IETF Logo Mail Archive

Re: [sfc] 答复: 答复: questions of "load balancing considerations" in the draft-quinn-sfc-arch-05

Ron Parker <Ron_Parker@affirmednetworks.com> Fri, 30 May 2014 13:40 UTC

Return-Path: <Ron_Parker@affirmednetworks.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ED091A08C9 for <sfc@ietfa.amsl.com>; Fri, 30 May 2014 06:40:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.601
X-Spam-Level:
X-Spam-Status: No, score=-1.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oMrl6vlqRdH2 for <sfc@ietfa.amsl.com>; Fri, 30 May 2014 06:40:52 -0700 (PDT)
Received: from hub021-ca-3.exch021.serverdata.net (hub021-ca-3.exch021.serverdata.net [64.78.22.170]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77D2D1A08A2 for <sfc@ietf.org>; Fri, 30 May 2014 06:40:52 -0700 (PDT)
Received: from MBX021-W3-CA-2.exch021.domain.local ([10.254.4.78]) by HUB021-CA-3.exch021.domain.local ([10.254.4.36]) with mapi id 14.03.0174.001; Fri, 30 May 2014 06:40:48 -0700
From: Ron Parker <Ron_Parker@affirmednetworks.com>
To: Qin Wu <bill.wu@huawei.com>, Joel Halpern Direct <jmh.direct@joelhalpern.com>, "Ken Gray (kegray)" <kegray@cisco.com>, Linda Dunbar <linda.dunbar@huawei.com>
Thread-Topic: [sfc] 答复: 答复: questions of "load balancing considerations" in the draft-quinn-sfc-arch-05
Thread-Index: AQHPe7ck++vjb88HekuHVQyejByh45tZH8DA
Date: Fri, 30 May 2014 13:40:47 +0000
Message-ID: <CDF2F015F4429F458815ED2A6C2B6B0B1A837316@MBX021-W3-CA-2.exch021.domain.local>
References: <CFABB759.2DEF3%kegray@cisco.com>, <4A95BA014132FF49AE685FAB4B9F17F645D2762A@dfweml701-chm.china.huawei.com> <16984558-2B4C-4873-AFC7-DCD2698CA745@cisco.com> <B8F9A780D330094D99AF023C5877DABA84546203@nkgeml501-mbs.china.huawei.com> <53873333.80807@joelhalpern.com> <B8F9A780D330094D99AF023C5877DABA845467C5@nkgeml501-mbs.china.huawei.com>
In-Reply-To: <B8F9A780D330094D99AF023C5877DABA845467C5@nkgeml501-mbs.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [50.203.66.100]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/sfc/zrfUneG9CIaMSQ35Ec6LEbkMuok
Cc: "Joel M. Halpern" <jmh@joelhalpern.com>, "Paul Quinn (paulq)" <paulq@cisco.com>, "sfc@ietf.org" <sfc@ietf.org>
Subject: Re: [sfc] 答复: 答复: questions of "load balancing considerations" in the draft-quinn-sfc-arch-05
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 May 2014 13:40:54 -0000

Qin,

Regarding your question:
	So the question is can one service function provide more than one service or treatment?


A service function can be thought of as a logical construct.   More than one such service function could be co-located at the same locator (i.e., IP address).   I.e., a single management entity with a single IP address could provide multiple service functions simultaneously.   In cases where the single managed entity was asked to perform multiple service functions that were consecutive in the service chain, as an optimization it should not be necessary to return the traffic to the SFF in between those service functions. 

Another aspect of your question was can the same logical service function provide more than one treatment?    There are at least 3 approaches to this.   In the first, each differentiated behavior is represented as a distinct logical service function -- i.e., content_filter_adult, content_filter_child.   In the second approach, a single service function (i.e., content_filter) has its own private mechanism to determine which behavior to apply (i.e., a mirrored RADIUS feed teaches it subscriber properties related to subscriber IP addresses).   A third approach is that the service function controller inserts metadata to the packet stream that the service function can interpret for purposes of providing a differentiated behavior (i.e., subscriber_type=child).

   Ron



-----Original Message-----
From: sfc [mailto:sfc-bounces@ietf.org] On Behalf Of Qin Wu
Sent: Thursday, May 29, 2014 11:27 PM
To: Joel Halpern Direct; Ken Gray (kegray); Linda Dunbar
Cc: Joel M. Halpern; Paul Quinn (paulq); sfc@ietf.org
Subject: [sfc] 答复: 答复: questions of "load balancing considerations" in the draft-quinn-sfc-arch-05

Hi, Joel:
Thank for your clarification. 
if load balancer is really needed and it is not a service function in the chain, I agree we should not mandate its location.
So the following description in the draft is very restrictive "
Either through an imbedded action in sf1 and sf3, or through external control "
It seems excluding having load balancer on the SFF.
Also if  sf1 requires load balancer and sf1 itself provides firewall treatment, It looks one sf supports two different treatments, one is firewall, the other is load balancer.

However if we move load balancer functionality to SFF or other box, it seems reasonable.
So the question is can one service function provide more than one service or treatment?

I may miss the earlier discussion, please correct me if I am wrong.

Regards!
-Qin
-----邮件原件-----
发件人: Joel Halpern Direct [mailto:jmh.direct@joelhalpern.com]
发送时间: 2014年5月29日 21:17
收件人: Qin Wu; Ken Gray (kegray); Linda Dunbar
抄送: Joel M. Halpern; Paul Quinn (paulq); sfc@ietf.org
主题: Re: [sfc] 答复: questions of "load balancing considerations" in the draft-quinn-sfc-arch-05

I am not following your question.
SFF can have a co-located load balancer.  Or the load balancer can be transparently behind the SFF, using any number of mechanisms.
We are not mandating where it is located.

Yours,
Joel

On 5/28/14, 11:55 PM, Qin Wu wrote:
> You are talking about service function scale up and down.
>
> Since service node can host one or multiple service functions, why 
> service node can not be used to control scale up or down of service 
> functions it?
>
> To avoid share risk failure, service node can be previous service 
> node, e.g., it can be the one that hosts sf1 or sf3.
>
> Also SFF is responsible for delivering traffic to any connected 
> service functions, why not SFF can not be used to manage scale up or 
> down of service function.
>
> Also based on NFV MANO architecture, there is reference point between 
> NFV and NFV manager, NFV manager also can control scale up or down of 
> service function, I think this case has been covered by “through 
> external control” in the draft.
>
> Using sf1 that provide dedicated firewall service to provide load 
> balancing functionality as well is a little bit weird to me.
>
> Let me know if my understanding is correct?
>
> Regards!
>
> -Qin
>
> *发件人:*sfc [mailto:sfc-bounces@ietf.org] *代表 *Ken Gray (kegray)
> *发送时间:*2014年5月29日8:49
> *收件人:*Linda Dunbar
> *抄送:*Joel M. Halpern; Paul Quinn (paulq); sfc@ietf.org
> *主题:*Re: [sfc] questions of "load balancing considerations" in the
> draft-quinn-sfc-arch-05
>
> I don't see how you make the leap from the explanation of why it was 
> irrelevant to go into more detail in the section to the elimination of 
> the very generalized description accompanying the figure.  Please use 
> your own argument to justify this and not infer any extra meaning from 
> my answer to a different question.
>
> As to the second change, i disagree.  Again, in general/broad strokes
> - from the drawing and the text, it is unlikely that any special 
> action would be required on sf2 or sf4 - as they collapse in either 
> direction to a single logical next hop.
>
> Sent from my iPhone
>
>
> On May 28, 2014, at 5:49 PM, "Linda Dunbar" <linda.dunbar@huawei.com 
> <mailto:linda.dunbar@huawei.com>> wrote:
>
>     Joel, Eric, and Ken,
>
>     Thank you very much for the explanation.
>
>     Based on what you said, the description on how “control entity  push
>     to the sf1 nodes …” should be removed from the text, specifically:
>
>     “In this
>
>         case, the control entity will push to the sf1 nodes, a table 
> of
>
>         sorts:[L1] <#_msocom_1> sf2 with a series of next hops, and if
>     needed some weighted or
>
>         other metrics (these could also be decided locally by some 
> policy,
>
>         but sf1 would need to be aware of expand/contract triggers and
>
>         actions).”
>
>     Should also change the sentence after the Figure 5 to
>
>     “Either through an imbedded action in sf1 and sf3, the SFF nodes to
>     which the multiple instances of SF2 or SF4 are attached, or through
>     external
>
>         control, the service functions sf2 and sf4 are elastically 
> expanded
>
>         and contracted dynamically.”
>
>     Linda
>
>     *From:*Ken Gray (kegray) [mailto:kegray@cisco.com]
>     *Sent:* Wednesday, May 28, 2014 4:24 PM
>     *To:* Linda Dunbar; Paul Quinn (paulq); Joel M. Halpern
>     *Cc:* sfc@ietf.org <mailto:sfc@ietf.org>
>     *Subject:* Re: [sfc] questions of "load balancing considerations" in
>     the draft-quinn-sfc-arch-05
>
>     +1 to Joel … the picture would be ugly at best.  We attempted a
>     generic HA/LB slide to make a point and even it was ugly …such are
>     the limitations of ASCII art.
>
>     In line …
>
>     *From: *Linda Dunbar <linda.dunbar@huawei.com
>     <mailto:linda.dunbar@huawei.com>>
>     *Date: *Wednesday, May 28, 2014 3:34 PM
>     *To: *"Paul Quinn (paulq)" <paulq@cisco.com
>     <mailto:paulq@cisco.com>>, "Joel M. Halpern" <jmh@joelhalpern.com
>     <mailto:jmh@joelhalpern.com>>
>     *Cc: *"sfc@ietf.org <mailto:sfc@ietf.org>" <sfc@ietf.org
>     <mailto:sfc@ietf.org>>
>     *Subject: *[sfc] questions of "load balancing considerations" in the
>     draft-quinn-sfc-arch-05
>
>     Paul and Joel,
>
>     Does the Load Balancing Figure 5 (of draft-quinn-sfc-arch-05) assume
>     that SF1 is responsible for balancing traffic among the 3 instances
>     of SF2, and SF3 is responsible for balancing traffic among the 3
>     instances of SF4?
>
>     <keg> Document text below the picture says "Either through an
>     imbedded action in sf1 and sf3, or through external
>
>     control, the service functions sf2 and sf4 are elastically
>     expanded and contracted dynamically."
>
>     Isn’t it a single point of failure?
>
>     <keg> Document text immediately subsequent to that picture and
>     paragraph illustrates HA scenarios.
>
>     Some service functions are Stateful, i.e. they may require packets
>     from same flows to traverse the same service function instance. For
>     the Load Balancing scheme described by Figure 5, do you assume that
>     SF1 and SF3 will be responsible for making sure that same flows go
>     through the same service function instance?
>
>     <keg> Again, the aforementioned text deliberately allows this
>     responsibility to be either imbedded in the elasticity-causing
>     function or to be controlled externally or centrally.  We don't get
>     into the mechanics as these can vary.  While stateful/bidirectional
>     does add an additional burden, it can be accommodated without an
>     explosion of discrete chains.  For example, it could be handled "at
>     allocation time" if elasticity is managed via a separate entity and
>     the individual allocations reflected through service chain control
>     in the initial metadata bound to at the classification point in
>     either direction.  OR, if the devices are working as a paired system
>     (single vendor or ecosystem) with integrated elasticity, they could
>     pass metadata between them when sf1 or sf3 does the initial dynamic
>     allocation (affecting local forwarding on it's partner).  That's
>     probably not an exhaustive list of ways to solve the problem.  8^)
>
>     <keg> The point of this section was that elasticity and HA should
>     not cause an inordinate explosion of discrete chains without
>     recommending a particular solution.  That is,  you shouldn't create
>     unnecessary  complexity where it doesn't need to exist.
>
>     For the stateful service functions, if a flow is switched from
>     SF-Instance-X to SF-Instance-Y, the SF-Instance-Y needs to
>     synchronize the states from SF-Instance-X. Who is responsible for
>     those states maintenance for the Load Balancing described in Figure 5?
>
>     <keg> None of those entities exist in Figure 5.  Can you re-phrase
>     your question from the figure?
>
>     Linda
>
> ----------------------------------------------------------------------
> --
>
> Require pushing policies to SF1 on how to load balance multiple 
> instances of SF2.
>
> SF1 may not have the capability to balance among multiple instances of
> SF2
>
>
>
> _______________________________________________
> sfc mailing list
> sfc@ietf.org
> https://www.ietf.org/mailman/listinfo/sfc
>
_______________________________________________
sfc mailing list
sfc@ietf.org
https://www.ietf.org/mailman/listinfo/sfc

v2.23.0 | Report a Bug | By Email