Re: [tcpm] F-RTO and RFC 3517 interaction issues

[Murari Sridharan <muraris at microsoft.com>]

The main issue I see is that without maintaining extra state how do you know which situation you are in? I think the draft should clarify how exactly this should be done to avoid incorrect implementations. Here are the cases as I see it broadly there are two cases but its really 3 sub-cases. The cases are as FRTO sees the TCP state when it is about to classify a timeout.

a) This is the simplest case when timeout has happened without any prior recovery attempt. Setting Recover = SndUna works fine here.
b) Recovery in progress. Fast retransmit is triggered, 3517 may be active, now the timeout happens. If SPUR_TO, Recover = SndUna is ok for the reasons you outline below.
c) Recovery in progress like (b), timeout happens but this is a real timeout. Now next phase starts with valid Recover value based on 3517. Another timeout happens before Recover is crossed, now *without any additional state* there is no way to differentiate this from case (b).

There should be some additional state associated with the value stored in Recover which is if FRTO declared a real timeout. Now you can say only reset Recover = SndUna only if Recover is not associated with a real timeout. If we want to avoid implementation bugs we need to be prescriptive here so it may not be enough to say " On the other hand, the draft says
that F-RTO SHOULD NOT be applied when an earlier SACK recovery is in
progress" Because it doesn't clarify how case (b) is different from (c). In both cases an earlier SACK recovery is in progress.

Hope this helps.

Murari

-----Original Message-----
From: Pasi Sarolahti [mailto:pasi.sarolahti at nokia.com]
Sent: Monday, March 10, 2008 5:08 PM
To: Murari Sridharan
Cc: tcpm at ietf.org; mallman at icir.org
Subject: Re: F-RTO and RFC 3517 interaction issues

Hi Murari,

Thanks for the careful reading! Clarification might indeed be in place.

 From quite early on when specifying the F-RTO algorithm we have
thought it would be ok to allow fast recovery/SACK recovery
immediately after detected spurious timeout, because then the TCP
sender does not send the RTO retransmissions, and therefore the
potential for RTO retransmissions triggering multiple fast
retransmits should not exist (so the recover variable can be reset).
For a case where spurious retransmission timeout follows the SACK
recovery or fast recovery directly, this reasoning should be valid,
do we agree?

In case where spurious timeout happens during an earlier RTO
recovery, there could be potential for false fast retransmits to
happen, as described in the original NewReno draft. (RFC 3517 does
not describe it in such detail, but I assume the motivation for the
text you quote is same also there). On the other hand, the draft says
that F-RTO SHOULD NOT be applied when an earlier SACK recovery is in
progress, as I think it was in the example you presented. Do you
think this note is sufficient, or should it be clarified somehow?

- Pasi


On Mar 10, 2008, at 13:05, ext Murari Sridharan wrote:

> I am seeing an inconsistency between FRTO and RFC 3517. May be the
> authors could clarify.
>
> F-RTO defines recovery as follows
>
> Set variable "recover" to
>       indicate the highest segment transmitted so far.
>
> RFC 3517 defines
> "HighData" is the highest sequence number transmitted at a
> given      point.
>
> RFC 3517 clearly mandates that if RTO occurs during loss recovery
> new recovery phase MUST not be initiated until the RecoveryPoint is
> crossed.
> "If an RTO occurs during loss recovery as specified in this
> document,   RecoveryPoint MUST be set to HighData.  Further, the
> new value of   RecoveryPoint MUST be preserved and the loss
> recovery algorithm   outlined in this document MUST be terminated.
> In addition, a new   recovery phase (as described in section 5)
> MUST NOT be initiated   until HighACK is greater than or equal to
> the new value of   RecoveryPoint."  Now FRTO spec seems to violate
> the above rule with the following statementIf the algorithm exits
> with   SpuriousRecovery set to SPUR_TO, "recover" is set to
> SND.UNA, thus   allowing fast recovery on incoming duplicate
> acknowledgments. This means that if we are in the middle of loss
> recovery and a real timeout occurs we save the recovery point per
> RFC 3517. At this point we continue with slow start and congestion
> avoidance, now say we are still below the earlier recovery point
> and a new timeout occurs. This time if the timeout is classified as
> SPUR_TO, then RecoveryPoint is set to SndUNA, overwriting the older
> value and a new recovery phase can begin, clearly violating RFC
> 3517.  ThanksMurari

_______________________________________________
tcpm mailing list
tcpm at ietf.org
https://www.ietf.org/mailman/listinfo/tcpm