Re: [Sidrops] RRDP / RSYNC / Other?
Job Snijders <job@fastly.com> Fri, 12 January 2024 12:03 UTC
Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88C8BC14CF15 for <sidrops@ietfa.amsl.com>; Fri, 12 Jan 2024 04:03:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id myMkt05sCVJA for <sidrops@ietfa.amsl.com>; Fri, 12 Jan 2024 04:03:44 -0800 (PST)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8FDDC14CF0C for <sidrops@ietf.org>; Fri, 12 Jan 2024 04:03:44 -0800 (PST)
Received: by mail-lf1-x12a.google.com with SMTP id 2adb3069b0e04-50e741123acso7467197e87.0 for <sidrops@ietf.org>; Fri, 12 Jan 2024 04:03:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; t=1705061023; x=1705665823; darn=ietf.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=1iMUGZLX19z1w0ky1MJHE+8oI1ec/Khb7gUcmL1gO88=; b=vuKRSJ4JnM9ffmAtkn2C5+0Ws12IhWPPjjwRu70GMAgx5nS+4EEqmuxav6jtcE7Emk 1CEBAmBSFPw84+IYvH2plioQ5MvclFZAx70/0ag/QjlmiHGQ7YWvyWIh1j+OrOIofHEh HtLM/W5oMl8fMDdkey8zAbJ6fXHNQ17fUztYE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705061023; x=1705665823; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=1iMUGZLX19z1w0ky1MJHE+8oI1ec/Khb7gUcmL1gO88=; b=ZvLUSiHNyRjgY+U9UENkZKi2QdnVOs6MB9f9Ay4DmyuXvegV0hy2emFsFJcXr1nzR9 /j9teAhFECDLUlvmhaEV5haHunQtuqTSH0LXTke+3Gd4/mer+DgBDHiGGuRPEIX7hxj0 EUMrNscp1Tm8rn6K+a4tp/ao75nEp0SFn6onFrU4nSHm3iSYqk941eG2udjL7ZW9s7QS c/XkDEHfl1G6DSMvfLjyEdQR6fouisOEe5gNkrG9IcsRfGVETEuTQHrQHHe1AgQy8lXc 5To54BTkNUVRfqDhLgPI49i9eQYEInnv1EZ3sdfU2j7KtJ48gawAYOWVLN3LR8mn7Wxv 8Kfg==
X-Gm-Message-State: AOJu0YycpVa6G1dC0WX7NanMkxM9LxYy1Ja6tFcPCBxk9POYvX37uv+M 4lDv3+M6a8eHuXHt6LT8fZfEmLvPagtuxQ==
X-Google-Smtp-Source: AGHT+IFs5qOGHu4+T4K+FwqsSKkOVnHTVJt2DUHGjah5mEuqhLNno7VAfKccxmkJMyUPj0yjf9W3hg==
X-Received: by 2002:a05:6512:3ca3:b0:50e:7124:8953 with SMTP id h35-20020a0565123ca300b0050e71248953mr704670lfv.26.1705061022774; Fri, 12 Jan 2024 04:03:42 -0800 (PST)
Received: from snel ([2a10:3781:276:3:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id q11-20020aa7d44b000000b00555fd008741sm1730609edr.95.2024.01.12.04.03.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Jan 2024 04:03:42 -0800 (PST)
Date: Fri, 12 Jan 2024 13:03:40 +0100
From: Job Snijders <job@fastly.com>
To: Christopher Morrow <christopher.morrow@gmail.com>
Cc: SIDR Operations WG <sidrops@ietf.org>, sidrops-ads@ietf.org, SIDROps Chairs <sidrops-chairs@ietf.org>
Message-ID: <ZaEqnGpUZO0R_lLz@snel>
References: <CAL9jLab1xknRY=oCZzyXe7Dtyc8to46rVfE-1BzzuMUkWCNtLg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAL9jLab1xknRY=oCZzyXe7Dtyc8to46rVfE-1BzzuMUkWCNtLg@mail.gmail.com>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/5Ii-hMpjlltzuzuE2MYzv9X5R-k>
Subject: Re: [Sidrops] RRDP / RSYNC / Other?
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2024 12:03:48 -0000
Dear all, On Thu, Jan 11, 2024 at 10:52:55PM -0500, Christopher Morrow wrote: > The 'prefer rrdp' draft has been sitting(expired) for a while, I had > thought when the document started life there was a set of good reasons > for this plan. I think I still want to prefer 'not rsync' on my RP > deployment :) "not rsync" - in practise - would've meant that for multiple months in 2023, your RP would not have had access to AFRINIC ROAs. > I believe that a longer term goal for rrdp (and the draft in question) > was to eventually decommission/deprecate the RSYNC code paths, as > well. Well, that is not my goal. Before we even consider deprecation of rsync, there first needs to be a viable alternative to both RSYNC and RRDP v1. As it stands - RRDP has numerous inefficiencies, implementation inconsistencies, curious pitfalls, unforeseen operational failure modes, and performs extremely poor in low bandwidth situations. But of course, rsync is not without its own issues and complications. Fortunately, not a lot of the failure modes are shared between the transport protocols, meaning that one is a good backup for the other. I think some people in this working group underappreciate the benefits of rsync as a (backup) transport, especially in the face of instability in the RRDP transport. As long as people are stuck in just mindlessly repeating "rsync bad" and refuse to see and articulate the benefits that rsync offers, it'll be hard to copy those benefits over to a next gen transport protocol. > In light of the original reasonings for RRDP development: > * standard(ized) transport protocol (http) > * scalability and cacheability of the content > * easier to inspect/debug service(s) > (there may be others, don't think right now its important that there are) I agree HTTP is a standardized protocol and I hope ultimately something HTTP-based is where we'll end up. But, the other arguments can be challenged: RRDP 'scales so well' that we've seen RPs become an unrecoverable denial-of-service against the publication point. In practise rsync is easier to debug and inspect with out-of-the-box tooling, whereas RRDP requires a quite specialized knowledge and tooling to meaningfully debug. > and the original arguments against RSYNC as the protocol for long term use: > * how could this possibly scale! > * i can ship random bits to all RPs and they can't NOT accept them > * wow is this a bear to deal with in a programmatic manner! > (there may be others, not important right now what they are) > > Is it time that we fresh-slate thought about this problem? > I believe we CAN swap in 'anything' that has a URL type naming/pointing form > (perhaps we would need to define new url protocols, but...) > I think if we had a solid option, with running code we could talk > about removing rsync, preferring rrdp and testing the 'new thing'... > or some form of that ordering. When you actually remove rsync, RRDP no longer becomes a matter of 'preference'. :-) > Should we take up a discussion and work to investigate a RRDP > replacement? The timing is not optimal from my perspective, I don't mind the status quo. I think we should first finish: * ASPA signed object: draft-ietf-sidrops-aspa-profile * ASPA-based BGP message verification: draft-ietf-sidrops-aspa-verification * ASPA RTR: draft-ietf-sidrops-8210bis * draft-ietf-sidrops-signed-tal (has multiple implementations, authors requested WGLC multiple times now...) * draft-ietf-sidrops-cms-signing-time * draft-ietf-sidrops-rpki-prefixlist * And there also is a recent interest to revisit the validation algorithm, this will all take up a fair chunk of working group bandwidth. In short - deprecating rsync before having a viable alternative to RRDP v1 is horse behind cart. A deprecation of rsync won't solve immediate operational issues, but instead will add problems. The community now also is aware of various optimizations that can be done to make RRDP-to-RSYNC switchovers far less resource intensive, so scalability concerns are not as strong as they once were. Kind regards, Job
- [Sidrops] RRDP / RSYNC / Other? Christopher Morrow
- Re: [Sidrops] RRDP / RSYNC / Other? Ties de Kock
- Re: [Sidrops] RRDP / RSYNC / Other? Job Snijders
- Re: [Sidrops] RRDP / RSYNC / Other? Tim Bruijnzeels
- Re: [Sidrops] RRDP / RSYNC / Other? Christopher Morrow