fix: ignore local address when considering path migration #2458
+101
−32
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
We currently consider the full 4-tuple (local + remote IP addresses and ports) when identifying a path. This seems to be an overly strict interpretation of how paths are considered in the RFC. I don't see any text indicating this is the correct approach. In fact, I see the following:
That text seems to indicate that we should really only be considering the peer address when deciding if it tried to migrate. So I've implemented that change here.
Additionally, I've ensured that the server does not update the local address it is sending on, even if received a packet on a new one, since this would also go against what the RFC recommends:
There's a high probability the client isn't aware that packets are being sent to different server IPs and would result in the client dropping packets, since the server's source IP would be different. As such, the server will not change its path at all after the initial packet is received.
Testing:
I've added a test for the server which forces the local IP to change before the handshake completes. Before this change, this test would fail, since we'd drop all packets with a different IP. After this change, this test passes.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.