Internet-Draft | Multipath DCCP | July 2023 |
Amend, et al. | Expires 27 January 2024 | [Page] |
DCCP communications as defined in [RFC4340] are restricted to a single path per connection, yet multiple paths often exist between peers. The simultaneous use of available multiple paths for a DCCP session could improve resource usage within the network and, thus, improve user experience through higher throughput and improved resilience to network failures. Use cases for a Multipath DCCP (MP-DCCP) are mobile devices (e.g., handsets, vehicles) and residential home gateways simultaneously connected to distinct networks as, e.g., a cellular and a Wireless Local Area (WLAN) networks or a cellular and a fixed access networks. Compared to existing multipath protocols, such as MPTCP, MP-DCCP provides specific support for non-TCP user traffic (e.g., UDP or plain IP). More details on potential use cases are provided in [multipath-dccp.org], [IETF115.Slides], and [MP-DCCP.Paper]. All these use cases profit from an Open Source Linux reference implementation provided under [multipath-dccp.org].¶
This document specifies a set of extensions to DCCP to support multipath operations. Multipath DCCP provides the ability to simultaneously use multiple paths between peers. The protocol offers the same type of service to applications as DCCP and it provides the components necessary to establish and use multiple DCCP flows across different paths simultaneously.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 27 January 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Datagram Congestion Control Protocol (DCCP) [RFC4340] is a transport protocol that provides bidirectional unicast connections of congestion-controlled unreliable datagrams. DCCP communications are restricted to one single path. Multipath DCCP (MP-DCCP) is a set of extensions to DCCP to enable DCCP flows to be established across multiple paths simultaneously. Such extensions are beneficial to applications that transfer large amounts of data, due to the possibility to aggregate capacity of the multiple paths. In addition, the multipath extensions enable to tradeoff timeliness and reliability, which is important for low-latency applications that do not require guaranteed delivery services, such as Audio/Video streaming.¶
MP-DCCP has been first suggested in the context of the 3GPP work on 5G multi-access solutions [I-D.amend-tsvwg-multipath-framework-mpdccp] and for hybrid access networks [I-D.lhwxz-hybrid-access-network-architecture][I-D.muley-network-based-bonding-hybrid-access]. MP-DCCP can be applied for load-balancing, seamless session handover, and bandwidth aggregation purposes (referred to as Access Traffic Steering, Switching, and Splitting (ATSSS) in the 3GPP terminology [TS23.501]).¶
This document presents the protocol changes required to add multipath support to DCCP; specifically, those for signaling and setting up multiple paths (a.k.a, "subflows"), managing these subflows, reordering of data, and termination of sessions.¶
DCCP, as stated in [RFC4340] does not provide reliable and ordered delivery. Consequently, multiple application subflows may be multiplexed over a single DCCP connection with no inherent performance penalty for application subflows that do not require in-ordered delivery. DCCP does not provide built-in support for those multiple application subflows.¶
In the following, the term subflow refers to DCCP subflows transmitted via different paths (4-tuple of source and destination address/port pairs), not to be mixed up with the "application sub-flows" mentioned in Section 17.2 of [RFC4340]. Application subflows are differing content-wise by source and destination port per application as, for example, enabled by Service Codes introduced to DCCP in [RFC5595], and those application subflows can be multiplexed over a single DCCP connection. For the sake of consistency we assume that only a single application is served by a DCCP connection here as shown in Figure 1 while use of that feature should not impact DCCP operation on each single path as noted in (Section 2.4 of [RFC5595]). Application subflows can co-exist with MP-DCCP operation as defined in this document.¶
As pointed out in [I-D.amend-tsvwg-multipath-framework-mpdccp] the proposed encapsulation in terms of lightweight DCCP flow headers is more appropriate for unreliable IP traffic in terms of UDP and other non-TCP packets in comparison to MPTCP. Such considerations are not detailed in the present specification.¶
MP-DCCP operates at the transport layer and aims to be transparent to both higher and lower layers. It is a set of additional features on top of DCCP; Figure 1 illustrates this layering. MP-DCCP is designed to be used by applications in the same way as DCCP with no changes to the application itself.¶
Throughout this document we make use of terms that are either specific for multipath transport or are defined in the context of MP-DCCP, similar to [RFC8684], as follows:¶
Path: A sequence of links between a sender and a receiver, defined in this context by a 4-tuple of source and destination address/ port pairs.¶
Subflow: A flow of DCCP segments operating over an individual path, which forms part of a larger MP-DCCP connection. A subflow is started and terminated similar to a regular (single-path) DCCP connection. The term subflow can also be used to refer to an MP-DCCP connection with a single path.¶
(MP-DCCP) Connection: A set of one or more subflows, over which an application can communicate between two hosts. The MP-DCCP connection is exposed as single DCCP socket to the application.¶
Token: A locally unique identifier given to a multipath connection by a host. May also be referred to as a "Connection ID".¶
Host: An end host operating an MP-DCCP implementation, and either initiating or accepting an MP-DCCP connection.¶
In addition to these terms, within framework of MP-DCCP the interpretation of, and effect on, regular single-path DCCP semantics is discussed in Section 3.¶
Figure 2 provides a general overview of the MP-DCCP working mode, whose main characteristics are summarized in this section.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
DCCP (Section 17.2 of [RFC4340]) allows multiple application subflows to be multiplexed over a single DCCP connection with potentially same performance. However, DCCP does not provide built-in support for managing multiple subflows within one DCCP connection. Various congestion control mechanisms have been specified to optimize DCCP performance for specific traffic types in terms of profiles denoted by a Congestion Control IDentifier (CCID).¶
The extension of DCCP towards Multipath-DCCP (MP-DCCP) is described in detail in Section 3.¶
As a high level overview of the MP-DCCP operation, the data stream from a DCCP application is split by MP-DCCP operation into one or more subflows which can be transmitted via different also physically isolated paths. The corresponding control information allows the receiver to optionally re-assemble and deliver the received data in the originally transmitted order to the recipient application. This may be necessary because DCCP does not guarantee in-order delivery. The details of the transmission scheduling mechanism and optional reordering mechanism are up to the sender and receiver, respectively, and are outside the scope of this document.¶
The following sections define MP-DCCP behavior in detail.¶
A Multipath DCCP connection provides a bidirectional connection of datagrams between two hosts exchanging data as in DCCP, thus, not requiring any change to the applications. However, Multipath DCCP enables the hosts to use different paths with different IP addresses to transport the packets of an MP-DCCP connection. MP-DCCP manages the request, set-up, authentication, prioritization, modification, and removal of the DCCP subflows on different paths as well as the exchange of performance parameters.¶
The Multipath Capability for MP-DCCP can be negotiated with a new DCCP feature, as specified in Section 3.1. Once negotiated, all subsequent MP-DCCP operations for that connection are signalled with a variable length multipath-related option, as described in Section 3. All MP-DCCP operations are signaled with MP-DCCP suboptions described in {#MP_OPT}.¶
The number of DCCP subflows can vary during the lifetime of a Multipath DCCP connection. The details of the path management decisions for when to add or remove subflows are outside the scope of this document.¶
The DCCP protocol feature list ([RFC4340], Section 6.4) are enriched with a new Multipath related feature with Feature number THIS-FEATURE, as shown in Table 1.¶
Number | Meaning | Rule | Rec'n Value | Initial Req'd |
---|---|---|---|---|
THIS-FEATURE | Multipath Capable | SP | 0 | N |
The reconciliation rule used for the feature. SP means server-priority, NN means non-negotiable.¶
The initial value for the feature. Every feature has a known initial value.¶
This column is "Y" if and only if every DCCP implementation MUST understand the feature. If it is "N", then the feature behaves like an extension, and it is safe to respond to Change options for the feature with empty Confirm options.¶
The DCCP protocol options as defined in ([RFC4340], Section 5.8) are enriched with a new Multipath related variable-length option with option type 46, as shown in Table 2.¶
Type | Option Length | Meaning | DCCP-Data? |
---|---|---|---|
46 | variable | Multipath | Y |
DCCP endpoints negotiates the Multipath Capable Feature to decide whether multipath extensions can be enabled for a DCCP connection.¶
Multipath Capable feature (MP_CAPABLE) has feature number THIS-FEATURE and has length of one-byte. The leftmost four bits are used to specify a compatible version of the MP-DCCP implementation (THIS-VER for this specification). The following four bits are unassigned in version THIS-VER. The unassigned bits MUST be set to zero by the sender and MUST be ignored by the receiver.¶
The setting of the MP_CAPABLE feature MUST follow the server-priority reconciliation rule described in ([RFC4340], Section 6.3.1), which allows multiple versions to be specified in order of priority.¶
The negotiation MUST be done as part of the initial handshake procedure as described in Section 3.3, and no subsequent re-negotiation of the MP_CAPABLE feature is allowed on the same MP-DCCP connection.¶
Clients MUST include a Change R option during the initial handshake request to supply a list of supported MP-DCCP protocol versions, ordered by preference.¶
Servers MUST include a Confirm L option in the subsequent response to agree on an MP-DCCP version to be used from the Client list, followed by its own supported version(s) ordered by preference. Any subflow addition to an existing MP-DCCP connection MUST use the same version negotiated for the first subflow.¶
If no agreement is found, the Server MUST reply with an empty Confirm L option with feature number THIS-FEATURE and no values.¶
An example of successful version negotiation is shown hereafter:¶
If the version negotiation fails or the MP_CAPABLE feature is not present in the DCCP-Request or DCCP-Response packets of the initial handshake procedure, the MP-DCCP connection SHOULD fallback to regular DCCP or MUST be closed. Further details are specified in Section 3.6¶
MP-DCCP uses one single option to signal various multipath-related operations. The format of this option is shown in Figure 5.¶
The description of the fields of the multipath option is shown in Table 3. MP_OPT refers to an MP-DCCP suboption.¶
Type | Option Length | MP_OPT | Meaning |
---|---|---|---|
46 | var | 0 =MP_CONFIRM | Confirm reception and processing of an MP_OPT option |
46 | 12 | 1 =MP_JOIN | Join path to an existing MP-DCCP connection |
46 | var | 2 =MP_FAST_CLOSE | Close an MP-DCCP connection unconditionally |
46 | var | 3 =MP_KEY | Exchange key material for MP_HMAC |
46 | 9 | 4 =MP_SEQ | Multipath Sequence Number |
46 | 23 | 5 =MP_HMAC | HMA Code for authentication |
46 | 12 | 6 =MP_RTT | Transmit RTT values |
46 | var | 7 =MP_ADDADDR | Advertise additional Address |
46 | 4 | 8 =MP_REMOVEADDR | Remove Address |
46 | 4 | 9 =MP_PRIO | Change Subflow Priority |
46 | var | 10 =MP_CLOSE | Close an MP-DCCP subflow |
46 | TBD | >10 | Reserved for future MP suboptions defined in Version > 0 or extension |
These operations are largely inspired by the signals defined in [RFC8684].¶
Some multipath options require confirmation from the remote peer (see Table 4). Such options will be retransmitted by the sender until a MP_CONFIRM is received or confirmation of options is identified outdated. The further processing of the multipath options in the receiving host is not the subject of MP_CONFIRM.¶
As multipath suboptions could arrive out-of-order, suboptions defined in Table 4 MUST be sent in a DCCP datagram with MP_SEQ Section 3.2.5. This allows suboptions to be identified with obsolete datasets that would otherwise conflict with newer datasets. In case of MP_ADDADDR or MP_REMOVEADDR the same dataset is identified based on AddressID, whereas the same dataset for MP_PRIO is identified by the subflow in use. An outdated suboption is detected at the receiver if a previous suboption referring to the same dataset contained a higher sequence number carried by MP_SEQ. AN MP_CONFIRM MAY be generated for suboptions that are identified outdated.¶
Similarly an MP_CONFIRM could arrive out of order. To ensure that the most recent suboption is confirmed the associated MP_SEQ received MUST be echoed. Otherwise inconsistencies could occur, e.g. if three MP_PRIO options are sent one after the other on one path in order to first set the path priority to 0, then to 1 and finally to 0 again. Without an associated MP_SEQ, a loss of the third MP_PRIO option and a loss of the MP_CONFIRM of the second update and the third update would cause the sender to incorrectly believe that the priority value is set to 0 without recognizing that the receiver has applied priority value 1.¶
The length of the MP_CONFIRM option and the path over which the option is sent depend on the confirmed suboptions and the received MP_SEQ, which is both copied verbatim and appended as a list of confirmations. The list structures by first listing the received MP_SEQ followed by the confirmed suboption or suboptions. The same rules apply when suboptions with different MP_SEQs are confirmed at once. This might happen if a datagram with MP_PRIO and a first MP_SEQ_1 and another datagram with MP_ADDADDR and a second MP_SEQ_2 are received in short succession. In this case, the structure described above is concatenated resulting in MP_SEQ_1 + MP_PRIO + MP_SEQ_2 + MP_ADDADDR.¶
Type | Option Length | MP_OPT | MP_CONFIRM Sending path |
---|---|---|---|
46 | var | 7 =MP_ADDADDR | Any available |
46 | 4 | 8 =MP_REMOVEADDR | Any available |
46 | 4 | 9 =MP_PRIO | Any available |
An example to illustrate the MP-DCCP confirm procedure for the MP_PRIO option is shown in Figure 7. The host A sends a DCCP-Request on path A2-B2 with an MP_PRIO option with value 1 and associated sequence number of 1. Host B replies on the same path in this instance (but could be any path) with a DCCP-Response containing the MP_CONFIRM option and a list containing the original sequence number (1) together with the associated option (MP_PRIO)¶
A second example to illustrate the same MP-DCCP confirm procedure but where an out of date option is also delivered is shown in (Figure 8. Here, a first DCCP-Data is sent from Host A to Host B with option MP_PRIO set to 4. Host A subsequently issues a second DCCP-Data with option MP_PRIO set to 1. The delivery of the first MP_PRIO is delayed in the network between Host A and Host B and arrives after the second MP_PRIO. Host B ignores this second MP_PRIO as the associated sequence number is earlier than the first. Host B sends a DCCP-Ack confirming receipt of the MP_PRIO(1) with sequence number 2.¶
The MP_JOIN option is used by a host to add a new subflow to an existing MP-DCCP connection and REQUIRES a successful establishment of the first subflow using MP_KEY. The Path Token is the SHA256 hash of the derived key (d-key), which was previously exchanged with the MP_KEY option. MP_HMAC MUST be set when using MP_JOIN to provide authentication (See Section 3.2.6 for details).¶
The MP_JOIN option includes an "Addr ID" (Address ID) generated by the sender of the option, used to identify the source address of this packet, even if the IP header has been changed in transit by a middlebox. The numeric value of this field is generated by the sender and MUST map uniquely to a source IP address for the sending host. The Address ID allows address removal (Section 3.2.9) without needing to know what the source address at the receiver is, thus allowing address removal through NATs. The Address ID also allows correlation between new subflow setup attempts and address signaling (Section 3.2.8), to prevent setting up duplicate subflows on the same path, if an MP_JOIN and MP_ADDADDR are sent at the same time.¶
The Address IDs of the subflow used in the initial DCCP Request/Response exchange of the first subflow in the connection are implicit, and have the value zero. A host MUST store the mappings between Address IDs and addresses both for itself and the remote host. An implementation will also need to know which local and remote Address IDs are associated with which established subflows, for when addresses are removed from a local or remote host. An Address ID always MUST be unique over the lifetime of a subflow and can only be re-assigned if sender and receiver no longer have them in use.¶
The Nonce is a 32-bit random value locally generated for every MP_JOIN option. Together with the Token, the Nonce value builds the basis to calculate the HMAC used in the handshaking process as described in Section 3.3.¶
If the path token can not be verified by the receiving host during a handshake negotiation, the new subflow MUST be closed, as specified in Section 3.6.¶
Regular DCCP has the means of sending a Close or Reset signals to abruptly close a connection. With MP-DCCP, a regular Close or Reset only has the scope of the subflow over which the signal was received. As such, it will only close the applicable subflow and will not affect the remaining subflows in use on other paths. An MP-DCCP connection will stay alive at the data level in order to permit break-before-make handover between subflows. It is therefore necessary to provide an MP-DCCP-level "Reset" to allow the abrupt closure of the whole MP-DCCP connection; this is done via the MP_FAST_CLOSE suboption.¶
For being effective, the MP_FAST_CLOSE suboption MUST be sent from an initiating host on all subflows as part of a DCCP-Reset packet with Reset Code THIS-RESET-CODE. To protect unauthorized shutdown of a multipath DCCP connection, the selected Key Data of the peer host during the handshaking procedure is carried by the MP_FAST_CLOSE option.¶
With completion of this step, the initiating host can tear down the subflows and the multipath DCCP connection immediately terminates.¶
Upon reception of the MP_FAST_CLOSE and successful validation of the Key Data at the peer host, a DCCP Reset packet is replied on all subflows to the initiating host with Reset Code THIS-RESET-CODE. The peer host can now close the whole MP-DCCP connection (i.e., it transitions the connection state directly to CLOSED).¶
The MP_KEY suboption is used to exchange key material between hosts for a given connection. The Length varies between 12 and 68 Bytes for a single-key message, and up to 110 Bytes when all specified Key Types 0-2 are provided. The Key Type field is used to specify the type of the following key data. Key types are shown in Table 5.¶
Key Type | Key Length (Bytes) | Meaning |
---|---|---|
0 =Plain Text | 8 | Plain Text Key |
1 =ECDHE-C25519-SHA256 | 32 | ECDHE with SHA256 and Curve25519 |
2 =ECDHE-C25519-SHA512 | 64 | ECDHE with SHA512 and Curve25519 |
3-255 | Unassigned |
Key Material is exchanged in plain text between hosts, and the key parts (key-a, key-b) are used by each host to generate the derived key (d-key) by concatenating the two parts with the local key in front (e.g. hostA d-key(A)=(key-a+key-b), hostB d-key(B)=(key-b+key-a)).¶
Public Key Material is exchanged via ECDHE key exchange with SHA256 and Curve 25519 to generate the derived key (d-key) from the shared secret.¶
Public Key Material is exchanged via ECDHE key exchange with SHA512 and Curve 25519 to generate the derived key (d-key) from the shared secret.¶
Providing multiple keys is only permitted in the DCCP-Request message of the handshake procedure for the first subflow, and allows the hosts to agree on a single key type to be used as described in Section 3.3¶
If the key type can not be agreed when the MP_KEY option is sent as part of the handshake procedure, the MP-DCCP connection MUST fallback to regular DCCP as indicated in Section 3.6¶
The MP_SEQ suboption is used for end-to-end datagram-based sequence numbers of an MP-DCCP connection. The initial data sequence number (IDSN) SHOULD be set randomly [RFC4086].¶
The MP_SEQ number space is different from the path individual sequence number space and MUST be sent with all DCCP-Data and DCCP-DataACK packet.¶
The MP_HMAC suboption is used to provide authentication for the MP_JOIN, MP_ADDADDR, and MP_REMOVEADDR suboptions. The HMAC code is generated according to [RFC2104] in combination with the SHA256 hash algorithm described in [RFC6234], with the output truncated to the leftmost 160 bits (20 bytes).¶
The "Key" used for the HMAC computation is the derived key (d-key) described in Section 3.2.4, while the HMAC "Message" is a concatenation of¶
MP_JOIN, MP_ADDADDR and MP_REMOVEADDR can co-exist or be used multiple times within a single DCCP packet. All these multipath options include an individual MP_HASH option. This ensures the MP_HASH is correctly associated. Otherwise, the receiver cannot validate multiple MP_JOIN, MP_ADDADDR or MP_REMOVEADDR. Therefore, a MP_HASH MUST directly follow its associated multipath option. In the likely case of sending a MP_JOIN together with a MP_ADDADDR, this results in concatenating MP_JOIN + MP_HMAC_1 + MP_ADDADDR + MP_HMAC_2, whereas the first MP_HMAC_1 is associated with the MP_JOIN and the second MP_HMAC_2 with the MP_ADDADDR suboption.¶
If the HMAC can not be validated by a receiving host, the subsequent handling depends on which suboption was being authenticated. If the suboption to be authenticated was either MP_ADDADDR or MP_REMOVEADDR, the receiving host MUST silently ignore it (see Section 3.2.8 and Section 3.2.9). If the suboption to be authenticated was MP_JOIN, the subflow MUST be closed (see Section 3.6)¶
The MP_RTT suboption is used to transmit RTT values in milliseconds and MUST belong to the path over which this information is transmitted. Additionally, the age of the measurement is specified in milliseconds. This information is in particular useful for the receiving host to calculate the RTT difference between the subflows and to estimate whether missing data has been lost.¶
The RTT and Age information is a 32-bit integer, which allows to cover a period of approximately 1193 hours.¶
Raw RTT value of the last Datagram Round-Trip preferably provided by the CCID in use.¶
Min RTT value over a given period preferably provided by the CCID in use.¶
Max RTT value over a given period preferably provided by the CCID in use.¶
Averaged RTT value over a given period preferably provided by the CCID in use.¶
The Age parameter defines the time difference between now - creation of the MP_RTT option - and the conducted RTT measurement in milliseconds. If no previous measurement exists, e.g., when initialized, the value is 0.¶
In Figure 15 an exemplary flow shows the exchange of path individual RTT information with RTT1 pointing to a first path and RTT2 to a second path. Those RTT values might be extracted from the sender's Congestion Control procedure and carried to the receiving host using MP_RTT suboption. With the reception of RTT1 and RTT2, the receiver is able to calculate the path_delta which corresponds to the absolute difference of both values. In the case that the path individual RTTs are symmetric in down- and uplink direction, packets with missing sequence number MP_SEQ, e.g., in a reordering process, can be assumed lost after path_delta/2.¶
The MP_ADDADDR suboption announces additional addresses (and, optionally, port numbers) on which a host can be reached. This option can be used at any time during an existing DCCP connection, when the sender wishes to enable multiple paths and/or when additional paths become available. Multiple instances of this suboption within a packet advertise simultaneously new addresses.¶
Length is variable depending on the address family (IPv4 or IPv6) and whether a port number is used. This field is in range between 8 and 22 bytes.¶
The presence of the final 2 octets, specifying the DCCP port number to use, are optional and can be inferred from the length of the option. Although it is expected that the majority of use cases will use the same port pairs as used for the initial subflow (e.g., port 80 remains port 80 on all subflows, as does the ephemeral port at the client), there could be cases (such as port-based load balancing) where the explicit specification of a different port is required. If no port is specified, the receiving peer MUST assume that any attempt to connect to the specified address uses the port already used by the subflow on which the MP_ADDADDR signal was sent.¶
Along with the MP_ADDADDR option a MP_HMAC option MUST be sent for authentication. The truncated HMAC parameter present in this MP_HMAC option is the leftmost 20 bytes of an HMAC, negotiated and calculated as described in Section 3.2.6. In the same way as for MP_JOIN, the key for the HMAC algorithm, in the case of the message transmitted by Host A, will be Key-A followed by Key-B, and in the case of Host B, Key-B followed by Key-A. These are the keys that were exchanged and selected in the original MP_KEY handshake. The message for the HMAC is the Address ID, IP address, and port that precede the HMAC in the MP_ADDADDR option. If the port is not present in the MP_ADDADDR option, the HMAC message will nevertheless include 2 octets of value zero. The rationale for the HMAC is to prevent unauthorized entities from injecting MP_ADDADDR signals in an attempt to hijack a connection. Note that, additionally, the presence of this HMAC prevents the address from being changed in flight unless the key is known by an intermediary. If a host receives an MP_ADDADDR option for which it cannot validate the HMAC, it SHOULD silently ignore the option.¶
The presence of a MP_SEQ Section 3.2.5 MUST be ensured in a DCCP datagram in which MP_ADDADDR is sent, as described in Section 3.2.1.¶
Every address has an Address ID that can be used for uniquely identifying the address within a connection for address removal. The Address ID is also used to identify MP_JOIN options (see Section 3.2.2) relating to the same address, even when address translators are in use. The Address ID MUST uniquely identify the address for the sender of the option (within the scope of the connection); the mechanism for allocating such IDs is implementation specific.¶
All Address IDs learned via either MP_JOIN or MP_ADDADDR SHOULD be stored by the receiver in a data structure that gathers all the Address-ID-to-address mappings for a connection (identified by a token pair). In this way, there is a stored mapping between the Address ID, observed source address, and token pair for future processing of control information for a connection. Note that an implementation MAY discard incoming address advertisements, for example, for avoiding the required mapping state, or because advertised addresses are of no use to it (for example, IPv6 addresses when it has IPv4 only). Therefore, a host MUST treat address advertisements as soft state, and the sender MAY choose to refresh advertisements periodically.¶
Due to the proliferation of NATs, it is reasonably likely that one host may attempt to advertise private addresses. It is not desirable to prohibit this, since there may be cases where both hosts have additional interfaces on the same private network. A host MAY advertise a private addresses. The MP_JOIN handshake to create a new subflow (Section 3.2.2) provides mechanisms to minimize security risks. The MP_JOIN message contains a 32-bit token that uniquely identifies the connection to the receiving host. If the token is unknown, the host MUST return with a DCCP-Reset. In the unlikely event that the token is known, subflow setup will continue, but the HMAC exchange must occur for authentication. This will fail, and will provide sufficient protection against two unconnected hosts accidentally setting up a new subflow upon the signal of a private address. Further security considerations around the issue of MP_ADDADDR messages that accidentally misdirect, or maliciously direct, new MP_JOIN attempts are discussed in Section 4. If a sending host of an MP_ADDADDR knows that no incoming subflows can be established at a particular address, an MP_ADDADDR SHOULD NOT announce that address unless the sending host has new knowledge about the possibility to do so. Such ability information can be obtained from local firewall or routing settings, knowledge about availability of external NAT or firewall, or from connectivity checks performed by the host/application.¶
The reception of an MP_ADDADDR message is acknowledged using MP_CONFIRM (Section 3.2.1). Using this mechanism reliable exchange of address information is ensured.¶
A host MAY send an MP_ADDADDR message with an already assigned Address ID, but the Address MUST be the same as previously assigned to this Address ID, and the Port MUST be different from one already in use for this Address ID. If these conditions are not met, the receiver SHOULD silently ignore the MP_ADDADDR. A host wishing to replace an existing Address ID MUST first remove the existing one (Section 3.2.9).¶
A host that receives an MP_ADDADDR but finds a connection set up to that IP address and port number is unsuccessful SHOULD NOT perform further connection attempts to this address/port combination for this connection. However, a sender that wants to trigger a new incoming connection attempt on a previously advertised address/port combination can therefore refresh MP_ADDADDR information by sending the option again.¶
If, during the lifetime of an MP-DCCP connection, a previously announced address becomes invalid (e.g., if an interface disappears), the affected host SHOULD announce this so that the peer can remove subflows related to this address.¶
This is achieved through the Remove Address (MP_REMOVEADDR) suboption which will remove a previously added address with an Address ID from a connection and terminate any subflows currently using that address.¶
Along with the MP_REMOVEADDR suboption a MP_HMAC option MUST be sent for authentication. The truncated HMAC parameter present in this MP_HMAC option is the leftmost 20 bytes of an HMAC, negotiated and calculated as described in Section 3.2.6. In the same way as for MP_JOIN, the key for the HMAC algorithm, in the case of the message transmitted by Host A, will be Key-A followed by Key-B, and in the case of Host B, Key-B followed by Key-A. These are the keys that were exchanged and selected in the original MP_KEY handshake. The message for the HMAC is the Address ID. The rationale for the HMAC is to prevent unauthorized entities from injecting MP_REMOVEADDR signals in an attempt to hijack a connection. Note that, additionally, the presence of this HMAC prevents the address from being removed in flight unless the key is known by an intermediary. If a host receives an MP_REMOVEADDR option for which it cannot validate the HMAC, it SHOULD silently ignore the option.¶
The presence of a MP_SEQ Section 3.2.5 MUST be ensured in a DCCP datagram in which MP_REMOVEADDR is sent. Further details are given in Section 3.2.1.¶
The reception of an MP_REMOVEADDR message is acknowledged using MP_CONFIRM (Section 3.2.1). Using this mechanism reliable exchange of address information is ensured. To avoid inconsistent states, it is recommended to release the sender address ID only after MP_REMOVEADDR has been confirmed.¶
The sending and receipt of this message SHOULD trigger the closing procedure described in [RFC4340] between client and server, respectively on the affected subflow(s) (if possible), as a courtesy to cleaning up middlebox state, before cleaning up any local state.¶
Address removal is done by Address ID to allow the use of NATs and other middleboxes that rewrite source addresses. If there is no address at the requested Address ID, the receiver will silently ignore the request.¶
A subflow that is still functioning MUST be closed with a DCCP-Close exchange as in regular DCCP, rather than using this option. For more information, see Section 3.5.¶
In the event that a single specific path out of the set of available paths shall be treated with higher priority compared to the others when making scheduling decisions for payload traffic, a host may wish to signal such change in priority to the peer. One reason for such behavior is due to the different costs involved in using different paths (e.g., WiFi is free while cellular has limit on volume, 5G has higher energy consumption). Also, the priority of a path could change, for example when the mobile runs out of battery, the usage of only a single path may be the preferred choice of the user. Therefore, the path priority SHOULD be considered as hints for the packet scheduler when making decisions which path to use for payload traffic.¶
The MP_PRIO suboption, shown below, can be used to set a priority flag for the path over which the suboption is received.¶
The following values are available for Prio field:¶
Example use cases include: 1) Setting Wi-Fi path to Primary and Cellular paths to Secondary. In this case Wi-Fi will be used and Cellular only if the Wi-Fi path is congested or not available. Such setting results in using the Cellular path only temporally, if more capacity is needed than the WiFi path can provide, indicating a clear priority of the Wi-Fi path over the Cellular due to e.g. cost reasons. 2) Setting Wi-Fi path to Primary and Cellular to Standby. In this case Wi-Fi will be used and Cellular only, if the Wi-Fi path is not available. 3) Setting Wi-Fi path to Primary and Cellular path to Primary. In this case, both paths can be used when making packet scheduling decisions.¶
If not specified, the default behavior is, that a path can always be used for packet scheduling decisions (MP_PRIO=3), if the path has been established and added to an existing MP-DCCP connection. At least one path should have a MP_PRIO value greater or equal to one for it to be allowed to send on the connection. It is RECOMMENDED to update at least one path to a non-zero MP_PRIO value when an MP-DCCP connection enters a state where all paths remain with an MP_PRIO value of zero. This helps an MP-DCCP connection to continue to be used scheduling in case the multipath scheduler strictly respects MP_PRIO value 0. MP_PRIO is assumed to be exchanged reliably using the MP_CONFIRM mechanisms (see Table 4).¶
The presence of a MP_SEQ Section 3.2.5 MUST be ensured in a DCCP datagram in which MP_PRIO is sent. Further details are given in Section 3.2.1.¶
An MP-DCCP connection can be gracefully closed by sending and MP_CLOSE to the peer host. On all subflows, the regular termination procedure as described in [RFC4340] MUST be initiated using MP_CLOSE in the initial packet (either a DCCP-CloseReq or a DCCP-Close). In the case where a DCCP-CloseReq is used, the following DCCP-Close MUST carry the MP_CLOSE as well to avoid keeping a state in the sender of the DCCP-CloseReq. At the initiator of the DCCP-CloseReq all sockets, including the MP-DCCP connection socket, transition to CLOSEREQ state. To protect unauthorized shutdown of a multi-path connection, the selected Key Data of the peer host during the handshaking procedure MUST be carried by the MP_CLOSE option and validated by the peer host. Note, Key Data is different between MP_CLOSE option carried by DCCP-CloseReq or DCCP-Close.¶
On reception of a first DCCP-CloseReq carrying a MP_CLOSE with valid Key Data, or due to a local decision, all subflows transition to the CLOSING state before transmitting a DCCP-Close carrying MP_CLOSE. In this case, the MP-DCCP connection socket on the host sending the DCCP-Close reflects the state of the initial subflow used during handshake with MP_KEY option. If the initial subflow no longer exists, the state moves immediately to CLOSED.¶
Upon reception of the first DCCP-Close carrying a MP_CLOSE with valid Key Data at the peer host, all subflows, as well as the MP-DCCP connection socket, move to the CLOSED state. After this, a DCCP-Reset with Reset Code 1 MUST be sent on any subflow in response to a received DCCP-Close containing a valid MP_CLOSE option.¶
When the MP-DCCP connection socket is in CLOSEREQ or CLOSE state, new subflow requests using MP_JOIN MUST be ignored.¶
Contrary to a MP_FAST_CLOSE Section 3.2.3, no single-sided abrupt termination is applied.¶
This section reserves a MP-DCCP sub-option to define and specify any experimental additional feature for improving and optimization of MP-DCCP protocol. This option may be applicable to specific environments or scenarios according to potential new requirements and meant for private use only. MP_OPT feature number 11 is specified with an exemplary description as below:¶
The Data field can carry any data according to the foreseen use by the experimenters with a maximum length of 252 Bytes.¶
An example to illustrate the MP-DCCP handshake procedure is shown in Figure 21.¶
The basic initial handshake for the first subflow is as follows:¶
Host A waits for the final DCCP-Ack from host B before starting any establishment of additional subflow connections.¶
The handshake for subsequent subflows based on a successful initial handshake is as follows:¶
Host B computes the HMAC of the DCCP-Request and sends a DCCP-Response with Confirm feature option for MP-Capable and the MP_JOIN option with the Token TB and a random nonce RB together with the computed MP_HMAC. The HMAC is calculated by taking the leftmost 20 bytes from the SHA256 hash of a HMAC code created by using the nonce received with MP_JOIN(A) and the local nonce RB as message and the derived key described in Section 3.2.4 as key:¶
MP_HMAC(B) = HMAC-SHA256(Key=d-key(B), Msg=RB+RA)¶
Host A sends a DCCP-Ack with the HMAC computed for the DCCP-Response. The HMAC is calculated by taking the leftmost 20 bytes from the SHA256 hash of a HMAC code created by using the local nonce RA and the nonce received with MP_JOIN(B) as message and the derived key described in Section 3.2.4 as key:¶
MP_HMAC(A) = HMAC-SHA256(Key=d-key(A), Msg=RA+RB)¶
When a host (Host A) wants to advertise the availability of a new path, it should use the MP_ADDADDR option (Section 3.2.8) as shown in the example in Figure 22. The MP_ADDADDR option passed in the DCCP-Data contains the following parameters: * an identifier (id 2) for the new IP address which is used as a reference in subsequent control exchanges. * the IP address of the new path (A2_IP) * A pair of octets specifying the port number associated with this IP address. The value of 00 here, indicates that the port number is the same as that used for the initial subflow address A1_IP¶
The following options MUST be included in a packet carrying MP_ADDADDR: * the leftmost 20 bytes of the HMAC(A) generated during the initial handshaking procedure described in Section 3.3 and Section 3.2.6 * the MP_SEQ option with the sequence number (seqno 12) for this message according to Section 3.2.5.¶
Host B acknowledges receipt of the MP_ADDADDR message with a DCCP-Ack containing the MP_CONFIRM option. The parameters supplied in this response are as follows: * an MP_CONFIRM containing the MP_SEQ number (seqno 12) of the packet carrying the option that we are confirming together with the MP_ADDADDR option * the leftmost 20 bytes of the HMAC(B) generated during the initial handshaking procedure Section 3.3¶
When a host (Host A) wants to indicate that a path is no longer available, it should use the MP_REMOVEADDR option (Section 3.2.9) as shown in the example in Figure 23. The MP_REMOVEADDR option passed in the DCCP-Data contains the following parameters: * an identifier (id 2) for the IP address to remove (A2_IP) and which was specified in a previous MP_ADDADDR message.¶
The following options must be included in a packet carrying MP_REMOVEADDR * the leftmost 20 bytes of the HMAC(A) generated during the initial handshaking procedure described in Section 3.3 and Section 3.2.6 * the MP_SEQ option with the sequence number (seqno 33) for this message according to Section 3.2.5.¶
Host B acknowledges receipt of the MP_REMOVEADDR message with a DCCP-Ack containing the MP_CONFIRM option. The parameters supplied in this response are as follows: * an MP_CONFIRM containing the MP_SEQ number (seqno 33) of the packet carrying the option that we are confirming, together with the MP_REMOVEADDR option * the leftmost 20 bytes of the HMAC(B) generated during the initial handshaking procedure Section 3.3¶
When a host wants to close an existing subflow but not the whole MP-DCCP connection, it MUST initiate the regular DCCP connection termination procedure as described in Section 5.6 of [RFC4340], i.e., it sends a DCCP-Close/DCCP-Reset on the subflow. This may be preceded by a DCCP-CloseReq. In the event of an irregular termination of a subflow, e.g., during subflow establishment, it MUST use an appropriate DCCP reset code as specified in IANA [DCCP.Parameter] for DCCP operations. This could be, for example, sending reset code 5 (Option Error) when an MP-DCCP option provides invalid data or reset code 9 (Too Busy) when the maximum number of maintainable paths is reached. Note that receiving a reset code 9 for secondary subflows SHOULD NOT impact already existing active subflows. If necessary, these subflows are terminated in a subsequent step using the procedures described in this section.¶
A host terminates an MP-DCCP connection using the DCCP connection termination specified in section 5.5 of [RFC4340] on each subflow with the first packet on each subflow carrying MP_CLOSE (see Section 3.2.11).¶
Host A Host B ------ ------ <- Optional DCCP-CloseReq + MP_CLOSE [A's key] [on all subflows] DCCP-Close + MP_CLOSE -> [B's key] [on all subflows] <- DCCP-Reset [on all subflows]¶
Additionally, an MP-DCCP connection may be closed abruptly using the "Fast Close" procedure described in Section 3.2.3, where a DCCP-Reset is sent on all subflows, each carrying the MP_FAST_CLOSE option.¶
Host A Host B ------ ------ DCCP-Reset + MP_FAST_CLOSE -> [B's key] [on all subflows] <- DCCP-Reset [on all subflows]¶
When a subflow fails to operate following MP-DCCP intended behavior, it is necessary to proceed with a fallback. This may be either falling back to regular DCCP [RFC4340] or removing a problematic subflow. The main reasons for subflow failing include: no MP support at peer host, failure to negotiate protocol version, loss of MP-DCCP suboptions, faulty/non-supported MP-DCCP options or modification of payload data.¶
At the start of an MP-DCCP connection, the handshake ensures exchange of MP-DCCP feature and options and thus ensures that the path is fully MP-DCCP capable. If during the handshake procedure it appears that DCCP-Request or DCCP-Response messages do not carry the MP_CAPABLE feature, the MP-DCCP connection will not be established and the handshake SHOULD fallback to regular DCCP (if this is not possible it MUST be closed).¶
A connection SHOULD fallback to regular DCCP if the endpoints fail to agree on a protocol version to use during the Multipath Capable feature negotiation. This is described in Section 3.1. The protocol version negotiation distinguishes between negotiation for the initial connection establishment, and addition of subsequent subflows. If protocol version negotiation is not successful during the initial connection establishment, MP-DCCP connection will fallback to regular DCCP.¶
The fallback procedure to regular DCCP MUST be also applied if the MP_KEY Section 3.2.4 Key Type cannot be negotiated.¶
If a subflow attempts to join an existing MP-DCCP connection, but MP-DCCP options or MP_CAPABLE feature are not present or are faulty in the handshake procedure, that subflow MUST be closed. This is especially the case if a different MP_CAPABLE version than the originally negotiated version is used. Reception of a non-verifiable MP_HMAC (Section 3.2.6) or an invalid MP_JOIN Path Token Section 3.2.2 during flow establishment MUST cause the subflow to be closed.¶
The subflow closing procedure MUST be also applied if a final ACK carrying MP_KEY with wrong Key-A/Key-B is received or MP_KEY option is malformed.¶
Another relevant case is when payload data is modified by middleboxes. DCCP uses checksum to protect the data, as described in section 9 of [RFC4340]. A checksum will fail if the data has been changed in any way. All data from the start of the segment that failed the checksum onwards cannot be considered trustworthy. DCCP defines that if the checksum fails, the receiving endpoint MUST drop the application data and report that data as dropped due to corruption using a Data Dropped option (Drop Code 3, Corrupt). If data is dropped due to corruption for an MP-DCCP connection, the affected subflow MAY be closed.¶
Senders MUST manage per-path congestion status, and avoid to sending more data on a given path than congestion control for each path allows.¶
A DCCP implementation maintains the maximum packet size (MPS) during operation of a DCCP session. This procedure is specified for single-path DCCP in [RFC4340], Section 14. Without any restrictions, this is adopted for MP-DCCP operations, in particular the PMTU measurement and the Sender Behaviour. The DCCP application interface SHOULD allow the application to discover the current MPS. This reflects the current supported largest size for the data stream that can be used across the set of all active MP-DCCP subflows.¶
MP-DCCP can be configured to realize one of several strategies for path usage, via selecting one DCCP subflow of the multiple DCCP subflows within a MP-DCCP connection for data transmission. This can be a dynamic process further facilitated by the means of DCCP and MP-DCCP defined options such as path preference using MP-PRIO, adding or removing DCCP subflows using MP_REMOVEADDR, MP_ADDADDR or DCCP-Close/DCCP-Reset and also path metrics such as packet-loss-rate, CWND or RTT provided by the Congestion Control Algorithm. Selecting an appropriate method can allow MP-DCCP to realize different path utilization strategies that make MP-DCCP suitable for end-to-end implementation over the Internet or in controlled environments such as Hybrid Access or 5G ATSSS.¶
The path mobility strategy provides the use of a single path with a seamless handover function to continue the connection when the currently used path is deemed unsuitable for service delivery. Some of the DCCP subflows of a MP-DCCP connection might become inactive due to either the occurrence of certain error conditions (e.g., DCCP timeout, packet loss threshold, RTT threshold, closed/removed) or adjustments from the MP-DCCP user. When there is outbound data to send and the primary path becomes inactive (e.g., due to failures) or de-prioritized, the MP-DCCP endpoint SHOULD try to send the data through an alternate path with a different source or destination address (depending on the point of failure), if one exists. This process SHOULD respect the path priority configured by MP_PRIO or if not available pick the most divergent source-destination pair from the original used source-destination pair. Note: Rules for picking the most appropriate source-destination pair are an implementation decision and are not specified within this document. Path mobility is supported in the current Linux reference implementation [multipath-dccp.org].¶
Different to a path mobility strategy, the selection between MP-DCCP subflows is here a per-packet decision that is a part of the multipath scheduling process. This method would allow multiple subflows to be simultaneously used to aggregate the path resources to obtain higher connection throughput.¶
In this scenario, the selection of congestion control, per-packet scheduling and potential re-ordering method determines a concurrent path utilization strategy and result in a particular transport characteristic.¶
A concurrent path usage method uses a scheduling design that could seek to maximize reliability, throughput, minimizing latency, etc.¶
Concurrent path usage over the Internet can have implications. When a
Multipath DCCP connection uses two or more paths, there is no guarantee
that these paths are fully disjoint. When two (or more) subflows share
the same bottleneck, using a standard congestion control scheme could
result in an unfair distribution of the capacity with the multipath
connection using more capacity than competing single path connections.
Multipath TCP uses the coupled congestion control Linked Increases
Algorithm (LIA) specified in the experimental specification [RFC6356] to solve this problem. This
scheme could also be specified for Multipath DCCP. The same applies to
other coupled congestion control schemes that have been proposed for
Multipath TCP such as Opportunistic Linked Increases Algorithm [OLIA].¶
The specification of scheduling for concurrent multipath and related the congestion control algorithms and re-ordering methods for use in the general Internet are outside the scope of this document. If and when the IETF specifies a method for concurrent usage of multiple paths for use in the general Internet, the framework specified in this document could be used to provide an IETF recommended method for MP-DCCP.¶
Similar to DCCP, MP-DCCP does not provide cryptographic security guarantees inherently. Thus, if applications need cryptographic security (integrity, authentication, confidentiality, access control, and anti-replay protection) the use of IPsec, DTLS over DCCP [RFC5238] or other end-to-end security is recommended; Secure Real-time Transport Protocol (SRTP) [RFC3711] is one candidate protocol for authentication. Together with Encryption of Header Extensions in SRTP, as provided by [RFC6904], also integrity would be provided.¶
As described in [RFC4340], DCCP provides protection against hijacking and limits the potential impact of some denial-of-service attacks, but DCCP provides no inherent protection against an on-path attacker snooping on data packets. Regarding the security of MP-DCCP no additional risks should be introduced compared to regular DCCP. Thereof derived are the following key security requirements to be fulfilled by MP-DCCP:¶
In order to achieve these goals, MP-DCCP includes a hash-based handshake algorithm documented in Sections Section 3.2.4 and Section 3.3. The security of the MP-DCCP connection depends on the use of keys that are shared once at the start of the first subflow and are never sent again over the network. To ease demultiplexing while not giving away any cryptographic material, future subflows use a truncated cryptographic hash of this key as the connection identification "token". The keys are concatenated and used as keys for creating Hash-based Message Authentication Codes (HMACs) used on subflow setup, in order to verify that the parties in the handshake are the same as in the original connection setup. It also provides verification that the peer can receive traffic at this new address. Replay attacks would still be possible when only keys are used; therefore, the handshakes use single-use random numbers (nonces) at both ends -- this ensures that the HMAC will never be the same on two handshakes. Guidance on generating random numbers suitable for use as keys is given in [RFC4086]. During normal operation, regular DCCP protection mechanisms (such as header checksum to protect DCCP headers against corruption) will provide the same level of protection against attacks on individual DCCP subflows as exists for regular DCCP.¶
As discussed in Section 3.2.8, a host may advertise its private addresses, but these might point to different hosts in the receiver's network. The MP_JOIN handshake (Section 3.2.2) will ensure that this does not succeed in setting up a subflow to the incorrect host. However, it could still create unwanted DCCP handshake traffic. This feature of MP-DCCP could be a target for denial-of-service exploits, with malicious participants in MP-DCCP connections encouraging the recipient to target other hosts in the network. Therefore, implementations should consider heuristics at both the sender and receiver to reduce the impact of this.¶
Issues from interaction with on-path middleboxes such as NATs, firewalls, proxies, intrusion detection systems (IDSs), and others have to be considered for all extensions to standard protocols since otherwise unexpected reactions of middleboxes may hinder its deployment. DCCP already provides means to mitigate the potential impact of middleboxes, also in comparison to TCP (see [RFC4043], Section 16). In case, however, both hosts are located behind a NAT or firewall entity, specific measures have to be applied such as the [RFC5596]-specified simultaneous-open technique that update the (traditionally asymmetric) connection-establishment procedures for DCCP. Further standardized technologies addressing NAT type middleboxes are covered by [RFC5597].¶
[RFC6773] specifies UDP Encapsulation for NAT Traversal of DCCP sessions, similar to other UDP encapsulations such as for SCTP [RFC6951]. Future specifications by the IETF could specify other methods for DCCP encapsulation.¶
The approach described above has been implemented in open source across different testbeds and a new scheduling algorithm has been extensively tested. Also demonstrations of a laboratory setup have been executed and have been published at [multipath-dccp.org].¶
[RFC6824] and [RFC8684] defined Multipath TCP and provided important inputs for this specification¶
The authors gratefully acknowledge significant input into this document from Dirk von Hugo, Nathalie Romo Moreno, Omar Nassef, Mohamed Boucadair, Simone Ferlin, and Behcet Sarikaya.¶
This section provides guidance to the Internet Assigned Numbers Authority (IANA) regarding registration of values related to the MP extension of the DCCP protocol in accordance with [RFC8126]. This document defines one new value to be added to the DCCP Feature Numbers registry and three new registries to be added to the DCCP registry group.¶
This document requests IANA to assign a new DCCP feature parameter for negotiating the support of multipath capability for DCCP sessions between hosts as described in Section 3. The following entry in Table 6 should be added to the Feature Numbers registry in the DCCP registry group according to [RFC4340], Section 19.4. under the "DCCP Protocol" heading.¶
Value | Feature Name | Specification |
---|---|---|
THIS-FEATURE (10 suggested) | MP-DCCP capability feature | [ThisDocument] |
As outlined in sect. Section 3.1 the new 1-Byte entry above includes a 4-bit part to specify the version of the used MP-DCCP implementation. This document requests IANA to create a new 'MP-DCCP Versions' registry within the DCCP registry group to track the MP-DCCP version. The initial content of this registry is as follows:¶
Version | Value | Specification |
---|---|---|
THIS-VER | Suggested 0000 | [ThisDocument] |
Unassigned | 0001 - 1111 |
Future MP-DCCP versions 1 to 15 are assigned from this registry using the Specification Required policy (Section 4.6 of [RFC8126]).¶
This document requests IANA to assign a new DCCP protocol option THIS-DCCP-OPTION (suggested type=46) as described in Section 3.2. In this document, THIS-DCCP-OPTION is replaced by 46 for better readability.¶
IANA is requested to create a new 'MP-DCCP Suboptions' registry within the DCCP registry group. The following entries in Table 8 should be added to the new 'MP-DCCP Suboptions' registry. The registry in Table 8 has an upper boundary of 255 in the numeric value field.¶
Value | Symbol | Name | Reference |
---|---|---|---|
Type=46 | MP_OPT | DCCP Multipath option | Section 3.2 |
MP_OPT=0 | MP_CONFIRM | Confirm reception/processing of an MP_OPT option | Section 3.2.1 |
MP_OPT=1 | MP_JOIN | Join subflow to existing MP-DCCP connection | Section 3.2.2 |
MP_OPT=2 | MP_FAST_CLOSE | Close MP-DCCP connection | Section 3.2.3 |
MP_OPT=3 | MP_KEY | Exchange key material for MP_HMAC | Section 3.2.4 |
MP_OPT=4 | MP_SEQ | Multipath Sequence Number | Section 3.2.5 |
MP_OPT=5 | MP_HMAC | Hash-based Message Auth. Code for MP-DCCP | Section 3.2.6 |
MP_OPT=6 | MP_RTT | Transmit RTT values and calculation parameters | Section 3.2.7 |
MP_OPT=7 | MP_ADDADDR | Advertise additional Address(es)/Port(s) | Section 3.2.8 |
MP_OPT=8 | MP_REMOVEADDR | Remove Address(es)/ Port(s) | Section 3.2.9 |
MP_OPT=9 | MP_PRIO | Change Subflow Priority | Section 3.2.10 |
MP_OPT=10 | MP_CLOSE | Close MP-DCCP subflow | Section 3.2.11 |
MP_OPT=11 | MP_EXP | Experimental Sub-Option for private use | Section 3.2.12 |
MP_OPT>11 | Unassigned | Reserved for future MP-DCCP suboptions |
Future MP-DCCP sub-options with MP_OPT>11 are assigned from this registry using the Specification Required policy (Section 4.6 of [RFC8126]).¶
In addition IANA is requested to assign a new DCCP Reset Code value THIS-RESET-CODE (13 suggested) in the DCCP Reset Codes Registry, with the short description "Abrupt MP termination". Use of this reset code is defined in section Section 3.2.3.¶
In addition IANA is requested to assign for this version of the MP-DCCP protocol a new 'MP_KEY' registry containing three different sub options to the MP-KEY option to identify the MP_KEY Key types in terms of 8-bit values as specified in Section 3.2.4 according to the entries in Table 9 below. Values in range 3-255 (decimal) inclusive remain unassigned in this THIS-VER of the protocol and are assigned via Specification Required [RFC8126] in potential future versions of the MP-DCCP protocol.¶
Value | Key Type | Name or Meaning | Reference |
---|---|---|---|
0 | Plain Text | Plain Text Key | Section 3.2.4 |
1 | ECDHE-C25519-SHA256 | ECDHE with SHA256 and Curve25519 | Section 3.2.4 |
2 | ECDHE-C25519-SHA512 | ECDHE with SHA512 and Curve25519 | Section 3.2.4 |
This appendix is Informative.¶
Multipath DCCP is similar to Multipath TCP [RFC8684], in that it extends the related basic DCCP transport protocol [RFC4340] with multipath capabilities in the same way as Multipath TCP extends TCP [RFC0793]. However, because of the differences between the underlying TCP and DCCP protocols, the transport characteristics of MPTCP and MP-DCCP are different.¶
Table 10 compares the protocol characteristics of TCP and DCCP, which are by nature inherited by their respective multipath extensions. A major difference lies in the delivery of payload, which is for TCP an exact copy of the generated byte-stream. DCCP behaves in a different way and does not guarantee to deliver any payload nor the order of delivery. Since this is mainly affecting the receiving endpoint of a TCP or DCCP communication, many similarities on the sender side can be identified. Both transport protocols share the 3-way initiation of a communication and both employ congestion control to adapt the sending rate to the path characteristics.¶
Feature | TCP | DCCP |
---|---|---|
Full-Duplex | yes | yes |
Connection-Oriented | yes | yes |
Header option space | 40 bytes | < 1008 bytes or PMTU |
Data transfer | reliable | unreliable |
Packet-loss handling | re-transmission | report only |
Ordered data delivery | yes | no |
Sequence numbers | one per byte | one per PDU |
Flow control | yes | no |
Congestion control | yes | yes |
ECN support | yes | yes |
Selective ACK | yes | depends on congestion control |
Fix message boundaries | no | yes |
Path MTU discovery | yes | yes |
Fragmentation | yes | no |
SYN flood protection | yes | no |
Half-open connections | yes | no |
Consequently, the multipath features, shown in Table 11, are the same, supporting volatile paths having varying capacity and latency, session handover and path aggregation capabilities. All of them profit by the existence of congestion control.¶
Feature | MPTCP | MP-DCCP |
---|---|---|
Volatile paths | yes | yes |
Session handover | yes | yes |
Path aggregation | yes | yes |
Data reordering | yes | optional |
Expandability | limited by TCP header | flexible |
Therefore, the sender logic is not much different between MP-DCCP and MPTCP.¶
The receiver side for MP-DCCP has to deal with the unreliable transport character of DCCP. The multipath sequence numbers included in MP-DCCP (see Section 3.2.5) facilitates adding optional mechanisms for data stream packet reordering at the receiver. Information from the MP_RTT multipath option (Section 3.2.7), DCCP path sequencing and the DCCP Timestamp Option provide further means for advanced reordering approaches, e.g., as proposed in [I-D.amend-iccrg-multipath-reordering]. Such mechanisms do, however, not affect interoperability and are not part of the MP-DCCP protocol. Many applications that use unreliable transport protocols can also inherently deal with out-of-sequence data (e.g., through adaptive audio and video buffers), and so additional reordering support may not be necessary. The addition of optional reordering mechanisms are most likely to be needed when the different DCCP subflows are routed across paths with different latencies. In theory, applications using DCCP are aware that packet reordering might happen, since DCCP has no mechanisms to prevent it.¶
The receiving process for MPTCP is on the other hand a rigid "just wait" approach, since TCP guarantees reliable delivery.¶