Re: IPv6 Anycast has been killed by LINUX patch in 2016 - who cares?
Tom Herbert <tom@herbertland.com> Mon, 09 August 2021 00:37 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B8F93A1F8E for <ipv6@ietfa.amsl.com>; Sun, 8 Aug 2021 17:37:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jlvnE6rPQb3K for <ipv6@ietfa.amsl.com>; Sun, 8 Aug 2021 17:37:22 -0700 (PDT)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 74D7C3A1F8B for <ipv6@ietf.org>; Sun, 8 Aug 2021 17:37:22 -0700 (PDT)
Received: by mail-ed1-x534.google.com with SMTP id y12so22034703edo.6 for <ipv6@ietf.org>; Sun, 08 Aug 2021 17:37:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qXSxy2ExG2fAQs8wFn0oPVwcO6lXyQ7RZzrtdoVrDAY=; b=DsJfaJ6JAJbRbAwVc9WQmGG25/O49JWH/Zx+aNx6YbQDbwXUjc2U/NoGzagxzBifQV oGOPc+YjBQjww5xgr2GGkTsRkWyGi3R16AfMfiFqlbmfpqdFK6eGBoeVmPlGPJqbbid6 tlmUIZr9jTkcNlYZQDhlK7Cq0GNVeoCfGstOQqLt+J+ATi7/JTQqoinaZOW1rQFnSWVt efyz2Wr7G/ZAdUUrVCxxx75oENA0o6KjzBXKWLoEvzN0rlna7jnHSBF4XjXK/6qiPBms 6u1VqhKPmZ30Zh8a2It/xH2WHfFccSyWtVbsrQXCqmMqNE0IzTWAcSKmeG+niBvzU+G6 sYgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qXSxy2ExG2fAQs8wFn0oPVwcO6lXyQ7RZzrtdoVrDAY=; b=WhsOc5BKw1PCEdzJoKDvqcgBdrdHS90JCUHkgIHHWfiHzHLkxwhkha3fCXF5hJJY7W rgi6JR11CRGBk/snWIL0aouToD3MV7GYgOiWOwMAHy3ivuaRx2HkVGn0eCvderwI7kca KBSYaefpzyM5M8rOBEMFpo6wvBRnxt0rgKfzQhMQxzKhJ4LMp8aZ+KpU9yWyDxPOKkeF VL/2hEmFIB2bpkPnwOt4mON0HCBOSN5LAfCmEEFXhbqASucvqFOEIzlShbJWr/woXxVw TfxmAkwZSjwtqbv5zHCTK/fpShimDGSXMsC/0QgS8NUtehIDVxchyhs61rhEmc1Lx7Pe gchA==
X-Gm-Message-State: AOAM533zyaf6n6vdp3S/MV9E7aE1hal5+qk08STmwwl5EJd0Jfzj801K mPLCXhqAZqCcKMK+LmZXfsoUTdYPHL5h7hR+JD7ETPPuoizesw==
X-Google-Smtp-Source: ABdhPJyRv3lJBl5QSOa/DiVt7Sl6A18EduBDEBOY3PSn0gknBqVuNSnFARQwZa79ikpu64vSBgGisWLt4ExU8gJzF7Q=
X-Received: by 2002:a05:6402:796:: with SMTP id d22mr26916110edy.57.1628469439933; Sun, 08 Aug 2021 17:37:19 -0700 (PDT)
MIME-Version: 1.0
References: <CALx6S36pbw2angEmDpu5DnX2nix9KgxFs7ExU17x+JXQFs23TA@mail.gmail.com> <CALZ3u+Yt2X3faSVW7K0eaxmaQy6iA6p4=f0c4E_F4CP0tfjHYw@mail.gmail.com> <CALx6S343sL0=5wUTRSXMnhSamjTTZU=DzA9Y+dbJ4NRTu0_83w@mail.gmail.com> <CALZ3u+ad6Cecp4T+wfuKVJ4ZmnQvaCSX2njFPCN8DuctrU6uew@mail.gmail.com> <CALx6S37u=y1wX8+6d8aX-6=N1MFEqO9RwxQN5zhZnS4DLM8DcA@mail.gmail.com> <CALZ3u+bHbsdzQsHOHx-6nEe6yQBbHMDhH9_PWB=WHTchB8tj5w@mail.gmail.com> <CALx6S36MpCOh2mR+cfM__ASTdn9c4CuhxUrCnUgEv1WhORLyRg@mail.gmail.com> <CALZ3u+ZyQKUJc__HWu6drNyLSCJJ8bOsLfg1B18xwB9+HMe8GA@mail.gmail.com> <CALx6S366bXkCsyEkWCONBX5kcB9JzHU=aNF9hd+wT9FcTdShFw@mail.gmail.com> <CALZ3u+aP=v_1=w1xqfEKof7Cc6Ba3pwOYV3O=0b=NxS4hRWhiA@mail.gmail.com> <YRBdZrKV+MrrhUCG@mit.edu> <9129410f-bdef-9341-9f42-0ee585f01a69@foobar.org>
In-Reply-To: <9129410f-bdef-9341-9f42-0ee585f01a69@foobar.org>
From: Tom Herbert <tom@herbertland.com>
Date: Sun, 08 Aug 2021 17:37:07 -0700
Message-ID: <CALx6S35o8v1aJKjP6v1Ab78Xm593BYnpeqhpzRkqU0ycjkQniA@mail.gmail.com>
Subject: Re: IPv6 Anycast has been killed by LINUX patch in 2016 - who cares?
To: Nick Hilliard <nick@foobar.org>
Cc: Theodore Ts'o <tytso@mit.edu>, 6man WG <ipv6@ietf.org>, Töma Gavrichenkov <ximaera@gmail.com>, IETF discussion list <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007ebe6505c9159640"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/zg_mOeGOV8QJaRozP1brD9Ye8Yk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2021 00:37:27 -0000
On Sun, Aug 8, 2021, 4:10 PM Nick Hilliard <nick@foobar.org> wrote: > Theodore Ts'o wrote on 08/08/2021 23:40: > > Which of the top5, 10, 100 sites on the Internet use anycast? > > for starters, all the dns root servers. For content delivery, some of > Cloudflare's content is delivered to end users using anycast on the > front side. Are the DNS root servers top-5, top-10 or top-100 sites > (asking for a friend)? > Route changes wouldn't impact stateless UDP use of anycast. > > > If Facebook, Amazon, Google, Wikipedia, etc., are using standard IPv4 > > and IPv6 endpoints and are *not* using anycast, and they have > > successly fielded defenses against DDOS's without using anycast, > > wouldn't that tend to blow a gigantic, gaping hole in your assertion? > > It's the norm to build ddos defenses without anycast, but it has its > place as a technology. > > Otherwise: anycast is one of many tools in the box; rewriting the ipv6 > flow label hurts ipv6 anycast when DDOS traffic sinkers use ECMP for > load balancing; tcp anycast is a hack which works quite nicely for > short-lived tcp sessions and barely at all for long-lived sessions (this > is well-understood in network engineering circles). > Perhaps, but I would hope users are aware of the susceptibility of anycast to arbitrary routing changes in the path (flow label modulation being just one example). It's also a question of how much we should accommodate protocols like this that aren't aligned with the core architecture of the Internet. At some point such accomodations impede evolution of protocols and the Internet > > @Tom your suggestions for tuning down the flow label rewriting > aggression level sound reasonable. > > Nick > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- >
- Re: IPv6 Anycast has been killed by LINUX patch i… Toerless Eckert
- Re: IPv6 Anycast has been killed by LINUX patch i… Mark Smith
- Re: IPv6 Anycast has been killed by LINUX patch i… Jeff Tantsura
- Re: IPv6 Anycast has been killed by LINUX patch i… Mark Smith
- Re: IPv6 Anycast has been killed by LINUX patch i… Toerless Eckert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Toerless Eckert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Brian E Carpenter
- Re: IPv6 Anycast has been killed by LINUX patch i… Michael Tuexen
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Robert Raszuk
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Robert Raszuk
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Robert Raszuk
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Robert Raszuk
- Re: IPv6 Anycast has been killed by LINUX patch i… Simon Hobson
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… David Farmer
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Theodore Ts'o
- Re: IPv6 Anycast has been killed by LINUX patch i… Nick Hilliard
- Re: IPv6 Anycast has been killed by LINUX patch i… Brian E Carpenter
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Jen Linkova
- Re: IPv6 Anycast has been killed by LINUX patch i… Patrik Fältström
- Re: IPv6 Anycast has been killed by LINUX patch i… Ole Troan
- Re: IPv6 Anycast has been killed by LINUX patch i… Patrik Fältström
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- Re: IPv6 Anycast has been killed by LINUX patch i… Michael Tuexen
- Re: IPv6 Anycast has been killed by LINUX patch i… Michael Tuexen
- Re: IPv6 Anycast has been killed by LINUX patch i… Brian Carpenter
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Nick Hilliard
- Re: IPv6 Anycast has been killed by LINUX patch i… Templin (US), Fred L
- Re: IPv6 Anycast has been killed by LINUX patch i… Phillip Hallam-Baker
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- Re: IPv6 Anycast has been killed by LINUX patch i… Warren Kumari
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- Re: IPv6 Anycast has been killed by LINUX patch i… Tom Herbert
- Re: IPv6 Anycast has been killed by LINUX patch i… Phillip Hallam-Baker
- Re: IPv6 Anycast has been killed by LINUX patch i… Phillip Hallam-Baker
- Re: IPv6 Anycast has been killed by LINUX patch i… Warren Kumari
- Re: IPv6 Anycast has been killed by LINUX patch i… Christian Huitema
- Re: IPv6 Anycast has been killed by LINUX patch i… Robert Raszuk
- Re: IPv6 Anycast has been killed by LINUX patch i… Warren Kumari
- Re: IPv6 Anycast has been killed by LINUX patch i… Warren Kumari
- Re: IPv6 Anycast has been killed by LINUX patch i… Theodore Ts'o
- Re: IPv6 Anycast has been killed by LINUX patch i… Gyan Mishra
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- Re: IPv6 Anycast has been killed by LINUX patch i… Töma Gavrichenkov
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- Re: IPv6 Anycast has been killed by LINUX patch i… Gyan Mishra
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- Re: IPv6 Anycast has been killed by LINUX patch i… Gyan Mishra
- RE: IPv6 Anycast has been killed by LINUX patch i… Vasilenko Eduard
- Re: IPv6 Anycast has been killed by LINUX patch i… Gyan Mishra
- Driver for SRV6 [Re: IPv6 Anycast has been killed… Brian E Carpenter
- Re: Driver for SRV6 [Re: IPv6 Anycast has been ki… Gyan Mishra
- RE: Driver for SRV6 [Re: IPv6 Anycast has been ki… Vasilenko Eduard
- Re: Driver for SRV6 [Re: IPv6 Anycast has been ki… Stefano Salsano
- RE: Driver for SRV6 [Re: IPv6 Anycast has been ki… Vasilenko Eduard
- Re: Driver for SRV6 [Re: IPv6 Anycast has been ki… Gyan Mishra