Please check: This may leave data in probe packets slightly under-described, and I think more may need to be said:
The transmission of data in probe packets in discussed in
section 4.1 of {{!DPLPMTUD}}. Probe packets that use a PADDING frame or that coalesce packets with no data implement DPLPMTUD with "Probing using padding data".
There was a problem hiding this comment.
The coalescing part sort of reveals a flaw in the construction though. It shows that the probe really uses datagrams. At this level, I think that assuming the hack (coalescing with junk Handshake) is not involved, is OK. Happy to take suggestions though, because this is definitely awkward.
There was a problem hiding this comment.
Yes, this was starting to leak badly. I think there's some cleaning up that needs to be done in terms of bringing consistency overall, see meta comment above.
draft-ietf-quic-transport.md
Outdated
| @@ -3797,19 +3797,24 @@ later time in the connection. | |||
| The QUIC packet size includes the QUIC header and protected payload, but not the | |||
| UDP or IP header. | |||
|
|
|||
| QUIC depends upon a minimum packet size of at least 1280 bytes. This is the | |||
There was a problem hiding this comment.
The protocol layer relating to "packet size" needs clarification - is it an IP packet or an IP payload, or QUIC packet?
There was a problem hiding this comment.
Good point. That's been sitting there for ages and you are the first to notice.
draft-ietf-quic-transport.md
Outdated
| supports a reasonable Maximum Transmission Unit (MTU). Padding datagrams also | ||
| helps reduce the amplitude of amplification attacks caused by server responses | ||
| toward an unverified client address; see {{address-validation}}. | ||
| supports a reasonable Path Maximum Transmission Unit (PMTU). Padding datagrams |
There was a problem hiding this comment.
/reasonable/minimum size required by QUIC/
draft-ietf-quic-transport.md
Outdated
| supports a reasonable Maximum Transmission Unit (MTU). Padding datagrams also | ||
| helps reduce the amplitude of amplification attacks caused by server responses | ||
| toward an unverified client address; see {{address-validation}}. | ||
| supports a reasonable Path Maximum Transmission Unit (PMTU). Padding datagrams |
There was a problem hiding this comment.
... If coalescing also has this property, should we say:
/Passing datagrams/Using the minimum packet size/
| causes an ICMP message to be sent, the first part of the datagram will be quoted | ||
| in that message. If the source connection ID is within the quoted portion of | ||
| the UDP datagram, that could be used for routing. | ||
|
|
There was a problem hiding this comment.
used for routing ... add: /and for validation of an ICMP message./
There was a problem hiding this comment.
Good point. And it is either. (Though using other junk in the packet might be better for validation, if the quoted part is indeed long enough. One real concern with this hack is that the router might not quote enough of the packet include the the whole Source Connection ID field, especially if the Destination Connection ID - which you can't truncate either - has to be longer.)
There was a problem hiding this comment.
:-). (Knowing that needs a measurement survey) However, the implications are you wouldn't be able to rely on ICMP to help you. Well that's no new news there are many reasons why you may not see a PTB message, that's why DPLPMTUD was made.
|
|
||
| Note: | ||
| : The purpose of using a packet with a long header is only to ensure that the | ||
| quoted packet contained in the ICMP message contains a Source Connection ID |
There was a problem hiding this comment.
/SCID/ may already be defined if you prefer.
There was a problem hiding this comment.
We've taken to writing these out in full.
draft-ietf-quic-transport.md
Outdated
| Note: | ||
| : The purpose of using a packet with a long header is only to ensure that the | ||
| quoted packet contained in the ICMP message contains a Source Connection ID | ||
| field that can be use for routing. This packet does not need to be a valid |
There was a problem hiding this comment.
...only for routing? Does this help with validation (the editor will know best).
draft-ietf-quic-transport.md
Outdated
| An endpoint using DPLPMTUD requires the validation of any received PTB message | ||
| before using the PTB information, as defined in Section 4.6 of {{!DPLPMTUD}}. | ||
| In addition to UDP Port validation, QUIC validates an ICMP message by using | ||
| other PL information (e.g., validation of connection identifiers (CIDs) in the |
There was a problem hiding this comment.
I think /CID/ is already defined at this point in the ID.
There was a problem hiding this comment.
I don't think we use is, so thanks for drawing attention to it. We use "connection ID" and so I have fixed this.
…to dplpmtud-merge Integrate latest changes from the source
draft-ietf-quic-transport.md
Outdated
| @@ -3797,19 +3797,24 @@ later time in the connection. | |||
| The QUIC packet size includes the QUIC header and protected payload, but not the | |||
| UDP or IP header. | |||
|
|
|||
| QUIC depends upon a minimum packet size of at least 1280 bytes. This is the | |||
There was a problem hiding this comment.
Good point. That's been sitting there for ages and you are the first to notice.
draft-ietf-quic-transport.md
Outdated
| From the perspective of DPLPMTUD, QUIC transport is an acknowledged | ||
| packetization layer (PL). A sender can therefore enter the DPLPMTUD BASE state | ||
| when the QUIC connection handshake has been completed and the endpoint has | ||
| established a 1-RTT key. |
There was a problem hiding this comment.
Yep. Missed that in my pass. Corrected.
draft-ietf-quic-transport.md
Outdated
| DPLPMTU probe packets are ack-eliciting packets. Probe packets that use the | ||
| PADDING frame therefore implement "Probing using padding data", as defined in | ||
| Section 4.1 of {{!DPLPMTUD}}. Endpoints could limit the content of probe | ||
| packets to PING and PADDING frames as packets that are larger than the current |
There was a problem hiding this comment.
The coalescing part sort of reveals a flaw in the construction though. It shows that the probe really uses datagrams. At this level, I think that assuming the hack (coalescing with junk Handshake) is not involved, is OK. Happy to take suggestions though, because this is definitely awkward.
draft-ietf-quic-transport.md
Outdated
| An endpoint using DPLPMTUD requires the validation of any received PTB message | ||
| before using the PTB information, as defined in Section 4.6 of {{!DPLPMTUD}}. | ||
| In addition to UDP Port validation, QUIC validates an ICMP message by using | ||
| other PL information (e.g., validation of connection identifiers (CIDs) in the |
There was a problem hiding this comment.
I don't think we use is, so thanks for drawing attention to it. We use "connection ID" and so I have fixed this.
| packets ({{long-header}}) contain source connection IDs, and long header packets | ||
| are not decrypted or acknowledged by the peer once the handshake is complete. | ||
|
|
||
| One way to construct a PMTU probe is to coalesce (see {{packet-coalesce}}) a |
There was a problem hiding this comment.
Yeah, this should be either.
| causes an ICMP message to be sent, the first part of the datagram will be quoted | ||
| in that message. If the source connection ID is within the quoted portion of | ||
| the UDP datagram, that could be used for routing. | ||
|
|
There was a problem hiding this comment.
Good point. And it is either. (Though using other junk in the packet might be better for validation, if the quoted part is indeed long enough. One real concern with this hack is that the router might not quote enough of the packet include the the whole Source Connection ID field, especially if the Destination Connection ID - which you can't truncate either - has to be longer.)
|
|
||
| Note: | ||
| : The purpose of using a packet with a long header is only to ensure that the | ||
| quoted packet contained in the ICMP message contains a Source Connection ID |
There was a problem hiding this comment.
We've taken to writing these out in full.
There was a problem hiding this comment.
A high order point. This could use a clean up in terms of noun consistency:
- PMTU, DPLPMPTU
- PMTUD/DPLPMTUD/PMTU/DPLPMTU probes / probe packets. I would simply use "probes" and define this away.
My suggestion would be to add a Terminology subsection at the top of this section, so that we can simply define away the ambiguities.
draft-ietf-quic-transport.md
Outdated
| If a QUIC endpoint determines that the PLPMTU between any pair of local and | ||
| remote IP addresses has fallen below the size needed to support the minimum QUIC | ||
| packet size (BASE_PLPMTU), it MUST immediately cease sending QUIC packets, | ||
| except for DPLPMTUD probe packets, on the affected path. An endpoint MAY |
There was a problem hiding this comment.
This clause does not make sense to me. What does a DPLPMTUD probe packet look like if it's not a QUIC packet? I think this clause should be removed.
There was a problem hiding this comment.
I am fine to remove: DPLPMTUD will anyway send some "probes" after it thinks a blackhole is detected, to confirm if the black hole exists. Once confirmed I understand QUIC will cease sending.
draft-ietf-quic-transport.md
Outdated
|
|
||
| From the perspective of DPLPMTUD, QUIC transport is an acknowledged | ||
| packetization layer (PL). A sender can therefore enter the DPLPMTUD BASE state | ||
| when the QUIC connection handshake has been completed and the endpoint has |
There was a problem hiding this comment.
This should use "handshake confirmed". That said, is there a reason to disallow this during the handshake?
draft-ietf-quic-transport.md
Outdated
|
|
||
| ### Sending QUIC DPLPMTUD Probe Packets | ||
|
|
||
| DPLPMTU probe packets are ack-eliciting packets. Probe packets that use the |
There was a problem hiding this comment.
This sounds like we are using a term without defining it. Perhaps "DPLPMTU probe packets require acknowledgements (Section 3 of {{!DPLPMTUD}}), and are therefore ack-eliciting packets"?
draft-ietf-quic-transport.md
Outdated
| DPLPMTU probe packets are ack-eliciting packets. Probe packets that use the | ||
| PADDING frame therefore implement "Probing using padding data", as defined in | ||
| Section 4.1 of {{!DPLPMTUD}}. Endpoints could limit the content of probe | ||
| packets to PING and PADDING frames as packets that are larger than the current |
There was a problem hiding this comment.
Yes, this was starting to leak badly. I think there's some cleaning up that needs to be done in terms of bringing consistency overall, see meta comment above.
Co-authored-by: Jana Iyengar <jri.ietf@gmail.com>
draft-ietf-quic-transport.md
Outdated
| maximum packet size are more likely to be dropped by the network. | ||
|
|
||
| DPLPMTU probe packets consume congestion window, which could delay subsequent | ||
| transmission by an application. |
There was a problem hiding this comment.
I think here is more to consider. QUIC's loss detection will trigger on a lost probe packet. Even tough this does not lead to a retransmission, since PING and PAD frames won't be retransmitted, one could misinterpret the loss as a congestion signal. It might worth to note that a lost probe packet should not be treated as a congestion signal by the congestion control.
There was a problem hiding this comment.
Section 3, bullet 7 of DPLPMTUD clarifies this as: "Loss of a probe packet SHOULD NOT be treated as an indication of congestion and SHOULD NOT trigger a congestion control reaction". Maybe this could be added as clarification?
There was a problem hiding this comment.
Maybe one of you can make a suggestion for what this can say (or file an issue for follow-up).
There was a problem hiding this comment.
Does this makes sense? (I merged both paragraphs in the section)
... Endpoints could limit the content of probe packets to PING and PADDING frames as packets that are larger than the current maximum packet size are more likely to be dropped by the network. These frames might not be retransmitted if a probe packet containing them is lost. Additionally, a lost probe packet should not be treated as a signal of congestion. However, these probe packets do consume congestion window, which could delay the transmission of subsequent application data.
There was a problem hiding this comment.
Nearly, could we say:
Probe packets are larger than the current maximum packet size and therefore more likely to be dropped by the network. Endpoints could therefore limit the content of probe packets to ACK-eliciting frames that are not retransmitted (e.g., using PING and PADDING frames). Loss of a probe packet SHOULD NOT be treated as an indication of congestion and SHOULD NOT trigger a congestion control reaction (see section 3, bullet 7 of {{!DPLPMTUD}}. However, probe packets do consume congestion window, which could delay subsequent transmission by an application.
|
@janaiyengar, I went with "PMTU probe packet", which is an IP packet. Let me know if that makes sense. |
There was a problem hiding this comment.
Thank you for your changes! I think it might be useful to distinguish the "IP packet" from how we commonly use "packet", so I propose (i) simply use "PMTU probe", and (ii) saying explicitly what that refers to. I've made some suggestions through the text to this end; see what you think.
draft-ietf-quic-transport.md
Outdated
|
|
||
| The QUIC maximum packet size is the largest size of QUIC packet that can be sent | ||
| across a network path using a single packet. Any maximum packet size larger than | ||
| 1200 bytes can be discovered using PMTUD/DPLPMTUD. |
There was a problem hiding this comment.
expand/cite for PMTUD/DPLPMTUD. I don't think it's been introduced before.
draft-ietf-quic-transport.md
Outdated
| An endpoint SHOULD use Datagram Packetization Layer PMTU Discovery | ||
| ({{!DPLPMTUD=I-D.ietf-tsvwg-datagram-plpmtud}}) or implement Path MTU Discovery | ||
| (PMTUD) {{!RFC1191}} {{!RFC8201}} to determine whether the path to a destination |
There was a problem hiding this comment.
Move this above to where PMTUD and DPLPMTUD are used for the first time.
draft-ietf-quic-transport.md
Outdated
| bytes, it MUST immediately cease sending QUIC packets, except for PMTU probe | ||
| packets, on the affected path. An endpoint MAY terminate the connection if an |
There was a problem hiding this comment.
| bytes, it MUST immediately cease sending QUIC packets, except for PMTU probe | |
| packets, on the affected path. An endpoint MAY terminate the connection if an | |
| bytes, it MUST immediately cease sending QUIC packets, except for those in PMTU | |
| probes, on the affected path. An endpoint MAY terminate the connection if an |
draft-ietf-quic-transport.md
Outdated
| PMTU probe packets for DPLPMTUD that use the PADDING frame implement "Probing | ||
| using padding data", as defined in Section 4.1 of {{!DPLPMTUD}}. |
There was a problem hiding this comment.
| PMTU probe packets for DPLPMTUD that use the PADDING frame implement "Probing | |
| using padding data", as defined in Section 4.1 of {{!DPLPMTUD}}. | |
| PMTU probes for DPLPMTUD that use the PADDING frame implement "Probing | |
| using padding data", as defined in Section 4.1 of {{!DPLPMTUD}}. |
draft-ietf-quic-transport.md
Outdated
| Both PMTUD and DPLPMTUD send IP packets that are larger than the current maximum | ||
| packet size. Aside from these PMTU probe packets, all QUIC packets SHOULD be | ||
| sized to fit within the maximum packet size to avoid the packet being fragmented | ||
| or dropped {{?RFC8085}}. |
There was a problem hiding this comment.
| Both PMTUD and DPLPMTUD send IP packets that are larger than the current maximum | |
| packet size. Aside from these PMTU probe packets, all QUIC packets SHOULD be | |
| sized to fit within the maximum packet size to avoid the packet being fragmented | |
| or dropped {{?RFC8085}}. | |
| Both PMTUD and DPLPMTUD send IP packets that are larger than the current maximum | |
| packet size. We refer to these packets as PMTU probes. All QUIC packets that are not | |
| in a PMTU probe SHOULD be sized to fit within the maximum packet size to avoid the | |
| packet being fragmented or dropped {{?RFC8085}}. |
draft-ietf-quic-transport.md
Outdated
| connection ID is within the quoted portion of the UDP datagram, that could be | ||
| used for routing. | ||
| packets are likely to require that the connection ID be included in | ||
| PMTU probe packets to route any resulting ICMP messages ({{icmp-pmtud}}) back to |
There was a problem hiding this comment.
| PMTU probe packets to route any resulting ICMP messages ({{icmp-pmtud}}) back to | |
| PMTU probes to route any resulting ICMP messages ({{icmp-pmtud}}) back to |
draft-ietf-quic-transport.md
Outdated
| contain the Source Connection ID field, and long header packets are not | ||
| decrypted or acknowledged by the peer once the handshake is complete. | ||
|
|
||
| One way to construct a PMTU probe packet is to coalesce (see |
There was a problem hiding this comment.
| One way to construct a PMTU probe packet is to coalesce (see | |
| One way to construct a PMTU probe is to coalesce (see |
draft-ietf-quic-transport.md
Outdated
| One way to construct a PMTU probe packet is to coalesce (see | ||
| {{packet-coalesce}}) a packet with a long header, such as a Handshake or 0-RTT | ||
| packet ({{long-header}}), with a short header packet in a single UDP datagram. | ||
| If the resulting PMTU probe packet reaches the endpoint, the packet with the |
There was a problem hiding this comment.
| If the resulting PMTU probe packet reaches the endpoint, the packet with the | |
| If the resulting PMTU probe reaches the endpoint, the packet with the |
draft-ietf-quic-transport.md
Outdated
| packet ({{long-header}}), with a short header packet in a single UDP datagram. | ||
| If the resulting PMTU probe packet reaches the endpoint, the packet with the | ||
| long header will be ignored, but the short header packet will be acknowledged. | ||
| If the UDP datagram causes an ICMP message to be sent, the first part of the |
There was a problem hiding this comment.
| If the UDP datagram causes an ICMP message to be sent, the first part of the | |
| If the PMTU probe causes an ICMP message to be sent, the first part of the |
draft-ietf-quic-transport.md
Outdated
| If the resulting PMTU probe packet reaches the endpoint, the packet with the | ||
| long header will be ignored, but the short header packet will be acknowledged. | ||
| If the UDP datagram causes an ICMP message to be sent, the first part of the | ||
| datagram will be quoted in that message. If the Source Connection ID field is |
There was a problem hiding this comment.
| datagram will be quoted in that message. If the Source Connection ID field is | |
| probe will be quoted in that message. If the Source Connection ID field is |
OK - There are already "IP packets" and "QUIC packets" - so some other term works fro me. |
draft-ietf-quic-transport.md
Outdated
| network path from the client to the server supports a reasonable Path Maximum | ||
| Transmission Unit (PMTU). This also helps reduce the amplitude of amplification | ||
| attacks caused by server responses toward an unverified client address; see | ||
| {{address-validation}}. | ||
|
|
||
| Enforcement of the max_udp_payload_size transport parameter |
There was a problem hiding this comment.
I'd move this paragraph above the one above, since they both talk about maximum packet size and in particular this paragraph uses "additional limit" which reads better one paragraph up.
draft-ietf-quic-transport.md
Outdated
| connection by sending a CONNECTION_CLOSE frame with an error code of | ||
| PROTOCOL_VIOLATION; see {{immediate-close-hs}}. | ||
| A server MUST discard an Initial packet that is carried in a UDP datagram with a | ||
| payload that is less than the smallest allowed maximum packet size of 1200 |
There was a problem hiding this comment.
| payload that is less than the smallest allowed maximum packet size of 1200 | |
| payload that is less than the smallest allowed maximum packet size of 1200 |
draft-ietf-quic-transport.md
Outdated
| An endpoint SHOULD use DPLPMTUD ({{dplpmtud}}) or PMTUD ({{pmtud}}) to determine | ||
| whether the path to a destination will support a desired message size without | ||
| fragmentation. In the absence of these mechanisms, QUIC endpoints SHOULD NOT | ||
| send IP packets larger than the minimum QUIC packet size. |
There was a problem hiding this comment.
| send IP packets larger than the minimum QUIC packet size. | |
| send IP packets larger than the smallest allowed maximum packet size. |
draft-ietf-quic-transport.md
Outdated
| If a QUIC endpoint determines that the PMTU between any pair of local and remote | ||
| IP addresses has fallen below the smallest allowed maximum packet size of 1200 | ||
| bytes, it MUST immediately cease sending QUIC packets, except for those in PMTU | ||
| probes, on the affected path. An endpoint MAY terminate the connection if an |
There was a problem hiding this comment.
This isn't new text, but tt seems like these two statements may be contradictory? Should this be "except for those in PMTU probes or containing connection close frames, on the affected path."?
draft-ietf-quic-transport.md
Outdated
| If a QUIC endpoint determines that the PLPMTU between any pair of local and | ||
| remote IP addresses has fallen below the size needed to support the minimum QUIC | ||
| packet size (BASE_PLPMTU), it MUST immediately cease sending QUIC packets on the | ||
| affected path. An endpoint MAY terminate the connection if an alternative path |
There was a problem hiding this comment.
This seems a bit repetitive of 3862-3866. It's also still confusing or potentially contradictory to me.
|
A top-level comment on the term "probing": |
|
In the subsection on “Packet Size {#packet-size}”, I think the blocks of text describe two things. There is some general guidance on size, and there are specific instructions for the size of the initial packet. I’d suggest we do try to separate these two, it would make it much easier for someone to understand the size constraints for forming the initial packet. |
| network path from the client to the server supports a reasonable Path Maximum | ||
| Transmission Unit (PMTU). This also helps reduce the amplitude of amplification | ||
| attacks caused by server responses toward an unverified client address; see | ||
| {{address-validation}}. | ||
|
|
||
| Datagrams containing Initial packets MAY exceed 1200 bytes if the client |
There was a problem hiding this comment.
Needs to be 1200B of payload? (We need to be careful about which layer these numbers are describing, since the datagram itself will be larger.
There was a problem hiding this comment.
I think we caught this in #3742.
|
Regarding the sizing of Initial packets, see #3746. I checked the text for probing and we have "PMTUD probe" in one case and "probing packet" elsewhere. It's not ideal, but I didn't see any cases that were clearly busted. I don't have a good idea for alternative labels, but would welcome suggestions. |
This is #3693 with some minor additional changes:
Closes #3693.
Closes #3695.