Internet Engineering Task Force N. Kuhn, Ed. Internet-Draft CNES Intended status: Informational E. Stephan, Ed. Expires: January 9, 2020 Orange G. Fairhurst, Ed. University of Aberdeen July 8, 2019 Transport parameters for 0-RTT connections draft-kuhn-quic-0rtt-bdp-03 Abstract The time-to-service duration depends on both peers and the peer initiating the connection may not be the peer actually sending data. Moreover, clients may be resource-limited, behind a low bandwidth or a long-RTT network and may need adaptations to improve data transmission or reception. While each client and server can have its dedicated solution to store path parameters, having a standard way of exchanging this information helps in providing symmetrical control of the optimisation and reducing protocol ossification. QUIC may not be limited to HTTP3: it can be used as a substrate for proxying and tunneling. This memo discusses a solution where the client is informed about path parameters: both the client and the server can contribute to the reduction of the time-to-service for subsequent connections. This would improve symmetrical transmission of data and reduce ossification of the protocol. To improve the time-to-service of subsequent 0-RTT reconnection the server currently sets in the early_data extension the maximum volume of egress data the client is allowed to send when reconnecting. This memo proposes BDP_metadata, an additional extension, to also inform the client about path parameters. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any Kuhn, et al. Expires January 9, 2020 [Page 1] Internet-Draft Transport for 0-RTT July 2019 time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 9, 2020. Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Reducing ossification with the proposed solution . . . . 3 2. Differences between 1-RTT and 0-RTT QUIC connections establishment . . . . . . . . . . . . . . . . . . . . . . . . 4 3. End-to-end solution . . . . . . . . . . . . . . . . . . . . . 5 3.1. Description of the BDP metadata extension . . . . . . . . 5 3.2. Usage of the extension in the NewSessionTicket . . . . . 5 4. Best current practice . . . . . . . . . . . . . . . . . . . . 6 5. What happens when BDP is used incorrectly? . . . . . . . . . 7 6. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . 8 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 9. Security Considerations . . . . . . . . . . . . . . . . . . . 8 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 10.1. Normative References . . . . . . . . . . . . . . . . . . 9 10.2. Informative References . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 1. Introduction Some network paths result in an increased time-to-service because the default parameters controlling the initialization of the transport and congestion control are not suitable for the path characteristics. QUIC's congestion control is based on TCP NewReno [I-D.ietf-quic-recovery] and the recommended initial window is defined by [RFC6928]. A path with a large bandwidth delay product Kuhn, et al. Expires January 9, 2020 [Page 2] Internet-Draft Transport for 0-RTT July 2019 can therefore significantly increase the time-to-service (e.g. a path using satellite communication [IJSCN19] could observe a much longer page load time for complex pages). The 0-RTT mechanism is designed to accelerate the throughput when reconnecting to the same peer. There are cases where egress acceleration like 0-RTT early_data alone does not improve the time-to-service and cases where the data transmission is symmetrical or where clients are capacity-limited: additional information can be beneficial. This memo describes a solution where a BDP_metadata extension informs the client about path parameters so that both the client and the server can contribute to the reduction of the time-to-service: 1. the server learns characteristics of the path during a connection. In most of the cases this will occur during the first (1-RTT) connection; 2. the server sends this information to the client at any time during this connection after the BDP_metadata parameters are validated; 3. the client may discard the ticket for reasons like validation period too short, not consistent with its own path characteristics measure, device with limited buffer, etc.; 4. the server and the client exploit the information to improve the time-to-service during subsequent 0-RTT connections. The proposed solution applies to TLS1.3 over any transport: even if the current focus is QUIC, the solution applies, e.g., for TCP Fast Open. 1.1. Reducing ossification with the proposed solution While each client and server can have their dedicated solution to store path parameters, having a standard way of exchanging this information helps in providing symmetrical control of the optimisation and reducing protocol ossification. This memo discusses a solution where the client is informed about path parameters: both the client and the server can contribute to the reduction of the time-to-service for subsequent connections. This would improve symmetrical transmission of data and reduce ossification of the protocol. Some advantages of the proposed solution are the following. 1. Provide symmetrical control of the optimisation: as extensions to HTTP3 envision server initiated request [I-D.ietf-quic-http] the path adaptation should be symmetrical and should not depend on Kuhn, et al. Expires January 9, 2020 [Page 3] Internet-Draft Transport for 0-RTT July 2019 rule of the peer in the establishment. Moreover, QUIC may not be used for the sole use of HTTP3 services but is also considered as a relevant candidate for setting up proxies or tunnels [I-D.kuehlewind-quic-substrate]. The client device should be able to adapt to the path adaptation chosen by the server. Since there are more and more exchange based on subscription where the server sends data first, with regard to ossification, it is central to dissociate the signalling (aka the initiator of the connection) from the peer which first sends application data. 2. Reduce TCP-proxy and middleboxes: if both clients and servers have the required parameters to optimize the transmissions for different deployment scenarios, end-to-end optimization may be proposed. As example, specific client-based adaptations can be developed, such as adapting the ACK-ratio or increasing the receive buffer size. Thus, deploying middleboxes that ossify the Internet would be less relevant. 3. Improve inter-operability: while each client and server can have their dedicated solution to store path parameters, having a standard way of exchanging this information helps in reducing the time-to-service when clients and servers are not provided by the same company. Both sides can independently propose optimizations to improve the ingress traffic. 2. Differences between 1-RTT and 0-RTT QUIC connections establishment This section recalls how 1-RTT and 0-RTT operate in QUIC [I-D.ietf-quic-transport]. QUIC leverages the 2 handshakes of TLS1.3 [I-D.ietf-quic-tls]: The 1-RTT handshake initiates a first set of credentials. When a handshake achieves successfully, the server pushes the learned information about the session to the client in an opaque session ticket (see section 4.6.1 of [RFC8446]). The information within the opaque ticket is encrypted by the server and not readable by the client. A session ticket can be sent at any time during the connection. The server can send several session tickets in one connection. A client willing to establish a fast re-opening of the session pushes back an opaque ticket in a 0-RTT handshake and sends early application data. In practice, the server sends the 'ticket' in a NewSessionTicket record [I-D.ietf-quic-tls]. The structure of the NewSessionTicket includes the opaque 'ticket' and an 'extensions' field. The NewSessionTicket carries an additional field named 'early_data' that indicates to the client the maximum size of application data to insert in the 0-RTT message. Kuhn, et al. Expires January 9, 2020 [Page 4] Internet-Draft Transport for 0-RTT July 2019 3. End-to-end solution QUIC encryption of transport headers prevents the adding of Performance-enhancing proxy (PEP). The BDP metadata extension may be a substitute to PEP proxy [RFC2488], [RFC3135] when time-to-service improvement requires acceleration of the refilling of client application buffers. The BDP_metadata extension proposes an improvement of the initialization of 0-RTT connections where the client recalls the BDP metadata previously measured by the server during the 1-RTT handshake. The approach follows the tuning of the initial window of high BDP networks described in [I-D.irtf-iccrg-sallantin-initial-spreading]. It has been shown to improve performance both for high BDP and more common BDP [CONEXT15][ICC16]. 3.1. Description of the BDP metadata extension This document defines an extension named "BDP_metadata" for the NewSessionTicket. This structure contains the following parameters: BDP, MTU, RTT, loss-rate. 3.2. Usage of the extension in the NewSessionTicket At the end of a 1-RTT connection, a server can send information in a NewSessionTicket that describes the path to the client. The message includes an additional 'extensions' field named 'BDP_metadata'. The client stores this session ticket and the 'BDP_metadata' field. When the client reconnects to the same server in 0-RTT mode, it pushes back this session ticket in the ClientHello and prepares itself to receive data in the context given by the 'BDP_metadata' field. The client does not send the 'BDP_metadata' field back to the server. The server receives the session ticket and extracts the BDP context. As example, it can use this message to provide information that may allow the congestion controller to provide a throughput closer to the capacity of the path. Because the path characteristics can change over time, and may hence become invalid for use in a subsequent connection, the server sets the age of the ticket (see section 4.2.11.1 of [RFC8446]) to a short duration. A server could also update the ticket when the path characteristics of connection are known to have changed. Kuhn, et al. Expires January 9, 2020 [Page 5] Internet-Draft Transport for 0-RTT July 2019 4. Best current practice This section provides examples of data that could be added in the opaque ticket field by the server. The details added by the server in the session ticket do not need to be standardized for interoperability between QUIC clients and servers because this information is opaque to the client. The presence of the "BDP_metadata" extension field in the NewSessionTicket informs the client that the server can actively take action to improve its throughput when the session will restart. The following list describes information elements set by the server in the session ticket to accompany the signaling of field. These examples are illustrated in Figure 1 and their purpose is detailed in this section. o A client aware of a high BDP path: Section 7.3.1 of [I-D.ietf-quic-transport] indicates that the "A client that attempts to send 0-RTT data MUST remember the transport parameters used by the server". In addition to the default transport parameters used by the server, a server that knows that the path has a large BDP can let the client adapt its parameters. o PMTU: Knowledge of the PMTU of a previous path improves the time to service because it reduces the duration of the path validation process described in section 8.2 of [I-D.ietf-quic-transport]. o Connection RTT: The knowledge of the characteristics of a previous connection RTT can improve the throughput because a server can safely improve the slow start: e.g. using the pacing models of [I-D.irtf-iccrg-sallantin-initial-spreading] can result in high IW for high RTT paths and a common IW for paths with smaller RTT. The results presented in [ICC16] show that for both files of 15 KB and 750 KB, the proposed solution reduces the time to download by approximatively 2 seconds whether the RTT is 50ms or 500ms. o Ticket_lifetime: The server sets a shorter validity duration to avoid receiving obsolete path characteristics; (e.g., this could reduce the validity to one day). Kuhn, et al. Expires January 9, 2020 [Page 6] Internet-Draft Transport for 0-RTT July 2019 CLIENT SERVER +-----------------------------------+ | 1 RTT connection | +-----------------------------------+ | | +<---1-RTT TLS1.3 HANDSHAKE--->+ | | +------------+ +<-----data transmission------>+ |path charact| | | |record | | | +------------+ |<-------------NewSessionTicket+ Client aware | +ticket_lifetime | of high BDP | +'opaque' field | path | +'extension' field | | + early_data | | + BDP_metadata | | + BDP | | + RTT | | + loss-rate | | + MTU | +-----------------------------------+ | 0 RTT connection | +-----------------------------------+ | | +ClientHello------------------>| |+'opaque' field | +-------------------+ | | |param adaptation | | | |e.g. | | | |tuned and paced IW | | | +-------------------+ | | +<----+data transmission+----->+ | | + + Figure 1: Example of opaque ticket content 5. What happens when BDP is used incorrectly? This section discusses the impact of a server activating the 'BDP_metadata' field when the network underneath actually has a small BDP. This could happen when the server BDP estimate was incorrect, when the client has multiple paths to choose from and uses the ticket on a different path to which it was requested, or when the path characteristics change significantly. Incorrectly exploiting the BDP_metadata could result in assigning additional resources (e.g. buffer space) that later is not used. Kuhn, et al. Expires January 9, 2020 [Page 7] Internet-Draft Transport for 0-RTT July 2019 Apart from cases where the clients are resource-limited, this is not much of an issue. The server could adapt the initial window to a high BDP context when the BDP is actually small. This issue can be prevented if packets are paced out of the server. 6. Discussion This mechanism follows the approach of the extension field 'early_data' of the NewSessionTicket of TLS1.3. While 'early_data' improves the egress traffic of a client, the 'BDP_metadata' proposal aims at improving ingress traffic to the client. Improving the ingress traffic can result in significant improvement to the quality- of-experience. For example, this enables the use of transport parameters, such as the RTT, PMTU and BDP to adapt the initial data transmission of a 0-RTT connection. In some large BDP deployment scenarios, this can halve the page load time of a web page download. 7. Acknowledgements None. 8. IANA Considerations TBD: text is required to register the extension BDP_metadata field. 9. Security Considerations The security is provided by the 1-RTT phase. The measure of BDP is made during a previous connection. The exchange and the information are protected both by the TLS encryption and the NewSessionTicket (see section 4.6.1 of [RFC8446]). The BDP information the server will received is protected in the opaque session ticket. The 'BDP_metadata' field is visible by the client only. An client that does not trust the server transport adaptation ignores any session ticket associated to a 'BDP_metadata' field. The server does not have to honour all the received requests (e.g. when it is resource-limited). 10. References Kuhn, et al. Expires January 9, 2020 [Page 8] Internet-Draft Transport for 0-RTT July 2019 10.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . 10.2. Informative References [CONEXT15] Li, Q., Dong, M., and P. Godfrey, "Halfback: Running Short Flows Quickly and Safely", ACM CoNEXT , 2015. [I-D.ietf-quic-http] Bishop, M., "Hypertext Transfer Protocol Version 3 (HTTP/3)", draft-ietf-quic-http-20 (work in progress), April 2019. [I-D.ietf-quic-recovery] Iyengar, J. and I. Swett, "QUIC Loss Detection and Congestion Control", draft-ietf-quic-recovery-20 (work in progress), April 2019. [I-D.ietf-quic-tls] Thomson, M. and S. Turner, "Using TLS to Secure QUIC", draft-ietf-quic-tls-20 (work in progress), April 2019. [I-D.ietf-quic-transport] Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed and Secure Transport", draft-ietf-quic-transport-20 (work in progress), April 2019. [I-D.ietf-tls-ticketrequests] Pauly, T., Schinazi, D., and C. Wood, "TLS Ticket Requests", draft-ietf-tls-ticketrequests-01 (work in progress), June 2019. [I-D.irtf-iccrg-sallantin-initial-spreading] Sallantin, R., Baudoin, C., Arnal, F., Dubois, E., Chaput, E., and A. Beylot, "Safe increase of the TCP's Initial Window Using Initial Spreading", draft-irtf-iccrg- sallantin-initial-spreading-00 (work in progress), January 2014. Kuhn, et al. Expires January 9, 2020 [Page 9] Internet-Draft Transport for 0-RTT July 2019 [I-D.kuehlewind-quic-substrate] Kuehlewind, M., Sarker, Z., Fossati, T., and L. Pardue, "Use Cases and Requirements for QUIC as a Substrate", draft-kuehlewind-quic-substrate-01 (work in progress), July 2019. [ICC16] Sallantin, R., Baudoin, C., Chaput, E., Arnal, F., Dubois, E., and A-L. Beylot, "Reducing web latency through TCP IW: Be smart", IEEE ICC , 2016. [ICCRG100] Kuhn, N., "MPTCP and BBR performance over Internet satellite paths", IETF ICCRG 100, 2017. [IJSCN19] Thomas, L., Dubois, E., Kuhn, N., and E. Lochin, "Google QUIC performance over a public SATCOM access", International Journal of Satellite Communications and Networking , 2019. [NCT13] Pirovano, A. and F. Garcia, "A new survey on improving TCP performances over geostationary satellite link", Network and Communication Technologies , 2013. [RFC2488] Allman, M., Glover, D., and L. Sanchez, "Enhancing TCP Over Satellite Channels using Standard Mechanisms", BCP 28, RFC 2488, DOI 10.17487/RFC2488, January 1999, . [RFC3135] Border, J., Kojo, M., Griner, J., Montenegro, G., and Z. Shelby, "Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations", RFC 3135, DOI 10.17487/RFC3135, June 2001, . [RFC6349] Constantine, B., Forget, G., Geib, R., and R. Schrage, "Framework for TCP Throughput Testing", RFC 6349, DOI 10.17487/RFC6349, August 2011, . [RFC6928] Chu, J., Dukkipati, N., Cheng, Y., and M. Mathis, "Increasing TCP's Initial Window", RFC 6928, DOI 10.17487/RFC6928, April 2013, . [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, . Kuhn, et al. Expires January 9, 2020 [Page 10] Internet-Draft Transport for 0-RTT July 2019 Authors' Addresses Nicolas Kuhn (editor) CNES Email: nicolas.kuhn@cnes.fr Emile Stephan (editor) Orange Email: emile.stephan@orange.com Gorry Fairhurst (editor) University of Aberdeen Email: gorry@erg.abdn.ac.uk Kuhn, et al. Expires January 9, 2020 [Page 11]