Re: [irs-discuss] Thoughts on draft-ward-irs-framework
Russ White <russw@riw.us> Thu, 02 August 2012 05:20 UTC
Return-Path: <russw@riw.us>
X-Original-To: irs-discuss@ietfa.amsl.com
Delivered-To: irs-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC07A11E80E3 for <irs-discuss@ietfa.amsl.com>; Wed, 1 Aug 2012 22:20:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XznAuVAxpDcb for <irs-discuss@ietfa.amsl.com>; Wed, 1 Aug 2012 22:20:31 -0700 (PDT)
Received: from da31.namelessnet.net (da31.namelessnet.net [74.124.205.66]) by ietfa.amsl.com (Postfix) with ESMTP id 2923111E80D9 for <irs-discuss@ietf.org>; Wed, 1 Aug 2012 22:20:31 -0700 (PDT)
Received: from dhcp-4151.meeting.ietf.org ([130.129.65.81]) by da31.namelessnet.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.77) (envelope-from <russw@riw.us>) id 1Swnpm-0003ay-4H; Wed, 01 Aug 2012 22:20:30 -0700
Message-ID: <501A0E22.4000200@riw.us>
Date: Thu, 02 Aug 2012 01:20:34 -0400
From: Russ White <russw@riw.us>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20120713 Thunderbird/14.0
MIME-Version: 1.0
To: Susan Hares <susan.hares@huawei.com>
References: <50187B55.407@riw.us> <728F9B956B2C48439CA9294B1723B1462375556A@dfweml509-mbs.china.huawei.com>
In-Reply-To: <728F9B956B2C48439CA9294B1723B1462375556A@dfweml509-mbs.china.huawei.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Antivirus-Scanner: Seems clean. You should still use an Antivirus Scanner
Cc: "irs-discuss@ietf.org" <irs-discuss@ietf.org>
Subject: Re: [irs-discuss] Thoughts on draft-ward-irs-framework
X-BeenThere: irs-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <irs-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/irs-discuss>, <mailto:irs-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/irs-discuss>
List-Post: <mailto:irs-discuss@ietf.org>
List-Help: <mailto:irs-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/irs-discuss>, <mailto:irs-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Aug 2012 05:20:33 -0000
> Sue: Use cases are key. The clarity of the use cases will guide us. Please send USE cases. Here are three I just threw together. We can talk about refining these tomorrow, if you like... My fingers got tired before my brain did. :-) Russ == Optimized Exit Use Case Assume you have a network where there are two possible exit points towards any set of destinations. The cost of using these links varies by time, and the quality of the links is highly variable, but not necessarily related to the actual load the local network is putting on them (in other words, these are oversubscribed links shared with other parallel networks or customers with unpredictable traffic patterns). What you'd like to do is to use the lowest cost link until the quality of the link reaches a specific level, and then switch to the higher cost link. The point at which this link switch might occur may vary based on time of day, because the RTO on specific traffic levels varies by the time of day as well. So you have a problem with multiple variables: link quality (apparently random from your perspective), link cost (varies by time of day), return on investment (varies by time of day). Combined with this you have multiple exit points, and you must draw traffic from an inside network as efficiently as possible to the best exit point, as determined by these various factors. The only well defined way to resolve this problem is to feed the variables to an off router controller, calculate the best exit point on some periodic basis, and then feed this information back into the routing table. All solutions that can solve this problem today use route injection into BGP, static route injection, or some other means to direct traffic --difficult and error prone mechanisms. All of these solutions also draw traffic only along links between the edge routers themselves to put traffic on the best possible outbound link. With IRS, the best path could be calculated using any number of custom written mechanisms, and the routes injected into the right places in the network to effect the most efficient drawing of traffic to the best exit point. Changes in the network environment could quickly cause traffic to be shifted to alternate exit points when circumstances dictate. == Denial of Service FlowSpec is designed to allow an AS to push a filter upstream, with the ultimate goal being to block the source of DDoS and other attacks as close to the origin of those attacks as possible. There are some situations, however, where you would prefer to block an attack at all edges, or throughout an entire local network. For instance, you might want to block the forwarding of traffic within your network while you are pushing FlowSpec updates upstream to block the traffic closer to the source, or you might be dealing with an attack originating from multiple points within your own network. While these responses are possible with standard routing, there is a strong case to be made that routing information should not be mixed with security response information within the routing domain (within an AS). Mixing these two types of information can make network management more difficult, and slow down the repair of a network during large scale failures. It would be simpler to have a single controller in a network tied to the various attack detection mechanisms that could directly install the correct routing information to pull all attack traffic to a central location, or to simply route the traffic to a null interface. An related use is that of pulling unknown traffic through specific devices for analysis. A network operator may not want to drive all traffic through traffic analysis devices simply because of cost and quality of service degredation. A network operator could use IRS to directly modify the routing tables on devices in the path of unknown or possibly dangerous flows so this traffic is pulled through the correct monitoring and analysis devices. == Remote Service Routing In hub and spoke overlay networks, there is always an issue with balancing between the information held in the spoke routing table, optimal routing through the network underlying the overlay, and mobility. Most solutions in this space use some form of centralized route server that acts as a directory of all reachable destinations and next hops, a protocol by which spoke devices and this route server communicate, and caches at the remote sites. An IRS solution would use the same elements, but with a different control plane. Remote sites would register (or advertise through some standard routing protocol, such as BGP), the reachable destinations at each site, along with the address of the router (or other device) used to reach that destination. These would, as always, be stored in a route server (or several redundant route servers) at a central location. When a remote site sends a set of packets to the central location that are eventually destined to some other remote site, the central location can forward this traffic, but at the same time simply directly insert the correct routing information into the remote site's routing table. If the location of the destination changes, the route server can directly modify the routing information at the remote site as needed. An interesting aspect of this solution is that no new and specialized protocols are needed between the remote sites and the centralized route server(s). Normal routing protocols can be used to notify the centralized route server(s) of modifications in reachability information, and the route server(s) can respond as needed, based on local algorithms optimized for a particular application or network. For instance, short lived flows might be allowed to simply pass through the hub site with no reaction, while longer lived flows might warrant a specific route to be installed in the remote router. Algorithms can also be developed that would optimize traffic flow through the overlay, and also to remove routing entries from remote devices when they are no longer needed based on far greater intelligence than simple non-use for some period of time. ==
- [irs-discuss] Thoughts on draft-ward-irs-framework Russ White
- Re: [irs-discuss] Thoughts on draft-ward-irs-fram… Alia Atlas
- Re: [irs-discuss] Thoughts on draft-ward-irs-fram… Susan Hares
- Re: [irs-discuss] Thoughts on draft-ward-irs-fram… Russ White
- Re: [irs-discuss] Thoughts on draft-ward-irs-fram… Russ White
- Re: [irs-discuss] Thoughts on draft-ward-irs-fram… Alia Atlas
- Re: [irs-discuss] Thoughts on draft-ward-irs-fram… Thomas Nadeau
- [irs-discuss] Clarification questions ... Robert Raszuk
- Re: [irs-discuss] Clarification questions ... Thomas Nadeau