Re: [sfc] WG adoption of draft-quinn-sfc-problem-statement-02

["mikebianc@aol.com" <mikebianc@aol.com>]

We might want to be able to chain chains if the chain needs to extend through multiple entities.  e.g. if you have one chain within the datacenter, but then want to signal the backbone provider (not you) to add services to the chain.  Could be one big dynamic chain.  Could be chained/sequential chains.





From: Nicolas.BOUTHORS@qosmos.com<Nicolas.BOUTHORS@qosmos.com>
To: mikebianc@aol.com<mikebianc@aol.com>,Ron_Parker@affirmednetworks.com<Ron_Parker@affirmednetworks.com>,jmh@joelhalpern.com<jmh@joelhalpern.com>,linda.dunbar@huawei.com<linda.dunbar@huawei.com>,Cathy.H.Zhang@huawei.com<Cathy.H.Zhang@huawei.com>,paulq@cisco.com<paulq@cisco.com>,jguichar@cisco.com<jguichar@cisco.com>
cc: sfc@ietf.org<sfc@ietf.org>
Sent: Friday, January 24, 2014
Subject: Re: [sfc] WG adoption of draft-quinn-sfc-problem-statement-02



















>To contextualize my comments:

> Assuming you needed to insert a CDN into a chain and had 8 equally viable instances (cdn1..cdn8), I see two primary methods 

> of choosing which instance receives a particular flow:

> 1.  The chain includes either the pool of services (CDN) or a shim service (proxy, service lb) where the specific instance is

>      selected on the fly

> 2. The specific instance is part of the chain (cdn1)



Could this lead to "chaining chains"? 



Let's take the example of load balancing traffic to transparent proxies for say, header insertion. (This is a classic case in Gi Networks).


The load balancer should be part of the service chain if the balancing algorithm dynamically selects the specific proxy instance (think of IP source stickiness).  On its way in, the proxies need then not be part of the service chain.On the way out, the proxy could be part of a second chain, since it creates a new TCP connection, thus avoiding to have to reroute the traffic back
 to the load balancer.




So: chain1 :  GGSN - some services -LBS
      chain2:  Proxy-other services- Internet FW



In addition, the Proxy instances could have a responsibility to pass information (metadata?) from chain1 to chain 2. In particular when the second service chain should be selected based on the subscriber id,
 as there is no way to identify this subscriber based on the networking information held in the traffic going out to the internet.  How this would be possible is an open question.



Nicolas












From: Ron_Parker@affirmednetworks.com<Ron_Parker@affirmednetworks.com>

To: Joel M. Halpern<jmh@joelhalpern.com>,Linda Dunbar<linda.dunbar@huawei.com>,Cathy Zhang<Cathy.H.Zhang@huawei.com>,Paul Quinn (paulq)<paulq@cisco.com>,Jim Guichard
 (jguichar)<jguichar@cisco.com>

cc: sfc@ietf.org<sfc@ietf.org>

Sent: Friday, January 24, 2014

Subject: Re: [sfc] WG adoption of draft-quinn-sfc-problem-statement-02



Hi, Joel.



I think you raise an excellent point on the ambiguity of load balancing. I would propose that there are more than 2 cases of load balancing:



* mid-box service function (e.g., firewall) with internal load balancing

* mid-box service function (e.g., firewall) requiring external load balancing

* explicitly addressed service (e.g., DB server) with internal load balancing

* explicitly addressed service (e.g., Web HTTP server) requiring external load balancing



>From an SFC perspective, I think we can ignore the cases where the mid-box or explicit application is internally load balanced. Such applications would typically present a single locator (i.e., IP address) to the
 outside world and manage redirection internally to the clustered application. 




I think the last bullet, external load balancing for an explicitly addressed service (e.g., Web HTTP server) lends itself to load balancing as an explicit service function from an SFC perspective. That is, the service
 function in the service function chain is "load balancer".



The second bullet, external load balancing for mid-box service function (e.g., firewall), is slightly trickier. From an SFC perspective, my view is that the service function that appears in the service function chain
 is still firewall and not load balancer. However, I do think that SFC should explicitly embrace the concept of a "load-balanced service function". I tried to address this in
http://datatracker.ietf.org/doc/draft-parker-sfc-chain-to-path/ and
 would appreciate any feedback.



Thanks.



Ron





-----Original Message-----




From: sfc [mailto:sfc-bounces@ietf.org] On Behalf Of Joel M. Halpern
Sent: Thursday, January 23, 2014 10:36 PM
To: Linda Dunbar; Cathy Zhang; Paul Quinn (paulq); Jim Guichard (jguichar)
Cc: sfc@ietf.org
Subject: Re: [sfc] WG adoption of draft-quinn-sfc-problem-statement-02

For apps that have their own internal load balancer, I agree that there is no point in the tenant using the data center offered load balancer service.
But many apps do not have their own custom load balancer. So a data center might well offer load balancing as a service for those tenants who want it.

My only point was to distinguish load balancing as a service selected by the customer from load balancing used by the oeprator internall;y to deliver some other service.

Yours,
Joel

On 1/23/14 10:18 PM, Linda Dunbar wrote:
> Joel,
> Questions inserted below:
> -----Original Message-----
> From: sfc [mailto:sfc-bounces@ietf.org] On Behalf Of Joel M. Halpern
> Sent: Thursday, January 23, 2014 3:17 PM
> To: Cathy Zhang; Paul Quinn (paulq); Jim Guichard (jguichar)
> Cc: sfc@ietf.org
> Subject: Re: [sfc] WG adoption of draft-quinn-sfc-problem-statement-02
> In looking at the services, we need to be careful about who the

> service is for. Using load balancing as an example, there are two different cases.
> One case, common in a data center, will bw where load balncing is

> part of the service being delivered to the tenant, to help manage the

> tenants application traffic.
> [Linda] do you mean when "Load Balancing" among cluster of servers for

> one tenant application being offered as a service?
> Isn't this kind of "load balancing" application specific? Like Oracle

> DB has its own Load Balancer among cluster of servers.
> A different situation is when load balancing is used internally to the

> service chaining to manage instances of the internal services (where

> cardinality is invisible to the tenant / user).
> In the former case, LB is a service. And has to be able to direct

> traffic to the correct tenant application instance.
> In the latter case, the load balancing may well be bundled in with a

> collection of co-located service instances, with the whole looking

> like a service instance to service chaining and the end user. (There

> appear to be a multiplicity of ways to deliver this behavior. How

> much we need to specify in the architecture remains to be seen.)

> Yours, Joel _______________________________________________
> sfc mailing list
> sfc@ietf.org <mailto:sfc@ietf.org>
> https://www.ietf.org/mailman/listinfo/sfc
_______________________________________________
sfc mailing list
sfc@ietf.org
https://www.ietf.org/mailman/listinfo/sfc
_______________________________________________
sfc mailing list
sfc@ietf.org
https://www.ietf.org/mailman/listinfo/sfc