draft-ietf-tcpm-tcp-timestamps-03.txt   draft-ietf-tcpm-tcp-timestamps-04.txt 
TCP Maintenance and Minor F. Gont TCP Maintenance and Minor F. Gont
Extensions (tcpm) UK CPNI Extensions (tcpm) UK CPNI
Internet-Draft December 20, 2010 Internet-Draft February 4, 2011
Intended status: BCP Intended status: BCP
Expires: June 23, 2011 Expires: August 8, 2011
Reducing the TIME-WAIT state using TCP timestamps Reducing the TIME-WAIT state using TCP timestamps
draft-ietf-tcpm-tcp-timestamps-03.txt draft-ietf-tcpm-tcp-timestamps-04.txt
Abstract Abstract
This document describes an algorithm for processing incoming SYN This document describes an algorithm for processing incoming SYN
segments that allows higher connection-establishment rates between segments that allows higher connection-establishment rates between
any two TCP endpoints when a TCP timestamps option is present in the any two TCP endpoints when a TCP timestamps option is present in the
incoming SYN segment. This document only modifies processing of SYN incoming SYN segment. This document only modifies processing of SYN
segments received for connections in the TIME-WAIT state; processing segments received for connections in the TIME-WAIT state; processing
in all other states is unchanged. in all other states is unchanged.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 23, 2011. This Internet-Draft will expire on August 8, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 32 skipping to change at page 2, line 32
2. Improved processing of incoming connection requests . . . . . 3 2. Improved processing of incoming connection requests . . . . . 3
3. Interaction with various timestamps generation algorithms . . 6 3. Interaction with various timestamps generation algorithms . . 6
4. Interaction with various ISN generation algorithms . . . . . . 7 4. Interaction with various ISN generation algorithms . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 8
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
8.1. Normative References . . . . . . . . . . . . . . . . . . . 8 8.1. Normative References . . . . . . . . . . . . . . . . . . . 8
8.2. Informative References . . . . . . . . . . . . . . . . . . 9 8.2. Informative References . . . . . . . . . . . . . . . . . . 9
Appendix A. Behavior of the proposed mechanism in specific Appendix A. Behavior of the proposed mechanism in specific
scenarios . . . . . . . . . . . . . . . . . . . . . . 9 scenarios . . . . . . . . . . . . . . . . . . . . . . 10
A.1. Connection request after system reboot . . . . . . . . . . 10 A.1. Connection request after system reboot . . . . . . . . . . 10
Appendix B. Changes from previous versions of the draft (to Appendix B. Changes from previous versions of the draft (to
be removed by the RFC Editor before publishing be removed by the RFC Editor before publishing
this document as an RFC) . . . . . . . . . . . . . . 10 this document as an RFC) . . . . . . . . . . . . . . 10
B.1. Changes from draft-ietf-tcpm-tcp-timestamps-02 . . . . . . 10 B.1. Changes from draft-ietf-tcpm-tcp-timestamps-03 . . . . . . 10
B.2. Changes from draft-ietf-tcpm-tcp-timestamps-01 . . . . . . 10 B.2. Changes from draft-ietf-tcpm-tcp-timestamps-02 . . . . . . 10
B.3. Changes from draft-ietf-tcpm-tcp-timestamps-00 . . . . . . 10 B.3. Changes from draft-ietf-tcpm-tcp-timestamps-01 . . . . . . 10
B.4. Changes from draft-gont-tcpm-tcp-timestamps-04 . . . . . . 10 B.4. Changes from draft-ietf-tcpm-tcp-timestamps-00 . . . . . . 11
B.5. Changes from draft-gont-tcpm-tcp-timestamps-03 . . . . . . 11 B.5. Changes from draft-gont-tcpm-tcp-timestamps-04 . . . . . . 11
B.6. Changes from draft-gont-tcpm-tcp-timestamps-02 . . . . . . 11 B.6. Changes from draft-gont-tcpm-tcp-timestamps-03 . . . . . . 11
B.7. Changes from draft-gont-tcpm-tcp-timestamps-01 . . . . . . 11 B.7. Changes from draft-gont-tcpm-tcp-timestamps-02 . . . . . . 11
B.8. Changes from draft-gont-tcpm-tcp-timestamps-00 . . . . . . 11 B.8. Changes from draft-gont-tcpm-tcp-timestamps-01 . . . . . . 11
B.9. Changes from draft-gont-tcpm-tcp-timestamps-00 . . . . . . 11
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 11 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction 1. Introduction
The Timestamps option, specified in RFC 1323 [RFC1323], allows a TCP The Timestamps option, specified in RFC 1323 [RFC1323], allows a TCP
to include a timestamp value in its segments, that can be used to to include a timestamp value in its segments, that can be used to
perform two functions: Round-Trip Time Measurement (RTTM), and perform two functions: Round-Trip Time Measurement (RTTM), and
Protection Against Wrapped Sequences (PAWS). Protection Against Wrapped Sequences (PAWS).
For the purpose of PAWS, the timestamps sent on a connection are For the purpose of PAWS, the timestamps sent on a connection are
skipping to change at page 8, line 7 skipping to change at page 8, line 7
An implementation of the mechanism proposed in this document would An implementation of the mechanism proposed in this document would
enable recycling of the TIME-WAIT state even in the presence of ISNs enable recycling of the TIME-WAIT state even in the presence of ISNs
that are not monotonically-increasing across connections, except when that are not monotonically-increasing across connections, except when
the timestamp contained in the incoming SYN is equal to the last the timestamp contained in the incoming SYN is equal to the last
timestamp seen on the connection in the TIME-WAIT state (for that timestamp seen on the connection in the TIME-WAIT state (for that
direction of the data transfer). direction of the data transfer).
5. Security Considerations 5. Security Considerations
While the algorithm described in this document for processing [I-D.ietf-tcpm-tcp-security] contains a detailed discussion of the
incoming SYN segments would benefit from TCP timestamps that are security implications of TCP timestamps and of different Timestamps
monotonically-increasing across connections, this document does not generation algorithms.
propose any specific algorithm for generating timestamps, nor does it
require monotonically-increasing timestamps across connections.
[CPNI-TCP] contains a detailed discussion of the security
implications of TCP timestamps and of different Timestamps generation
algorithms.
6. IANA Considerations 6. IANA Considerations
This document has no actions for IANA. This document has no actions for IANA.
7. Acknowledgements 7. Acknowledgements
This document is based on part of the contents of the technical
report "Security Assessment of the Transmission Control Protocol
(TCP)" [CPNI-TCP] written by Fernando Gont on behalf of the United
Kingdom's Centre for the Protection of National Infrastructure (UK
CPNI).
The author of this document would like to thank (in alphabetical The author of this document would like to thank (in alphabetical
order) Mark Allman, Francis Dupont, Wesley Eddy, Lars Eggert, Alfred order) Mark Allman, Francis Dupont, Wesley Eddy, Lars Eggert, Alfred
Hoenes, John Heffner, Christian Huitema, Eric Rescorla, Joe Touch, Hoenes, John Heffner, Christian Huitema, Eric Rescorla, Joe Touch,
and Alexander Zimmermann for providing valuable feedback on an and Alexander Zimmermann for providing valuable feedback on an
earlier version of this document. earlier version of this document.
Additionally, the author would like to thank David Borman for a Additionally, the author would like to thank David Borman for a
fruitful discussion on TCP timestamps at IETF 73. fruitful discussion on TCP timestamps at IETF 73.
Finally, the author would like to thank the United Kingdom's Centre Finally, the author would like to thank the United Kingdom's Centre
skipping to change at page 9, line 9 skipping to change at page 9, line 10
[RFC1323] Jacobson, V., Braden, B., and D. Borman, "TCP Extensions [RFC1323] Jacobson, V., Braden, B., and D. Borman, "TCP Extensions
for High Performance", RFC 1323, May 1992. for High Performance", RFC 1323, May 1992.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
8.2. Informative References 8.2. Informative References
[CPNI-TCP] [CPNI-TCP]
CPNI, "Security Assessment of the Transmission Control CPNI, "Security Assessment of the Transmission Control
Protocol (TCP)", http://www.cpni.gov.uk/Docs/ Protocol (TCP)", 2009, <http://www.cpni.gov.uk/Docs/
tn-03-09-security-assessment-TCP.pdf, 2009. tn-03-09-security-assessment-TCP.pdf>.
[I-D.gont-timestamps-generation] [I-D.gont-timestamps-generation]
Gont, F. and A. Oppermann, "On the generation of TCP Gont, F. and A. Oppermann, "On the generation of TCP
timestamps", draft-gont-timestamps-generation-00 (work in timestamps", draft-gont-timestamps-generation-00 (work in
progress), June 2010. progress), June 2010.
[I-D.ietf-tcpm-1323bis] [I-D.ietf-tcpm-1323bis]
Borman, D., Braden, R., and V. Jacobson, "TCP Extensions Borman, D., Braden, R., and V. Jacobson, "TCP Extensions
for High Performance", draft-ietf-tcpm-1323bis-01 (work in for High Performance", draft-ietf-tcpm-1323bis-01 (work in
progress), March 2009. progress), March 2009.
[I-D.ietf-tcpm-tcp-security]
Gont, F., "Security Assessment of the Transmission Control
Protocol (TCP)", draft-ietf-tcpm-tcp-security-02 (work in
progress), January 2011.
[INFOCOM-99] [INFOCOM-99]
Faber, T., Touch, J., and W. Yue, "The TIME-WAIT state in Faber, T., Touch, J., and W. Yue, "The TIME-WAIT state in
TCP and Its Effect on Busy Servers", Proc. IEEE Infocom, TCP and Its Effect on Busy Servers", Proc. IEEE Infocom,
1999, pp. 1573-1583 . 1999, pp. 1573-1583 .
[Linux] The Linux Project, "http://www.kernel.org". [Linux] The Linux Project, "http://www.kernel.org".
[Opperman] [Opperman]
Oppermann, A., "FYI: Extended TCP syncookies in FreeBSD- Oppermann, A., "FYI: Extended TCP syncookies in FreeBSD-
current", Post to the tcpm mailing-list. Available at: ht current", Post to the tcpm mailing-list. Available at: ht
skipping to change at page 10, line 30 skipping to change at page 10, line 35
of previous time stamps, the resulting timestamps might not be of previous time stamps, the resulting timestamps might not be
monotonically-increasing, and hence the proposed algorithm might be monotonically-increasing, and hence the proposed algorithm might be
unable to recycle the previous incarnation of the connection that is unable to recycle the previous incarnation of the connection that is
in the TIME-WAIT state. This case corresponds to the current state- in the TIME-WAIT state. This case corresponds to the current state-
of-affairs without the algorithm proposed in this document. of-affairs without the algorithm proposed in this document.
Appendix B. Changes from previous versions of the draft (to be removed Appendix B. Changes from previous versions of the draft (to be removed
by the RFC Editor before publishing this document as an by the RFC Editor before publishing this document as an
RFC) RFC)
B.1. Changes from draft-ietf-tcpm-tcp-timestamps-02 B.1. Changes from draft-ietf-tcpm-tcp-timestamps-03
o Addresses Tim Polk's DISCUSS.
B.2. Changes from draft-ietf-tcpm-tcp-timestamps-02
o Addresses COMMENTs received during IESG review, and maybe Tim o Addresses COMMENTs received during IESG review, and maybe Tim
Polk's DISCUSS. Polk's DISCUSS.
B.2. Changes from draft-ietf-tcpm-tcp-timestamps-01 B.3. Changes from draft-ietf-tcpm-tcp-timestamps-01
o Addresses AD-review comments by Lars Eggert. o Addresses AD-review comments by Lars Eggert.
B.3. Changes from draft-ietf-tcpm-tcp-timestamps-00 B.4. Changes from draft-ietf-tcpm-tcp-timestamps-00
o Addresses WG Last call comments received from Wesley Eddy, John o Addresses WG Last call comments received from Wesley Eddy, John
Heffner and Joe Touch. Heffner and Joe Touch.
o Minor editorial fix (reported by Wes Eddy). o Minor editorial fix (reported by Wes Eddy).
B.4. Changes from draft-gont-tcpm-tcp-timestamps-04 B.5. Changes from draft-gont-tcpm-tcp-timestamps-04
o Draft resubmitted as draft-ietf. o Draft resubmitted as draft-ietf.
B.5. Changes from draft-gont-tcpm-tcp-timestamps-03 B.6. Changes from draft-gont-tcpm-tcp-timestamps-03
o Changed the document title o Changed the document title
o Removed all the text related to the algorithm earlier proposed for o Removed all the text related to the algorithm earlier proposed for
timestamps generation. timestamps generation.
o Addresses comments received from Alexander Zimmermann, Christian o Addresses comments received from Alexander Zimmermann, Christian
Huitema, Joe Touch, and others. Huitema, Joe Touch, and others.
B.6. Changes from draft-gont-tcpm-tcp-timestamps-02 B.7. Changes from draft-gont-tcpm-tcp-timestamps-02
o Minor edits (the I-D was just about to expire, so it was o Minor edits (the I-D was just about to expire, so it was
resubmitted with almost no changes). resubmitted with almost no changes).
B.7. Changes from draft-gont-tcpm-tcp-timestamps-01 B.8. Changes from draft-gont-tcpm-tcp-timestamps-01
o Version -01 of the draft had expired, and hence the I-D is o Version -01 of the draft had expired, and hence the I-D is
resubmitted to make it available again (no changes). resubmitted to make it available again (no changes).
B.8. Changes from draft-gont-tcpm-tcp-timestamps-00 B.9. Changes from draft-gont-tcpm-tcp-timestamps-00
o Fixed author's affiliation. o Fixed author's affiliation.
o Addressed feedback submitted by Alfred Hoenes (see: o Addressed feedback submitted by Alfred Hoenes (see:
http://www.ietf.org/mail-archive/web/tcpm/current/msg04281.html), http://www.ietf.org/mail-archive/web/tcpm/current/msg04281.html),
plus nits sent by Alfred off-list. plus nits sent by Alfred off-list.
Author's Address Author's Address
Fernando Gont Fernando Gont
 End of changes. 19 change blocks. 
32 lines changed or deleted 43 lines changed or added

This html diff was produced by rfcdiff 1.40. The latest version is available from http://tools.ietf.org/tools/rfcdiff/