Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.

To: julian_satran@il.ibm.com
Subject: Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
From: Charles Esson <charlese@cvs.com.au>
Date: Mon, 28 Feb 2000 04:08:24 +1100
CC: Alan Cox <alan@lxorguk.ukuu.org.uk>, David Robinson <David.Robinson@EBay.Sun.COM>, ips@ece.cmu.edu, tcp-impl@grc.nasa.gov
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Delivery-Date: Sun Feb 27 16:35:01 2000
References: <C1256892.0037ED28.00@d12mta05.de.ibm.com>
Sender: owner-ips@ece.cmu.edu



julian_satran@il.ibm.com wrote:

> True. You can do everything by processing headers... but the you need to
> understand all the protocols that are amased over TCP. To do it in silicon
> it will probably make sense for a subset.
> RDMA is a general purpose solution and the user decides what to do with it.
> You can look at it as a simple way to enable the protocl stack and the
> application to completely separate the protocol state machine (defined by
> headers and/or trailers) from the payload.
>
> As for the vulnerability to attacks with a good size RDMAID and some
> imagination

Why not apply the imagination to the writing of a zero copy TCP stack based
on the current standards? It would be a lot more general and a lot more useful
as
it would work against unmodified servers.

> you can get the same level of protection as with the TCP
> sequence number (even a bit better because sequence numbers can be guessed
> from context).

Are you suggesting that the sequence number should no longer be used? Are you
suggesting that the RDMAID and sequence number should be unrelated?

If the sequence number is still used then the RDMAIN is simple additional data
that
can be used by the attacker. Just another farmyard of potential bugs to be
investigated
and exploited?

If you are not going to use the sequence number, how does a system that doesn't

support this option receive the data? If your aim is  to design a system that
isn't
backward compatible, why would anyone in there right mind support it?

Aiming to keep the intellectual property rights, not backward compatible,
dubious technical merit. ummm?

Regards.

>
>
> Julo
>
> Alan Cox <alan@lxorguk.ukuu.org.uk> on 25/02/2000 15:17:05
>
> Please respond to Alan Cox <alan@lxorguk.ukuu.org.uk>
>
> To:   julian_satran%ibmil.RSCS@STUTVM1.DE.IBM.COM
> cc:   David.Robinson@EBay.Sun.COM (David Robinson), ips@ece.cmu.edu,
>       tcp-impl@grc.nasa.gov (bcc: Julian Satran/Haifa/IBM)
> Subject:  Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
>
> > Gb/s it requires some innovation and lots of silicon. The RDMA option
> makes
> > it possible at a far lower price. And the zero copy it enables might go
> > deep into the application space as it is only an annotation on packets.
>
> I am not convinced the amount of silicon changes between the two. The
> RDMA id make be faked by an attacker so must still be verified.
>
> Va Jacobson proposed and to an extent implemented a system where the user
> context does all the TCP work. In that sort of situation and with a more
> sensible API than the BSD socket one you dont appear to need a lot of
> silicon,
> in fact the worst case is the wildcard.
>
> Alan

References:
- Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
  - From: julian_satran@il.ibm.com

Prev by Date: Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
Next by Date: Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
Prev by thread: Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
Next by thread: Re: TCP RDMA option to accelerate NFS, CIFS, SCSI, etc.
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:08:17 2001
6315 messages in chronological order