IETF Logo Mail Archive

Re: Never fragment: getting PMTU info transmitted reliably

"Joel M. Halpern" <jmh@joelhalpern.com> Thu, 17 January 2019 00:12 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5698B1292F1 for <ipv6@ietfa.amsl.com>; Wed, 16 Jan 2019 16:12:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vel5OE4u_imm for <ipv6@ietfa.amsl.com>; Wed, 16 Jan 2019 16:12:04 -0800 (PST)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66028126CC7 for <ipv6@ietf.org>; Wed, 16 Jan 2019 16:12:04 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 43g4JM6M9yzwPKQ; Wed, 16 Jan 2019 16:12:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1547683923; bh=uNkAnFwbvxL2nmt2Pr/CPFbSG8cwRkNFUAYrOvzckv8=; h=Subject:To:References:From:Date:In-Reply-To:From; b=EU4w1SmSqZ5gN6L8DsJUXYwfVESnbHHnZqXJyw71r6/lM6kaeQyEWqgu86VTBaS6s HRlQec7p8aO/bty2IMh+yP7FBnKz3kxJpbOPk4zi40ctR4VkaIBGNMuw7/R0PmdgaO n4khOfbDbIIcnod3AEI+fKfoKhAuKIdnHyHiAmnY=
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from Joels-MacBook-Pro.local (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 43g4JM0t2nzFqq7; Wed, 16 Jan 2019 16:12:02 -0800 (PST)
Subject: Re: Never fragment: getting PMTU info transmitted reliably
To: Michael Richardson <mcr+ietf@sandelman.ca>, IPv6 List <ipv6@ietf.org>
References: <CAOSSMjV0Vazum5OKztWhAhJrjLjXc5w5YGxdzHgbzi7YVSk7rg@mail.gmail.com> <A3C3F9C0-0A07-41AF-9671-B9E486CB8246@employees.org> <AEA47E27-C0CB-4ABE-8ADE-51E9D599EF8F@gmail.com> <6aae7888-46a4-342d-1d76-10f8b50cebc4@gmail.com> <EC9CC5FE-5215-4105-8A34-B3F123D574B9@employees.org> <4c56f504-7cd7-6323-b14a-d34050d13f4e@foobar.org> <9E6D4A6E-8ABA-4BAB-BEC5-969078323C96@employees.org> <CAAedzxpdF+yhBXfnwUcaQb-HkgdaqXRU3L+S7v8sS1F0OkwM9A@mail.gmail.com> <78a8a0e0-8808-364c-41f7-f81f90362432@gont.com.ar> <CAAedzxpjxhP0nOZVU0CTwA1u3fsPFthrJASjDEfnLcRNvr2gBQ@mail.gmail.com> <c9be798e-5a32-7c3e-a948-9ca2fab30411@si6networks.com> <CAHw9_i+M2-420pykp99LcgMNSG=eeDqsZK8+hN20t_uUdANHfA@mail.gmail.com> <d6e52c30-bbd1-1ee7-144c-fa13a9df5f38@gmail.com> <0f4a6c88-1def-6766-235b-1bcd2cc5e33b@si6networks.com> <CAHw9_i+FB-tb8c+G22FCUxNg9BDpMfwqur8gSn5QaXteBcABZA@mail.gmail.com> <3 eead7ba-dcb4-ed52-05bb-a41a5602f251@gmail.com> <14135.1547681760@localhost>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <a044c327-d9ce-573e-a158-6c4b157f2d6c@joelhalpern.com>
Date: Wed, 16 Jan 2019 19:12:01 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <14135.1547681760@localhost>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/VQgoLblTnWJh9mRjT2kOXS3YmXw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jan 2019 00:12:06 -0000

Just to clarify one aspect of the way entropy in path selection, I want 
to point out a complication.

It is not anywhere near enough to have as much entropy data as the 
number of choices.  The problem is that you need enough randomness so 
that you can expect a good distribution of flows.  And that even the 
smaller number of larger flows will likely get distributed across the 
choices.    Reducing the amount of available entropy can be quite 
problematic.

Yours,
Joel

On 1/16/19 6:36 PM, Michael Richardson wrote:
> 
> Warren writes about putting MTU info into flow Label:
>      >> to signal up to a 9K MTU, we would need 13bits (LN(9K-1280)/LN(2) =
>      >> 12.9).
>      >> 20 - 13 gives 7 bits (128) for the hash entropy. "7 bits of entropy,
>      >> evenly distributed, should be enough for anyone", he said, hoping
>      >> no-one points at
>      >> the obvious correlation to 640K of RAM...
> 
> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>      > I guess it all depends what you expect from the entropy. 20 bits gives
>      > you a 1-in-a-million chance of a clash. 7 bits gives you a 1-in-128 chance
>      > of a clash. This probably doesn't matter for a simple ECMP or LAG kind
>      > of load sharing, but who's to say it doesn't matter for some more
>      > fancy kind of sharing across a large array of servers?
> 
> You'd have to have more than 128 servers and/or paths.
> Maybe one of our SPRING people in this WG can tell us if that's a real
> problem today.  Obviously, we can't guess if it will be bad in the future,
> but if it's a problem today, then we can know that immediately.
> 
> Now when I pushed for draft-ietf-6man-rfc6434-bis-09 and RFC8200 to say
> that PLMTUD to be made MUST, I got various push backs that amounted to:
>    1) we don't have enough evidence yet.
>    2) it doesn't work for UDP and other traffic.
> 
> (1) turned out to be a real issue. I thought that some of the big players
>      could easily get, or already would have, that kind of evidence.
>      (Linux does not ship with PLPMTUD on by default.  If you want it, btw,
>      sysctl -w net.ipv4.tcp_mtu_probing=2.  Yes. ipv4. It affects both)
>      Turns out I was told that they always set their TCP segment size such that
>      they likely will never fragment for v4 or v6, because due to hardware
>      Transit Offload, the cost of missing a tx-op exceeds the benefit of
>      making the packet slightly bigger.  I suspect that this is true in
>      general to UDP and QUIC traffic too.
>      I imagine a next generation 10G NICs might offer QUIC offload, including
>      doing the crypto.  That's what I'd be coding if I worked in that space.
> 
> 2) I will admit that I personally don't care that much about UDP traffic,
>     except in that it lets me run IPsec through NAT44s.   I know that I use
>     QUIC and WebRTC regularly, and that corporate enterprise users gets
>     screwed by lack of UDP regularly.
> 
> So I think question is: is there really a problem that needs to be solved?
> Maybe I will have to back and read the beginning of this thread again to
> recall what the issue was.   Does this belong in SPUD?
> 
> I wish that SCTP had flown higher...
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>   -= IPv6 IoT consulting =-
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email