IETF Logo Mail Archive

Re: [RAM] Tunnelling Route Reduction Protocol

"William Herrin" <bill@herrin.us> Tue, 21 August 2007 13:30 UTC

Return-path: <ram-bounces@iab.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1INToG-0002or-7Z; Tue, 21 Aug 2007 09:30:16 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1INToF-0002ol-B3 for ram@iab.org; Tue, 21 Aug 2007 09:30:15 -0400
Received: from nz-out-0506.google.com ([64.233.162.233]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1INToE-0001Qh-HB for ram@iab.org; Tue, 21 Aug 2007 09:30:15 -0400
Received: by nz-out-0506.google.com with SMTP id i28so542206nzi for <ram@iab.org>; Tue, 21 Aug 2007 06:30:14 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=M5aCjP3FBq5k5miAm5AqmYffHof4egPwDQ6hBJg82YDU0oPVPrkTKai+ND7/yjYiglpXCqPL4BFEqS16FYK6bXIZlcGPyM1xROhyX8qD3rOS4qCwisu4Yb+ls2We19NqXbhGSC4Yl4mU+d6U0VCs5GVIwcw8X0HvFNZVxloQn7E=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=BshzOYn2W1tJ7WxZal95TXjvX0p0VAEdXs0/zIBPItt2nD1wn4kswjPN5xYQul4ChN6K9mE7WwA0QtNCdTmeDbryWNHYO9TthbrGhDN74glPiIJ2bgbjln7gpMownhBDgFu58X+R9phFA1Z7uPkgB/kvQTTWO+V/GbxFOfB+iOA=
Received: by 10.142.232.20 with SMTP id e20mr778181wfh.1187703013310; Tue, 21 Aug 2007 06:30:13 -0700 (PDT)
Received: by 10.143.159.7 with HTTP; Tue, 21 Aug 2007 06:30:13 -0700 (PDT)
Message-ID: <3c3e3fca0708210630r7d559c6fk94bc38c1aaa68df7@mail.gmail.com>
Date: Tue, 21 Aug 2007 09:30:13 -0400
From: William Herrin <bill@herrin.us>
To: ram@iab.org
Subject: Re: [RAM] Tunnelling Route Reduction Protocol
In-Reply-To: <46CA50F0.2040001@firstpr.com.au>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <3c3e3fca0708200646j391fd621n568f2b791c93a36f@mail.gmail.com> <46CA50F0.2040001@firstpr.com.au>
X-Google-Sender-Auth: e7ea3ccf97a91b69
X-Spam-Score: 0.9 (/)
X-Scan-Signature: 87a3f533bb300b99e2a18357f3c1563d
Cc: Robin Whittle <rw@firstpr.com.au>
X-BeenThere: ram@iab.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing and Addressing Mailing List <ram.iab.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ram>
List-Post: <mailto:ram@iab.org>
List-Help: <mailto:ram-request@iab.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=subscribe>
Errors-To: ram-bounces@iab.org

On 8/20/07, Robin Whittle <rw@firstpr.com.au> wrote:
> Here are some thoughts after I had a quick read of:
>
>   http://bill.herrin.us/network/trrp.html
>   http://bill.herrin.us/network/trrp-implementation.html

Hi Robin,

Thanks for your response.

> I think the biggest problem TRRP faces is that when a packet arrives
> at an ITR which has no mapping information, that the ITR must hold
> the packet until it gets that information.  Via DNS, I guess that
> could take a second or two or more.  Generally, I think this is an
> unacceptable delay, since the application which sent the packet will
> assume the packet or its response is lost, and will send another
> one.

This is true for packets which will leave the local AS and cross the
Internet. This brings up three points:

1. 99.9% of the time, the originator of the packet has already had to
do a DNS lookup or some other lookup to map a name to an IP address.
Doing another lookup for that first connection attempt leaves us in
the same ballpark speed-wise.

2. This delay only occurs the -first- time the ITR sees a packet for a
particular destination. After that, it has a destination cached. Even
re-lookups are background tasks. The ITR is permitted to keep the
destination cached long after the TTL expires. The only requirement is
that it initiate a background relookup the first time it sees another
packet for the destination.

3. Traffic within the AS (or the local portion of the AS for
particularly large AS's) need not enter TRRP at all. Barring a
passthrough-mode ITR close to the source, It moves normally as
dictated by an interior routing protocol.

>  I think this is one major reason why no-one is seriously
> proposing LISP 2 as a solution to the routing and addressing
> problems.  Another concern might be about overloading the DNS system
> with  more tasks.

As always, the key portions of the root of the DNS tree get
immediately cached by the resolver. TRRP has its own branch in the
system, so as you get down to the components that are heavily used
with a short timeout, the servers can be scaled to match. One of the
benefits of using DNS for this is that we already have software which
scales up to a massive level with little pain.


> Your multihoming service restoration system seems to rely on the ITR
> getting a "destination unreachable" response when it sends a data
> packet.
> So like LISP and eFIT-APT, TRRP's multihoming service restoration
> functions are hard-coded into the protocol and are implemented
> independently by each ITR.

Actually, no. TRRP relies on the operator of the authoritative DNS
server performing some sort of monitoring to determine when a
particular ETR is no longer a reasonable target and then updating the
DNS records. When the records expire at the ITR (which is intended to
happen quickly) the relookup reveals a new destination.

This monitoring is not defined by the protocol. It can be as simple
(and slow) as "change by hand when there is a problem" or arbitrarily
complex.

Note that that the ITR has no other mechanism for detecting a failure
downstream from the ETR. If the ETR is reachable but it can't reach
the end-user network, the destination unreachable goes back to the
sender, not the ITR itself. Ideally this can be handled by allowing
the packet to drop into another ITR instead and be rerouted to an ETR
which does have a route to the destination.

Discovering the failure can be slow, taking up to the DNS TTL. The
destination unreachable stuff is intended to provide the ITR with a
shortcut to detect the failure sooner. The optional preemptive change
notification also helps speed the process up. When not available, the
regular timeout and relookup mechanism applies.

Also, where the ITR is operating in passthrough mode on an originating
host, TCP retransmits can be used to key a retry with an alternate
ETR. That's the primary point of having a passthrough mode. Doesn't
work through NAT though. That's unfortunate for IPv4. Should be a
non-issue for IPv6.


> This might limit how deep the ETRs are located.  Yet
> having a deeper placement of ETRs helps with scaling - spreading the
> load among more of them.  Deeper, closer, ETRs also reduces the path
> length to the destination host.

ETRs can be as deep or shallow as the destination network operator
desires. They can sit just inside the AS if desired. Alternately, the
service provider could assign 2 addresses from globally routable space
to each customer and let the customer implement both the DNS server
and the ETR on customer's own network.



> You don't explain how an ETR can get packets to the intended
> destination.
>  Otherwise, the ETR needs a direct link to each destination host, or
> the local routing system needs to be able to route the packets with
> their raw addresses (the IP address of the destination host).

Correct, that's how it works during normal operations. Any place I
didn't specify otherwise, packets are intended to move via plain old
raw IP routing.

In the case where the ETR's link to the customer network has been
severed, the packet will ideally fall into another ITR and be rerouted
to an alternate ETR. This is not a protocol requirement but it would
shorten the recovery time after the loss of the link and before the
propagation of the new ETR information via DNS.


> Also, I understand the outer packet source address of TRRP's
> tunneled packets is that of the ITR.

Correct.

> This makes it very difficult
> for ETRs to protect against spoofed local source addresses when they
> decapsulate packets.  Ivip uses the source address of the sending
> host as the source address of the outer IP header of the
> encapsulated packet.  This enables the ETR to perform some simple
> tests when decapsulating the packet, which extends the reach of the
> network's border router's filtering of source address of incoming
> packets, to solve this problem:

Hmm. Would you jimmie up an example of aberrant behavior you feel
couldn't be adequately addressed within the ETR or ITR, or via
existing mechanisms for protecting against spoofed addresses?

Thanks again,
Bill Herrin


-- 
William D. Herrin                  herrin@dirtside.com  bill@herrin.us
3005 Crane Dr.                        Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

_______________________________________________
RAM mailing list
RAM@iab.org
https://www1.ietf.org/mailman/listinfo/ram

v2.23.0 | Report a Bug | By Email