IETF Logo Mail Archive

Re: IPv6 Anycast has been killed by LINUX patch in 2016 - who cares?

Michael Tuexen <Michael.Tuexen@lurchi.franken.de> Sat, 07 August 2021 20:30 UTC

Return-Path: <Michael.Tuexen@lurchi.franken.de>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CAA913A1066; Sat, 7 Aug 2021 13:30:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.489
X-Spam-Level:
X-Spam-Status: No, score=-1.489 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.399, SPF_NONE=0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SpAgWQ7JSoHE; Sat, 7 Aug 2021 13:30:31 -0700 (PDT)
Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4799A3A105A; Sat, 7 Aug 2021 13:30:29 -0700 (PDT)
Received: from smtpclient.apple (ip1f100e9c.dynamic.kabel-deutschland.de [31.16.14.156]) (Authenticated sender: lurchi) by mail-n.franken.de (Postfix) with ESMTPSA id A2868721E2809; Sat, 7 Aug 2021 22:30:22 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Subject: Re: IPv6 Anycast has been killed by LINUX patch in 2016 - who cares?
From: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
In-Reply-To: <CALx6S36b33LD_hNFvptOJuny4g98=dhq3RtKsGeLx3ks-yYjFg@mail.gmail.com>
Date: Sat, 07 Aug 2021 22:30:19 +0200
Cc: Toerless Eckert <tte@cs.fau.de>, 6man WG <ipv6@ietf.org>, IETF discussion list <ietf@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6F63D7FE-8768-4BD8-846E-61E50E44228F@lurchi.franken.de>
References: <db8c1a5534e9412ebcfa37682d75f862@huawei.com> <C23D7023-B5B7-47C6-8AC5-65A98822A724@lurchi.franken.de> <CANMZLAZGawUjRhSSE_rA8AyqMx=mx1WFeJ_tZq0KVEXJd2XBfQ@mail.gmail.com> <20210807014730.GA28901@faui48f.informatik.uni-erlangen.de> <CAO42Z2yezZh5-B0PwCuNt2FUMAW-FjMK8QZ8uL4TsPhs26zziw@mail.gmail.com> <20210807151716.GA3098@faui48f.informatik.uni-erlangen.de> <CALZ3u+a_7XQ+R8mV+9KzwRwxa0riP-QD_2R69ycV0NL9jy_S3Q@mail.gmail.com> <20210807175410.GA63079@faui48f.informatik.uni-erlangen.de> <CALx6S36b33LD_hNFvptOJuny4g98=dhq3RtKsGeLx3ks-yYjFg@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/9J6Rd8xdwcXNNTCqv6REQ6fzecE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Aug 2021 20:30:35 -0000

> On 7. Aug 2021, at 21:41, Tom Herbert <tom@herbertland.com> wrote:
> 
> 
> 
> On Sat, Aug 7, 2021, 10:55 AM Toerless Eckert <tte@cs.fau.de> wrote:
> 
> Sure, that is the basic recommendation,
> but let me play devils advocate (linux developer):
> 
> rfc6437: "However, a flow is not necessarily 1:1 mapped to a transport connection"
> 
> Aka: what linux does is a perfect lightweight form of
> MP_TCP just without the overhead of different IP addresses
> or port numbers to identify different flows. Just different
> IPv6 flow labels. And in MP-TCP it would of course be perfectly
> legitimate to use two flows sequentially, e.g.: when one flow
> has RTO issues, using the second flow. Thats just a transport
> protocol policy choice.
> 
> In other words: linux does not violate this SHOULD because it really
> uses two different flows.
> 
> Correct, it's the host prerogative to set the flow as it sees fits. Generally, we want the flow label to be consistent for the lifetime of the flow, that is why the flow label is only changed at RTO when the connection is failing. So this is really intended as a last ditch effort to salvage a failing connection.
I think it comes down to the question of what a flow is...

Some might consider a TCP connection being a single a flow, some seems to think that a TCP connection
consists of multiple flows, especially a new flow being started on a timer based retransmission.

Best regards
Michael
> 
> As for relying on the network to fix problems, the host cannot assume that. The host has detected a problem with a connection's path, there is no reason to believe that the networks, or networks, in the path will even detect the problem much less fix it quickly. It would be nice if the host had a standard means to report to the network that it sees a problem, but that doesn't exist.
> 
> Also, as the subject states these patches have been in Linux and deployment for 5 years now. The claim that it kills anycast seems overly melodramatic. Is there any real data on the problem?
> 
> I'll also point out that any route change in the network could also have the same effect. If anycast, or other stateful mechanisms, requires that all packets of transport flow are routed consistently for the lifetime of a flow then inevitably failures will occur. Consistent outing per flow is only best effort and not a standard requirement.
> 
> This flow label modulation patches  were presented in routing area WG at IETF 111. The intent is to document it and we are looking at mitigations (the algorithm might be a little too aggressive for sending into the public Internet).
> 
> Tom
> 
> 
> Cheers
>     Toerless
> 
> On Sat, Aug 07, 2021 at 06:37:52PM +0300, Töma Gavrichenkov wrote:
> > Peace,
> > 
> > On Sat, Aug 7, 2021, 6:19 PM Toerless Eckert <tte@cs.fau.de> wrote:
> > 
> > > Do our RFCs say or imply anything about whether or not hosts can change
> > > the IPv6 flow label field of a single flow during the lifetime
> > > of a flow (MUST, SHOULD, MAY, ... MAY NOT, SHOULD NOT, MUST NOT)
> > >
> > 
> > Well, it is, of course, sort of implied that the flow label is attached to
> > the particular flow.
> > 
> > As per normative references, RFC 6437 goes (underscores are mine):
> > 
> > > It is therefore RECOMMENDED
> > > that source hosts support the flow label by setting the flow label
> > > field for _all_packets_of_a_given_flow_ to the _same_value_ chosen from
> > > an approximation to a discrete uniform distribution.
> > 
> > --
> > Töma
> > 
> > >
> 
> -- 
> ---
> tte@cs.fau.de
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email