Re: New Plaintext QUIC-LB Design
Martin Duke <martin.h.duke@gmail.com> Sat, 16 January 2021 01:09 UTC
Return-Path: <martin.h.duke@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 622433A13E8 for <quic@ietfa.amsl.com>; Fri, 15 Jan 2021 17:09:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HHCnJWLBYEU4 for <quic@ietfa.amsl.com>; Fri, 15 Jan 2021 17:09:47 -0800 (PST)
Received: from mail-io1-xd2d.google.com (mail-io1-xd2d.google.com [IPv6:2607:f8b0:4864:20::d2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 510B43A0AEC for <quic@ietf.org>; Fri, 15 Jan 2021 17:09:47 -0800 (PST)
Received: by mail-io1-xd2d.google.com with SMTP id q2so20071035iow.13 for <quic@ietf.org>; Fri, 15 Jan 2021 17:09:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yS6SUk2Y/9BBICbsIGwN/KOVgH9U0rY1kHZVLMbcptI=; b=ovP6i7d1COBXvjRlau7tK3CEakg3+jZZVTuTqTXvEZSZx4rT5mUCQSOa4h+czCoRZG iKg0Y9PUDLOcY4pbQ1xmVgP9bSQouK1Q9u5QkVt2ixCLuWIT29Ps1jWJZFGWkDsHbpj0 F88mQ49gvgbiX/82IloybLdGUZe/WhdVWL7F4DyZjMyY6gfLuZc8vArApsO1ZU5iMm1m NB3XdD6I9Q2t9yjQRvQpdhQcP1zopu2OWF0HleOqLoGCauy+60hfOikgGJ2wLwCOKrDo 3Kq8mbCCPe7QZ5gh5kGjMSwJqZiItqhUI0NCnVia9F6lroM29UcckdgIHej9Rbodqh0k 3hbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yS6SUk2Y/9BBICbsIGwN/KOVgH9U0rY1kHZVLMbcptI=; b=NPsDFzQgW63Gqk8AKxdV1jhKpWxezGcudLggEiFPDf4cRT8yN1nQK2IWoLGC2A+f0M 4yURJRsBpBie6z3o+QgNtFBtbXLSRBMsqZ21/20Gg0rsghQimlO6bu0XSq8I225DqhC6 Vtx13bx5Si5CMJonTjvhDzYizrh/TVjKhZwHwl10alrHaEH1+TW/wXekBU+iVPV42a5a ofwQ7rUVH/DwFr1/c2g2RRyXY40zpt+HzDtVioiXmKSO4jV8I5Hebld8s32aPd02SMnN /bpYDynlDXjLk5sSLsQBtAzWes3QyTY+JXmZcqUX/D+kGXLxfLJorsBNn+Bper3bfkH/ 2FKQ==
X-Gm-Message-State: AOAM533pwSETLuvb2XYxIxsGxmDxDRqieIX78RgUy/9voIO77nM0NsGV SOe+4x7DITWc9w/WZULYHZUldzScS4S9YBBQhf8=
X-Google-Smtp-Source: ABdhPJw6ACQEtdybTazLSdqH+2jt/5V00UDTHJzhm7SFy3Afm+q7hEkA72chMrW0QKVLNVPhcTIjRSQyo9qMqtjPYzQ=
X-Received: by 2002:a92:d146:: with SMTP id t6mr1230001ilg.272.1610759386683; Fri, 15 Jan 2021 17:09:46 -0800 (PST)
MIME-Version: 1.0
References: <CAM4esxRRp5=-YvcPsCdsgB=8O=_RAXq05Ldma0smGsjy95T4=g@mail.gmail.com> <6B05568D-1905-4416-904C-2EEC25491920@gmail.com> <CAM4esxSyn7uEiUsYvtiUbQ=4Qt-Bp+yLYBK+re+a+V3ea0BjcQ@mail.gmail.com> <B4D950F6-452A-4CFC-9707-DC1C9B3AB49B@gmail.com> <EB8897FC-1A57-4C45-ABDE-B87E36E519E8@gmail.com> <03ba27b1-3d27-d66b-4fc0-a952c24c993d@huitema.net> <CAM4esxToXBrKezEc3WVWpZFmNLVgVBX+==N77OyjmvEfvJ+kTA@mail.gmail.com> <527d1ec7-c354-5756-6f02-c8058c560b3a@huitema.net> <CAM4esxSVn9zdsur8E6EUGJTusE5DTkQOz7N1+VXm6aZ2v1Zzow@mail.gmail.com> <CAM4esxS8mqf5F6ZAW_JPrwg4gHWdtk=OMtRnwfJeuOH9JhoiqA@mail.gmail.com> <D7415808-034A-4E93-9329-2BC8F1F116E7@gmail.com> <04B2488D-1EFE-4CBB-BB1E-2AF08F4BDEFA@gmail.com>
In-Reply-To: <04B2488D-1EFE-4CBB-BB1E-2AF08F4BDEFA@gmail.com>
From: Martin Duke <martin.h.duke@gmail.com>
Date: Fri, 15 Jan 2021 17:09:35 -0800
Message-ID: <CAM4esxRFEMbXBAF+TjEXpSTreQQktPi264sQ7h3p=oUBgLUX1A@mail.gmail.com>
Subject: Re: New Plaintext QUIC-LB Design
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000fdf6805b8fa256e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/CJ_MhFfDcvJVb6OjvNNBbu-62t8>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Jan 2021 01:09:49 -0000
I've been playing with Ian's algorithm (specifically, the way I had to modify it to fit into the QUIC-LB framework) and filed an issue. https://github.com/quicwg/load-balancers/issues/84 This is very long and hard to reason about, but the upshot is there are significant problems and without some clever design I'm not sure how to make this work. On Fri, Jan 15, 2021 at 12:26 PM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> wrote: > There is also > > https://en.wikipedia.org/wiki/Rendezvous_hashing > > > On 15 Jan 2021, at 21.18, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> > wrote: > > I would be hesitant to introduce a situation where a load balancer is > forced to use memory, especially memory it doesn’t fully control. It may be > fine as a choice, but not the only choice. > > Aside from potential attacks, there is also the hardware cost/complexity. > SHA256 and AES is pretty standard in almost anything, but lots of RAM is a > cost driver. > > It is really hard to estimate crypto vs lookup overhead, but it is far > from a given that lookup will be faster once the tables grow large. > > Less coordination is a good thing though. I’m afraid that without out of > band payload to coordinate, there will have to be a choice between > configuration and state. > > Mikkel > > On 15 Jan 2021, at 21.04, Martin Duke <martin.h.duke@gmail.com> wrote: > > To muddy this discussion a little further, after a little more thinking I > believe there's a way to generalize this approach to all three of the > original algorithms, encrypted or unencrypted, so there is never a need to > manually allocate server IDs. > > Again, the main tradeoff here is simpler configuration vs. more complexity > and state at the load balancer. > > As a document organization matter, rather than have six different > algorithms I would prefer to specify three with a separate section > describing the two separate ways to allocate a server ID. > > But it is not too late to yell "stop" at this multiplicity of options if > people feel the tradeoffs are clear-cut in one way or the other. > > On Mon, Jan 11, 2021 at 6:50 PM Martin Duke <martin.h.duke@gmail.com> > wrote: > >> Yes. Do you have an alternate suggestion? >> >> On Mon, Jan 11, 2021 at 5:54 PM Christian Huitema <huitema@huitema.net> >> wrote: >> >>> >>> On 1/11/2021 5:22 PM, Martin Duke wrote: >>> >>> Perhaps I should make some edits for clarity! >>> >>> On Mon, Jan 11, 2021, 16:52 Christian Huitema <huitema@huitema.net> >>> wrote: >>> >>>> I am looking at the text of section 4.2, and I am not sure how I would >>>> implement that. What should be the value of the config rotation bits in CID >>>> created by the server? >>>> >>> Any config includes the corresponding CR bits, and when generating the >>> CID it would use those bits. >>> >>> The confusing part is that, for this algorithm, a usable SID has to be >>> extracted from any CID, hence all the weird stuff about CIDs with undefined >>> configs. >>> >>> Aside from that, it's like PCID: any server-generated CID uses the CR >>> bits in the config, optional length encoding, SID, server-use octets. >>> >>> >>>> Should the 6 other bits in the first octet be set to a CID Len or to a >>>> random value? >>>> >>> It depends on the rest of the config, as with the other algorithms. >>> >>>> >>>> Issss the timer set when the server ID is first added to the table, or >>>> is the timer reset each time a packet is received with that CID? In the >>>> latter case, is it reset when any packet is received, or only when a "first >>>> initial" packet is received? >>>> >>> When any packet is received with that SID (not CID), the expiration is >>> refreshed. >>> >>> OK. So we can have the following: >>> >>> 1) Server learns of Server-ID = X. >>> >>> 2) Server creates new CID with that server ID, uses it to complete >>> handshake. >>> >>> 3) Client maintains a long running connection with that CID. >>> >>> 4) Server keeps receiving messages with CID pointing to server-ID = X >>> >>> 5) server-ID=X never expires. >>> >>> Is that by design? >>> >>> -- Christian Huitema >>> >>> >>> > >
- Re: New Plaintext QUIC-LB Design Mikkel Fahnøe Jørgensen
- New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Dmitri Tikhonov
- Re: New Plaintext QUIC-LB Design Mikkel Fahnøe Jørgensen
- Re: New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Mikkel Fahnøe Jørgensen
- Re: New Plaintext QUIC-LB Design Christian Huitema
- Re: New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Christian Huitema
- Re: New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Nick Banks
- Re: New Plaintext QUIC-LB Design Mikkel Fahnøe Jørgensen
- Re: New Plaintext QUIC-LB Design Mikkel Fahnøe Jørgensen
- Re: New Plaintext QUIC-LB Design Martin Duke
- Re: New Plaintext QUIC-LB Design Behcet Sarikaya
- Re: New Plaintext QUIC-LB Design Martin Duke