IETF Logo Mail Archive

Re: [IPsec] Discussion of draft-pwouters-ipsecme-multi-sa-performance

Valery Smyslov <smyslov.ietf@gmail.com> Tue, 18 October 2022 13:37 UTC

Return-Path: <smyslov.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5324AC1524C5 for <ipsec@ietfa.amsl.com>; Tue, 18 Oct 2022 06:37:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lVJoqh2h7P5 for <ipsec@ietfa.amsl.com>; Tue, 18 Oct 2022 06:37:52 -0700 (PDT)
Received: from mail-lj1-x235.google.com (mail-lj1-x235.google.com [IPv6:2a00:1450:4864:20::235]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 228C1C1524A4 for <ipsec@ietf.org>; Tue, 18 Oct 2022 06:37:52 -0700 (PDT)
Received: by mail-lj1-x235.google.com with SMTP id m23so17905607lji.2 for <ipsec@ietf.org>; Tue, 18 Oct 2022 06:37:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-language:thread-index:content-transfer-encoding :mime-version:message-id:date:subject:in-reply-to:references:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=pVP5STL0yRAs/5A+zZY9MMY3oxxruY23ODAR4XO3Vwo=; b=eIJoYOrD3Kne9LxQ7jr4PqSCIYi/kF3Z8ppxW+LF17Ua/aNfCLF/x9VsKIkZligszB GmG5Hb30C1M8uxoS/79mAgu8oIDIrPlwo/QJ3papr1smEobFpqXks+nodGFZpy3ByP0J P4+VVozFTojCOmR+m/5bqsSxc/OKCVroqE2NilS9RtZEzKT2Tf02NKWXP32BzvBWOiFY 36sQoC8P93Gw7BUjQop8ZRXk3KDdbaWom6abaY2K08QCvcouYr6HUx60BquaI9m72JHB QAnaCS7GCCrBIg6lgLfHB/I6OZU9QOvzqQrbfwFN6bYltory8XHOFMsTFBJmcsDri3f3 nJBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-language:thread-index:content-transfer-encoding :mime-version:message-id:date:subject:in-reply-to:references:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pVP5STL0yRAs/5A+zZY9MMY3oxxruY23ODAR4XO3Vwo=; b=6YrjVl2jPJRpgk87Q3h8hnsgIiw6TgN0KJtBdmZ9EvzTGnAAR4FDVqKXoNTMYWq8z9 +rrdavDlqk3xRlOQGV8lDuyUdkv3TBk/FszOH9VgJRLcTUGD+l5BWtypkazOaPCLBdv1 rham77Xf88pldjL/wd+OgiqP7xhyk0byioUTk6H4404hVQKU1iMnPT/jKpE867UegTh7 Ej/McHGmXJZxSt33lDFku1WbN+fslfIL5JhtczDOV9Mbe999P6/qff9kB5VzsmHGCkSP XNXmfeOllCKf0GtLxZmsRgZ/qbBbojy/ag/o+pPTr1YBfBUyWm2yy+G0qy+J97uYm9o6 2WtQ==
X-Gm-Message-State: ACrzQf3Fw4+rlwkSWApfKizpZqul2zB14sVvfloqWbIo7Df2eVANvZDN zrKdHYtgDcuXZQZeIknnFPC9n8iK1ro=
X-Google-Smtp-Source: AMsMyM7YfVx6IwjRUp/FZqN48oDGf5C4Nwnz4XaXXihdr0j8WtSHabz2TkOMKQqKK4sriGeJ5frOvA==
X-Received: by 2002:a05:651c:20d:b0:26f:bc4c:f957 with SMTP id y13-20020a05651c020d00b0026fbc4cf957mr1131730ljn.199.1666100269762; Tue, 18 Oct 2022 06:37:49 -0700 (PDT)
Received: from buildpc ([93.188.44.204]) by smtp.gmail.com with ESMTPSA id b17-20020a2eb911000000b0026dd0ee72d1sm1990398ljb.72.2022.10.18.06.37.48 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Oct 2022 06:37:49 -0700 (PDT)
From: Valery Smyslov <smyslov.ietf@gmail.com>
To: 'Paul Wouters' <paul@nohats.ca>
Cc: 'Steffen Klassert' <steffen.klassert@secunet.com>, 'IPsecME WG' <ipsec@ietf.org>
References: <15eb01d8dd7e$fdf158e0$f9d40aa0$@gmail.com> <20221014111548.GJ2602992@gauss3.secunet.de> <03ca01d8e232$3bbace10$b3306a30$@gmail.com> <3c58c2e0-f022-15fb-2ebb-658fa51275a6@nohats.ca>
In-Reply-To: <3c58c2e0-f022-15fb-2ebb-658fa51275a6@nohats.ca>
Date: Tue, 18 Oct 2022 16:37:46 +0300
Message-ID: <048a01d8e2f6$cedc83e0$6c958ba0$@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJS+NHZSxlPMvP0ZarIorjX6+t7ygK8HRKAAxozn4sAqsbVf6zrfa0A
Content-Language: ru
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/HTN-j_tUwxsUW1ibasWOx5Yn-1E>
Subject: Re: [IPsec] Discussion of draft-pwouters-ipsecme-multi-sa-performance
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Oct 2022 13:37:54 -0000

Hi Paul,

> On Mon, 17 Oct 2022, Valery Smyslov wrote:
> 
> > implementation with say 10 CPUs. Does it make any difference for this implementation
> > If it receives CPU_QUEUES with 100 or with 1000? It seems to me that in both cases
> > it will follow its own local policy for limiting the number of per-CPU SAs,
> > most probably capping it to 10.
> 
> That would be a mistake. You always want to allow a few more than the
> CPUs you have. The maximum is mostly to protect against DoS attacks.

How it protects against DoS attacks, can you elaborate?

> If you only have 10 CPUs, but the other end has 50, there shouldn't
> be much issue to install 50 SA's. Not sure if we said so in the draft,

I'm not so sure. For example, if you use HSM, you are limited by its capabilities.

> but you could even omit installing 40 of the outgoing SA's since you
> would never be expected to use them anyway. but you have to install all
> 50 incoming ones because the peer might use them.

And what to do in situations you are unable to install all 50 (for any reason)?
And how it is expected to deal with situations when the number of CPUs
is changed over the lifetime of IKE SA? As far as I understand some modern
systems allows adding CPUs or removing them on the fly.

> > Or do you want to say that the logic would
> > be: well my peer has 1000 CPUs, it's not good for me to have more than 10,
> > but let's be friendly and install 100, so that both of us are suffer...
> 
> At that point, it really also matters what the differences are between
> the CPUs. An embedded device with 4 cpus at 800mhz vs a mega supercomputer
> with 250 5ghz cpus. Already, counting CPUs is an approximation. Already,
> the application needs proper threading to use multiple CPUs without a
> single CPU bottleneck at the application layer. There might very well be
> situations where multi-sa doesn't really help you at all.

Yes.

> But the simple use case is clear. I have a database cluster of 10 nodes
> talking to eachother with lots of CPUs and most are idle because I have
> one fully loaded CPU because my SA is bound to one CPU only.

The use case is clear. And the idea to have per-CPU SAs is clear too.
The problem (my problem) is the way how it is achieved.

> > I don't think this logic is credible in real life, but even in this case
> > there is already a mechanism that allows to limit the number of
> > per-CPU SAs - it is the TS_MAX_QUEUE notify.
> 
> > So why we need CPU_QUEUES?
> 
> TS_MAX_QUEUE is conveying an irrecoverable error condition. It should
> never happen.

That's not what the draft says:

   The responder may at any time reject
   additional Child SAs by returning TS_MAX_QUEUE.  

So, my reading is that this notify can be sent at any time if peer 
is not willing to create more per-CPU SAs. And sending this notify
doesn't cause deletion of IKE SA and all its Child SAs (it is my guess).

If my reading is wrong and this is a fatal error (or what do you mean by " irrecoverable "?), 
then the protocol is worse than I thought for devices that for any reason cannot afford
installing unlimited number of SAs (e.g. if they use HSM with
limited memory). In this case they cannot even tell the peer 
that they have limited resources.

> Where as CPU_QUEUES tells you how many per-CPU child SAs
> you can do. This is meant to reduce the number of in-flight CREATE_CHILD_SA's
> that will never become successful.

It seems to me that it's enough to have one CREATE_CHILD_SA with the proper
error notify to indicate that the peer is unwilling to create more SAs.
I'm not sure this is a big saving.

> >>> I'm also not convinced that CPU_QUEUE_INFO is really needed, it mostly exists
> >>> for debugging purposes (again if we get rid of Fallback SA). And I don't think we need
> >>> a new error notify TS_MAX_QUEUE, I believe TS_UNACCEPTABLE can be used instead.
> 
> We did it to distinquish between "too many of the same child sa" versus
> other errors in cases of multiple subnets / child SAs under the same IKE
> peer. Rethinking it, I am no longer able to reproduce why we think it
> was required :)

I believe TS_UNACCEPTABLE is well suited for this purpose. You know for sure that TS itself is OK,
since you have already installed SA(s) with the same TS, and it's not fatal error notify and 
is standardized in RFC 7296 and it does not prevent creating SAs with other TS.

> >> On a preemptive system, the scheduler might migrate applications
> >> from one cpu to another from time to time. So 1 and 2 are IMO not
> >> appropriate as the application would stuck until a SA is created.
> >> 3 has its own problems as discussed in the other mail.
> >
> > OK, but also see my considerations there.
> 
> The idea of the fallback SA is that you always have at least one child
> SA guaranteed to be up that can encrypt and send a packet. It can be
> installed to not be per-CPU. It's a guarantee that you will never need
> to wait (and cache?) 1 RTT's time worth of packets, which can be a lot
> of packets. You don't want dynamic resteering. Just have the fallback
> SA "be ready" in case there is no per-cpu SA.

The drawback of the Fallback SA is that it needs a special processing.
Normally we delete SAs when they are idle for a long time
to conserve resources, but the draft says it must not be done with the Fallback SA.

> > I think it depends. I'd like to see optimization efforts to influence
> > the protocol as less as possible. Ideally this should be local matter
> > for implementations. This would allow them to interoperate
> > with unsupporting implementations (and even to benefit from
> > multi-SAs even in these situations).
> 
> Those that don't support this don't see notifies ? Or do you mean to
> somehow install multiple SA's for the same thing on "unsupported"
> systems? 

Yes. The idea is that If one peer supports per-CPU SAs and the 
other doesn't, they still be able to communicate and have multiple SAs.
For example, if the supporting system has several weak CPUs,
while the unsupporting one has much more powerful CPU,
then multiple SAs will help to improve performance - 
the supporting system will distribute load on its weak CPUs,
while for unsupporting the load will be small enough even for a single CPU.

> The problem currently is that when an identical child SA
> is successfully negotiated, implementations differ on what they do.
> Some allow this, some delete the older one. The goal of this draft
> is to make the desire for multple idential child SAs very explicit.

RFC 7296 explicitly allows multiple Child SAs with identical selectors,
so if implementations immediately delete them, then they are either broken
or have reasons to do it (e.g. have no resources).

Regards,
Valery.

> Paul

v2.23.0 | Report a Bug | By Email