IETF Logo Mail Archive

Re: [Hipsec] fault-tolerance for base exchange and update

Andrew McGregor <andrew@indranet.co.nz> Thu, 07 January 2010 07:24 UTC

Return-Path: <andrew@indranet.co.nz>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E59C63A67A4 for <hipsec@core3.amsl.com>; Wed, 6 Jan 2010 23:24:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.565
X-Spam-Level:
X-Spam-Status: No, score=0.565 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, RCVD_IN_SORBS_WEB=0.619, RDNS_NONE=0.1, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xbDP9Aaf5JXa for <hipsec@core3.amsl.com>; Wed, 6 Jan 2010 23:24:07 -0800 (PST)
Received: from mail.indranet.co.nz (unknown [203.97.93.68]) by core3.amsl.com (Postfix) with ESMTP id B470A3A635F for <hipsec@ietf.org>; Wed, 6 Jan 2010 23:24:06 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.indranet.co.nz (Postfix) with ESMTP id 75CFF1258076; Thu, 7 Jan 2010 20:24:03 +1300 (NZDT)
X-Virus-Scanned: amavisd-new at indranet.co.nz
Received: from mail.indranet.co.nz ([127.0.0.1]) by localhost (XServe-2.acheron.indranet.co.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 860iFmDt9CT2; Thu, 7 Jan 2010 20:24:02 +1300 (NZDT)
Received: from [192.168.1.100] (121-72-134-43.dsl.telstraclear.net [121.72.134.43]) by mail.indranet.co.nz (Postfix) with ESMTP id 25810125806C; Thu, 7 Jan 2010 20:24:02 +1300 (NZDT)
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset="us-ascii"
From: Andrew McGregor <andrew@indranet.co.nz>
In-Reply-To: <4B458BB7.8090000@hiit.fi>
Date: Thu, 07 Jan 2010 20:23:59 +1300
Content-Transfer-Encoding: quoted-printable
Message-Id: <5C90FDBC-A581-4948-AA89-FE13BB16E843@indranet.co.nz>
References: <4B458BB7.8090000@hiit.fi>
To: miika.komu@hiit.fi
X-Mailer: Apple Mail (2.1077)
Cc: hip WG <hipsec@ietf.org>
Subject: Re: [Hipsec] fault-tolerance for base exchange and update
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jan 2010 07:24:08 -0000

It sounds like a perfectly reasonable idea at first glance; it should work well.

And then I started thinking about congestion control and fast start, and realised that this will need specified carefully if we still believe that protocols starting very slowly is desirable to deal with low-bandwidth and congested situations.  That's likely to spark a debate, unfortunately.

Andrew

On 07/01/2010, at 8:22 PM, Miika Komu wrote:

> Hi,
> 
> Baris Boyvat has implemented an experimental fault-tolerance extension for the HIP base exchange and UPDATE in the HIPL implementation. He will document it in his master thesis during this year, but I would like to start discussion of the topic already now.
> 
> At the protocol level, the extension allows sending multiple I1 or UPDATE-with-locator packets sequentially. The idea is to scan through all possible source and destination IP pairs at the HIP layer to improve  the chances for successful initial contact (I1) and to re-establish contact (UPDATE-with-locator) in way similar to the NAT-ICE extensions. We have playfully called the extension as "shotgun" mode in the implementation :)
> 
> The obvious difference to ICE is that the shotgun mode works at the HIP protocol layer. A non-obvious difference is that the approach supports also fault-tolerance for a single relay/rendezvous (Responder's RVS has crashed) and it can make use of multiple relay/rendezvous servers for better redundancy. At the moment, neither of these are possible direcly with the ICE-NAT extensions. I actually believe the shotgun approach can be applied even with the ICE-NAT extensions to improve fault-tolerance.
> 
> The shotgun approach seems useful to improve fault-tolerance with an without (single or multiple) rendezvous/relay middleboxes, but there is also another use case for this. The Initiator (or Mobile Node) can learn multiple mappings for the peer, some of which may have connectivity and some not. It is also possible that a malign user intentionally sends invalid mappings for a well-known service in a multiuser system (this case also requires some rate control for mappings per user). In such scenarios, it is useful to try multiple peer addresses sequentially instead of just single one.
> 
> Minimally, the approach requires few considerations in an implementation:
> 
> i) Allow sending of multiple I1 and UPDATE-with-locator packets in a rate-controlled fashion
> ii) Filter redundant incoming packets.
> 
> Case (ii) could be implemented as filtering of I1 packets or filtering of R1 packets. We chose filtering of redundant R1 packets in the implementation and it required a small change in the state machine. For the UPDATE filtering, filtering based on sequence numbers was sufficient.
> 
> I would like the WG feedback on whether we could include this approach in RFC5201-bis and RFC5206-bis (as MAY or SHOULD).
> 
> P.S. Maybe Baris has something to add or to explain some details better.
> _______________________________________________
> Hipsec mailing list
> Hipsec@ietf.org
> https://www.ietf.org/mailman/listinfo/hipsec
>

v2.23.0 | Report a Bug | By Email