IETF Logo Mail Archive

Re: [pcp] How can I make a ~stateless forwarding PCP proxy again?

"Reinaldo Penno (repenno)" <repenno@cisco.com> Mon, 05 May 2014 21:38 UTC

Return-Path: <repenno@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B56A81A0547 for <pcp@ietfa.amsl.com>; Mon, 5 May 2014 14:38:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.152
X-Spam-Level:
X-Spam-Status: No, score=-10.152 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aaE8M_mk3NXV for <pcp@ietfa.amsl.com>; Mon, 5 May 2014 14:38:08 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) by ietfa.amsl.com (Postfix) with ESMTP id 8AED21A0522 for <pcp@ietf.org>; Mon, 5 May 2014 14:38:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3208; q=dns/txt; s=iport; t=1399325885; x=1400535485; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=i/UELGpC8VQzyM/Vno9RwUjlYNo0jE2fgPlOATNSaOM=; b=Cfe4x1I64EFNfigJPT0id1uRfTMgCeQsWsWQCJW+UJqVgBqFqS9VylT7 6U7cFYtGVt9kk6aFFl51CXyQOkOqwKcABYLK14EA5/CrlZrjrFdQ8ERpK aZfT/qIlVyzz5FtgWcUAovxgg7AnapTMO8hBAnRDGpaOUy91fLeI8IWC+ w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjoFAJcDaFOtJV2b/2dsb2JhbABZgwaBJ8RGgRwWdIIlAQEBBCdSEAIBCBEEAQEBCiQyHQgCBA4FCIg5zVUXjiExBwaDJIEVAQOsKIM0gi8
X-IronPort-AV: E=Sophos;i="4.97,991,1389744000"; d="scan'208";a="41207522"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by alln-iport-3.cisco.com with ESMTP; 05 May 2014 21:38:04 +0000
Received: from xhc-aln-x06.cisco.com (xhc-aln-x06.cisco.com [173.36.12.80]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id s45Lc4nV020075 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 5 May 2014 21:38:04 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.212]) by xhc-aln-x06.cisco.com ([173.36.12.80]) with mapi id 14.03.0123.003; Mon, 5 May 2014 16:38:04 -0500
From: "Reinaldo Penno (repenno)" <repenno@cisco.com>
To: Markus Stenberg <markus.stenberg@iki.fi>
Thread-Topic: [pcp] How can I make a ~stateless forwarding PCP proxy again?
Thread-Index: AQHPaIvbEzCvnrZ5eUCbgJ908UuMc5syYlxhgABdvID//8MLKA==
Date: Mon, 05 May 2014 21:38:04 +0000
Message-ID: <45A697A8FFD7CF48BCF2BE7E106F06040B8C95CC@xmb-rcd-x04.cisco.com>
References: <FDB45976-B7A3-4C59-B2D1-C01982D0205F@iki.fi> <45A697A8FFD7CF48BCF2BE7E106F06040B8C957D@xmb-rcd-x04.cisco.com>, <2B975F36-4E46-4D93-891B-DB4E480FF190@iki.fi>
In-Reply-To: <2B975F36-4E46-4D93-891B-DB4E480FF190@iki.fi>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.121.139]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/pcp/QrU7G2TXJetOIbGg6gdABTnaUsk
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] How can I make a ~stateless forwarding PCP proxy again?
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 21:38:09 -0000

"Getting back to my previous question, now that I think of it, actually, the IP address of the client is in the THIRD_PARTY option. Only thing that isn’t explicitly stored somewhere is the address client contacts the proxy on (it probably has 1-N addresses per M interfaces)."

Yes, but I believe in the current back-to-back proxy proposal (newest draft) the third party option would/should be completely removed by the proxy before forwarding a message.
 
________________________________________
From: Markus Stenberg [markus.stenberg@iki.fi]
Sent: Monday, May 05, 2014 1:14 PM
To: Reinaldo Penno (repenno)
Cc: Markus Stenberg; pcp@ietf.org
Subject: Re: [pcp] How can I make a ~stateless forwarding PCP proxy again?

On 5.5.2014, at 21.41, Reinaldo Penno (repenno) <repenno@cisco.com> wrote:
> we had this discussion in the past but and I, for one, backed the idea of PCP being able to support stateless proxies.  So, you are not alone there but maybe you want to write a draft about it so the WG can discuss it.


Nods. Personally I like to minimize the amount of state in a system, so I’m a fan of stateless designs. My current design for a proxy has just 3 logical pieces of ‘state’ per supported remote server:

- (client) source prefix + prefix length to match
- address of the server
- server epoch + when was it received

And currently I’m trying to make sure it’s actually doable to do all I want with just that and few hundred lines of C. After looking at how big PCP client libraries are, last thing I want is really PCP client glued to PCP server.

Getting back to my previous question, now that I think of it, actually, the IP address of the client is in the THIRD_PARTY option. Only thing that isn’t explicitly stored somewhere is the address client contacts the proxy on (it probably has 1-N addresses per M interfaces). If proxy uses same source address for talking with server as client used to contact it (with different port, obviously), it should work fine, without per-client or per-request state.

e.g.

C -> P [IntIP=C]
P -> S [IntIP=P, TP=C]
S -> P [TP=C]
P -> C [no TP]

Beyond that, some ANNOUNCE handling is needed, but as long as you stick to multicast, that can be also stateless. (Connected clients know if they have state with the particular proxy that spams ANNOUNCEs.)

Perhaps I’ll write up about it somewhere (pcp or homenet), although it’s more of an implementation detail draft, than actual protocol change requiring one.

Cheers,

-Markus

P.S. This scheme works fine with IPv4. With IPv6, it may have issues, when C contacts P using link-local address and I don’t think there is anything preventing that. P is probably unable to contact S using that. Oh well. I guess doing other IPv6 scopes would work, and falling back to IPv4 if client doesn’t do DHCP*/RA/something else option to learn the IPv6 GUA/ULA of the proxy on first hop.

v2.23.0 | Report a Bug | By Email