Re: [Sidrops] Publication Point -> RP synchronization in bandwidth constrained environments (note for RRDP v2)
Di Ma <madi@zdns.cn> Wed, 31 May 2023 06:06 UTC
Return-Path: <madi@zdns.cn>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D942C14CE31 for <sidrops@ietfa.amsl.com>; Tue, 30 May 2023 23:06:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cRgcQRyNgLpf for <sidrops@ietfa.amsl.com>; Tue, 30 May 2023 23:06:46 -0700 (PDT)
Received: from smtpbg156.qq.com (smtpbg156.qq.com [15.184.82.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05CF6C151073 for <sidrops@ietf.org>; Tue, 30 May 2023 23:06:43 -0700 (PDT)
X-QQ-mid: bizesmtp65t1685513188tohl84zm
Received: from smtpclient.apple ( [218.17.115.214]) by bizesmtp.qq.com (ESMTP) with id ; Wed, 31 May 2023 14:06:27 +0800 (CST)
X-QQ-SSF: 00400000000000Z0Z000000A0000000
X-QQ-FEAT: c42nD1GNGykkdx7ppsvwphaKTK4q2td51l2t5k3oLjh2lo24kQNvp0df3Uv1S 63ZrIWT3k3qim5I5tKHz6wBiiwulMY6/LfII+KYct2A30pIpfFHaBC6dNt7JswRfq8/xcPS wNAQod/hNq3kBGs6qPBdV3XlrSKubrlDyhcJeKcG8JSRM39tkJS2l6psD9PcdduWRrEjS/4 L40U6aMzpOJFDPEdMVj6KrO7AKpOB9zsjamlSaIC97Dx03myI3MQXmaYHN0TNFQcUHsnUf0 ySKaegPwBUYndw2LGjL3Ha6gyNVkelisMXp4ncp08CnT5i4C7S9WvJgbcC/B2SK+NVaih5p UHzGFHc16yWQzCwD4VL0BULloz/tX+BSRoVmaxlRJsIka9chYyo9IBdmlclSw==
X-QQ-GoodBg: 2
X-BIZMAIL-ID: 12958309872997931106
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\))
From: Di Ma <madi@zdns.cn>
In-Reply-To: <ZHYYt77xdtrkNV1a@snel>
Date: Wed, 31 May 2023 14:06:17 +0800
Cc: SIDR Operations WG <sidrops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <96899286-62C0-4FA4-9F59-022E3C9B5607@zdns.cn>
References: <ZHYYt77xdtrkNV1a@snel>
To: Job Snijders <job=40fastly.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3731.500.231)
X-QQ-SENDSIZE: 520
Feedback-ID: bizesmtp:zdns.cn:qybglogicsvrgz:qybglogicsvrgz6a-1
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/SBKL57vzngbCT3c6DLBxY4AlzMw>
Subject: Re: [Sidrops] Publication Point -> RP synchronization in bandwidth constrained environments (note for RRDP v2)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 May 2023 06:06:50 -0000
Job, You are making sense here. I have been there when operating RPSTIR2. And I am in favor of your proposed solution especially “Reconsider compression” after evaluating the running codes of RPSTIR2 . Di > 2023年5月30日 23:39,Job Snijders <job=40fastly.com@dmarc.ietf.org> 写道: > > Dear all, > > I wanted to share a note that if work ever starts on RRDP v2, that > design team should consider conservation of bandwidth a priority. > > Recently one of the RIRs ran into a network congestion issue noticable > on intercontinental transfers: their 36 megabyte RRDP snapshot was being > served at a rate of ~ 25 kilobytes per second, and worse the TCP > connections often timed out. > > As some RP implementations expect a minimum delivery rate (for example > 100 kB/sec), some implementations allocate a timebox, and all > implementations will switch to RSYNC if RRDP is interrupted for whatever > reason, (causing a RRDP snapshot fetch to be queued up for the future). > The more RPs try to fetch the RRDP snapshot for one reason or another, > the more bandwidth is demanded, which in turn increases congestion. > > Some back of the napkin math: with 2500 RRDP clients interested in a 36 > megabyte RRDP snapshot, timeboxed into 15 minutes, the RRDP server would > need to be able to sustain 1 Gb/sec for 15 minutes to send that data to > to all RPs. If such a server for whatever reason ends up moving behind a > 100 Mb/sec link - in the steady state serving mostly just deltas the > available bandwidth still might seem good enough. However, the moment an > event like a RRDP Session restart happens, things go awry and perpetual > congestion could be the result. > > In this instance a (temporary) solution was to disable RRDP [1] (by > serving a HTTP 204 error for the /notification.xml file), steering all > RPs to use RSYNC, which seems to perform far better in bandwidth > constrained environments. > > Yes, while "make the pipes bigger!" or "Just use a CDN!" might seem a > logical and conclusive answer, I think there is room for optimization in > the RPKI synchronization protocols. Bigger pipes cost bigger money, CDNs > usually aren't free either, plus an additional layer of caching in the > CDN also introduces additional complexity in operations. > > Making RPKI PP/RP synchronization more efficient is advantageous to all > stakeholders in this ecosystem. > > Why does RSYNC perform better in this type of situation? > ========================================================= > > 1) The Base64 encoding in RRDP imposes a non-negligible overhead of 33% > which doesn't exist in RSYNC (where the files are transferred in > their 'bare' form). > 2) The XML formatting of the resulting document (elements, attributes & > newlines) adds another single digit percentage of overhead compared > to transfer of the bare files in bare form. > 3) RRDP snapshot downloads are hard to resume: if the session is > interrupted and then the RRDP serial increases, RPs will try to fetch > the new snapshot as per instructions from the RRDP server. RSYNC on > the other hand provides a far more fine-grained and seamless > resumption mechanism. > > Of course there are well-understood downsides to RSYNC too, what we're > looking at is a set of trade-offs: mostly centered on the trade-off > between bandwidth conservation in exchange for cpu cycles. The point of > this message is not to promote RSYNC but to take a look at the upsides > of RSYNC compared to RRDP v1. > > In this particular event (measured at a distance of 182 ms latency), > disabling RRDP caused the time it takes to do a full synchronization > from 30+ minutes down to 17 seconds, subsequent resyncs now take 6 > seconds, and congestion seems to have cleared. > > Takeaways for RRDP v2 > ===================== > > * The publication point operator should be able to signal in the > (equivalent of) notification.xml file a set of recommended timers > for fetching: it would be super nice if during congestion events the > PP operator can inform the clients to please check back at at slower > pace (say every 20 or 40 minutes) instead of whatever the RP's timers > are. This would give the PP operator some tools to ameliorate the > situation when lacking bandwidth or other resources. > > * Replace the concept of distributing signed objects, certs & crls > inside XML documents using Base64-encoding, with something more > efficient. Perhaps packing all to-be-transferred files in a DER > SEQUENCE, optionally wrapped in a self-signed CMS container for easy > checksumming. Another feasible approach would be to design an > RPKI-application specific compression algorithm : there is a ton of > duplicity in for example AuthorityInfoAccess fields or the > policyQualifier fields. > > * Rsync offers the community individually addressable URIs for > individual files, while RRDP v1 only offers 'the whole thing'. > Individually fetchable files are fantastic for debugging, and makes it > easier for CA/RP developers to reason and communicate about events. > What APNIC is doing here by offering all files on the RSYNC server > also as HTTPS download is a step in the right direction: > https://rpki.apnic.net/member_repository/A91A0D9C/9E28300657A811E8B4AC0877C4F9AE02/ > > * Reconsider compression. I am aware of issues like CVE-2021-43174 > which prompted some developers to remove support for gzip compression > in implementations, yet at the same time there is a lot to be gained > from compression: > > $ ls -lahtrS afrinic.* > -rw-r--r-- 1 job wheel 5.8M May 29 12:15 afrinic.tar.lzma > -rw-r--r-- 1 job wheel 6.0M May 29 12:15 afrinic.tar.zst > -rw-r--r-- 1 job wheel 6.1M May 29 12:15 afrinic.tar.bz2 > -rw-r--r-- 1 job wheel 6.3M May 29 12:15 afrinic.tar.gz > -rw-r--r-- 1 job wheel 13.0M May 20 12:51 afrinic.rrdp.xml.gz > -rw-r--r-- 1 job wheel 17.8M May 29 12:15 afrinic.tar > -rw-r--r-- 1 job wheel 35.5M May 20 12:51 afrinic.rrdp.xml > > In the above terminal transcript the 'afrinic.tar' file simply is a > tar archive of the validated cache directory specific to AfriNIC. This > tar file contains all currently valid objects. The tar file is half > the size of the RRDP snapshot, and compressing the tar with lzma, > zstd, bz2, or gzip yields a considerable smaller outcome than gzip > compressing the RRDP v1 XML snapshot. As noted above, an > RPKI-application-aware compression algorithm would yield even smaller > snapshots. > > I'm sure other people have learned other lessons over the years working > with both RSYNC and RRDP: your and their input could perhaps contribute > to a RRDP v2 requirements document. > > When we have RRDP v2, perhaps either RSYNC or RRDP v1 can be deprecated. > > Kind regards, > > Job > > [1]: AfriNIC disabled RRDP https://status.afrinic.net/notices/caelaru4q1vhqbv2-rrdp-service-availability > > _______________________________________________ > Sidrops mailing list > Sidrops@ietf.org > https://www.ietf.org/mailman/listinfo/sidrops >
- [Sidrops] Publication Point -> RP synchronization… Job Snijders
- Re: [Sidrops] Publication Point -> RP synchroniza… Christopher Morrow
- Re: [Sidrops] Publication Point -> RP synchroniza… Job Snijders
- Re: [Sidrops] Publication Point -> RP synchroniza… Christopher Morrow
- Re: [Sidrops] Publication Point -> RP synchroniza… Di Ma
- Re: [Sidrops] Publication Point -> RP synchroniza… Lukas Tribus
- Re: [Sidrops] Publication Point -> RP synchroniza… Mikhail Puzanov
- Re: [Sidrops] Publication Point -> RP synchroniza… Ties de Kock
- Re: [Sidrops] Publication Point -> RP synchroniza… Claudio Jeker
- Re: [Sidrops] Publication Point -> RP synchroniza… Ties de Kock
- Re: [Sidrops] Publication Point -> RP synchroniza… Tim Bruijnzeels
- Re: [Sidrops] Publication Point -> RP synchroniza… Job Snijders
- Re: [Sidrops] Publication Point -> RP synchroniza… Mikhail Puzanov
- Re: [Sidrops] Publication Point -> RP synchroniza… Ties de Kock
- Re: [Sidrops] Publication Point -> RP synchroniza… Tim Bruijnzeels
- Re: [Sidrops] Publication Point -> RP synchroniza… Job Snijders
- Re: [Sidrops] Publication Point -> RP synchroniza… Ties de Kock