Re: [dhcwg] AD review of draft-ietf-dhc-dhcpv6-load-balancing
Andre Kostur <akostur@incognito.com> Tue, 20 January 2015 19:43 UTC
Return-Path: <akostur@incognito.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D47E1ACF55 for <dhcwg@ietfa.amsl.com>; Tue, 20 Jan 2015 11:43:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.578
X-Spam-Level:
X-Spam-Status: No, score=-3.578 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id goIIJ_f7vk5O for <dhcwg@ietfa.amsl.com>; Tue, 20 Jan 2015 11:43:24 -0800 (PST)
Received: from mail-ie0-f180.google.com (na3sys010aog111.obsmtp.com [74.125.245.90]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA6FB1B2B01 for <dhcwg@ietf.org>; Tue, 20 Jan 2015 11:43:24 -0800 (PST)
Received: from mail-ie0-f180.google.com ([209.85.223.180]) (using TLSv1) by na3sys010aob111.postini.com ([74.125.244.12]) with SMTP ID DSNKVL6v3GcobngZmr2rq4IaYnxh/rJ2EHqo@postini.com; Tue, 20 Jan 2015 11:43:24 PST
Received: by mail-ie0-f180.google.com with SMTP id rl12so4509042iec.11 for <dhcwg@ietf.org>; Tue, 20 Jan 2015 11:43:23 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=o8AvYeeYwhpZqYgBixNQA7oKn8+z27/2J4JLEaOBkyY=; b=dvE7Sz/+3K3QdXZcJi77yaZNl5IsiOx23dvGIXSaUx9L+dEToXm7v8rrX70UFPT3Rc WSgfwE03+e+sdfVUscJkJ+u0NLfVMNu5tRBhVIny/Ia2VYPnhHH6O4q9ySCwrFl/sbYu bjsOoiit3IXQkpn/Sj4Xom10Sti3Fi9G7XDgLichBnEUrPyoGMsDo+lPA1qltxGHfan8 5+8F2HlfhTmlu5esgBf7k1VpT7KSM1jr4mr9oFcTAjCujMkeJXgD+9vxPYU5zziam/+Q d6ot3YX8AQXVNhZx8lJwTu7eKhbBdYzniQsI5W1hb9svjHvkJPLLU/wTy50ok+Fe+uHj 3fRQ==
X-Gm-Message-State: ALoCoQk+HDeJAaf2IMoJ/js9m5oGKvONudqhgav87srw9iYWkb0HhL1V9jPIvFmfgWYMfv9i9AJq30EOB5u89XoejljT6DwFhi0oRIf0HgmBsVmAtN8ht0K8dEn1zUfjExOAYRaBlfv5MJWHkmux8SdNd6o0/9XUOA==
X-Received: by 10.43.79.2 with SMTP id zo2mr36755376icb.78.1421783003808; Tue, 20 Jan 2015 11:43:23 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.43.79.2 with SMTP id zo2mr36755368icb.78.1421783003713; Tue, 20 Jan 2015 11:43:23 -0800 (PST)
Received: by 10.50.36.100 with HTTP; Tue, 20 Jan 2015 11:43:23 -0800 (PST)
In-Reply-To: <489D13FBFA9B3E41812EA89F188F018E1B782FE0@xmb-rcd-x04.cisco.com>
References: <0FE7102D-39A6-4245-A07A-B70C945FAE8F@nominum.com> <489D13FBFA9B3E41812EA89F188F018E1B7828B1@xmb-rcd-x04.cisco.com> <F3B109F2-52EA-4305-BAA2-4DB3C6C4CEDC@nominum.com> <489D13FBFA9B3E41812EA89F188F018E1B782FE0@xmb-rcd-x04.cisco.com>
Date: Tue, 20 Jan 2015 11:43:23 -0800
Message-ID: <CAL10_Bq9vej7L0AN-CF4oZUCqu2jhH4=UmjUqXCUdAi-kJZDkQ@mail.gmail.com>
From: Andre Kostur <akostur@incognito.com>
To: "Bernie Volz (volz)" <volz@cisco.com>
Content-Type: multipart/alternative; boundary="001a11333074e270ed050d1aa69e"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/V02dLeVgAhq5mWXk7WBC1iNReoE>
Cc: dhcwg <dhcwg@ietf.org>, Ted Lemon <Ted.Lemon@nominum.com>
Subject: Re: [dhcwg] AD review of draft-ietf-dhc-dhcpv6-load-balancing
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jan 2015 19:43:27 -0000
Thank-you for your patience (and Bernie for the first round of defense): > In section 3.2, the text appears to be saying that in a DHCPv6 failover setup, a RENEW with a server > identifier should be ignored if the load balancing algorithm doesn't identify the client as belonging to that > server. This is problematic, for two reasons. First, it leads to the client attempting to renew multiple > times, resulting in an increased load on the server. Second, a REBIND would presumably be answered > by both servers, so it wouldn't necessarily correct the problem. The increased load on the server is pretty small as load balancing happens pretty early and results in the RENEW being dropped. Also this additional load is only appearing in the case where one of the servers has failed. When the server is restored, the RENEWs would be arriving at both servers, and the responsible server will answer. Unless the DHCPv6 server is configured to allow unicast RENEWs. Then the client would be retrying between T1 and T2 every 10 minutes (assuming default timeouts, and after the initial ramp-up of the 4, 8, 16, etc timeouts). As Bernie mentioned, the REBIND would only be answered by the responsible server. > But this leads to the reason I think this is not ready for publication: RFC 3074 never actually specifies > under what circumstances load balancing is done: it leaves it up to the implementation. It kind of implies > that load balancing should be done on all requests. But in fact it only ever mentions DHCPDISCOVER. > And indeed, I just looked at the ISC implementation, and it only does load balancing on DHCPDISCOVER. RFC 3074 defines a Service Transaction as “A set of client-server exchanges that lead to a server providing or denying some service to a client.” It does go on to use DORA as an example of a Service Transaction, but a REQUEST-RENEW/ACK (or INFORM/ACK) would just as much be a Service Transaction. Examples are not definitions. > Section 2 of this document suggests that load balancing is done for _all_ client-sourced messages, but > that would mean that a REBIND message wouldn't get a response from the non-balancing server, which in > turn would mean that the client's lease would have to expire before it could rebind to the correct server. Correct. REBINDs do not carry a Server ID, and thus are subject to load balancing. And if we are talking about the failover mode, then the one of the two servers is responsible for that device and will answer. The failure case here is that if the partner servers can see each other, but the clients cannot reach one of the servers. Then we may be in the limbo state of half the population being ignored because the functional server can still see the isolated server (and thus correctly ignores that half of the population). This is fixable by either repairing the network issue, or stopping the isolated server. Note that section 3.2 says that the RENEW with the correct Server Identifier MAY choose to ignore the request. This does leave it free for a server implementer to make the choice that they do not wish the population to rebalance automatically without waiting for them to eventually come in with a SOLICIT (or make it configurable, implementer’s choice). I feel that this behaviour is desirable as one is performing load balancing for a reason. If one did not care that the entire population could stay on one server, why bother with the additional complexity of a load balanced solution? Just let the population work with one server, and let the secondary server only respond when the first is unresponsive. > And, if the goal is for use with failover, we should wait until failover is available (or further along)? I don’t think it would be necessary to wait for failover to be available, as this draft is dependant on certain properties of the failover mechanism, not on a specific implementation. -- Andre Kostur
- [dhcwg] AD review of draft-ietf-dhc-dhcpv6-load-b… Ted Lemon
- Re: [dhcwg] AD review of draft-ietf-dhc-dhcpv6-lo… Bernie Volz (volz)
- Re: [dhcwg] AD review of draft-ietf-dhc-dhcpv6-lo… Bernie Volz (volz)
- Re: [dhcwg] AD review of draft-ietf-dhc-dhcpv6-lo… Ted Lemon
- Re: [dhcwg] AD review of draft-ietf-dhc-dhcpv6-lo… Andre Kostur