yfmascgy
commented
1 year ago Thanks for this intriguing proposal. But there will be a new issue if I understand correctly, and please correct me if I am wrong.
For example, what if a path has actually migrated because of changes in the underlying hops while the client and server's entry points (interfaces) remain the same. Then after exchanging the EPID information, the client and server will draw the conclusion that the path is not changed, which is not true.
huitema
LPardue
mirjak
qdeconinck
Yanmei-Liu
I think given the dynamic nature of the CID usage on paths that leads to some existing design issues(see #137, #158), it is worth having some stable path identification (to address, e.g., #169).
What does not change
I think we now agree that a Multipath QUIC connection uses different Connection IDs on different paths, and each Connection ID has its own packet number space. Such a design enables end-hosts to easily receive packets and decrypt them without assuming anything about the network path (relying directly on the perceived 4-tuple makes the approach fragile). Note that we keep the ACK_MP as it (i.e., we acknowledge packet numbers that used a specific DCID).
Identifying network paths (until now)
So far, end hosts directly maps the (Destination) Connection ID sequence number as the path identifier of the network path. This path identifier is then used in the path-specific frames (PATH_ABANDON, PATH_STATUS,…). Such an approach has the advantage that we do not have to define additional signalling to identify a network path, and it is relatively easy to track that. However, this means that if one endhost changes the DCID it uses over a given path, this means its identifier changes. Having such dynamic changing identifiers for a stable path causes design issues when using an identifier no more valid in the path-specific frames.
Proposal: explicit path identification advertisement during path validation
The path validation process establish the identification of a path through the advertisement of the “Entry Point ID” (EPID) used by the packet sender. Each path is identified by a tuple (local EPID, peer EPID). This identification is then used in the path-specific frames to identify the concerned path. Note that each endhost uses EPID 0 on the initial path.
This implies that we need an augmented version of the PATH_CHALLENGE/PATH_RESPONSE frames (let’s say PATH_CHALLENGE_MP/PATH_REPSONSE_MP) that include the EPID that the sender used to send the frame.
Example
Let’s consider this initial situation.
In this initial state, each endhost has one path:
Client
From the server perspective, we have
Now the client wants to create a new path on a new local address, but still on the same server address (same IP and port at server side). When the server just processed the PATH_CHALLENGE_MP(data, EPID=1) sent by the client with DCID seq 1, we have this state:
Client
Server
Note that the server can figure out at packet reception on which local address it saw, and thus map the corresponding local EPID to the new seen path. The server can then replies with a PATH_RESPONSE_MP(data, EPID=0) (and also initiates a PATH_CHALLENGE_MP as well). Assume here it uses the DCID with seq 2. Once the PATH_RESPONSE_MP is received by the client, we have this state.
Client
Server
Now the client can refer to the lower path in PATH_STATUS/PATH_ABANDON frame using (1, 0), and the server could use (1, 0). Note that it makes also possible to extend these frames to the set of paths sharing a given EPID. This tuple is stable as long as end hosts do not change the EPID they use when performing further path validations.
Consider now a specific edge case, that is also hard to handle with the current (CID identification) design: the client decides to change the DCID it uses (now seq 2) on its path (EPID 1, EPID 0), but the very first packet sent experiences a NAT rebinding, making the server see a new 4-tuple. The end hosts’ states just after the server received that packet is
Client:
Server:
To address this new unknown path, the server will initiate path validation over that new path using a new DCID (let’s say with seq 3), so it sends a MP_PATH_CHALLENGE(EPID=0) on the lower path. Once the packet reaches and after its processing, we have
Client:
Server:
Finally, the client replies with a MP_PATH_RESPONSE on its perceived EPID (hence EPID 1) and the response can reach the server, which can then figure out that the path is actually the same as the previous one (it experienced involuntary 4-tuple change, this is not a new path). The final state is hence
Client:
Server:
Additional remarks
Introducing such additional identifiers may require additional care to cope with EPID that change over a same address or to avoid a same EPID over multiple 4-tuples. I think we can require that new EPID values cannot decrease (monotonically increasing) and observing a same EPID coming from different addresses probably indicates that something is wrong there.
We can also extend the required state of a path to be "Active", i.e., we need to have both local and peer EPID of a path before considering it as active.
Having two endpoint-specific values instead of a single shared one (as suggested by #170) may be desirable to support the edge case mentioned above.