IETF Logo Mail Archive

Re: [i2rs] FW: New Version Notification for draft-krishnan-i2rs-large-flow-use-case-01.txt

ramki Krishnan <ramk@Brocade.com> Fri, 21 February 2014 02:16 UTC

Return-Path: <ramk@Brocade.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA2651A03CB for <i2rs@ietfa.amsl.com>; Thu, 20 Feb 2014 18:16:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RnCaO2FcIBET for <i2rs@ietfa.amsl.com>; Thu, 20 Feb 2014 18:16:45 -0800 (PST)
Received: from mx0b-000f0801.pphosted.com (mx0b-000f0801.pphosted.com [IPv6:2620:100:9005:71::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BE0B1A03C4 for <i2rs@ietf.org>; Thu, 20 Feb 2014 18:16:45 -0800 (PST)
Received: from pps.filterd (m0048192 [127.0.0.1]) by mx0b-000f0801.pphosted.com (8.14.5/8.14.5) with SMTP id s1L1VYKg014528; Thu, 20 Feb 2014 18:16:41 -0800
Received: from hq1wp-exchub01.corp.brocade.com ([144.49.131.13]) by mx0b-000f0801.pphosted.com with ESMTP id 1j55fm91x4-1 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 20 Feb 2014 18:16:41 -0800
Received: from HQ1WP-EXHUB01.corp.brocade.com (10.70.36.14) by HQ1WP-EXCHUB01.corp.brocade.com (10.70.36.99) with Microsoft SMTP Server (TLS) id 14.3.123.3; Thu, 20 Feb 2014 18:16:39 -0800
Received: from HQ1-EXCH01.corp.brocade.com ([fe80::ed42:173e:fe7d:d0a6]) by HQ1WP-EXHUB01.corp.brocade.com ([::1]) with mapi; Thu, 20 Feb 2014 18:16:39 -0800
From: ramki Krishnan <ramk@Brocade.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Date: Thu, 20 Feb 2014 18:16:38 -0800
Thread-Topic: [i2rs] FW: New Version Notification for draft-krishnan-i2rs-large-flow-use-case-01.txt
Thread-Index: Ac8sMcFi9lAnD7xTRL+nk2p9NNP5cQCZHwZQAATekmA=
Message-ID: <C7634EB63EFD984A978DFB46EA5174F2C0032C22A2@HQ1-EXCH01.corp.brocade.com>
References: <20140121013118.3737.29737.idtracker@ietfa.amsl.com> <C7634EB63EFD984A978DFB46EA5174F2C0013133D3@HQ1-EXCH01.corp.brocade.com> <20140217224356.GA445@pfrc>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2014-02-21_01:2014-02-21, 2014-02-21, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1402200170
Archived-At: http://mailarchive.ietf.org/arch/msg/i2rs/ZE2iC7kNbvmf8OOJkJUtm4yfnmw
Cc: "draft-krishnan-i2rs-large-flow-use-case@tools.ietf.org" <draft-krishnan-i2rs-large-flow-use-case@tools.ietf.org>, "i2rs@ietf.org" <i2rs@ietf.org>
Subject: Re: [i2rs] FW: New Version Notification for draft-krishnan-i2rs-large-flow-use-case-01.txt
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Feb 2014 02:16:47 -0000

Hi Jeff,

Please find some additional answers/questions inline.

Thanks,
Ramki

-----Original Message-----
From: ramki Krishnan 
Sent: Thursday, February 20, 2014 4:44 PM
To: 'Jeffrey Haas'
Cc: draft-krishnan-i2rs-large-flow-use-case@tools.ietf.org; i2rs@ietf.org
Subject: RE: [i2rs] FW: New Version Notification for draft-krishnan-i2rs-large-flow-use-case-01.txt

Hi Jeff,

Many thanks for your detailed comments. Please find answers inline.

Thanks,
Ramki

-----Original Message-----
From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Jeffrey Haas
Sent: Monday, February 17, 2014 2:44 PM
To: ramki Krishnan
Cc: draft-krishnan-i2rs-large-flow-use-case@tools.ietf.org; i2rs@ietf.org
Subject: Re: [i2rs] FW: New Version Notification for draft-krishnan-i2rs-large-flow-use-case-01.txt

Ramki,

On Mon, Jan 20, 2014 at 09:43:24PM -0800, ramki Krishnan wrote:
> Besides load balancing, we have added an additional use of case for DDoS attack mitigation in the latest draft. Looking forward to your comments.

Below, please find some comments on -03:

I'm having some difficulty reconciling the idea of typical DDoS traffic as being considered a "large flow".  While your definition of a flow (section
1.3) leaves some latitude for which fields are used to identify a flow, that definition doesn't quite align with that in section 4.3.1 of draft-ietf-opsawg-large-flow-load-balancing.  In particular, "a sequence of packets for which ordered delivery should be maintained".  

This may be intentional since the use cases are somewhat different, however I think it doesn't help the i2rs DDoS use case.  In such a case, the flow is only long-lived in the sense that it is out of specification traffic for an extended period that is unwanted.  In many cases, such traffic may only share the destination.  This seems to stretch the definition a little bit.

Ramki: "a sequence of packets for which ordered delivery should be maintained" -- what we mean is that the router does not re-order packets of a flow. For example, a flow could be based on destination IP which would include traffic from multiple ingress ports.
Ramki(1): For the DDoS use case, it makes sense to use the IPFIX definition of flow -- http://tools.ietf.org/html/rfc5472#page-22. We will make the appropriate changes in the draft.

In section 2.1, you're intentionally setting aside involvement of an I2RS agent as being the entity that shares the communication of recognizing large flows.  While I understand that existing mechanisms like IPFIX may be a better (initial) fit, why put it out of scope?  

For my own part, I believe that IPFIX collectors are likely participants in I2RS, long term.  This would align with the second case where sampling collectors are used.

Ramki: Communicating the large flow to external entities can be effectively handled by IPFIX (changes may be needed to IPFIX protocol) without I2RS involvement; same with sampling technologies too. Do you see any additional benefits by collapsing the IPFIX/sFlow agent functionality into I2RS ?

In section 2.3.1, I believe there's also an implicit requirement that network elements be able to report if they are *capable* of permitting the programming of PBR entries to specific components.  For example, if a LAG only carries a single IP address as an endpoint, sufficient information may not be available for layer 3 nexthop programming to distribute the traffic across the LAG and interaction with the load balancer at a deeper level may be required.

Ramki: Agreed, will add it.

There is also a typo: "a mechanism  a programmable mechanism"

Ramki: Thanks, will fix it.

I believe the intention of the section with this typo is that when traffic may be distributed over an ECMP path that the weights of the contributing nexthops for the ECMP path can be adjusted.  If so, that's not clear in the way the text is currently written.

Ramki: Thanks, will make the text more readable.

Section 2.3.2.2 for MPLS Networks should probably include mention of the Entropy Label feature (RFC 6790).

Ramki: In this case, the entropy label feature does not apply. We are talking about an indivisible large flow.
Ramki (1): Can you please clarify further what you would like to be addressed ?

In section 3, another potential mitigation is I2RS initiating BGP Flowspec.

Ramki: Makes sense, will add it.

-- Jeff

_______________________________________________
i2rs mailing list
i2rs@ietf.org
https://www.ietf.org/mailman/listinfo/i2rs

v2.23.0 | Report a Bug | By Email