IETF Logo Mail Archive

Re: [lisp] Draft-kouvelas-lisp-map-server-reliable-transport WG Adoption

Dino Farinacci <farinacci@gmail.com> Sat, 23 April 2022 18:09 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E6E03A08E7; Sat, 23 Apr 2022 11:09:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qKEef9sqQcou; Sat, 23 Apr 2022 11:08:59 -0700 (PDT)
Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B67853A08C8; Sat, 23 Apr 2022 11:08:59 -0700 (PDT)
Received: by mail-pf1-x430.google.com with SMTP id j17so10995239pfi.9; Sat, 23 Apr 2022 11:08:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=M/GNtKF9urRhWOapBfOL3K27ZJDxTs7xiL+AflIJzdc=; b=DZ8jYWHY39iLdBibObkOpLqXGDhm/z6IXHcdey3yTfgdTLHxljQvx/NUdOX+/1g21b g9nAtKb1vFFMBZPSuxnQQL56uTjPTQvaH4xD/gFHJmMAcI8DuBdJVO/t3zdvDgEnfLeC GO6AbW94+3ne4slwhzwlfTYMfrlQ9e20MW6DF4VhA/ehsK2tzCVszaVUi+C4v4k0JX/T RbNhm6PEKscAbc/tkSaKabnBRb9qMI0/UgkFRg56/2BhEJsQGSjmEFpQRxitsnnX+Gjn xz7C0hRNFPM3LZ8LUKO82/94KKQZqPd5ZhtX1rlqx58RVkO0eHxX6gMRD5KhN58nb/bW wykg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=M/GNtKF9urRhWOapBfOL3K27ZJDxTs7xiL+AflIJzdc=; b=7Pb0OIZRCfxPehCsfroyA8MkuM1FWTJv7rZ0J6bTHjPQNCm7JaZDIy0y0HKUiPRRiL 8p2VRs5QHiQXe02YbSv2YpkGuraMD1lTdRVsp+BDrTOWDnJDDNaZN4v64uKPzXmzfkLF Xakep5AXDM5dv6uA5HGQSZ1eGu+9WrC2ZrHI89641YtEALVWRuszzyrzxAYHzH1iJ97h yXcmLpHJ7dIS+I2krgha+BHRJ3oEKkwIhHZylVPrDoDlp557z+aUB/uPINzr5i4XUGkP uDyrWvRxVAwmLDTLNLzIBj3sHpOpyqPw41rLM05MddhdBZpIMmd5oGUr7UJAb6fKLhkI ghBg==
X-Gm-Message-State: AOAM530kqXja3umE8ydpHgtJQsBjCTsUn+exwabGB7Ef0liHwRErG7A2 A9UqvUmm65dVqQkx4eLkYVA=
X-Google-Smtp-Source: ABdhPJz/MbdFSSrpgRiCG/x9Hrp2xSppOFzyNCbsmB53pW6yySO9W/5zrmuVw/Qq3EEy74vzxXHoeA==
X-Received: by 2002:a05:6a00:1818:b0:50a:dfc5:9ed4 with SMTP id y24-20020a056a00181800b0050adfc59ed4mr11034218pfa.70.1650737338521; Sat, 23 Apr 2022 11:08:58 -0700 (PDT)
Received: from smtpclient.apple (c-98-234-33-188.hsd1.ca.comcast.net. [98.234.33.188]) by smtp.gmail.com with ESMTPSA id b20-20020a62a114000000b0050d231e08ffsm2447903pff.37.2022.04.23.11.08.57 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 23 Apr 2022 11:08:57 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <CAOj+MMF0T0i_JN=KVHnFs7UyDs6eX3eqekzoFLveQ0TMhkcFnA@mail.gmail.com>
Date: Sat, 23 Apr 2022 11:08:56 -0700
Cc: Luigi Iannone <ggx@gigix.net>, lisp-chairs@ietf.org, "lisp@ietf.org list" <lisp@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <4440288E-32A0-4DB2-9EEA-6DEC9277CD24@gmail.com>
References: <1F470969-4ECE-437A-8E1A-C005679F9422@gigix.net> <CAOj+MMG2qnYhRXEeyOOjPuaAD4ZYcvP9wyUBiqGECrzUupLyew@mail.gmail.com> <73F7376E-B22B-488A-8503-B91F11D965AB@gmail.com> <CAOj+MMEVLzvuy2ZUS=5uzgVnj3xmF_C2LQSYOMUZ4E7xvy_GQw@mail.gmail.com> <CF1852EE-3684-4093-AA53-0F450C56CA18@gmail.com> <CAOj+MMG5XSSDB-z23fZwOPHFebntXYDcRtaDzgq6tespEHBMPA@mail.gmail.com> <E54406EF-5CAF-4492-90C0-8E9A99BCC07B@gmail.com> <6D2655D8-DC32-4EC6-A946-AEC4CDCF00B7@gmail.com> <CAOj+MMF0T0i_JN=KVHnFs7UyDs6eX3eqekzoFLveQ0TMhkcFnA@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/q10S9HeLmUBSX00XhTAohDuLiFs>
Subject: Re: [lisp] Draft-kouvelas-lisp-map-server-reliable-transport WG Adoption
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Apr 2022 18:09:04 -0000

> Hi Dino,
> 
> Actually when I said 3 RTTs I meant to say 3 TTs so 1.5 RTT. In any case the below depends on the end point and recurrence of sessions vs pre copied keys:
> 
> Connection setup… the QUIC way:
> ○ 0 round-trips to a known server (common)
> ○ 1 round-trip if crypto keys are not new
> ○ 2 round-trips if QUIC version negotiation needed
> 
> In your case 0.5 RTT seems to be in the case where there is no crypto security. The draft talks about UDP authentication, but is pretty dry on the details of it :( 

The ETR can encrypt the Map-Register with one shared-key. And the Map-Register contains an authentication hash with another shared-key. So with LISP-proper using UDP, you can get security in 1 TT (.5 RTT).

If you want dynamic key exchange, you can use QUIC but you can also use LISP-crypto. Which means a DH exchange happens with RLOC-probes, then the Map-Register is data encapsulated in LISP from the ETR to the Map-Server. This would be 1 RTT + 1 TT (that happens after the RTT).

> In any case during mobility there is always radio overlap where the new registration can take place while old is still working fine. This is the same with mobile networks or wifi etc ... So I am not sure where the requirement comes from to compromise security with need for speed ?

Don't forget EIDs can roam across WiFi APs too.

Dino

> 
> Best,
> Robert
> 
> 
> On Fri, Apr 22, 2022 at 10:41 PM Dino Farinacci <farinacci@gmail.com> wrote:
> Actually there is, predictive-rlocs. No messaging is better than .5 RTT in control-plane. But might not be fair to compare since you have to send data to more places that may get dropped.
> 
> Dino
> 
> > On Apr 22, 2022, at 1:39 PM, Dino Farinacci <farinacci@GMAIL.COM> wrote:
> > 
> > Nothing is better than .5 RTT.  ;-)
> > 
> > Dino
> > 
> >> On Apr 22, 2022, at 1:18 PM, Robert Raszuk <robert@raszuk.net> wrote:
> >> 
> >> Hi Dino,
> >> 
> >>> If you use a transport layer that requires connection setup, it will slow down handoff time when EIDs are moving.
> >> 
> >> But quic connection setup is just 3 RTTs. Is that an issue ? 
> >> 
> >> Thx,
> >> R.
> >> 
> >> On Fri, Apr 22, 2022 at 8:40 PM Dino Farinacci <farinacci@gmail.com> wrote:
> >> The others know to add quic, it was part of a discussion on how to open sockets using QUIC and which port numbers to use. That text is coming. The drfat does intend to support multiple transports. Here is one excerpt that proves that:
> >> 
> >> <Screen Shot 2022-04-22 at 11.37.47 AM.png>
> >> 
> >> QUIC will be added to the list above.
> >> 
> >> To answer your second question. If you use a transport layer that requires connection setup, it will slow down handoff time when EIDs are moving. So in that case, a Map-Reqister should just be sent over UDP. And on the Map-Request side you will require an RTT before getting the map-cache populated.
> >> 
> >> Dino
> >> 
> >> 
> >>> On Apr 22, 2022, at 11:11 AM, Robert Raszuk <robert@raszuk.net> wrote:
> >>> 
> >>> Hi Dino,
> >>> 
> >>> Before I hit sent I did search the draft and did not find any match on QUIC :( 
> >>> 
> >>> But to your question - yes. I see no reason why LISP control plane could not be running over QUIC. 
> >>> 
> >>> Best,
> >>> R.
> >>> 
> >>> On Fri, Apr 22, 2022 at 7:59 PM Dino Farinacci <farinacci@gmail.com> wrote:
> >>> The draft indicates QUIC can be used as a reliable transport. But are you saying QUIC should be used for all LISP messages?
> >>> 
> >>> Dino
> >>> 
> >>>> On Apr 22, 2022, at 6:35 AM, Robert Raszuk <robert@raszuk.net> wrote:
> >>>> 
> >>>> Hi,
> >>>> 
> >>>> May I ask for reasons not to use QUIC instead of home made UDP based transport followed by TCP ? 
> >>>> 
> >>>> Many thx,
> >>>> Robert
> >>>> 
> >>>> On Wed, Apr 20, 2022 at 9:42 AM Luigi Iannone <ggx@gigix.net> wrote:
> >>>> All,
> >>>> 
> >>>> During the last LISP WG meeting in Vienna/Meetecho the authors of the draft:
> >>>> 
> >>>> LISP Map Server Reliable Transport
> >>>> https://datatracker.ietf.org/doc/draft-kouvelas-lisp-map-server-reliable-transport/
> >>>> 
> >>>> Asked for adoption as WG document.
> >>>> Call for adoption during the meeting showed clear consensus.
> >>>> This email is the usual procedure to confirm the consensus on the mailing list.
> >>>> 
> >>>> If anybody has concerns about adopting this document please state so on the mailing list before May 5th 2022. 
> >>>> Please also argument the technical reason why you have concerns.
> >>>> 
> >>>> Ciao
> >>>> 
> >>>> Luigi & Joel
> >>>> 
> >>>> 
> >>>> _______________________________________________
> >>>> lisp mailing list
> >>>> lisp@ietf.org
> >>>> https://www.ietf.org/mailman/listinfo/lisp
> >>>> _______________________________________________
> >>>> lisp mailing list
> >>>> lisp@ietf.org
> >>>> https://www.ietf.org/mailman/listinfo/lisp
> >>> 
> >> 
> > 
>

v2.35.0 | Report a Bug | By Email | System Status