One document matched: draft-paasch-mptcp-syncookies-00.ps
%!PS-Adobe-3.0
%%BoundingBox: 24 24 571 818
%%Title: Enscript Output
%%For: Christoph Paasch
%%Creator: GNU Enscript 1.6.6
%%CreationDate: Mon Apr 27 13:36:53 2015
%%Orientation: Portrait
%%Pages: (atend)
%%DocumentMedia: A4 595 842 0 () ()
%%DocumentNeededResources: (atend)
%%EndComments
%%BeginProlog
%%BeginResource: procset Enscript-Prolog 1.6 6
%
% Procedures.
%
/_S { % save current state
/_s save def
} def
/_R { % restore from saved state
_s restore
} def
/S { % showpage protecting gstate
gsave
showpage
grestore
} bind def
/MF { % fontname newfontname -> - make a new encoded font
/newfontname exch def
/fontname exch def
/fontdict fontname findfont def
/newfont fontdict maxlength dict def
fontdict {
exch
dup /FID eq {
% skip FID pair
pop pop
} {
% copy to the new font dictionary
exch newfont 3 1 roll put
} ifelse
} forall
newfont /FontName newfontname put
% insert only valid encoding vectors
encoding_vector length 256 eq {
newfont /Encoding encoding_vector put
} if
newfontname newfont definefont pop
} def
/MF_PS { % fontname newfontname -> - make a new font preserving its enc
/newfontname exch def
/fontname exch def
/fontdict fontname findfont def
/newfont fontdict maxlength dict def
fontdict {
exch
dup /FID eq {
% skip FID pair
pop pop
} {
% copy to the new font dictionary
exch newfont 3 1 roll put
} ifelse
} forall
newfont /FontName newfontname put
newfontname newfont definefont pop
} def
/SF { % fontname width height -> - set a new font
/height exch def
/width exch def
findfont
[width 0 0 height 0 0] makefont setfont
} def
/SUF { % fontname width height -> - set a new user font
/height exch def
/width exch def
/F-gs-user-font MF
/F-gs-user-font width height SF
} def
/SUF_PS { % fontname width height -> - set a new user font preserving its enc
/height exch def
/width exch def
/F-gs-user-font MF_PS
/F-gs-user-font width height SF
} def
/M {moveto} bind def
/s {show} bind def
/Box { % x y w h -> - define box path
/d_h exch def /d_w exch def /d_y exch def /d_x exch def
d_x d_y moveto
d_w 0 rlineto
0 d_h rlineto
d_w neg 0 rlineto
closepath
} def
/bgs { % x y height blskip gray str -> - show string with bg color
/str exch def
/gray exch def
/blskip exch def
/height exch def
/y exch def
/x exch def
gsave
x y blskip sub str stringwidth pop height Box
gray setgray
fill
grestore
x y M str s
} def
/bgcs { % x y height blskip red green blue str -> - show string with bg color
/str exch def
/blue exch def
/green exch def
/red exch def
/blskip exch def
/height exch def
/y exch def
/x exch def
gsave
x y blskip sub str stringwidth pop height Box
red green blue setrgbcolor
fill
grestore
x y M str s
} def
% Highlight bars.
/highlight_bars { % nlines lineheight output_y_margin gray -> -
gsave
setgray
/ymarg exch def
/lineheight exch def
/nlines exch def
% This 2 is just a magic number to sync highlight lines to text.
0 d_header_y ymarg sub 2 sub translate
/cw d_output_w cols div def
/nrows d_output_h ymarg 2 mul sub lineheight div cvi def
% for each column
0 1 cols 1 sub {
cw mul /xp exch def
% for each rows
0 1 nrows 1 sub {
/rn exch def
rn lineheight mul neg /yp exch def
rn nlines idiv 2 mod 0 eq {
% Draw highlight bar. 4 is just a magic indentation.
xp 4 add yp cw 8 sub lineheight neg Box fill
} if
} for
} for
grestore
} def
% Line highlight bar.
/line_highlight { % x y width height gray -> -
gsave
/gray exch def
Box gray setgray fill
grestore
} def
% Column separator lines.
/column_lines {
gsave
.1 setlinewidth
0 d_footer_h translate
/cw d_output_w cols div def
1 1 cols 1 sub {
cw mul 0 moveto
0 d_output_h rlineto stroke
} for
grestore
} def
% Column borders.
/column_borders {
gsave
.1 setlinewidth
0 d_footer_h moveto
0 d_output_h rlineto
d_output_w 0 rlineto
0 d_output_h neg rlineto
closepath stroke
grestore
} def
% Do the actual underlay drawing
/draw_underlay {
ul_style 0 eq {
ul_str true charpath stroke
} {
ul_str show
} ifelse
} def
% Underlay
/underlay { % - -> -
gsave
0 d_page_h translate
d_page_h neg d_page_w atan rotate
ul_gray setgray
ul_font setfont
/dw d_page_h dup mul d_page_w dup mul add sqrt def
ul_str stringwidth pop dw exch sub 2 div ul_h_ptsize -2 div moveto
draw_underlay
grestore
} def
/user_underlay { % - -> -
gsave
ul_x ul_y translate
ul_angle rotate
ul_gray setgray
ul_font setfont
0 0 ul_h_ptsize 2 div sub moveto
draw_underlay
grestore
} def
% Page prefeed
/page_prefeed { % bool -> -
statusdict /prefeed known {
statusdict exch /prefeed exch put
} {
pop
} ifelse
} def
% Wrapped line markers
/wrapped_line_mark { % x y charwith charheight type -> -
/type exch def
/h exch def
/w exch def
/y exch def
/x exch def
type 2 eq {
% Black boxes (like TeX does)
gsave
0 setlinewidth
x w 4 div add y M
0 h rlineto w 2 div 0 rlineto 0 h neg rlineto
closepath fill
grestore
} {
type 3 eq {
% Small arrows
gsave
.2 setlinewidth
x w 2 div add y h 2 div add M
w 4 div 0 rlineto
x w 4 div add y lineto stroke
x w 4 div add w 8 div add y h 4 div add M
x w 4 div add y lineto
w 4 div h 8 div rlineto stroke
grestore
} {
% do nothing
} ifelse
} ifelse
} def
% EPSF import.
/BeginEPSF {
/b4_Inc_state save def % Save state for cleanup
/dict_count countdictstack def % Count objects on dict stack
/op_count count 1 sub def % Count objects on operand stack
userdict begin
/showpage { } def
0 setgray 0 setlinecap
1 setlinewidth 0 setlinejoin
10 setmiterlimit [ ] 0 setdash newpath
/languagelevel where {
pop languagelevel
1 ne {
false setstrokeadjust false setoverprint
} if
} if
} bind def
/EndEPSF {
count op_count sub { pos } repeat % Clean up stacks
countdictstack dict_count sub { end } repeat
b4_Inc_state restore
} bind def
% Check PostScript language level.
/languagelevel where {
pop /gs_languagelevel languagelevel def
} {
/gs_languagelevel 1 def
} ifelse
%%EndResource
%%BeginResource: procset Enscript-Encoding-88591 1.6 6
/encoding_vector [
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/space /exclam /quotedbl /numbersign
/dollar /percent /ampersand /quoteright
/parenleft /parenright /asterisk /plus
/comma /hyphen /period /slash
/zero /one /two /three
/four /five /six /seven
/eight /nine /colon /semicolon
/less /equal /greater /question
/at /A /B /C
/D /E /F /G
/H /I /J /K
/L /M /N /O
/P /Q /R /S
/T /U /V /W
/X /Y /Z /bracketleft
/backslash /bracketright /asciicircum /underscore
/quoteleft /a /b /c
/d /e /f /g
/h /i /j /k
/l /m /n /o
/p /q /r /s
/t /u /v /w
/x /y /z /braceleft
/bar /braceright /tilde /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/space /exclamdown /cent /sterling
/currency /yen /brokenbar /section
/dieresis /copyright /ordfeminine /guillemotleft
/logicalnot /hyphen /registered /macron
/degree /plusminus /twosuperior /threesuperior
/acute /mu /paragraph /bullet
/cedilla /onesuperior /ordmasculine /guillemotright
/onequarter /onehalf /threequarters /questiondown
/Agrave /Aacute /Acircumflex /Atilde
/Adieresis /Aring /AE /Ccedilla
/Egrave /Eacute /Ecircumflex /Edieresis
/Igrave /Iacute /Icircumflex /Idieresis
/Eth /Ntilde /Ograve /Oacute
/Ocircumflex /Otilde /Odieresis /multiply
/Oslash /Ugrave /Uacute /Ucircumflex
/Udieresis /Yacute /Thorn /germandbls
/agrave /aacute /acircumflex /atilde
/adieresis /aring /ae /ccedilla
/egrave /eacute /ecircumflex /edieresis
/igrave /iacute /icircumflex /idieresis
/eth /ntilde /ograve /oacute
/ocircumflex /otilde /odieresis /divide
/oslash /ugrave /uacute /ucircumflex
/udieresis /yacute /thorn /ydieresis
] def
%%EndResource
%%EndProlog
%%BeginSetup
%%IncludeResource: font Courier-Bold
%%IncludeResource: font Courier
/HFpt_w 10 def
/HFpt_h 10 def
/Courier-Bold /HF-gs-font MF
/HF /HF-gs-font findfont [HFpt_w 0 0 HFpt_h 0 0] makefont def
/Courier /F-gs-font MF
/F-gs-font 10 10 SF
/#copies 1 def
% Pagedevice definitions:
gs_languagelevel 1 gt {
<<
/PageSize [595 842]
>> setpagedevice
} if
/d_page_w 547 def
/d_page_h 794 def
/d_header_x 0 def
/d_header_y 794 def
/d_header_w 547 def
/d_header_h 0 def
/d_footer_x 0 def
/d_footer_y 0 def
/d_footer_w 547 def
/d_footer_h 0 def
/d_output_w 547 def
/d_output_h 794 def
/cols 1 def
%%EndSetup
%%Page: (1) 1
%%BeginPageSetup
_S
24 24 translate
/pagenum 1 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 737 M
(MPTCP Working Group C. Paasch) s
5 726 M
(Internet-Draft A. Biswas) s
5 715 M
(Intended status: Experimental D. Haas) s
5 704 M
(Expires: October 29, 2015 Apple, Inc.) s
5 693 M
( April 27, 2015) s
5 660 M
( Making Multipath TCP robust for stateless webservers) s
5 649 M
( draft-paasch-mptcp-syncookies-00) s
5 627 M
(Abstract) s
5 605 M
( This document proposes an extension to Multipath TCP that allows it) s
5 594 M
( to work efficiently with stateless servers. We first identify the) s
5 583 M
( issues around stateless connection establishment using SYN-cookies.) s
5 572 M
( Further, we suggest an extension to Multipath TCP to overcome these) s
5 561 M
( issues and discuss alternatives.) s
5 539 M
(Status of This Memo) s
5 517 M
( This Internet-Draft is submitted in full conformance with the) s
5 506 M
( provisions of BCP 78 and BCP 79.) s
5 484 M
( Internet-Drafts are working documents of the Internet Engineering) s
5 473 M
( Task Force \(IETF\). Note that other groups may also distribute) s
5 462 M
( working documents as Internet-Drafts. The list of current Internet-) s
5 451 M
( Drafts is at http://datatracker.ietf.org/drafts/current/.) s
5 429 M
( Internet-Drafts are draft documents valid for a maximum of six months) s
5 418 M
( and may be updated, replaced, or obsoleted by other documents at any) s
5 407 M
( time. It is inappropriate to use Internet-Drafts as reference) s
5 396 M
( material or to cite them other than as "work in progress.") s
5 374 M
( This Internet-Draft will expire on October 29, 2015.) s
5 352 M
(Copyright Notice) s
5 330 M
( Copyright \(c\) 2015 IETF Trust and the persons identified as the) s
5 319 M
( document authors. All rights reserved.) s
5 297 M
( This document is subject to BCP 78 and the IETF Trust's Legal) s
5 286 M
( Provisions Relating to IETF Documents) s
5 275 M
( \(http://trustee.ietf.org/license-info\) in effect on the date of) s
5 264 M
( publication of this document. Please review these documents) s
5 253 M
( carefully, as they describe your rights and restrictions with respect) s
5 242 M
( to this document. Code Components extracted from this document must) s
5 231 M
( include Simplified BSD License text as described in Section 4.e of) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 1]) s
_R
S
%%Page: (2) 2
%%BeginPageSetup
_S
24 24 translate
/pagenum 2 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( the Trust Legal Provisions and are provided without warranty as) s
5 726 M
( described in the Simplified BSD License.) s
5 704 M
(Table of Contents) s
5 682 M
( 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2) s
5 671 M
( 2. Problem statement . . . . . . . . . . . . . . . . . . . . . . 3) s
5 660 M
( 3. Proposal . . . . . . . . . . . . . . . . . . . . . . . . . . 4) s
5 649 M
( 3.1. Loss of the third ACK . . . . . . . . . . . . . . . . . . 4) s
5 638 M
( 3.1.1. Negotiation . . . . . . . . . . . . . . . . . . . . . 6) s
5 627 M
( 3.1.2. DATA_FIN . . . . . . . . . . . . . . . . . . . . . . 6) s
5 616 M
( 3.1.3. Middlebox considerations . . . . . . . . . . . . . . 6) s
5 605 M
( 3.2. Loss of the first data segment . . . . . . . . . . . . . 7) s
5 594 M
( 4. Alternative solutions . . . . . . . . . . . . . . . . . . . . 8) s
5 583 M
( 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9) s
5 572 M
( 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9) s
5 561 M
( 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9) s
5 550 M
( 7.1. Normative References . . . . . . . . . . . . . . . . . . 9) s
5 539 M
( 7.2. Informative References . . . . . . . . . . . . . . . . . 9) s
5 528 M
( Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9) s
5 506 M
(1. Introduction) s
5 484 M
( During the establishment of a TCP connection, a server must create) s
5 473 M
( state upon the reception of the SYN [RFC0793]. Specifically, it) s
5 462 M
( needs to generate an initial sequence number, and reply to the) s
5 451 M
( options indicated in the SYN. The server typically maintains in-) s
5 440 M
( memory state for the embryonic connection, including state about what) s
5 429 M
( options were negotiated, such as window scale factor [RFC7323] and) s
5 418 M
( the maximum segment size. It also maintains state about whether SACK) s
5 407 M
( [RFC2018] and TCP Timestamps were negotiated during the 3-way) s
5 396 M
( handshake.) s
5 374 M
( Attackers exploit this state creation on the server through the SYN-) s
5 363 M
( flooding attack. Indeed, an attacker only needs to emit SYN segments) s
5 352 M
( with different 4-tuples \(source and destination IP addresses and port) s
5 341 M
( numbers\) in order to make the server create the state and thus) s
5 330 M
( consume its memory, while the attacker itself does not need to) s
5 319 M
( maintain any state for such an attack [RFC4987].) s
5 297 M
( A common mitigation of this attack is to use a mechanism called SYN-) s
5 286 M
( cookies. SYN-cookies relies on the fact that a TCP-connection echoes) s
5 275 M
( back certain information that the server puts in the SYN/ACK during) s
5 264 M
( the three-way handshake. Notably, the sequence-number is echoed back) s
5 253 M
( in the acknowledgment field as well as the TCP timestamp value inside) s
5 242 M
( the timestamp option. When generating the SYN/ACK, the server) s
5 231 M
( generates these fields in a verifiable fashion. Typically, servers) s
5 220 M
( use the 4-tuple, the client's sequence number plus a local secret) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 2]) s
_R
S
%%Page: (3) 3
%%BeginPageSetup
_S
24 24 translate
/pagenum 3 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( \(which changes over time\) to generate the initial sequence number by) s
5 726 M
( applying a hashing function to the aforementioned fields. Further,) s
5 715 M
( setting certain bits either in the sequence number or the TCP) s
5 704 M
( timestamp value allows to encode for example whether SACK has been) s
5 693 M
( negotiated and what window-scaling has been received [M08]. Upon the) s
5 682 M
( reception of the third ACK, the server can thus verify whether the) s
5 671 M
( acknowledgment number is indeed the reply to a SYN/ACK it has) s
5 660 M
( generated \(using the 4-tuple and the local secret\). Further, it can) s
5 649 M
( decode from the timestamp echo reply the required information) s
5 638 M
( concerning SACK, window scaling and MSS-size.) s
5 616 M
( In case the third ACK is lost during the 3-way handshake of TCP,) s
5 605 M
( stateless servers only work if it's the client who initiates the) s
5 594 M
( communication by sending data to the server - which is commonly the) s
5 583 M
( case in today's application-layer protocols. As the data segment) s
5 572 M
( includes the acknowledgement number for the original SYN/ACK as well) s
5 561 M
( as the TCP timestamp value, the server is able to reconstruct the) s
5 550 M
( connection state even if the third ACK is lost in the network. If) s
5 539 M
( the very first data segment is also lost, then the server is unable) s
5 528 M
( to reconstruct the connection state and will respond to subsequent) s
5 517 M
( data sent by the client with a TCP Reset.) s
5 495 M
( Multipath TCP \(MPTCP [RFC6824]\) is unable to reconstruct the MPTCP) s
5 484 M
( level connection state if the third ack is lost in the network \(as) s
5 473 M
( explained in the following section\). If the first data segment from) s
5 462 M
( the client reaches the server, the server can reconstruct the TCP) s
5 451 M
( state but not the MPTCP state. Such a server can fallback to regular) s
5 440 M
( TCP upon the loss of the third ACK. MPTCP is also prone to the same) s
5 429 M
( problem as regular TCP if the first data segment is also lost.) s
5 407 M
( In the following section a more detailed assessment of the issues) s
5 396 M
( with MPTCP and TCP SYN-cookies is presented. Section 3 then shows) s
5 385 M
( how these issues might get solved.) s
5 363 M
(2. Problem statement) s
5 341 M
( Multipath TCP adds additional state to the 3-way handshake. Notably,) s
5 330 M
( the keys must be stored in the state so that later on new subflows) s
5 319 M
( can be established as well as the initial data sequence number is) s
5 308 M
( known to both hosts. In order to support stateless servers,) s
5 297 M
( Multipath TCP echoes the keys in the third ACK. A stateless server) s
5 286 M
( thus can generate its own key in a verifiable fashion \(similar to the) s
5 275 M
( initial sequence number\), and is able to learn the client's key) s
5 264 M
( through the echo in the third ACK. The reliance on the third ACK) s
5 253 M
( however implies that if this segment gets lost, then the server) s
5 242 M
( cannot reconstruct the state associated to the MPTCP connection.) s
5 231 M
( Indeed, a Multipath TCP connection is forced to fallback to regular) s
5 220 M
( TCP in case the third ACK gets lost or has been reordered with the) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 3]) s
_R
S
%%Page: (4) 4
%%BeginPageSetup
_S
24 24 translate
/pagenum 4 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( first data segment of the client, because it cannot infer the) s
5 726 M
( client's key from the connection and thus won't be able to generate a) s
5 715 M
( valid HMAC to establish new subflows nor does it know the initial) s
5 704 M
( data sequence number. In the remainder of this document we refer to) s
5 693 M
( the aforementioned issue as "Loss of the third ACK".) s
5 671 M
( Another issue with SYN-cookies is also present in regular TCP and) s
5 660 M
( occurs as well due to packet loss. In case the client is sending) s
5 649 M
( multiple segments when initiating the connection, it might be that) s
5 638 M
( the third ack as well as the first data segment get lost. Thus, the) s
5 627 M
( server only receives the second data segment and will try to) s
5 616 M
( reconstruct the state based on this segment's 4-tuple, sequence) s
5 605 M
( number and timestamp value. However, as this segment's sequence) s
5 594 M
( number has already gone beyond the client's initial sequence number,) s
5 583 M
( it will not be able to regenerate the appropriate SYN-cookie and thus) s
5 572 M
( the verification will fail. The server effectively cannot infer that) s
5 561 M
( the sequence number in the segment has gone beyond TCP's initial) s
5 550 M
( sequence number. This will make the server send a TCP reset as it) s
5 539 M
( appears to the server that it received a segment for which no SYN) s
5 528 M
( cookie was ever generated.) s
5 506 M
(3. Proposal) s
5 484 M
( This section shows how the above problems might be solved in) s
5 473 M
( Multipath TCP.) s
5 451 M
(3.1. Loss of the third ACK) s
5 429 M
( In order to make Multipath TCP robust against the loss of the third) s
5 418 M
( ACK when SYN-cookies are being deployed on servers, we must make sure) s
5 407 M
( that the state-information relevant to Multipath TCP reaches the) s
5 396 M
( server in a reliable way. As the client is initiating the data) s
5 385 M
( transfer to the server, and this data is being delivered reliably,) s
5 374 M
( the state-information could be delivered together with this data and) s
5 363 M
( thus is implicitly reliably sent to the server - when the data) s
5 352 M
( reaches the server, the state-information reaches the server as well.) s
5 330 M
( We achieve this by defining a new MPTCP subtype \(called) s
5 319 M
( MP_CAPABLE_EXT\) which is an extension of the existing MP_CAPABLE) s
5 308 M
( option. It is solely sent on the very first data segment from the) s
5 297 M
( client to the server. This option serves the dual purpose of) s
5 286 M
( conveying the client's and server's key as well as the DSS mapping) s
5 275 M
( which would otherwise have been sent in a DSS option on the first) s
5 264 M
( data segment. The MP_CAPABLE_EXT option \(shown in Figure 1\) contains) s
5 253 M
( the same set of bits A to H as well as the version number, like the) s
5 242 M
( MP_CAPABLE option. The server behaves in a stateless manner and thus) s
5 231 M
( has generated it's own key in a verifiable fashion \(e.g., as a hash) s
5 220 M
( of the 4-tuple, sequence number and a local secret - similar to what) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 4]) s
_R
S
%%Page: (5) 5
%%BeginPageSetup
_S
24 24 translate
/pagenum 5 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( is done for the TCP-sequence number in case of SYN-cookies) s
5 726 M
( [RFC4987]\). It is thus able to verify whether it is indeed the) s
5 715 M
( originator of the key echoed back in the MP_CAPABLE_EXT option.) s
5 693 M
( Further, the option includes the data-level length as well as the) s
5 682 M
( checksum \(in case it has been negotiated during the 3-way handshake\).) s
5 671 M
( This allows the server to reconstruct the mapping and deliver the) s
5 660 M
( data to the application. It must be noted that the information) s
5 649 M
( inside the MP_CAPABLE_EXT is less explicit than a DSS option.) s
5 638 M
( Notably, the data-sequence number, data acknowledgment as well as the) s
5 627 M
( relative subflow-sequence number are not part of the MP_CAPABLE_EXT.) s
5 616 M
( Nevertheless, the server is able to reconstruct the mapping because) s
5 605 M
( the MP_CAPABLE_EXT is guaranteed to only be sent on the very first) s
5 594 M
( data segment. Thus, implicitly the relative subflow-sequence number) s
5 583 M
( equals 1 as well as the data-sequence number, which is equal to the) s
5 572 M
( initial data-sequence number.) s
5 550 M
( 1 2 3) s
5 539 M
( 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1) s
5 528 M
( +---------------+---------------+-------+-----------------------+) s
5 517 M
( | Kind | Length=16 |Subtype|Version|A|B|C|D|E|F|G|H|) s
5 506 M
( +---------------+---------------+-------+-----------------------+) s
5 495 M
( | Sender's Key \(64 bits\) |) s
5 484 M
( | |) s
5 473 M
( +---------------+---------------+-------+-----------------------+) s
5 462 M
( | Receiver's Key \(64 bits\) |) s
5 451 M
( | |) s
5 440 M
( +---------------------------------------------------------------+) s
5 429 M
( | Data-Level Length \(2 octets\) | Checksum \(2 octets, optional\) |) s
5 418 M
( +---------------------------------------------------------------+) s
5 396 M
( Format of the new MP_CAPABLE_EXT option.) s
5 374 M
( Figure 1) s
5 352 M
( It must be said that if TCP Fastopen [RFC7413] is being used in) s
5 341 M
( combination with Multipath TCP [I-D.barre-mptcp-tfo], the SYN segment) s
5 330 M
( covering part of the data sequence space might be a concern.) s
5 319 M
( However, if TFO is being used, servers do not employ stateless) s
5 308 M
( connection establishment, thus TFO is not of concern for the) s
5 297 M
( MP_CAPABLE_EXT option.) s
5 275 M
( While the MP_CAPABLE_EXT option lets us recover from loss of the 3rd) s
5 264 M
( ACK of the 3WHS as well as loss of the first data segment, it has the) s
5 253 M
( additional benefit of allowing a client to piggyback data on the 3rd) s
5 242 M
( ACK of the 3WHS of the first MPTCP subflow.) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 5]) s
_R
S
%%Page: (6) 6
%%BeginPageSetup
_S
24 24 translate
/pagenum 6 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
(3.1.1. Negotiation) s
5 715 M
( We require a way for the hosts to negotiate support for the) s
5 704 M
( MP_CAPABLE_EXT option. As it is a new option, MP_CAPABLE_EXT relies) s
5 693 M
( on a new version of MPTCP. The client requests this new version of) s
5 682 M
( MPTCP during the MP_CAPABLE exchange \(it remains to be defined by the) s
5 671 M
( IETF which version of MPTCP includes the MP_CAPABLE_EXT option\). If) s
5 660 M
( the server supports this version, it replies with a SYN/ACK including) s
5 649 M
( the MP_CAPABLE and indicating this same version.) s
5 627 M
( If the server desires to do SYN-cookies and supports receiving the) s
5 616 M
( MP_CAPABLE_EXT option it sets the C-bit to 1. As the client) s
5 605 M
( indicated in the SYN that it supports the new version of MPTCP, it) s
5 594 M
( must use the MP_CAPABLE_EXT option in the first data segment.) s
5 572 M
(3.1.2. DATA_FIN) s
5 550 M
( As the MP_CAPABLE_EXT option includes the same bitfields as the) s
5 539 M
( regular MP_CAPABLE, there is no space to indicate a DATA_FIN as is) s
5 528 M
( done in the DSS option. This implies that a client cannot send a) s
5 517 M
( DATA_FIN together with the first segment of data. Thus, if the) s
5 506 M
( server requests the usage of MP_CAPABLE_EXT through the C-bit, the) s
5 495 M
( client must send a separate segment with the DSS-option, setting the) s
5 484 M
( DATA_FIN-flag to 1, after it has sent the data-segment that includes) s
5 473 M
( the MP_CAPABLE_EXT option.) s
5 451 M
(3.1.3. Middlebox considerations) s
5 429 M
( Multipath TCP has been designed with middleboxes in mind and so the) s
5 418 M
( MP_CAPABLE_EXT option must also be able to go through middleboxes.) s
5 407 M
( The following middlebox behaviors have been considered and) s
5 396 M
( MP_CAPABLE_EXT acts accordingly across these middleboxes:) s
5 374 M
( o Removing MP_CAPABLE_EXT-option: If a middlebox strips the) s
5 363 M
( MP_CAPABLE_EXT option out of the data segment, the server receives) s
5 352 M
( data without a corresponding mapping. As defined in Section 3.6) s
5 341 M
( of [RFC6824], the server must then do a seamless fallback to) s
5 330 M
( regular TCP.) s
5 308 M
( o Coalescing segments: A middlebox might coalesce the first and) s
5 297 M
( second data segment into one single segment. While doing so, it) s
5 286 M
( might remove one of the options \(either MP_CAPABLE_EXT or the DSS-) s
5 275 M
( option of the second segment because of the limited 40 bytes TCP) s
5 264 M
( option space\). If the DSS-option is not included in the segment,) s
5 253 M
( the second half of the payload is not covered by a mapping. Thus,) s
5 242 M
( the server will do a seamless fallback to regular TCP as defined) s
5 231 M
( by [RFC6824]. However, if the MP_CAPABLE_EXT option is not) s
5 220 M
( present, then the DSS-option provides an offset of the TCP) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 6]) s
_R
S
%%Page: (7) 7
%%BeginPageSetup
_S
24 24 translate
/pagenum 7 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( sequence number. As the server behaves statelessly it can only) s
5 726 M
( assume that the present mapping belongs to the first byte of the) s
5 715 M
( payload \(similar to what is explained in detail in Section 3.2.) s
5 704 M
( As this however is not true, it will calculate an incorrect) s
5 693 M
( initial TCP sequence number and thus reply with a TCP-reset as the) s
5 682 M
( SYN-cookie is invalid. As such kind of middleboxes are very rare) s
5 671 M
( we consider this behavior as acceptable.) s
5 649 M
( o Splitting segments: A TCP segmentation offload engine \(TSO\) might) s
5 638 M
( split the first segment in smaller segments and copy the) s
5 627 M
( MP_CAPABLE_EXT option on each of these segments. Thanks to the) s
5 616 M
( data-length value included in the MP_CAPABLE_EXT option, the) s
5 605 M
( server is able to detect this and correctly reconstructs the) s
5 594 M
( mapping. In case the first of these splitted segments gets lost,) s
5 583 M
( the server finds itself in a situation similar to the one) s
5 572 M
( described in Section 2. The TCP sequence number doesn't allow) s
5 561 M
( anymore to verify the SYN-cookie and thus a TCP reset is sent.) s
5 550 M
( This behavior is the same as for regular TCP.) s
5 528 M
( o Payload modifying middlebox: In case the middlebox modifies the) s
5 517 M
( payload, the DSS-checksum included in the MP_CAPABLE_EXT option) s
5 506 M
( allows to detect this and will trigger a fallback to regular TCP) s
5 495 M
( as defined in [RFC6824].) s
5 473 M
(3.2. Loss of the first data segment) s
5 451 M
( Section 2 described the issue of losing the first data segment of a) s
5 440 M
( connection while TCP SYN-cookies are in use. The following outlines) s
5 429 M
( how Multipath TCP actually allows to fix this particular issue.) s
5 407 M
( Consider the packet-flow of Figure 2. Upon reception of the second) s
5 396 M
( data segment, the included data sequence mapping allows the server to) s
5 385 M
( actually detect that this is not the first segment of a TCP) s
5 374 M
( connection. Indeed, the relative subflow sequence number inside the) s
5 363 M
( DSS-mapping is actually 100, indicating that this segment is already) s
5 352 M
( further ahead in the TCP stream. This allows the server to actually) s
5 341 M
( reconstruct the initial sequence number based on the sequence number) s
5 330 M
( in the TCP-header \(\(X+100\) - 100\) that has been provided by the) s
5 319 M
( client and verify whether its SYN-cookie is correct. Thus, no TCP-) s
5 308 M
( reset is being sent - in contrast to regular TCP, where the server) s
5 297 M
( cannot verify the SYN-cookie. The server knows that the received) s
5 286 M
( segment is not the first one of the data stream and thus it can store) s
5 275 M
( it temporarily in the out-of-order queue of the connection. It must) s
5 264 M
( be noted that the server is not yet able to fully reconstruct the) s
5 253 M
( MPTCP state. In order to do this it still must await the) s
5 242 M
( MP_CAPABLE_EXT option that is provided in the first data segment.) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 7]) s
_R
S
%%Page: (8) 8
%%BeginPageSetup
_S
24 24 translate
/pagenum 8 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( The server responds to the out-of-order data with a Duplicate ACK.) s
5 726 M
( The Duplicate ACK may also have SACK data if SACK was negotiated.) s
5 715 M
( However, if this Duplicate ACK does not have an MPTCP level Data ACK,) s
5 704 M
( the client may interpret this as a fallback to TCP. This is because) s
5 693 M
( the client cannot determine if an option stripping middlebox removed) s
5 682 M
( the MPTCP option on TCP segments after connection establishment. So) s
5 671 M
( even though the server has not fully recreated the MPTCP state at) s
5 660 M
( this point, it should respond with a Data ACK set to the Data) s
5 649 M
( Sequence Number Y-100. The client's TCP implementation may) s
5 638 M
( retransmit the first data segment after a TCP retransmit timeout or) s
5 627 M
( it may do so as part of an Early Retransmit that can be triggered by) s
5 616 M
( an ACK arriving from the server.) s
5 594 M
( Host A Host B) s
5 583 M
( ------ ------) s
5 572 M
( SYN + MP_CAPABLE) s
5 561 M
( -------------------------------------------->) s
5 550 M
( SYN/ACK + MP_CAPABLE) s
5 539 M
( <--------------------------------------------) s
5 528 M
( ACK + MP_CAPABLE) s
5 517 M
( -----------------------------------X) s
5 495 M
( DATA \(TCP-seq = X\) + MP_CAPABLE_EXT) s
5 484 M
( -----------------------------------X) s
5 473 M
( DATA \(TCP-seq = X+100\) + DSS \(DSN = Y, subseq = 100\)) s
5 462 M
( --------------------------------------------->) s
5 440 M
( DATA_ACK \(Y - 100\)) s
5 429 M
( <---------------------------------------------) s
5 407 M
( Multipath TCP's DSS option allows to handle the loss of the first) s
5 396 M
( data segment as the host can infer the initial sequence number.) s
5 374 M
( Figure 2) s
5 352 M
(4. Alternative solutions) s
5 330 M
( An alternative solution to creating the MP_CAPABLE_EXT option would) s
5 319 M
( have been to emit the MP_CAPABLE-option together with the DSS-option) s
5 308 M
( on the first data segment. However, as the MP_CAPABLE option is 20) s
5 297 M
( bytes long and the DSS-option \(using 4-byte sequence numbers\)) s
5 286 M
( consumes 16 bytes, a total of 36 bytes of the TCP option space would) s
5 275 M
( be consumed by this approach. This option has been dismissed as it) s
5 264 M
( would prevent any other TCP option in the first data segment, a) s
5 253 M
( constraint that would severely limit TCP's extensibility in the) s
5 242 M
( future.) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 8]) s
_R
S
%%Page: (9) 9
%%BeginPageSetup
_S
24 24 translate
/pagenum 9 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
(5. IANA Considerations) s
5 715 M
( A new codepoint must be allocated for this new MPTCP subtype.) s
5 693 M
(6. Security Considerations) s
5 671 M
( No security considerations.) s
5 649 M
(7. References) s
5 627 M
(7.1. Normative References) s
5 605 M
( [RFC4987] Eddy, W., "TCP SYN Flooding Attacks and Common) s
5 594 M
( Mitigations", RFC 4987, August 2007.) s
5 572 M
( [RFC6824] Ford, A., Raiciu, C., Handley, M., and O. Bonaventure,) s
5 561 M
( "TCP Extensions for Multipath Operation with Multiple) s
5 550 M
( Addresses", RFC 6824, January 2013.) s
5 528 M
(7.2. Informative References) s
5 506 M
( [I-D.barre-mptcp-tfo]) s
5 495 M
( Barre, S., Detal, G., and O. Bonaventure, "TFO support for) s
5 484 M
( Multipath TCP", draft-barre-mptcp-tfo-01 \(work in) s
5 473 M
( progress\), January 2015.) s
5 451 M
( [M08] McManus, P., "Improving syncookies", 2008,) s
5 440 M
( <http://lwn.net/Articles/277146/>.) s
5 418 M
( [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC) s
5 407 M
( 793, September 1981.) s
5 385 M
( [RFC2018] Mathis, M., Mahdavi, J., Floyd, S., and A. Romanow, "TCP) s
5 374 M
( Selective Acknowledgment Options", RFC 2018, October 1996.) s
5 352 M
( [RFC7323] Borman, D., Braden, B., Jacobson, V., and R.) s
5 341 M
( Scheffenegger, "TCP Extensions for High Performance", RFC) s
5 330 M
( 7323, September 2014.) s
5 308 M
( [RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain, "TCP) s
5 297 M
( Fast Open", RFC 7413, December 2014.) s
5 275 M
(Authors' Addresses) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 9]) s
_R
S
%%Page: (10) 10
%%BeginPageSetup
_S
24 24 translate
/pagenum 10 def
/fname (draft-paasch-mptcp-syncookies.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-syncookies.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 770 M
(Internet-Draft Multipath TCP SYN-cookies April 2015) s
5 737 M
( Christoph Paasch) s
5 726 M
( Apple, Inc.) s
5 715 M
( Cupertino) s
5 704 M
( US) s
5 682 M
( Email: cpaasch@apple.com) s
5 649 M
( Anumita Biswas) s
5 638 M
( Apple, Inc.) s
5 627 M
( Cupertino) s
5 616 M
( US) s
5 594 M
( Email: anumita_biswas@apple.com) s
5 561 M
( Darren Haas) s
5 550 M
( Apple, Inc.) s
5 539 M
( Cupertino) s
5 528 M
( US) s
5 506 M
( Email: dhaas@apple.com) s
5 176 M
(Paasch, et al. Expires October 29, 2015 [Page 10]) s
_R
S
%%Trailer
%%Pages: 10
%%DocumentNeededResources: font Courier-Bold Courier
%%EOF
| PAFTECH AB 2003-2026 | 2026-04-24 03:18:13 |