Closing and draining tidy #3988
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I took a careful look at the text here and found a few things: 1. There wasn't much redundancy, but there was a little. 2. The closing and draining states only apply to immediate close. So I moved things up. Shortened the top-level immediate close text, and moved text specific to closing or draining to the corresponding sections. There were a few bits that could be cut, and a few that needed to be better aligned with existing text, but nothing major. Most of this is unmodified text. There are a few bits that I had to rewrite. I will add comments for those. Closes #3907.
martinthomson
added
editorial
martinthomson
commented
Aug 6, 2020
draft-ietf-quic-transport.md
Outdated
Comment on lines
2738
to
2740
| After sending a CONNECTION_CLOSE frame, an endpoint immediately enters the | ||
| closing state. | ||
| closing state; see {{closing}}. After receiving a CONNECTION_CLOSE frame, | ||
| endpoints enter the draining state; see {{draining}}. |
There was a problem hiding this comment.
This is a new consolidated introduction. It's all the functional requirements that are relevant to this section.
draft-ietf-quic-transport.md
Outdated
Comment on lines
2777
to
2778
| An endpoint MAY drop packet protection keys when starting the closing period | ||
| and send a packet containing a CONNECTION_CLOSE in response to any UDP datagram |
There was a problem hiding this comment.
This changes to use MAY instead of "is allowed to".
Otherwise, this changes only to remove the self-reference (and s/entering/starting).
draft-ietf-quic-transport.md
Outdated
Comment on lines
2795
to
2802
| While in the closing period, an endpoint could receive packets from a new | ||
| source address, indicating a connection migration; see {{migration}}. New | ||
| packets from unverified addresses could be used to create an amplification | ||
| attack; see {{address-validation}}. To avoid being used for an amplication | ||
| attack, an endpoint in the closing state MUST either discard packets received | ||
| from unvalidated addresses or limit the cumulative size of packets it sends to | ||
| unvalidated addresses to 3 times the size of packets it receives from the | ||
| address. |
There was a problem hiding this comment.
This required a little better alignment with the other text above. The sentence "To avoid being used for an amplification attack" is now the same in both places.
Comment on lines
+2811
to
+2815
| The draining state is entered once an endpoint receives a CONNECTION_CLOSE | ||
| frame, which indicates that its peer is closing or draining. While otherwise | ||
| identical to the closing state, an endpoint in the draining state MUST NOT send | ||
| any packets. Retaining packet protection keys is unnecessary once a connection | ||
| is in the draining state. |
There was a problem hiding this comment.
We used to think that you could enter draining as a result of a stateless reset or idle timeout. That is no longer the case, so this just mentions CONNECTION_CLOSE directly.
draft-ietf-quic-transport.md
Outdated
| same end time, but cease retransmission of the closing packet. | ||
|
|
||
|
|
||
| ### Terminal Connection State |
There was a problem hiding this comment.
This stuff is awkward. I will move it up into the introductory part instead.
And a few grammar fixes
Also stop using 'closing period', which is confusing.
martinthomson
commented
Aug 6, 2020
draft-ietf-quic-transport.md
Outdated
Comment on lines
2773
to
2789
| In the closing state, an endpoint retains only enough information to generate a | ||
| packet containing a CONNECTION_CLOSE frame and to identify packets as belonging | ||
| to the connection. An endpoint in the closing state sends a packet containing a | ||
| CONNECTION_CLOSE frame in response to any incoming packet that it attributes to | ||
| the connection. | ||
|
|
||
| An endpoint SHOULD limit the rate at which it generates packets in the closing | ||
| state. For instance, an endpoint could wait for a progressively increasing | ||
| number of received packets or amount of time before responding to received | ||
| packets. | ||
|
|
||
| The endpoint's selected connection ID and the QUIC version are sufficient | ||
| information to identify packets for a closing connection; an endpoint MAY | ||
| discard all other connection state. An endpoint that is closing is not required | ||
| to process the frames contained in packets. An endpoint MAY retain packet | ||
| protection keys for incoming packets to allow it to read and process a | ||
| CONNECTION_CLOSE frame. |
There was a problem hiding this comment.
This is factored fairly heavily.
draft-ietf-quic-transport.md
Outdated
Comment on lines
2791
to
2799
| An endpoint MAY drop packet protection keys when entering the closing state | ||
| and send a packet containing a CONNECTION_CLOSE in response to any UDP datagram | ||
| that is received. However, an endpoint that discards packet protection keys | ||
| cannot identify and discard invalid packets. To avoid being used for an | ||
| amplication attack, such endpoints MUST limit the cumulative size of packets | ||
| containing a CONNECTION_CLOSE frame to 3 times the cumulative size of the | ||
| packets that cause those packets to be sent. To minimize the state that an | ||
| endpoint maintains for a closing connection, endpoints MAY send the exact same | ||
| packet. |
There was a problem hiding this comment.
This is only factored lightly:
use MAY in place of "is allowed to"
use state instead of period
remove self-reference
draft-ietf-quic-transport.md
Outdated
Comment on lines
2742
to
2766
| An immediate close can be used after an application protocol has arranged to | ||
| close a connection. This might be after the application protocols negotiates a | ||
| graceful shutdown. The application protocol exchanges whatever messages that | ||
| are needed to cause both endpoints to agree to close the connection, after which | ||
| the application requests that the connection be closed. When the application | ||
| closes the connection, a CONNECTION_CLOSE frame with an appropriate error code | ||
| will be used to signal closure. | ||
|
|
||
| The closing and draining connection states exist to ensure that connections | ||
| close cleanly and that delayed or reordered packets are properly discarded. | ||
| These states SHOULD persist for at least three times the current Probe Timeout | ||
| (PTO) interval as defined in {{QUIC-RECOVERY}}. | ||
|
|
||
| Disposing of connection state prior to the exiting the closing or draining state | ||
| could cause delayed or reordered packets to generate an unnecessary stateless | ||
| reset. Endpoints that have some alternative means to ensure that late-arriving | ||
| packets on the connection do not induce a response, such as those that are able | ||
| to close the UDP socket, MAY end these states earlier to allow | ||
| for faster resource recovery. Servers that retain an open socket for accepting | ||
| new connections SHOULD NOT end the closing or draining states early. | ||
|
|
||
| Once the closing or draining state ends, an endpoint SHOULD discard all | ||
| connection state. This results in new packets on the connection being handled | ||
| generically. For instance, an endpoint MAY send a stateless reset in response | ||
| to any further incoming packets. |
There was a problem hiding this comment.
This stuff is mostly just reordered. The main change is to talk about states rather than periods, for consistency reasons.
draft-ietf-quic-transport.md
Outdated
|
|
||
| ### Closing Connection State {#closing} | ||
|
|
||
| An endpoint enters a closing state after initiating an immediate close. |
There was a problem hiding this comment.
Removed a self-reference here, that's all.
nibanks
reviewed
Aug 6, 2020
ianswett
reviewed
Aug 11, 2020
draft-ietf-quic-transport.md
Outdated
|
|
||
| Once the closing or draining state ends, an endpoint SHOULD discard all | ||
| connection state. This results in new packets on the connection being handled | ||
| generically. For instance, an endpoint MAY send a stateless reset in response |
There was a problem hiding this comment.
This sentence is not very helpful, so I'd remove it unless you have a better suggestion.
Co-authored-by: ianswett <ianswett@users.noreply.github.com>
martinthomson
commented
Aug 11, 2020
MikeBishop
approved these changes
Aug 11, 2020
Co-authored-by: Mike Bishop <mbishop@evequefou.be>
|
@janaiyengar, you can add this to your review load. |
janaiyengar
reviewed
Aug 27, 2020
Co-authored-by: Jana Iyengar <jri.ietf@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I took a careful look at the text here and found a few things:
There wasn't much redundancy, but there was a little. Mostly the problem was scattering of content between two locations in the document.
The closing and draining states only apply to immediate close.
So I moved things up. I trimmed the top-level immediate close text, and moved text specific to closing or draining to sections corresponding to each.
There were a few bits that could be cut, and a few that needed to be better aligned with existing text, but nothing major. Most of this is unmodified text.
There are a few bits that I had to tweak. I will add comments for those.
Closes #3907.