IETF Logo Mail Archive

Re: [dhcwg] Review of draft-ietf-dhc-dhcpv6-failover-protocol-00

"Bernie Volz (volz)" <volz@cisco.com> Mon, 30 November 2015 19:05 UTC

Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8260C1AD218 for <dhcwg@ietfa.amsl.com>; Mon, 30 Nov 2015 11:05:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jMtSM5khMiQ2 for <dhcwg@ietfa.amsl.com>; Mon, 30 Nov 2015 11:05:35 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3FC31ACEB7 for <dhcwg@ietf.org>; Mon, 30 Nov 2015 11:05:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3709; q=dns/txt; s=iport; t=1448910334; x=1450119934; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=MUZztOBnQU6N4efveTq8t+HFcEucJllCbfIZ4Q1cJwk=; b=nB0a8vItpsclpbsYchduHKVy9/puaKOEHTIm4na3x8FQb43h1hfRVr1V 2H6uA44W7xusjecVXwTlrEndT9Tx5Bv7Szh+EJQCbAKzsah476XdPyGx+ NPIL5Rq+tzb9eZbcETqKa5z3Wo5dOwGNp/2iVTntBsCyqSFunSAHtQWEa k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D/AQCJnFxW/4MNJK1egztTbwa+KQENgWYXCoVuAoEzOBQBAQEBAQEBgQqENAEBAQMBAQEBNzQDDQcEAgEIDgMEAQEfCQcnCxQJCAEBBAESCIgeCA27PQEBAQEBAQEBAQEBAQEBAQEBAQEBARQEi1KENA6EdwWWVwGNMJxnAR8BAUKEBHKEJ0OBBwEBAQ
X-IronPort-AV: E=Sophos;i="5.20,365,1444694400"; d="scan'208";a="213571734"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 30 Nov 2015 19:05:34 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id tAUJ5Yao027460 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 30 Nov 2015 19:05:34 GMT
Received: from xch-aln-003.cisco.com (173.36.7.13) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Mon, 30 Nov 2015 13:05:33 -0600
Received: from xch-aln-003.cisco.com ([173.36.7.13]) by XCH-ALN-003.cisco.com ([173.36.7.13]) with mapi id 15.00.1104.000; Mon, 30 Nov 2015 13:05:33 -0600
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Simon Hobson <linux@thehobsons.co.uk>, "dhcwg@ietf.org" <dhcwg@ietf.org>
Thread-Topic: [dhcwg] Review of draft-ietf-dhc-dhcpv6-failover-protocol-00
Thread-Index: AdErfq2gGB7Fb3AjRjOotiZ72EDNggAOD/sAAABbDIAAAn/bgAAIYanQ
Date: Mon, 30 Nov 2015 19:05:33 +0000
Message-ID: <914ca35c44dc49b9819d1e8ec2842f63@XCH-ALN-003.cisco.com>
References: <66cb478301394af2a9981ed20fd9942d@XCH-ALN-003.cisco.com> <B25C3B4C-69B5-4818-A145-CDAC106E940C@cisco.com> <5AE56C14-0E13-4F63-94F9-F8409C5E0C94@cisco.com> <29AE5313-D17E-4F78-BBBC-395BB0AE3589@thehobsons.co.uk>
In-Reply-To: <29AE5313-D17E-4F78-BBBC-395BB0AE3589@thehobsons.co.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.98.1.197]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/udXnLZmLf-YDR99-U2ENBq-fBG8>
Subject: Re: [dhcwg] Review of draft-ietf-dhc-dhcpv6-failover-protocol-00
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2015 19:05:36 -0000

>1) If the time should be synced, then I would suggest merely requiring that, rather than specifying NTP - ie specify the what rather than the how.

See my email to Brian (sent a few minutes ago).

>2) Are there any other benefits to having time synced ? Eg, does having a significant time offset make troubleshooting any harder - eg by having logs on two servers with

The protocol does mostly send relative times, but also includes the base time and the time at which the packet was "sent" (well, this should be as close as possible to the time sent from the application's view (I.e., at socket send). The reason time matters is that there could be time spent "in the transport" (i.e., send queue on the sender, network latency, and receive queue on the receiver). This time could easily tens of seconds. Which can thus skew things when events occur "close" to each other (perhaps the client is communicating with both servers such as when in communications interrupted) - it is then difficult to determine what happened "before" something else. By using synchronized clocks, the time the packet was sent/received no longer matters and it is possible to "correct" events. Though as we are only using second resolution (for base, sent, and relative time), we obviously can't do much better than that (and when a clock ticks over a second may also introduce small drifts - 1 or 2 seconds).

The main advantage of using synchronized clocks is that you no longer need to worry about calculating any drift related to the transport latency. And, with TCP this is a bit more problematic.

- Bernie

-----Original Message-----
From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Simon Hobson
Sent: Monday, November 30, 2015 11:56 AM
To: dhcwg@ietf.org
Subject: Re: [dhcwg] Review of draft-ietf-dhc-dhcpv6-failover-protocol-00

Kim Kinnear <kkinnear@cisco.com> wrote:

> Folks,
> 
> One of Bernie's comments on the failover draft was:
> 
>> -          7.1 (Time Skew) - Should we require NTP to synchronize the clocks on failover partners?
> 
> The current draft (-00.txt) has a capability to allow the failover 
> protocol to operate with two machines which have clock skew of a 
> largely arbitrary amount (limited in some way to perhaps 24 hours or 
> something).  So two systems that are 3-5 minutes apart (the usual 
> skew, if any) will work fine.
> 
> Bernie is suggesting that we require failover partners to have 
> essentially synchronized time by requiring NTP sync.  If they are 
> synchronized to the level of 1-2 seconds, that would be synchronized 
> for the purposes of this protocol.  We aren't talking milliseconds 
> here.

I see two points :

1) If the time should be synced, then I would suggest merely requiring that, rather than specifying NTP - ie specify the what rather than the how.

2) Are there any other benefits to having time synced ? Eg, does having a significant time offset make troubleshooting any harder - eg by having logs on two servers with different timestamps for the same event ?
I'm inclined to thinking that there's isn't really any argument against having server times set correctly, particularly for services (such as DHCP) which include a time element. Perhaps if it's not an actual requirement, it should be suggested as recommended practice for stability and ease of troubleshooting - or is that going too far into "stuff any half decent admin shouldn't need telling" territory ?

_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email