From c2e7001c1579486f608250e43b6b4669eae77bd2 Mon Sep 17 00:00:00 2001 From: ianswett Date: Wed, 9 Sep 2020 17:11:48 -0400 Subject: [PATCH 1/5] Three times PTOs allows PTO to expire I believe these two cases are both 3*PTO to allow the PTO to expire at least once before declaring path validation failure and idle timeout. Fixes #3987 --- draft-ietf-quic-transport.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 243b7ca53e..370ed20dfc 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2221,6 +2221,10 @@ defined in {{QUIC-RECOVERY}} is RECOMMENDED. That is: validation_timeout = max(3*PTO, 6*kInitialRtt) ~~~ +This timeout allows for multiple PTOs to expire prior to failing path +validation, allowing for at least one path validation to be lost before +declaring failure. + Note that the endpoint might receive packets containing other frames on the new path, but a PATH_RESPONSE frame with appropriate data is required for path validation to succeed. @@ -2703,6 +2707,8 @@ ensures that connections are not closed after new activity is initiated. To avoid excessively small idle timeout periods, endpoints MUST increase the idle timeout period to be at least three times the current Probe Timeout (PTO). +This allows for multiple PTOs to expire prior to idle timeout, allowing for at +least one path packet to be lost timing out the connection. ### Liveness Testing From a8d729daa9a325b4dd9a559432e224f107d06275 Mon Sep 17 00:00:00 2001 From: ianswett Date: Wed, 9 Sep 2020 17:13:44 -0400 Subject: [PATCH 2/5] Update draft-ietf-quic-transport.md --- draft-ietf-quic-transport.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 370ed20dfc..9549a00e2a 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2222,8 +2222,7 @@ defined in {{QUIC-RECOVERY}} is RECOMMENDED. That is: ~~~ This timeout allows for multiple PTOs to expire prior to failing path -validation, allowing for at least one path validation to be lost before -declaring failure. +validation, ensuring one packet loss does not cause path validation failure. Note that the endpoint might receive packets containing other frames on the new path, but a PATH_RESPONSE frame with appropriate data is required for path @@ -2708,7 +2707,7 @@ ensures that connections are not closed after new activity is initiated. To avoid excessively small idle timeout periods, endpoints MUST increase the idle timeout period to be at least three times the current Probe Timeout (PTO). This allows for multiple PTOs to expire prior to idle timeout, allowing for at -least one path packet to be lost timing out the connection. +least one packet to be lost prior to idle timeout. ### Liveness Testing From c631004c1904a51d524a6a0520c4e33c0ff7f3d5 Mon Sep 17 00:00:00 2001 From: ianswett Date: Wed, 9 Sep 2020 19:17:44 -0400 Subject: [PATCH 3/5] Update draft-ietf-quic-transport.md Co-authored-by: Jana Iyengar --- draft-ietf-quic-transport.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 9549a00e2a..10ef1d9d00 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2222,7 +2222,8 @@ defined in {{QUIC-RECOVERY}} is RECOMMENDED. That is: ~~~ This timeout allows for multiple PTOs to expire prior to failing path -validation, ensuring one packet loss does not cause path validation failure. +validation, so that loss of a single PATH_CHALLENGE or PATH_RESPONSE frame +does not cause path validation failure. Note that the endpoint might receive packets containing other frames on the new path, but a PATH_RESPONSE frame with appropriate data is required for path From 6134b86d61607107ee1c27d13aabf908926bab9a Mon Sep 17 00:00:00 2001 From: ianswett Date: Wed, 9 Sep 2020 19:19:13 -0400 Subject: [PATCH 4/5] Ralith's suggestion --- draft-ietf-quic-transport.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 10ef1d9d00..f27f71e05f 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2707,8 +2707,8 @@ ensures that connections are not closed after new activity is initiated. To avoid excessively small idle timeout periods, endpoints MUST increase the idle timeout period to be at least three times the current Probe Timeout (PTO). -This allows for multiple PTOs to expire prior to idle timeout, allowing for at -least one packet to be lost prior to idle timeout. +This allows for multiple PTOs to expire prior to idle timeout, ensuring a single +packet loss event cannot cause an idle timeout. ### Liveness Testing From 36e479a5c2a3e61b1b6432792a3b5fa7e9831fd9 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Thu, 10 Sep 2020 11:49:41 +1000 Subject: [PATCH 5/5] I think that this is better Co-authored-by: ianswett --- draft-ietf-quic-transport.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index f27f71e05f..0a9be09373 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2707,8 +2707,8 @@ ensures that connections are not closed after new activity is initiated. To avoid excessively small idle timeout periods, endpoints MUST increase the idle timeout period to be at least three times the current Probe Timeout (PTO). -This allows for multiple PTOs to expire prior to idle timeout, ensuring a single -packet loss event cannot cause an idle timeout. +This allows for multiple PTOs to expire prior to idle timeout, ensuring the idle +timeout does not expire as a result of a single packet loss. ### Liveness Testing