Sowmini's comments

draft-duke-quic-load-balancers.md

@@ -64,7 +64,9 @@ packets with different address/port 4-tuples to the same connection context.
 This feature makes connections robust in the event of NAT rebinding.  QUIC
 endpoints designate the connection ID which peers use to address packets.
 Server-generated connection IDs create a potential need for out-of-band
-communication to support QUIC.
+communication to support QUIC. Any QUIC packet header has a Destination
+Connection ID (DCID) field, which generally contains the ID generated by the
+destination.
 
 QUIC allows servers (or load balancers) to designate an initial connection ID to
 encode useful routing information for load balancers.  It also encourages
@@ -182,7 +184,7 @@ viable path must obviously admit QUIC traffic.
 ## Load Balancer Chains
 
 While it is possible to construct a scheme that supports multiple low-state load
-balancers in the path, by using different parts of the connection ID to encoding
+balancers in the path, by using different parts of the connection ID to encode
 routing information for each load balancer, this use case is out of scope for
 QUIC-LB.
 
@@ -227,11 +229,11 @@ accelerate this process.
 
 If a server is configured to expect QUIC-LB messages, and it has not received
 these, it MUST generate connection IDs with the config rotation bits set to
-'0b11' and MUST use the "disable_migration" transport parameter in all new
-QUIC connections. It MUST NOT send NEW_CONNECTION_ID frames with new values.
+'11' and MUST use the "disable_migration" transport parameter in all new QUIC
+connections. It MUST NOT send NEW_CONNECTION_ID frames with new values.
 
 A load balancer that sees a connection ID with config rotation bits set to
-'0b11' MUST revert to 5-tuple routing.
+'11' MUST revert to 5-tuple routing.
 
 ## Length Self-Description
 
@@ -259,16 +261,22 @@ connection IDs.
 The algorithms differ in the complexity of configuration at both load balancer
 and server. Increasing complexity improves obfuscation of the server mapping.
 
-The load balancer SHOULD route Initial and 0-RTT packets from the client using
-an alternate algorithm. Note that the SCID in these packets may not be long
-enough to represent all the routing bits.  This algorithm SHOULD generate
-consistent results for Initial and 0RTT packets that arrive with the same source
-and destination connection ID.  The load balancer algorithms below apply to all
-incoming Handshake and 1-RTT packets.
+The load balancer MUST use routing logic that can handle DCIDs in QUIC long
+headers with a length shorter than expected by its algorithm. In QUIC version 1,
+both Initial and 0RTT packets have DCIDs chosen by the client. It SHOULD
+consistently route packets with a given DCID to the same server, so that
+the 0RTT packets arrive at a server with the necessary context. Aside from the
+constraints above, the load balancer may use any such algorithm without server
+coordination.
+
+The load balancer MUST NOT make the routing behavior dependent on any bits in
+the first octet of the QUIC packet header, except the first bit, which indicates
+a long header. All other bits are QUIC version-dependent and intermediaries
+should not build their design on version-specific templates.
 
 There are situations where a server pool might be operating two or more routing
 algorithms or parameter sets simultaneously.  The load balancer uses the first
-two bits of the connection ID to multiplex incoming SCIDs over these schemes.
+two bits of the connection ID to multiplex incoming DCIDs over these schemes.
 
 ## Plaintext CID Algorithm {#plaintext-cid-algorithm}
 
@@ -310,11 +318,9 @@ in consecutive octets beginning with the second. All other bits in the
 connection ID, except for the config rotation bits, MAY be set to any other
 value. These other bits SHOULD appear random to observers.
 
-The figure below clarifies the format. The first two bits are reserved for
-config rotation. The server can assign the next 6 bits to any value. The
-specified number of bytes encodes the server ID, and the server may decide
-how many trailing octets of information to include up to the QUICv1 limit
-of 20-octet CIDs.
+The first two bits are reserved for config rotation. The server can assign the
+next 6 bits to any value. The specified number of bytes encodes the server ID,
+and the server may decide how many trailing octets of information to include up to the CID length limit for the QUIC version (20 octets in QUICv1).
 
 ## Obfuscated CID Algorithm {#obfuscated-cid-algorithm}
 
@@ -423,11 +429,10 @@ Upon receipt of a QUIC packet that is not of type Initial or 0-RTT, the load
 balancer extracts as many of the earliest octets from the destination connection
 ID as necessary to match the nonce length. The server ID immediately follows.
 
-The load balancer decrypts the server ID using 128-bit AES Electronic Codebook (ECB)
-mode, much like QUIC header protection. The nonce octets are padded to 16 octets
-using the as many of the first octets of the token as necessary. AES-ECB encrypts
-this nonce using its key to generate a mask which it applies to the encrypted
-server id.
+The load balancer decrypts the server ID using 128-bit AES Electronic Codebook
+(ECB) mode, much like QUIC header protection. The nonce octets are zero-padded
+to 16 octets.  AES-ECB encrypts this nonce using its key to generate a mask
+which it applies to the encrypted server id.
 
 server_id = encrypted_server_id ^ AES-ECB(key, padded-nonce)
 
@@ -520,13 +525,19 @@ AES-ECB cipher.
 
 # Retry Service {#retry-offload}
 
-When a server is under load, QUIC allows it to defer storage of connection state
-until the client proves it can receive packets at its advertised IP address.
-Through the use of a Retry packet, a token in subsequent client Initial
-packets, and the original_connection_id transport parameter, servers verify
-address ownership and clients verify that there is no "man in the middle"
+When a server is under load, QUICv1 allows it to defer storage of connection
+state until the client proves it can receive packets at its advertised IP
+address.  Through the use of a Retry packet, a token in subsequent client
+Initial packets, and the original_connection_id transport parameter, servers
+verify address ownership and clients verify that there is no "man in the middle"
 generating Retry packets.
 
+As a trusted Retry Service is literally a "man in the middle," the service must
+communicate the original_connection_id back to the server so that in can pass
+client verification. It also must either verify the address itself (with the
+server trusting this verification) or make sure there is common context for the
+server to verify the address using a service-generated token.
+
 There are two different mechanisms to allow offload of DoS mitigation to a
 trusted network service. One requires no shared state; the server need only be
 configured to trust a retry service, though this imposes other operational
@@ -547,6 +558,8 @@ A retry service MUST forward all packets for a QUIC version it does not
 understand. Note that if servers support versions the retry service does not,
 this may unacceptably increase loads on the servers. However, dropping these
 packets would introduce chokepoints to block deployment of new QUIC versions.
+Note that future versions of QUIC might not have Retry packets, or require
+different information.
 
 ## No-Shared-State Retry Service
 
@@ -581,6 +594,7 @@ Retry tokens generated by the service MUST have the format below.
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                     Opaque Data (variable)                    |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+~~~~~
 {: #nss-retry-service-token-format title="Format of non-shared-state retry service tokens"}
 
 The first bit of retry tokens generated by the service must be zero. The token
@@ -1155,6 +1169,11 @@ There are no IANA requirements.
 > **RFC Editor's Note:**  Please remove this section prior to
 > publication of a final version of this document.
 
+## Since draft-duke-quic-load-balancers-05
+- Editorial changes
+- Made load balancer behavior independent of QUIC version
+- Got rid of token in stream cipher encoding, because server might not have it
+
 ## Since draft-duke-quic-load-balancers-04
 - Added standard for retry services