| < draft-ietf-tcpm-tcp-timestamps-03.txt | draft-ietf-tcpm-tcp-timestamps-04.txt > | |||
|---|---|---|---|---|
| TCP Maintenance and Minor F. Gont | TCP Maintenance and Minor F. Gont | |||
| Extensions (tcpm) UK CPNI | Extensions (tcpm) UK CPNI | |||
| Internet-Draft December 20, 2010 | Internet-Draft February 4, 2011 | |||
| Intended status: BCP | Intended status: BCP | |||
| Expires: June 23, 2011 | Expires: August 8, 2011 | |||
| Reducing the TIME-WAIT state using TCP timestamps | Reducing the TIME-WAIT state using TCP timestamps | |||
| draft-ietf-tcpm-tcp-timestamps-03.txt | draft-ietf-tcpm-tcp-timestamps-04.txt | |||
| Abstract | Abstract | |||
| This document describes an algorithm for processing incoming SYN | This document describes an algorithm for processing incoming SYN | |||
| segments that allows higher connection-establishment rates between | segments that allows higher connection-establishment rates between | |||
| any two TCP endpoints when a TCP timestamps option is present in the | any two TCP endpoints when a TCP timestamps option is present in the | |||
| incoming SYN segment. This document only modifies processing of SYN | incoming SYN segment. This document only modifies processing of SYN | |||
| segments received for connections in the TIME-WAIT state; processing | segments received for connections in the TIME-WAIT state; processing | |||
| in all other states is unchanged. | in all other states is unchanged. | |||
| skipping to change at page 1, line 36 ¶ | skipping to change at page 1, line 36 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on June 23, 2011. | This Internet-Draft will expire on August 8, 2011. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2010 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 2, line 32 ¶ | skipping to change at page 2, line 32 ¶ | |||
| 2. Improved processing of incoming connection requests . . . . . 3 | 2. Improved processing of incoming connection requests . . . . . 3 | |||
| 3. Interaction with various timestamps generation algorithms . . 6 | 3. Interaction with various timestamps generation algorithms . . 6 | |||
| 4. Interaction with various ISN generation algorithms . . . . . . 7 | 4. Interaction with various ISN generation algorithms . . . . . . 7 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8 | 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . . 8 | 8.1. Normative References . . . . . . . . . . . . . . . . . . . 8 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . . 9 | 8.2. Informative References . . . . . . . . . . . . . . . . . . 9 | |||
| Appendix A. Behavior of the proposed mechanism in specific | Appendix A. Behavior of the proposed mechanism in specific | |||
| scenarios . . . . . . . . . . . . . . . . . . . . . . 9 | scenarios . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| A.1. Connection request after system reboot . . . . . . . . . . 10 | A.1. Connection request after system reboot . . . . . . . . . . 10 | |||
| Appendix B. Changes from previous versions of the draft (to | Appendix B. Changes from previous versions of the draft (to | |||
| be removed by the RFC Editor before publishing | be removed by the RFC Editor before publishing | |||
| this document as an RFC) . . . . . . . . . . . . . . 10 | this document as an RFC) . . . . . . . . . . . . . . 10 | |||
| B.1. Changes from draft-ietf-tcpm-tcp-timestamps-02 . . . . . . 10 | B.1. Changes from draft-ietf-tcpm-tcp-timestamps-03 . . . . . . 10 | |||
| B.2. Changes from draft-ietf-tcpm-tcp-timestamps-01 . . . . . . 10 | B.2. Changes from draft-ietf-tcpm-tcp-timestamps-02 . . . . . . 10 | |||
| B.3. Changes from draft-ietf-tcpm-tcp-timestamps-00 . . . . . . 10 | B.3. Changes from draft-ietf-tcpm-tcp-timestamps-01 . . . . . . 10 | |||
| B.4. Changes from draft-gont-tcpm-tcp-timestamps-04 . . . . . . 10 | B.4. Changes from draft-ietf-tcpm-tcp-timestamps-00 . . . . . . 11 | |||
| B.5. Changes from draft-gont-tcpm-tcp-timestamps-03 . . . . . . 11 | B.5. Changes from draft-gont-tcpm-tcp-timestamps-04 . . . . . . 11 | |||
| B.6. Changes from draft-gont-tcpm-tcp-timestamps-02 . . . . . . 11 | B.6. Changes from draft-gont-tcpm-tcp-timestamps-03 . . . . . . 11 | |||
| B.7. Changes from draft-gont-tcpm-tcp-timestamps-01 . . . . . . 11 | B.7. Changes from draft-gont-tcpm-tcp-timestamps-02 . . . . . . 11 | |||
| B.8. Changes from draft-gont-tcpm-tcp-timestamps-00 . . . . . . 11 | B.8. Changes from draft-gont-tcpm-tcp-timestamps-01 . . . . . . 11 | |||
| B.9. Changes from draft-gont-tcpm-tcp-timestamps-00 . . . . . . 11 | ||||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 11 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 1. Introduction | 1. Introduction | |||
| The Timestamps option, specified in RFC 1323 [RFC1323], allows a TCP | The Timestamps option, specified in RFC 1323 [RFC1323], allows a TCP | |||
| to include a timestamp value in its segments, that can be used to | to include a timestamp value in its segments, that can be used to | |||
| perform two functions: Round-Trip Time Measurement (RTTM), and | perform two functions: Round-Trip Time Measurement (RTTM), and | |||
| Protection Against Wrapped Sequences (PAWS). | Protection Against Wrapped Sequences (PAWS). | |||
| For the purpose of PAWS, the timestamps sent on a connection are | For the purpose of PAWS, the timestamps sent on a connection are | |||
| skipping to change at page 8, line 7 ¶ | skipping to change at page 8, line 7 ¶ | |||
| An implementation of the mechanism proposed in this document would | An implementation of the mechanism proposed in this document would | |||
| enable recycling of the TIME-WAIT state even in the presence of ISNs | enable recycling of the TIME-WAIT state even in the presence of ISNs | |||
| that are not monotonically-increasing across connections, except when | that are not monotonically-increasing across connections, except when | |||
| the timestamp contained in the incoming SYN is equal to the last | the timestamp contained in the incoming SYN is equal to the last | |||
| timestamp seen on the connection in the TIME-WAIT state (for that | timestamp seen on the connection in the TIME-WAIT state (for that | |||
| direction of the data transfer). | direction of the data transfer). | |||
| 5. Security Considerations | 5. Security Considerations | |||
| While the algorithm described in this document for processing | [I-D.ietf-tcpm-tcp-security] contains a detailed discussion of the | |||
| incoming SYN segments would benefit from TCP timestamps that are | security implications of TCP timestamps and of different Timestamps | |||
| monotonically-increasing across connections, this document does not | generation algorithms. | |||
| propose any specific algorithm for generating timestamps, nor does it | ||||
| require monotonically-increasing timestamps across connections. | ||||
| [CPNI-TCP] contains a detailed discussion of the security | ||||
| implications of TCP timestamps and of different Timestamps generation | ||||
| algorithms. | ||||
| 6. IANA Considerations | 6. IANA Considerations | |||
| This document has no actions for IANA. | This document has no actions for IANA. | |||
| 7. Acknowledgements | 7. Acknowledgements | |||
| This document is based on part of the contents of the technical | ||||
| report "Security Assessment of the Transmission Control Protocol | ||||
| (TCP)" [CPNI-TCP] written by Fernando Gont on behalf of the United | ||||
| Kingdom's Centre for the Protection of National Infrastructure (UK | ||||
| CPNI). | ||||
| The author of this document would like to thank (in alphabetical | The author of this document would like to thank (in alphabetical | |||
| order) Mark Allman, Francis Dupont, Wesley Eddy, Lars Eggert, Alfred | order) Mark Allman, Francis Dupont, Wesley Eddy, Lars Eggert, Alfred | |||
| Hoenes, John Heffner, Christian Huitema, Eric Rescorla, Joe Touch, | Hoenes, John Heffner, Christian Huitema, Eric Rescorla, Joe Touch, | |||
| and Alexander Zimmermann for providing valuable feedback on an | and Alexander Zimmermann for providing valuable feedback on an | |||
| earlier version of this document. | earlier version of this document. | |||
| Additionally, the author would like to thank David Borman for a | Additionally, the author would like to thank David Borman for a | |||
| fruitful discussion on TCP timestamps at IETF 73. | fruitful discussion on TCP timestamps at IETF 73. | |||
| Finally, the author would like to thank the United Kingdom's Centre | Finally, the author would like to thank the United Kingdom's Centre | |||
| skipping to change at page 9, line 9 ¶ | skipping to change at page 9, line 10 ¶ | |||
| [RFC1323] Jacobson, V., Braden, B., and D. Borman, "TCP Extensions | [RFC1323] Jacobson, V., Braden, B., and D. Borman, "TCP Extensions | |||
| for High Performance", RFC 1323, May 1992. | for High Performance", RFC 1323, May 1992. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| 8.2. Informative References | 8.2. Informative References | |||
| [CPNI-TCP] | [CPNI-TCP] | |||
| CPNI, "Security Assessment of the Transmission Control | CPNI, "Security Assessment of the Transmission Control | |||
| Protocol (TCP)", http://www.cpni.gov.uk/Docs/ | Protocol (TCP)", 2009, <http://www.cpni.gov.uk/Docs/ | |||
| tn-03-09-security-assessment-TCP.pdf, 2009. | tn-03-09-security-assessment-TCP.pdf>. | |||
| [I-D.gont-timestamps-generation] | [I-D.gont-timestamps-generation] | |||
| Gont, F. and A. Oppermann, "On the generation of TCP | Gont, F. and A. Oppermann, "On the generation of TCP | |||
| timestamps", draft-gont-timestamps-generation-00 (work in | timestamps", draft-gont-timestamps-generation-00 (work in | |||
| progress), June 2010. | progress), June 2010. | |||
| [I-D.ietf-tcpm-1323bis] | [I-D.ietf-tcpm-1323bis] | |||
| Borman, D., Braden, R., and V. Jacobson, "TCP Extensions | Borman, D., Braden, R., and V. Jacobson, "TCP Extensions | |||
| for High Performance", draft-ietf-tcpm-1323bis-01 (work in | for High Performance", draft-ietf-tcpm-1323bis-01 (work in | |||
| progress), March 2009. | progress), March 2009. | |||
| [I-D.ietf-tcpm-tcp-security] | ||||
| Gont, F., "Security Assessment of the Transmission Control | ||||
| Protocol (TCP)", draft-ietf-tcpm-tcp-security-02 (work in | ||||
| progress), January 2011. | ||||
| [INFOCOM-99] | [INFOCOM-99] | |||
| Faber, T., Touch, J., and W. Yue, "The TIME-WAIT state in | Faber, T., Touch, J., and W. Yue, "The TIME-WAIT state in | |||
| TCP and Its Effect on Busy Servers", Proc. IEEE Infocom, | TCP and Its Effect on Busy Servers", Proc. IEEE Infocom, | |||
| 1999, pp. 1573-1583 . | 1999, pp. 1573-1583 . | |||
| [Linux] The Linux Project, "http://www.kernel.org". | [Linux] The Linux Project, "http://www.kernel.org". | |||
| [Opperman] | [Opperman] | |||
| Oppermann, A., "FYI: Extended TCP syncookies in FreeBSD- | Oppermann, A., "FYI: Extended TCP syncookies in FreeBSD- | |||
| current", Post to the tcpm mailing-list. Available at: ht | current", Post to the tcpm mailing-list. Available at: ht | |||
| skipping to change at page 10, line 30 ¶ | skipping to change at page 10, line 35 ¶ | |||
| of previous time stamps, the resulting timestamps might not be | of previous time stamps, the resulting timestamps might not be | |||
| monotonically-increasing, and hence the proposed algorithm might be | monotonically-increasing, and hence the proposed algorithm might be | |||
| unable to recycle the previous incarnation of the connection that is | unable to recycle the previous incarnation of the connection that is | |||
| in the TIME-WAIT state. This case corresponds to the current state- | in the TIME-WAIT state. This case corresponds to the current state- | |||
| of-affairs without the algorithm proposed in this document. | of-affairs without the algorithm proposed in this document. | |||
| Appendix B. Changes from previous versions of the draft (to be removed | Appendix B. Changes from previous versions of the draft (to be removed | |||
| by the RFC Editor before publishing this document as an | by the RFC Editor before publishing this document as an | |||
| RFC) | RFC) | |||
| B.1. Changes from draft-ietf-tcpm-tcp-timestamps-02 | B.1. Changes from draft-ietf-tcpm-tcp-timestamps-03 | |||
| o Addresses Tim Polk's DISCUSS. | ||||
| B.2. Changes from draft-ietf-tcpm-tcp-timestamps-02 | ||||
| o Addresses COMMENTs received during IESG review, and maybe Tim | o Addresses COMMENTs received during IESG review, and maybe Tim | |||
| Polk's DISCUSS. | Polk's DISCUSS. | |||
| B.2. Changes from draft-ietf-tcpm-tcp-timestamps-01 | B.3. Changes from draft-ietf-tcpm-tcp-timestamps-01 | |||
| o Addresses AD-review comments by Lars Eggert. | o Addresses AD-review comments by Lars Eggert. | |||
| B.3. Changes from draft-ietf-tcpm-tcp-timestamps-00 | B.4. Changes from draft-ietf-tcpm-tcp-timestamps-00 | |||
| o Addresses WG Last call comments received from Wesley Eddy, John | o Addresses WG Last call comments received from Wesley Eddy, John | |||
| Heffner and Joe Touch. | Heffner and Joe Touch. | |||
| o Minor editorial fix (reported by Wes Eddy). | o Minor editorial fix (reported by Wes Eddy). | |||
| B.4. Changes from draft-gont-tcpm-tcp-timestamps-04 | B.5. Changes from draft-gont-tcpm-tcp-timestamps-04 | |||
| o Draft resubmitted as draft-ietf. | o Draft resubmitted as draft-ietf. | |||
| B.5. Changes from draft-gont-tcpm-tcp-timestamps-03 | B.6. Changes from draft-gont-tcpm-tcp-timestamps-03 | |||
| o Changed the document title | o Changed the document title | |||
| o Removed all the text related to the algorithm earlier proposed for | o Removed all the text related to the algorithm earlier proposed for | |||
| timestamps generation. | timestamps generation. | |||
| o Addresses comments received from Alexander Zimmermann, Christian | o Addresses comments received from Alexander Zimmermann, Christian | |||
| Huitema, Joe Touch, and others. | Huitema, Joe Touch, and others. | |||
| B.6. Changes from draft-gont-tcpm-tcp-timestamps-02 | B.7. Changes from draft-gont-tcpm-tcp-timestamps-02 | |||
| o Minor edits (the I-D was just about to expire, so it was | o Minor edits (the I-D was just about to expire, so it was | |||
| resubmitted with almost no changes). | resubmitted with almost no changes). | |||
| B.7. Changes from draft-gont-tcpm-tcp-timestamps-01 | B.8. Changes from draft-gont-tcpm-tcp-timestamps-01 | |||
| o Version -01 of the draft had expired, and hence the I-D is | o Version -01 of the draft had expired, and hence the I-D is | |||
| resubmitted to make it available again (no changes). | resubmitted to make it available again (no changes). | |||
| B.8. Changes from draft-gont-tcpm-tcp-timestamps-00 | B.9. Changes from draft-gont-tcpm-tcp-timestamps-00 | |||
| o Fixed author's affiliation. | o Fixed author's affiliation. | |||
| o Addressed feedback submitted by Alfred Hoenes (see: | o Addressed feedback submitted by Alfred Hoenes (see: | |||
| http://www.ietf.org/mail-archive/web/tcpm/current/msg04281.html), | http://www.ietf.org/mail-archive/web/tcpm/current/msg04281.html), | |||
| plus nits sent by Alfred off-list. | plus nits sent by Alfred off-list. | |||
| Author's Address | Author's Address | |||
| Fernando Gont | Fernando Gont | |||
| End of changes. 19 change blocks. | ||||
| 32 lines changed or deleted | 43 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||