Re: [Spud] SPUD and anycast... ?!
Michael Thornburgh <mthornbu@adobe.com> Sun, 16 August 2015 00:26 UTC
Return-Path: <mthornbu@adobe.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id E12361B3089
for <spud@ietfa.amsl.com>; Sat, 15 Aug 2015 17:26:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.908
X-Spam-Level:
X-Spam-Status: No, score=-0.908 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, PLING_QUERY=0.994, SPF_HELO_PASS=-0.001,
SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id oQZpEqQthwnC for <spud@ietfa.amsl.com>;
Sat, 15 Aug 2015 17:26:45 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com
(mail-bn1on0649.outbound.protection.outlook.com
[IPv6:2a01:111:f400:fc10::649])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 4B04E1B3088
for <spud@ietf.org>; Sat, 15 Aug 2015 17:26:45 -0700 (PDT)
Received: from CY1PR02MB1755.namprd02.prod.outlook.com (10.162.165.149) by
CY1PR02MB1755.namprd02.prod.outlook.com (10.162.165.149) with Microsoft SMTP
Server (TLS) id 15.1.231.21; Sun, 16 Aug 2015 00:26:39 +0000
Received: from CY1PR02MB1755.namprd02.prod.outlook.com ([10.162.165.149]) by
CY1PR02MB1755.namprd02.prod.outlook.com ([10.162.165.149]) with mapi id
15.01.0231.024; Sun, 16 Aug 2015 00:26:39 +0000
From: Michael Thornburgh <mthornbu@adobe.com>
To: Toerless Eckert <eckert@cisco.com>, "spud@ietf.org" <spud@ietf.org>
Thread-Topic: [Spud] SPUD and anycast... ?!
Thread-Index: AQHQ1l9zJIjEsmoUDEm7JrdftL6wsp4LHBaAgABIj4CAABYsAIAAAVwAgACi0BCAAFiQAIABSZxO
Date: Sun, 16 Aug 2015 00:26:39 +0000
Message-ID: <CY1PR02MB1755BF56704C002C0D45C8F3CD7A0@CY1PR02MB1755.namprd02.prod.outlook.com>
References: <20150814070411.GQ1667@cisco.com>
<07E2D217-F71A-47DD-850D-F6F21855FBC1@lurchi.franken.de>
<20150814115939.GS1667@cisco.com>
<A8C02E01-673A-4F3A-BE91-6F8646CC791F@lurchi.franken.de>
<20150814132352.GT1667@cisco.com>
<BLUPR02MB17477361277708CB3BAA0D52CD7C0@BLUPR02MB1747.namprd02.prod.outlook.com>,
<20150815042334.GI1667@cisco.com>
In-Reply-To: <20150815042334.GI1667@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is )
smtp.mailfrom=mthornbu@adobe.com;
x-originating-ip: [198.202.199.162]
x-microsoft-exchange-diagnostics: 1; CY1PR02MB1755;
5:sMmDsnxlGu1ITy/bP0RXAhbi6hm45S8vPFp/+CWjo8Xd/fYA2VMsYznx0wyZ+kH5vsOoYFYrSLeUZlUbwD3bIxDerJHZ0gEikZ4pZ0voxNLvp30VFf0/fv7jbLLPTroWAdC0HZkWkUWvIsfDG5Z46Q==;
24:UICjhdp1DhTnduQuFy/MKgqI7c510ablPKNnCtiE3//ZkE5JbpknVx3Cqn1PZ7vi5GC6Ub6T4T+zKfxhSBKN3QJtHY0u+ABMFj5S5yUB58w=;
20:PBu01TFqhA33dpClYyVSLlFYDWyEaTsWB17UtmFOh4grS81VjiBkfsL0tjHKy6SbqxGSbqbesOH9I0SkYWSLrA==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR02MB1755;
x-microsoft-antispam-prvs: <CY1PR02MB1755F0603628F736430A6D2CCD7A0@CY1PR02MB1755.namprd02.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
RULEID:(601004)(8121501046)(5005006)(3002001); SRVR:CY1PR02MB1755; BCL:0;
PCL:0; RULEID:; SRVR:CY1PR02MB1755;
x-forefront-prvs: 067071EFC8
x-forefront-antispam-report: SFV:NSPM;
SFS:(10009020)(6009001)(199003)(189002)(51444003)(52314003)(24454002)(13464003)(377454003)(66066001)(40100003)(77096005)(2950100001)(77156002)(62966003)(68736005)(15975445007)(102836002)(2900100001)(50986999)(54356999)(99286002)(106356001)(2501003)(10090500001)(106116001)(105586002)(5003600100002)(76576001)(5002640100001)(92566002)(74316001)(64706001)(122556002)(10400500002)(101416001)(76176999)(5001830100001)(93886004)(8990500004)(2656002)(5001860100001)(87936001)(189998001)(33656002)(86362001)(19580395003)(19580405001)(4001540100001)(81156007)(5001960100002)(107886002)(46102003)(97736004)(5001920100001)(5001770100001);
DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR02MB1755;
H:CY1PR02MB1755.namprd02.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords;
A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: adobe.com does not designate
permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: adobe.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Aug 2015 00:26:39.1448 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: fa7b1b5a-7b34-4387-94ae-d2c178decee1
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR02MB1755
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/hA9T6cBB4q_wKNIsGxMpoOek5no>
Subject: Re: [Spud] SPUD and anycast... ?!
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>,
<mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>,
<mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Aug 2015 00:26:48 -0000
yes, 3 implies one more RTT. you wouldn't want to have a combo redirect/RHello coming from the anycast address and just believe the unicast address in the redirect, because the initiator might not have bidirectional connectivity to the unicast address, or the initiator might use a different source address to reach the unicast address (which might produce a different cookie, which would then take an additional RTT anyway, see Section 3.5.1.2). you could potentially save an RTT by combining 3 and 2 (sending a Redirect from the anycast address AND sending an RHello from the unicast address). if the RHello gets through then you're good, and if it doesn't then you spend an extra RTT after receiving the Redirect. this would be very similar to the situation in Section 3.5.1.6. > Don't find the word multicast in the text though... as i said, anycast and multicast use cases aren't called out explicitly in the spec. but they work with no special handling because there's already support for multiple responders responding to the same IHello. the initiator matches the open responses based on an opaque tag rather than on IP address & port number, latches on the first acceptable response no matter where it comes from, and uses the address/port from which that response came as the far socket address for the session. note that once the session is up, the address of either end can change, and, depending on the NAT/firewall situation between the endpoints, the session can survive the address change. see Section 3.5.3 and Section 3.5.4.2. -mike ________________________________________ From: Toerless Eckert [eckert@cisco.com] Sent: Friday, August 14, 2015 9:23 PM To: Michael Thornburgh Cc: spud@ietf.org Subject: Re: [Spud] SPUD and anycast... ?! Nice. Does 3. in RTMFP imply one more RTT to start the session ? to just seed a (good) NAT/FW, it should be sufficient for responder to send the ACK to the responder instead of restarting with SYN ?! (to avoid one more RTT). Don't find the word multicast in the text though... Cheers Toerless On Fri, Aug 14, 2015 at 11:34:27PM +0000, Michael Thornburgh wrote: > RTMFP (RFC 7016) supports opening to an anycast or multicast address "out of the box". these cases aren't explicitly called out in the spec, but the same mechanism that supports parallel open, redirectors, forwarders, and load distribution/fault tolerance also supports anycast/multicast. see Section 3.5.1 (and subsections) of RFC 7016. > > opening to an anycast address could work in these ways: > > 1. anycast responder uses the anycast address for the session, as long as the anycast routing is consistent for the lifetime of the session (otherwise the session will time out and die), same as with TCP or anything else > > 2. anycast responder uses its unicast address to respond with its RHello, session is established to the unicast address > > 3. anycast responder uses its anycast address to respond with a Redirect listing the responder's unicast address, initiator then tries unicast address and establishes the session > > note that if the client has an address/port restricted NAT or firewall, 2 won't work, but 3 would. > > for opening to a multicast address, the responders would all respond with an RHello. whichever one was received first would win and be selected by the initiator for the session, and the other responses would be ignored (the same situation as for the load distribution case in Section 3.5.1.7). > > -mike > > > > -----Original Message----- > > From: Spud [mailto:spud-bounces@ietf.org] On Behalf Of Toerless Eckert > > Sent: Friday, August 14, 2015 6:24 AM > > To: Michael Tuexen > > Cc: spud@ietf.org > > Subject: Re: [Spud] SPUD and anycast... ?! > > > > On Fri, Aug 14, 2015 at 03:19:00PM +0200, Michael Tuexen wrote: > > > > On 14 Aug 2015, at 13:59, Toerless Eckert <eckert@cisco.com> wrote: > > > > > > > > http://www.cachefly.com/2014/07/11/measuring-throughput-performance-dns-vs-tcp-anycast-routing/ > > > > > > > > Even beyond this easily googled example, i think that anycast TCP is > > > > used quite a bit and on web application you can often just have short > > > > lived TCP connection running completely on the anycast address and just > > > > > If you want to use anycast with TCP, how do you make sure that all TCP > > > packets with the same anycast destination address end up at the same host? > > > > My paragraph meant to imply that the whole TCP connection does use anycast > > in this case, and the different instances of the anycast group are deployed > > so that ECMP can't happen, so the TCP connections will only fail in case > > of re-routing that changes metrics to have the anycast address flip over > > and that doesn't seem to a big enough problem in the deployment cases - > > because the servers are far enough apart from each other for example. > > > > > For SCTP you would only use an anycast address as the destination address of > > > the first packet and then the server uses a unicast address. Since SCTP > > > supports multiple IP addresses and dynamic address reconfiguration, that > > > is possible. Similar things can be done with MPTCP, but not with TCP. > > > > I thought to remembre from long time ago that the only architecturally > > sane anycast assumption is that a single packet will only reach a single > > anycast group member. As soon as you send two packets they may end uup > > in different ones. Of course, likelyhood for this is quite small. SO all > > i was saying is that it wold be lovely for SPUD to be able to support > > architecturally sane use of anycast. Seems simple enough to permit it. > > > > Cheers > > Toerless > > > > > Best regards > > > Michael > > > > redirect to a unicast URL when you know it's going to be long-lived (streaming). > > > > So i think the reason why this may not have come up is because for a good amount > > > > of applications, just ignoring the anycast problem leads to good enough > > > > solutions, and the solutions where this would not work may not had > > > > enough of a business case / working strategy to get this type of extension > > > > forced into TCP. > > > > > > > > Cheers > > > > toerless > > > > > > > > On Fri, Aug 14, 2015 at 09:39:57AM +0200, Michael Tuexen wrote: > > > >>> On 14 Aug 2015, at 09:04, Toerless Eckert <eckert@cisco.com> wrote: > > > >>> > > > >>> Was there ever an extension for TCP or SCTP to "explicitly" deal with > > > >>> anycast, eg: SYN to reponder anycast, SYN-ACK back from responder > > > >>> unicast, but with data field indicating anycast address and nonce from > > > >>> SYN, then ACK back to responder unicast ? > > > >> You can do that with SCTP and dynamic address re-conifguration. Randy > > > >> Stewart and myself discussed this ages ago but never wrote an ID, since > > > >> we didn't see a consumer of the idea. > > > >> > > > >> Best regards > > > >> Michael > > > >>> > > > >>> I can't remember / find anything like this right now. WOuld be > > > >>> lovely for SPUD to consier including something like this. Heck, > > > >>> could even do this with multicast and let initiator send ACK > > > >>> back to fastest responder ;-) > > > >>> > > > >>> Cheers > > > >>> Toerless > > > >>> > > > >>> _______________________________________________ > > > >>> Spud mailing list > > > >>> Spud@ietf.org > > > >>> https://www.ietf.org/mailman/listinfo/spud > > > > _______________________________________________ > > Spud mailing list > > Spud@ietf.org > > https://www.ietf.org/mailman/listinfo/spud -- --- Toerless Eckert, eckert@cisco.com
- [Spud] SPUD and anycast... ?! Toerless Eckert
- Re: [Spud] SPUD and anycast... ?! Michael Tuexen
- Re: [Spud] SPUD and anycast... ?! Toerless Eckert
- Re: [Spud] SPUD and anycast... ?! Michael Tuexen
- Re: [Spud] SPUD and anycast... ?! Toerless Eckert
- Re: [Spud] SPUD and anycast... ?! Michael Thornburgh
- Re: [Spud] SPUD and anycast... ?! Toerless Eckert
- Re: [Spud] SPUD and anycast... ?! Michael Thornburgh