IETF Logo Mail Archive

Re: [pcp] draft-ietf-pcp-dhcp: multiple pcp servers

"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Wed, 14 August 2013 09:21 UTC

Return-Path: <tireddy@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AC0521E8090 for <pcp@ietfa.amsl.com>; Wed, 14 Aug 2013 02:21:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.999
X-Spam-Level:
X-Spam-Status: No, score=-9.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_43=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cilKMvB-5mnE for <pcp@ietfa.amsl.com>; Wed, 14 Aug 2013 02:21:42 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id BC45A21E809D for <pcp@ietf.org>; Wed, 14 Aug 2013 02:21:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8643; q=dns/txt; s=iport; t=1376472101; x=1377681701; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=PiKzr7OfJhRBl6e9bKt8d/+V0/ScAZtSoHpOIIvSzFo=; b=IdB5wCiq5pUy0haj1DTYn74t4nl01Zbb1pRQ9QO0I8AQ9bx/gwkD+Ec2 kJVvDLS+26pIc5V+GjiVjqpDAUIppGVe6ht4zaOp8HY6uVUZZutrgby7p V8QIXCxTuAHIEkysoCJSaHVVqe52Q/29FHFLlz3CZL+RuNiw37RoFno2t o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AmsHAOJKC1KtJV2c/2dsb2JhbABbgwY1UL5igSMWbQeCJAEBAQMBAQEBawsFBwQCAQgRBAEBAQodBycLFAkIAgQOBQgTh28GDLkmjm+BHDEHBoMVdgOIdZAckCSDG4FxOQ
X-IronPort-AV: E=Sophos;i="4.89,875,1367971200"; d="scan'208";a="247211270"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-4.cisco.com with ESMTP; 14 Aug 2013 09:21:38 +0000
Received: from xhc-rcd-x01.cisco.com (xhc-rcd-x01.cisco.com [173.37.183.75]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id r7E9Lcie032283 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 14 Aug 2013 09:21:38 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.191]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.02.0318.004; Wed, 14 Aug 2013 04:21:38 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Thread-Topic: [pcp] draft-ietf-pcp-dhcp: multiple pcp servers
Thread-Index: AQHOmMMT3iKXDUtyYkegn5NsaBnqkZmUbG4Q
Date: Wed, 14 Aug 2013 09:21:38 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A1901F271@xmb-rcd-x10.cisco.com>
References: <94C682931C08B048B7A8645303FDC9F36EEC7E9894@PUEXCB1B.nanterre.francetelecom.fr> <B235506D63D65E43B2E40FD27715372E1CE5E2D5@xmb-rcd-x07.cisco.com>
In-Reply-To: <B235506D63D65E43B2E40FD27715372E1CE5E2D5@xmb-rcd-x07.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [173.39.64.18]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] draft-ietf-pcp-dhcp: multiple pcp servers
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Aug 2013 09:21:48 -0000

I agree with Med, the current design should be maintained. The other reasons would be:

In scenario http://tools.ietf.org/html/draft-ietf-pcp-server-selection-01#appendix-A.1 PCP client would want to send PCP request with FLOWDATA option to 
both rtr1 and rtr2, so that it can prioritize the source addresses (ICE host candidates) based on FLOWDATA response (if the requested flow characteristics can be met or not or partially met). This mechanism will help the client (ICE agent) to get the responses directly from rtr1 and rtr2 which will help to prioritize the ICE candidates and send offer/answer.

we are working on a draft on How PCP can be used to influence the host's ICE candidate selection algorithm and plan to use the current design which solves the problem for both multi-homing and MIF scenarios.

--Tiru.
 
> On 13/08/13 11:56 AM, "mohamed.boucadair@orange.com"
> <mohamed.boucadair@orange.com> wrote:
> 
> >Dear all,
> >
> >The design of the DHCP PCP option
> >(http://tools.ietf.org/html/draft-ietf-pcp-dhcp-08) assumes:
> >(1) multiple pcp servers may be received from the same DHCP server.
> >(2) one pcp server may be reachable with multiple IP addresses.
> >(3) when multiple pcp servers are returned, the pcp client will need to
> >contact all these servers.
> >(4) It is up to an administrative entity to return one or multiple pcp
> >servers. No restriction is made by design.
> >
> >FWIW, this design was in the draft since -02.
> >
> >Dave is echo'ing a comment which objects this design and advocates for
> >restricting the design to return only one pcp server and it is up to the
> >administrative entity to sync the state in all enabled PCP servers. IMO,
> >this objection is not technically sound, at least for the following
> >reasons:
> >
> >(1) The protocol cannot discover in one single request all external IP
> >addresses and port numbers. Imagine the case where a NPTv6 and NAT64
> >boxes are deployed. The PCP client has no means to learn with one single
> >request to a single PCP server both the external IPv4 address (assigned
> >by the NAT64 device) and the external IPv6 address assigned by the NPTv6
> >box. The same issue is encountered when multiple NAT configured with
> >distinct pool are in place.
> >
> >(2) A host connected to a multi-homed domain, in which FW are located at
> >the border router in front of each adjacent domain, will need to open
> >pinholes in these FW if it want to receive incoming traffic from a remote
> >peer.
> >
> >(3) The protocol does not specify how state synchronization is to be
> >achieved between several PCP servers. The task is even complex when these
> >pcp servers are controlling functions of distinct types (e.g., NAT44, FW,
> >NAT64, Port Range Router, etc.). Other issues are raised (see to the
> >pcp-server-selection thread)
> >
> >(4) Mandating one and only one pcp server is to be returned is really
> >deployment-specific. This assumption will induce a lot of complexity at
> >the network side
> >
> >For those who are objecting the design as currently documented in -07, it
> >is time to raise your concern (preferably with the technical arguments
> >that motivate your point). If no technical argument is made, the current
> >design will be maintained as it is.
> >
> >Cheers,
> >Med
> >
> >-----Message d'origine-----
> >De : BOUCADAIR Mohamed OLNC/OLN
> >Envoyé : lundi 12 août 2013 07:56
> >À : 'Dave Thaler'; Ted Lemon
> >Cc : Reinaldo Penno (repenno) (repenno@cisco.com); Dan Wing
> >(dwing@cisco.com)
> >Objet : RE: PCP DHCP I-D: your feedback is needed
> >
> >Hi Dave,
> >
> >I disagree to put the constraint on the network deploying many PCP
> >servers to coordinate state instantiating. This is a deployment specific
> >assumption which is not trivial to honor.
> >
> >A domain may deploy various pcp server controlling functions which are
> >not of the same nature, e.g., a domain may deploy:
> >* one or multiple nat64 provisioned to IPv6-only hosts
> >* one or multiple nptv6 provisioned to IPv6-only and dual stack hosts
> >* one or multiple nat44 provisioned to IPv4-only and dual stack hosts
> >* one or multiple IPv4 fw
> >* one or multiple IPv6 fw
> >* multiple flow-based access routers
> >* etc.
> >
> >The design as currently document in the pcp server selection draft (and
> >its dhcp instantiation) does not make any deployment assumption. As such:
> >* an administrative entity can return one single IP address but instead
> >it must ensure state are installed in other servers.
> >* an administrative entity can return multiple servers; it is up to the
> >client to contact these servers to install the state.
> >
> >This is much more better than constraining the design by non-valid
> >deployment assumptions.
> >
> >I agree, this should be discussed in the list.
> >
> >Cheers,
> >Med
> >
> >>-----Message d'origine-----
> >>De : Dave Thaler [mailto:dthaler@microsoft.com]
> >>Envoyé : mercredi 7 août 2013 19:56
> >>À : Ted Lemon; BOUCADAIR Mohamed OLNC/OLN
> >>Cc : Reinaldo Penno (repenno) (repenno@cisco.com); Dan Wing
> >>(dwing@cisco.com)
> >>Objet : RE: PCP DHCP I-D: your feedback is needed
> >>
> >>I think this thread should move to the main WG mailing list, so Ted if
> >>you
> >>agree,
> >>please forward/respond on this thread there.
> >>
> >>This is related to my comments on draft-ietf-pcp-server-selection-01.txt.
> >>
> >>If the app needs semantics of "contact each PCP server" then you need to
> >>know
> >>how to distinguish PCP servers.  Now more recently various members of the
> >>WG (e.g. Stuart) have disputed the notion that an app needs to "contact
> >>each PCP
> >>server" and so we do not have consensus that this is required.   Stuart
> >>proposed
> >>that it's the PCP server's job to coordinate with any other servers
> >>managed
> >>by
> >>the same entity (or to steal a term from MIF... within the same
> >>provisioning domain).
> >>No one has given a counter argument, and so I said in email we should
> >>start
> >>with that
> >>assumption.
> >>
> >>You do need to distinguish provisioning domains (for reasons discussed in
> >>MIF that
> >>apply to PCP like they do to anything else).   So the only remaining
> >>interesting case
> >>I think is figure 2 in section A.2 of draft-ietf-pcp-server-selection-
> >>01.txt where if
> >>you have a local gateway with a DHCP server (e.g. a home gateway) that's
> >>multi-homed
> >>to two external provisioning domains each with their own PCP server(s),
> >>what do you
> >>get from DHCP?  I think the best answer here is to make the local gateway
> >>be a
> >>PCP proxy, and so DHCP just gives you its address.
> >>
> >>In such a solution, I believe there is no need to differentiate between
> >>multiple
> >>IPs of the same server vs multiple IPs of different servers.  That is,
> >>you
> >>communicate
> >>with any one server IP, and you assume that it will take care of making
> >>sure that
> >>all servers with any of those IPs get the info.
> >>
> >>I believe this then removes any new concepts from DHCP and requires no
> >>additional support in DHCP servers.
> >>
> >>-Dave
> >>
> >>> -----Original Message-----
> >>> From: Ted Lemon [mailto:Ted.Lemon@nominum.com]
> >>> Sent: Wednesday, August 7, 2013 8:26 AM
> >>> To: mohamed.boucadair@orange.com
> >>> Cc: Dave Thaler; Reinaldo Penno (repenno) (repenno@cisco.com); Dan Wing
> >>> (dwing@cisco.com)
> >>> Subject: Re: PCP DHCP I-D: your feedback is needed
> >>>
> >>> On Aug 7, 2013, at 3:00 AM, mohamed.boucadair@orange.com wrote:
> >>> > Ok, done.
> >>>
> >>> Thanks.
> >>>
> >>> Can you explain your motivation for adding new text differentiating
> >>between
> >>> multiple IP addresses that refer to the same PCP server, and multiple
> >>>IP
> >>> addresses that refer to different PCP servers?   Is this something the
> >>working
> >>> group asked to have added to the document?   I think this is a new
> >>concept in
> >>> the current document, and of course, it requires special support in the
> >>DHCP
> >>> server and DHCP client just for PCP.
> >>>
> >>> This is not the only issue with your current set of edits to the
> >>document, but
> >>> I'd just like to get clarity on this one issue before proceeding on to
> >>the next.
> >>>
> >>
> >>
> >
> >_______________________________________________
> >pcp mailing list
> >pcp@ietf.org
> >https://www.ietf.org/mailman/listinfo/pcp

v2.23.0 | Report a Bug | By Email