Re: [Ila] [5gangip] Scaling mapping systems (was Re: BOF Description)
Tom Herbert <tom@quantonium.net> Mon, 05 February 2018 15:37 UTC
Return-Path: <tom@quantonium.net>
X-Original-To: ila@ietfa.amsl.com
Delivered-To: ila@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D333F12D851 for <ila@ietfa.amsl.com>; Mon, 5 Feb 2018 07:37:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=quantonium-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ts_87Htyai2G for <ila@ietfa.amsl.com>; Mon, 5 Feb 2018 07:37:15 -0800 (PST)
Received: from mail-wr0-x234.google.com (mail-wr0-x234.google.com [IPv6:2a00:1450:400c:c0c::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D44B12D858 for <ila@ietf.org>; Mon, 5 Feb 2018 07:37:13 -0800 (PST)
Received: by mail-wr0-x234.google.com with SMTP id b52so9732853wrd.10 for <ila@ietf.org>; Mon, 05 Feb 2018 07:37:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quantonium-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=U/EKVKui4nDxOzrTynF5PpOs+MPL7VvnySNvAyraDlk=; b=kSM7Xujylg4eYn+AKVT9z0l6ZeGcJdZOSve/tjBYkJodRI/9oD9aysk9DuPF6VKj19 sUacAixu4r9twqcS5X2/AN+j0bAwsWbmhjJ9vIBblqurKhnWemIrfY36aLe0236504l1 ucra5DKgUvNdydnnvGoxmJKNQ+C8XfLTubNv1Pkwh+kzDIX4Dbyb8Q5fahQdQB1Q+1Io GGyUBBWU2ru+DeLLQ2UB1gL/zJwzELrg7XzaGkaADoGBgtXY30YCE+CQ2cX8QUThP0JJ 7Fmaw775nDYnRwP8Bpev022PFtswawTdp2DzZwj23TKKg9Ex80jdAQpiENiHzJiq/j4E ndNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=U/EKVKui4nDxOzrTynF5PpOs+MPL7VvnySNvAyraDlk=; b=BtKSuMzGx/jQuimtdY/bq1guJbz/eb/vhtYRvcLbuV2j0J9loP54ACGiJWCIoySZMp dAbLJJvT9lWbYj/lwcr4ELEtaarkqVfsJX/9knkRLoe8UzNEnvFoTe+CLIWYuLK6MPOp BXsQxRLPjAWQReyf8ABKcfvInObTP0qvPol89tfI8vWvfy73d9Kk/fdZwbg/hTdY+v39 pnIAqesT2GyYuinefYQvE8bwe077MNbNNXL4arA4Iso75pqW+LKGU5iG3AOKS/A1H6SU QU6uzT3f+Hk9s/PvOIT3eG06yCGm3xU+8DmbKkE2k5M3oK0tQ4RC5WmQqMQOavazGino 27Hw==
X-Gm-Message-State: AKwxytduh6gHcaMX4irnFsmA8Dg03TyzUIc5ojrpMgnRKWtUXorPhKbv w27l4/khhWI9qHRNvXaHmpEJeGhzzf28u5BfyLbVAEuO
X-Google-Smtp-Source: AH8x2267sCSl1NcXMm/gbEpQ4igMTOEbZI7SeAL+I2jWc+CRBjEJY8tBd3ykENATuKcyjCwQ9jMIi9rmJmvMC3TphXI=
X-Received: by 10.223.130.234 with SMTP id 97mr23711734wrc.144.1517845031927; Mon, 05 Feb 2018 07:37:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.173.66 with HTTP; Mon, 5 Feb 2018 07:37:11 -0800 (PST)
In-Reply-To: <9C425F56-738C-4600-9DFF-9D30FC3872DC@gmail.com>
References: <CALx6S37+1PK3ET7g+XsCHt6-CJrABLko0YbWgE12xFX=vL5OPA@mail.gmail.com> <5067FA81-B416-4A19-9F11-A08B35BB8B6D@gmail.com> <CAPDqMeqNkiOWHOVU0AsUzFfPH60pTdS2x9CePhvZDhVLGJoGmw@mail.gmail.com> <9C425F56-738C-4600-9DFF-9D30FC3872DC@gmail.com>
From: Tom Herbert <tom@quantonium.net>
Date: Mon, 05 Feb 2018 07:37:11 -0800
Message-ID: <CAPDqMeoLPSGbFg_H-_yOPBguXhOmx8fXjzYd_ax1Qds56KibZQ@mail.gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
Cc: Tom Herbert <tom@herbertland.com>, 5GANGIP <5gangip@ietf.org>, Behcet Sarikaya <sarikaya@ieee.org>, ila@ietf.org, Alexandre Petrescu <alexandre.petrescu@gmail.com>, Lorenzo Colitti <lorenzo@google.com>
Content-Type: multipart/alternative; boundary="001a114b2dcef3d242056478d5b0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ila/WPEzk8jj8-Xhlef05IT5dy_d2w8>
Subject: Re: [Ila] [5gangip] Scaling mapping systems (was Re: BOF Description)
X-BeenThere: ila@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Identifier Locator Addressing <ila.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ila>, <mailto:ila-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ila/>
List-Post: <mailto:ila@ietf.org>
List-Help: <mailto:ila-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ila>, <mailto:ila-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2018 15:37:17 -0000
On Sun, Feb 4, 2018 at 3:55 PM, Dino Farinacci <farinacci@gmail.com> wrote: > > One question about the packet flow sequence in section 4.1 of RFC6830. > > On a cache miss, what does an ITR do with the packet? Is it dropped, > > queued for pending resolution, forwarded to a node that would have the > > mapping, or other? > > From an architectural point of view we wanted it to behave like ARP (and > many ND implementations as well). That is drop the packet. There are > implementations that queue the first packet that invokes the Map-Request or > the last packet that was received while waiting for the Map-Reply. > > We were told by financial apps that dropping is better than queuing and > sending older data. > > As time has gone on with experience in deployment, forwarding to another > node that has a large shared cache, like an RTR, seems to deal with the > issue in a compromised way. > In ILAMP (https://tools.ietf.org/html/draft-herbert-ila-ilamp-00) secure redirects are defined to be the primary means of populating a cache. On a cache miss, a packet is forwarded into the network and routing should forward the packet to an ILA router that contains the complete set of mappings for the associated shard. The router performs the transformation and can send a redirect back to the caching node. The redirect can be cached so that subsequent packets take a direct route and avoid the trianglular routing. Redirects must be secure so that they cannot be spoofed, so for that reason (and some others) the protocol is over TCP. The mapping cache is only an optimization and packets are never dropped or queued for pending cache resolution. If the cache weren't present, communications would still be viable but sub-optimal; that characteristic establishes a bound for the worst case DOS attack. Any thoughs on this approach? Tom
- [Ila] Scaling mapping systems (was Re: [5gangip] … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Dino Farinacci
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Dino Farinacci
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Lorenzo Colitti
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Dino Farinacci
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Dino Farinacci
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Dino Farinacci
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert
- Re: [Ila] [5gangip] Scaling mapping systems (was … Dino Farinacci
- Re: [Ila] [5gangip] Scaling mapping systems (was … FIGURELLE, TERRY F
- Re: [Ila] [5gangip] Scaling mapping systems (was … Tom Herbert