IETF Logo Mail Archive

Re: [Ila] [5gangip] Scaling mapping systems (was Re: BOF Description)

Tom Herbert <tom@herbertland.com> Thu, 31 May 2018 16:49 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ila@ietfa.amsl.com
Delivered-To: ila@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6A3812EC47 for <ila@ietfa.amsl.com>; Thu, 31 May 2018 09:49:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W1b0KaYuTF1D for <ila@ietfa.amsl.com>; Thu, 31 May 2018 09:49:06 -0700 (PDT)
Received: from mail-qt0-x22e.google.com (mail-qt0-x22e.google.com [IPv6:2607:f8b0:400d:c0d::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 782DC127241 for <ila@ietf.org>; Thu, 31 May 2018 09:48:51 -0700 (PDT)
Received: by mail-qt0-x22e.google.com with SMTP id e8-v6so28677628qth.0 for <ila@ietf.org>; Thu, 31 May 2018 09:48:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=XKccfS44/Wl0cVjAlY1F/2r9ubhsVbgYAvLhEdUn7i0=; b=mAsfTERh5B9sroLXot3Ur3gHO9aaEm17WVnpEyzXuazPJC7CG5Wuc30haw694BoPvW Top06KE/sIb29JgAriN1LT7Jqq4wro4e5I0Hd7QeovAhSFNNsRMRO0kUPjLRF/tAe3e/ VfcMMpsmXD+XZOT7cbQXOGrbmeSDsM/fHH7cPNIclzlP0fIfrc4rP23g0ZWcGA9kTs/8 y3aBaWnx7yNhoF9sesyGAp2Sda51PirP7Y+qO9ToMbnLsphBqHID47eZjfaxcuF0/ahp G9f90s6QJPjKgdedOW9Quv1fVXcscPFxHR4sBAsQt/cDSJoUsx+alLMkKnk+MjfHvs4f WK0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=XKccfS44/Wl0cVjAlY1F/2r9ubhsVbgYAvLhEdUn7i0=; b=o0JanCSkzW6H6277yyaajv7AYjWdAJmoZC58Uk7aym7KWosiSgACiBQicH7RZckC5I DZTOruzBA3VV8KR7bym0/194QyEAb0uBwtjWYVj0CWgwIxXveZmogRpakNUDVEdZAcIn hjSOIjgRvnR301KQrT8MwArdxcXiUvJSq3w+G2Dylo3ukBRRcL/LrZ1n0vjVx/r0HdwZ 9//toud6MOnBWRfkFJFhvFqFTNoI/ncX0EPAsYaJF0V4X3e3LnbVVARI+u5niDqnZ7Il ybo96/G49rjlR7NooUU+FKfigHg4Z8rV5fvmJ0P3N1lxCx+vWS4eIkd5D9TQ/l5Iyy1c ZBvQ==
X-Gm-Message-State: APt69E1g40gvFZLRP9nKoNJP4XWmks5LQJhcQnmUa8gfXmpWmqV8lpKm xKWLL19aHztlERJhpDA+4C4FG3V4f58ruO4iGxADZQ==
X-Google-Smtp-Source: ADUXVKKzlHmz16eAkM054JiwmmbY8SXH+PBmmt94EACRHKMTFf55NXdFxdnJZB4bmjcoC3xKskgpAPbbm8yI8ZSJbtU=
X-Received: by 2002:a0c:e4d3:: with SMTP id g19-v6mr7358255qvm.242.1527785330366; Thu, 31 May 2018 09:48:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:aed:3042:0:0:0:0:0 with HTTP; Thu, 31 May 2018 09:48:49 -0700 (PDT)
In-Reply-To: <1AFE10CF28AE8B4C9663445736B8034D38255422@CAFRFD1MSGUSRJI.ITServices.sbc.com>
References: <CALx6S37+1PK3ET7g+XsCHt6-CJrABLko0YbWgE12xFX=vL5OPA@mail.gmail.com> <5067FA81-B416-4A19-9F11-A08B35BB8B6D@gmail.com> <CAPDqMeqNkiOWHOVU0AsUzFfPH60pTdS2x9CePhvZDhVLGJoGmw@mail.gmail.com> <9C425F56-738C-4600-9DFF-9D30FC3872DC@gmail.com> <CAPDqMeoLPSGbFg_H-_yOPBguXhOmx8fXjzYd_ax1Qds56KibZQ@mail.gmail.com> <CAKD1Yr2HQCt0DZ62_YqC1qOb_GJkqh35U8_mViMNYps8VOcv6A@mail.gmail.com> <CAPDqMerUgfcROGMjxpaaQD=-sohU4vd_-80n2os_v+_v__bYNQ@mail.gmail.com> <1AFE10CF28AE8B4C9663445736B8034D38255422@CAFRFD1MSGUSRJI.ITServices.sbc.com>
From: Tom Herbert <tom@herbertland.com>
Date: Thu, 31 May 2018 09:48:49 -0700
Message-ID: <CALx6S35CnuBwjqvc+k-NYVqshhNGk8NSfioOBBn7wUVb5nj7xg@mail.gmail.com>
To: "FIGURELLE, TERRY F" <tf2934@att.com>
Cc: Tom Herbert <tom@quantonium.net>, Lorenzo Colitti <lorenzo@google.com>, "ila@ietf.org" <ila@ietf.org>, Alexandre Petrescu <alexandre.petrescu@gmail.com>, Behcet Sarikaya <sarikaya@ieee.org>, Dino Farinacci <farinacci@gmail.com>, 5GANGIP <5gangip@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ila/527UnT3v-MrPSf7-B_QxXpyJooY>
Subject: Re: [Ila] [5gangip] Scaling mapping systems (was Re: BOF Description)
X-BeenThere: ila@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Identifier Locator Addressing <ila.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ila>, <mailto:ila-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ila/>
List-Post: <mailto:ila@ietf.org>
List-Help: <mailto:ila-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ila>, <mailto:ila-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2018 16:49:19 -0000

On Wed, May 30, 2018 at 5:38 PM, FIGURELLE, TERRY F <tf2934@att.com> wrote:
> You have a scaling problem there since you can handle that traffic example
> on much less than 530 UPF’s (e.g. 20+20 is enough from capacity point of
> view). To cover all of the layer1 fiber paths of importance in continental
> US you only need a max of 180 locations. I doubt anyone but AT&T would go to
> that extreme on fiber plant connectivity. Adding more locations actually
> increases latency and is not desired.
>
Terry,

530 would be the number of devices not locations. They can be
co-located. That number is based one some back of the envelope
calculations assuming memory and bandwidth. I believe an ILA-R would
contain roughly the same amount of state as an anchor device in LTE
would.

In order to service critical low latency applications like those that
would benefit from the 1ms latency target in 5G, proximity and number
of hops become relevant. For 1ms RTT latency the devices must be
within 93 miles of each just based on speed of light alone. Device
processing reduces the maximum distance even more. The result is that
the application servers need to be pushed far to the edge and a direct
path between the client and server is needed for latency. This implies
both geographic proximity as well as minimizing number of hops which
is also desirable for increasing reliability, so MEC servers are
deployed in central office, or even cell towers or RSUs to be close to
the user. This is a motivation for anchorless routing that is in
identifier/locator proposals. For ILA, the in intent is that critical
low latency communications would have a direct path from ILA-N to
ILA-N or ILA-N to ILA-H-- where ILA-H are the end servers themselves.

Tom

>
>
> From: 5gangip <5gangip-bounces@ietf.org> On Behalf Of Tom Herbert
> Sent: Tuesday, February 06, 2018 12:28 PM
> To: Lorenzo Colitti <lorenzo@google.com>
> Cc: Tom Herbert <tom@herbertland.com>; ila@ietf.org; Alexandre Petrescu
> <alexandre.petrescu@gmail.com>; Behcet Sarikaya <sarikaya@ieee.org>; Dino
> Farinacci <farinacci@gmail.com>; 5GANGIP <5gangip@ietf.org>
> Subject: Re: [5gangip] [Ila] Scaling mapping systems (was Re: BOF
> Description)
>
>
>
>
>
>
>
> On Mon, Feb 5, 2018 at 10:34 PM, Lorenzo Colitti <lorenzo@google.com> wrote:
>
> On Tue, Feb 6, 2018 at 12:37 AM, Tom Herbert <tom@quantonium.net> wrote:
>
> As time has gone on with experience in deployment, forwarding to another
> node that has a large shared cache, like an RTR, seems to deal with the
> issue in a compromised way.
>
>
>
> In ILAMP (https://tools.ietf.org/html/draft-herbert-ila-ilamp-00) secure
> redirects are defined to be the primary means of populating a cache. On a
> cache miss, a packet is forwarded into the network and routing should
> forward the packet to an ILA router that contains the complete set of
> mappings for the associated shard. The router performs the transformation
> and can send a redirect back to the caching node. The redirect can be cached
> so that subsequent packets take a direct route and avoid the trianglular
> routing. Redirects must be secure so that they cannot be spoofed, so for
> that reason (and some others) the protocol is over TCP. The mapping cache is
> only an optimization and packets are never dropped or queued for pending
> cache resolution. If the cache weren't present, communications would still
> be viable but sub-optimal; that characteristic establishes a bound for the
> worst case DOS attack.
>
>
>
> Any thoughs on this approach?
>
>
>
> Hi Lorenzo,
>
>
>
> Thanks for the feedback!
>
>
>
> The obvious ones would seem:
>
> Will the working set of cache mappins fit in whatever memory is available
> in, say, a large peering router?
>
> The cache needs to be sized to fit the working set. Please look at the
> reference topology of section N. The intent is that caches would not be used
> at edge or peer routers, ILA router are used there which shard the mapping
> database across some number of  nodes. Mapping caches are at ILA-Ns which
> are deployed deeper in the network towards the end hosts (like toward gNB).
> There are more of these than ILA-Rs, however they are serve a small set of
> users and would be implemented on lower end devices. The purpose of the
> cache is to optimize latency and throughput of performance critical
> intra-network communications (Ue to UE, UE to application server in
> network).
>
>
>
> Remember that memory that is capable of sustaining routing lookups at tens
> of gigabits per second is extremely expensive.
> How do you defend against state exhaustion attacks whereby a large number of
> spoofed sources send packets to nonexistent destinations?
>
> No cache state is created for nonexistent destinations.
>
>
>
> How much bandwidth will be used for the redirects? How much CPU time will be
> used to process them?
> How many servers are needed to store
>
> Suggest gaming this out for a large mobile operator with, say, 100M clients,
> 100 Internet connection points and 10T of traffic.
>
>
>
> I did an analysis of ILA scalability for a couple of scenarios (see
> attached), For the 100M UEs, the number of ILA routers came out to 530.
>
>
>
> Tom
>
>
>
>

v2.23.0 | Report a Bug | By Email