IETF Logo Mail Archive

Re: [Anima] ACP [was I-D Action: draft-ietf-anima-grasp-13.txt - SONN]

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 09 June 2017 23:33 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D61A5126BF6 for <anima@ietfa.amsl.com>; Fri, 9 Jun 2017 16:33:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZcbKk9DUVpgL for <anima@ietfa.amsl.com>; Fri, 9 Jun 2017 16:33:27 -0700 (PDT)
Received: from mail-pf0-x236.google.com (mail-pf0-x236.google.com [IPv6:2607:f8b0:400e:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 481161200B9 for <anima@ietf.org>; Fri, 9 Jun 2017 16:33:27 -0700 (PDT)
Received: by mail-pf0-x236.google.com with SMTP id 15so5458383pfc.1 for <anima@ietf.org>; Fri, 09 Jun 2017 16:33:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=nNYTnDW7BcEeU82dXpaF00rRCHq/2TxIO6LsWspo+08=; b=nnkRisECwyeYkVL9ATwUBfQ08tPjcLQ30Kg1tlOChq8S1P+pLxdp8+piyjD4WkPjlY iiUKzIXoYEfO0TEoL48aflP30HsDoRQSAVhN/Snl7aJav2fOsUy/P0XqvkOvmz7CPBZW 6WLn2ImTi7RzlEbdNnNNhda6fM2pp0AS+2dsuEelMqh9FRiP97X6L1OsL4Plp/XulGxY Hqj2OME1eZevisZDmeahtFKF1A0yCdxuZBqK2LqjOSp49w2hPRWsvxIeCxnJyDszk0tb yILAamSZzvX7oAwaf316nCsBbRXzubE49BFjnhpIjPzPEEF1nqYC1JLDuZEvPOfXLlX4 avuA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=nNYTnDW7BcEeU82dXpaF00rRCHq/2TxIO6LsWspo+08=; b=Z6b99H5nYvPAvMUW4NnGHwtrx2XAExiOHgta/TcpnmYGNUYSX9tqJJGrSz6PPvaf67 ckQdPWEfiYBma1rHWR3eMYUlDQn+raunYbUrnbNAj547yrGOW1XxGnyH8XZPQVKjNBVP Hnr2yRfXACNGyY6iQDP7Z/a8wQEuLFCSVGbVkDaWIHorGntdlrXeVX0fotzUPRvvn57B YETmigj3yCiLtZy7U5q3101c2NR9moRS2C8lxsZjALuxQCk95XAaiys0htJaMbjLTOBg WGGVHZH9lThNxG2scXJRG6/A5aXTgUXIPxZWKwklRey9Yklc45hNtm3ro5qfKThyqYaB zcoA==
X-Gm-Message-State: AODbwcB+Nc0vAgJ8YYhhW4GmUTwlpQwgoU6oSN4vnhN3w7nj3E6wNoUA n4lldHtIkH62kP2b
X-Received: by 10.84.194.226 with SMTP id h89mr29153395pld.58.1497051206695; Fri, 09 Jun 2017 16:33:26 -0700 (PDT)
Received: from [192.168.178.21] ([118.148.119.180]) by smtp.gmail.com with ESMTPSA id b2sm4281933pgc.16.2017.06.09.16.33.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Jun 2017 16:33:25 -0700 (PDT)
To: Carsten Bormann <cabo@tzi.org>
Cc: Anima WG <anima@ietf.org>
References: <149669625424.3230.10151704455578829166@ietfa.amsl.com> <f829bda3-d4f5-014d-8ffd-e63537171ba6@gmail.com> <20170606232417.GJ12427@faui40p.informatik.uni-erlangen.de> <41e0a6fc-9410-4d84-cae6-74dbd3fdfa74@gmail.com> <20170607205533.GD20021@faui40p.informatik.uni-erlangen.de> <7dd77b25-2319-3999-bf4a-2274eb0728a1@gmail.com> <3434.1496937571@obiwan.sandelman.ca> <cb901c29-cdf9-fdff-8e9b-1e2cc5079359@gmail.com> <21716.1497019696@obiwan.sandelman.ca> <588e1953-4db1-086b-d441-2371e352ad73@gmail.com> <B4F99EAF-46CB-4BFD-AC1D-6F5B6BE83879@tzi.org>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <b66b380f-6847-ec43-3d93-c11df85e3da6@gmail.com>
Date: Sat, 10 Jun 2017 11:33:32 +1200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <B4F99EAF-46CB-4BFD-AC1D-6F5B6BE83879@tzi.org>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/28fpJhNZ726BT_obb3hnSN46FNU>
Subject: Re: [Anima] ACP [was I-D Action: draft-ietf-anima-grasp-13.txt - SONN]
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jun 2017 23:33:29 -0000

On 10/06/2017 09:15, Carsten Bormann wrote:
> On Jun 9, 2017, at 22:43, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>
>> But if not, *somebody* is going to replicate the packets. If the VRF
>> doesn't do it, GRASP itself will have to do it. That doesn't seem optimal
>> to me.
> 
> I wonder why you are saying this.
> 
> Generally, where information needs to be disseminated to a group, there is an end-to-end argument giving the application a big role in that.  Supporting this directly in the network can only really be motivated by performance considerations(*); do you think this function here is performance-critical?

Well, we are talking about encryption here, so there is a run-time cost
that we can never optimise if it's an upper layer that replicates the
packets. However, my main concern is that the GRASP code will have to
track each neighbour relationship as a distinct virtual interface with
its own interface index, and in particular the discovery relaying code
will have to track each one separately. That is stateful, because
discovery responses have to be matched to the discovery request.
And it goes like N(neighbours).

If the VRF simply emulates multicast sending, that is a trvial
stateless process, and the GRASP state goes like N(interfaces).

Either will work, but as far as I can see having the VRF handle
LL multicast is much, much simpler. To be clear, it doesn't have
to do any multicast routing; that's why GRASP does its own
relaying. The VRF has to do something like

if message.destination_address == ALL_GRASP_NEIGHBORS_6:
    for i in neighbors:
        secure_send(message, i)

and then it can forget about it, because it's UDP.

   Brian

> 
> Grüße, Carsten
> 
> (*) or where the topology defines the group, but I don’t think this is the case here.
> 
>

v2.23.0 | Report a Bug | By Email