New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Try to make ECN validation more robust #3779
Closed
Closed
Changes from all commits
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
|
@@ -3816,25 +3816,40 @@ validation using ECT(1) counts. | |||||
|
||||||
#### Receiving ACK Frames {#ecn-ack} | ||||||
|
||||||
An endpoint that sets ECT(0) or ECT(1) codepoints on packets it transmits MUST | ||||||
use the following steps on receiving an ACK frame to validate ECN. | ||||||
An endpoint that sets ECT(0) or ECT(1) codepoints on packets records the ECN | ||||||
counts it has received in ACK frames. When processing an ACK frame, the | ||||||
endpoint MUST validate the increase in ECN counts based on the markings that | ||||||
were applied to packets that are newly acknowledged. | ||||||
|
||||||
ECN validation involves the following checks: | ||||||
|
||||||
* If this ACK frame newly acknowledges a packet that the endpoint sent with | ||||||
either ECT(0) or ECT(1) codepoints set, and if no ECN feedback is present in | ||||||
the ACK frame, validation fails. This step protects against both a network | ||||||
element that zeroes out ECN bits and a peer that is unable to access ECN | ||||||
markings, since the peer could respond without ECN feedback in these cases. | ||||||
|
||||||
* For validation to succeed, the total increase in ECT(0), ECT(1), and CE counts | ||||||
MUST be no smaller than the total number of QUIC packets sent with an ECT | ||||||
codepoint that are newly acknowledged in this ACK frame. This step detects | ||||||
any network remarking from ECT(0), ECT(1), or CE codepoints to Not-ECT. | ||||||
|
||||||
* Any increase in either ECT(0) or ECT(1) counts, plus any increase in the CE | ||||||
count, MUST be no smaller than the number of packets sent with the | ||||||
corresponding ECT codepoint that are newly acknowledged in this ACK frame. | ||||||
This step detects any erroneous network remarking from ECT(0) to ECT(1) (or | ||||||
vice versa). | ||||||
either ECT(0) or ECT(1) codepoints set, ECN validation fails if ECN counts | ||||||
are not present in the ACK frame. This check protects against both a network | ||||||
element that removes ECN markings or a peer that is unable to access ECN | ||||||
markings, since the peer could respond without ECN feedback in either case. | ||||||
|
||||||
* ECN validation fails if the sum of the increase in ECT(0) and ECT(1) counts, | ||||||
plus any increase in the ECN-CE count is less than the number of packets sent | ||||||
with the corresponding ECT codepoint. This check can detect removal of ECN | ||||||
markings. | ||||||
|
||||||
* ECN validation fails if any unaccounted for increase in the sum of ECT(0) and | ||||||
ECN-CE counts, plus any unaccounted for increase in the sum of ECT(1) and | ||||||
ECN-CE counts, less any unaccounted for increase in the sum of the ECT(0), | ||||||
ECT(1), and ECN-CE counts is not between zero and the overall increase to the | ||||||
ECN-CE count from this ACK frame. An unaccounted for increase is determined | ||||||
by subtracting the number of newly acknowledged packets that were originally | ||||||
sent with the corresponding mark from the increase in counts reported in the | ||||||
ACK frame. This check can detect erroneous changes between ECT(0) and | ||||||
ECT(1) markings in the network. | ||||||
|
||||||
An endpoint MAY also validate total counts based on the total number of packets | ||||||
that it sent with with a given marking. In that case, ECN validation can also | ||||||
be performed based on total counts rather than increases. As a special case, | ||||||
an endpoint that never applies a particular marking can fail validation when a | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||
non-zero count for that marking is received. This check can detect when | ||||||
packets are marked ECT(0) or ECT(1) in the network. | ||||||
|
||||||
Processing ECN counts out of order can result in validation failure. An | ||||||
endpoint SHOULD NOT perform this validation if this ACK frame does not advance | ||||||
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.