Re: [v6ops] Operational Implications of IPv6 Packets with Extension Headers - Load Balancer
Geoff Huston <gih@apnic.net> Mon, 27 July 2020 21:58 UTC
Return-Path: <gih@apnic.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57E143A094E; Mon, 27 Jul 2020 14:58:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S5ilPWXJf16K; Mon, 27 Jul 2020 14:58:07 -0700 (PDT)
Received: from APC01-HK2-obe.outbound.protection.outlook.com (mail-eopbgr1300049.outbound.protection.outlook.com [40.107.130.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 201ED3A08E9; Mon, 27 Jul 2020 14:58:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KJw/66sbNnx0ALqLXAfnrgN77BUL+FbVE1K5hjbu839WwrvqeKZdFwCE8Ayn7qMObNU/6BrqlXOSlt5QlgYE1iDBSdrUjo1uDBsO1OMmC2bJzGeJ6dYXkVoq09O9atd8bcgeaS0gJP20ev1OXUCLdh2ga/ZL3Wx481KT/Naaj9aRQ5CbSCwh3j17Y9xUn0naEwzZjPmXGYqEX3gMnhg1qDMqPhCOaXvgUpxsJUSskfkKF2LGqiLrofDv3xq8RP+cuY/feCSgL8BjwghZmDeQUpMnuLHotjyrzcVtynBjpV4eFu8InwaWs9Ps9SubEA5z/gG3/IAlDQh61bJL58Ndmw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dFfq2Kqdghx4faAQevsuIUr/CEiNY8l5ktnnMjCu88o=; b=eqsUYesoHxR6Y2AUZpTXcH67PZoXwEyCX005oVOvCOIkbtz+m3X9TIsZRHnzPLlPQVUUArxysRsd2Jogyuue7OSh/sFw2ufDXE4u/cIJwKamilgTB1dku3HkJS2SANVUMNvdPefAhZ7wpp7EMh9Fbsxn4bV+Zd1q39soYnFYO6lUNfN+maVVltdTnR48AkgGsd1xZRF1VJsc9tBi+n5hrA1vy0HiC8wgBCV3o/mr4iUE6vzqug1kWyGkorc8c8V/cTIURR+588vNUyDskKzK7MGVKSgUIbeAWcyRZV1vgdzejCNCkVPmGQp7PK+Q1kTVtHh6IM2BPCi3l8y8CLpoXg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dFfq2Kqdghx4faAQevsuIUr/CEiNY8l5ktnnMjCu88o=; b=WX1fbQztRrbAfvC3U4AFhviLi8cAzroVM67pPY3fBzmnrYrpVhDgLgJ2M9DCPCiIQkID2//8CXm7Ru/KtXpEtiscHH3BV82Rwc3P5bG1ZlaL1lKmaKvJKubr1SruYeURzuHk7ULDpb+CCGiwHC6kvk7lRJ3OP0HaKK1RCB2YJiY=
Authentication-Results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=apnic.net;
Received: from TYAPR04MB2286.apcprd04.prod.outlook.com (2603:1096:404:24::20) by TY2PR04MB3997.apcprd04.prod.outlook.com (2603:1096:404:8004::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.31; Mon, 27 Jul 2020 21:58:04 +0000
Received: from TYAPR04MB2286.apcprd04.prod.outlook.com ([fe80::69aa:ca1d:4b48:1b24]) by TYAPR04MB2286.apcprd04.prod.outlook.com ([fe80::69aa:ca1d:4b48:1b24%6]) with mapi id 15.20.3216.033; Mon, 27 Jul 2020 21:58:04 +0000
Content-Type: text/plain; charset="utf-8"
From: Geoff Huston <gih@apnic.net>
In-Reply-To: <CAO42Z2y1K7AM1-Ene_-RqWGOZ8ObgNfKyhu4PV+BUdAG8xaoKA@mail.gmail.com>
Date: Tue, 28 Jul 2020 07:57:57 +1000
Cc: Vasilenko Eduard <vasilenko.eduard@huawei.com>, Fernando Gont <fgont@si6networks.com>, IPv6 Operations <v6ops@ietf.org>, "draft-gont-v6ops-ipv6-ehs-packet-drops@ietf.org" <draft-gont-v6ops-ipv6-ehs-packet-drops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <CB061623-B477-4DCA-901A-523E82A6C629@apnic.net>
References: <b380408712364589a45ab9f39ab6f764@huawei.com> <CAO42Z2y1K7AM1-Ene_-RqWGOZ8ObgNfKyhu4PV+BUdAG8xaoKA@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
X-ClientProxiedBy: SY3PR01CA0133.ausprd01.prod.outlook.com (2603:10c6:0:1b::18) To TYAPR04MB2286.apcprd04.prod.outlook.com (2603:1096:404:24::20)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [IPv6:2001:44b8:110b:5100:61ef:4c7b:bb6c:9627] (2001:44b8:110b:5100:61ef:4c7b:bb6c:9627) by SY3PR01CA0133.ausprd01.prod.outlook.com (2603:10c6:0:1b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.21 via Frontend Transport; Mon, 27 Jul 2020 21:58:02 +0000
X-Mailer: Apple Mail (2.3608.120.23.2.1)
X-Originating-IP: [2001:44b8:110b:5100:61ef:4c7b:bb6c:9627]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c1d66074-b7d9-43e6-fc55-08d8327822f6
X-MS-TrafficTypeDiagnostic: TY2PR04MB3997:
X-Microsoft-Antispam-PRVS: <TY2PR04MB3997F86DCD7949643AFC14CCB8720@TY2PR04MB3997.apcprd04.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: +RPmumFa1a9JRocLuv/KnxbbxtnYFfVDJSwLc5B9EMtLFlyhrRoHgbqOdINcYZe7NDYZSFsg4MD236ZoJzmusHITqFzr6HTMfgEqx19pMG6SiO+u2H2BhC9Dqg7wL1RXZlCmCRhWn9LDMRTls45sNhnbhmgxyXU+lajoSN//IgNpb3013rYRndA5el8GyH4WEXzpJ0JU17xteLRl+HtL7qbCcRRLAb8u0+5DYyf+z9nPDEUttQCuVbD2zoF5LLwqfSPPevYn22bacl+qIY1QJp2z49MwVWJ3RV/l6om4URO1BaeHiGRdCraOGsiu0pTTc/yM6ZoF6rKPEBxt8JqXVGU6IoQXKbJ/jaeCfKN9Hmv3OdCMyQB1FzOGV0tTNUJwHPQ8zkZz+ksiPICGjwdL4A==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:TYAPR04MB2286.apcprd04.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(366004)(346002)(396003)(39850400004)(136003)(8936002)(6666004)(83380400001)(53546011)(8676002)(52116002)(66574015)(86362001)(6486002)(33656002)(16526019)(186003)(66476007)(66946007)(36756003)(508600001)(316002)(2906002)(4326008)(2616005)(54906003)(966005)(6916009)(66556008)(5660300002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: OSRhTgrC3qWQYFokxh7ZLEW/ZoRu+liYYO6+BndeEmGF4z8IofD+aFJ+0dMavKBKhcrdP5SPlkWIvfg3jGLJbfY1qdynO08xAtKqrU+XaIDmaxhWKv2CPMubCn+0c7JarNgYHX39De5f3l6ANzu0asch6/pk0Qv8VZ3zknz1xSP3En7LPN/tin3tbMALyU3EKtbB3p2v0terDiMceUmypt0kToVa8xu68oUeWOa5y4C2BaPLo7N3Zn9QX9J/CAxIgKoUPU51/BM6uDBXwIQIgdejwJOZkDzS5I8DT0lzSsr1fZ3my6YMIQZaPz6AfScEJLAnCws88+cAx671SU1NTF/jIqWCPEZNewPeMhdMJmFWKHqprru2byFnj0kZ4HXWJFjgNXo7lHlsJ18WOii59tCD4KAQt1qKl27gMM2W72Fw5TKJRvjez0ndu9NcIppLYHihaRJtrShJprMTC4hOwhaLWY1M1bcsgdKg2/7vQmJD0YZaGtrWBiBqeOB3q7nB2IoYuGJSnyGO2Nd+owU6nynIdP7s+f2u5C9R6+aV4Dy5UuPCJqre9wswPak4SahA
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-Network-Message-Id: c1d66074-b7d9-43e6-fc55-08d8327822f6
X-MS-Exchange-CrossTenant-AuthSource: TYAPR04MB2286.apcprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jul 2020 21:58:03.9050 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: EMUKvqsv8HUFob45n+TsfO+5K3HJl4Njidye7UR24JzJxKvLYGqQBG/RnLxId7dy
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY2PR04MB3997
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/AmWJT5d_R-NyiTDRoB5abpG0oNE>
Subject: Re: [v6ops] Operational Implications of IPv6 Packets with Extension Headers - Load Balancer
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jul 2020 21:58:17 -0000
It might be useful to appreciate how load balancers are actually used in the public Internet before quoting RFC and drafts at each other. A good starting point is https://www.cmand.org/workshops/202006-v6/slides/cunha.pdf which describes recent work by UFMG’s Italo Cunha. > On 27 Jul 2020, at 7:47 pm, Mark Smith <markzzzsmith@gmail.com> wrote: > > Hi, > > If load balancers are going to be discussed, it also needs to be pointed out that they don't follow the definition of unicast addresses. > > A unicast address is to uniquely identify a single node. > > Load balancers share a single unicast address between multiple nodes, contradictory to the unique and single node identification purpose of unicast addresses. > > That is why they need to do non-RFC compliant things like digging into transport layer headers to work with unicast protocols like UDP, TCP and ICMP, trying to make them work across a fleet of nodes sharing a single unicast address. > > An anycast address, combined with a multi-path transport layer protocol is the way to do service load balancing in an RFC compliant way. > > See Section 5.7.7 of this draft for how. > > https://tools.ietf.org/html/draft-smith-6man-form-func-anycast-addresses-01#section-5.7.7 > > Regards, > Mark. > > > On Mon, 27 Jul 2020, 19:08 Vasilenko Eduard, <vasilenko.eduard@huawei.com> wrote: > Hi Fernando, > Hence again, following the logic of this draft (the level of detalization that you have given to 5.1) - may be you need additional section 5.1.x: Load Balancer have to look into TCP/UDP ports. Moreover, it could not trust "Flow label" - it is not reliable practice for LB. > Or alternatively you could say something about LB in section 5.1.2, but because it is a little special case - may be better to have separate 5.1.x > > Eduard
- [v6ops] Operational Implications of IPv6 Packets … Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Fernando Gont
- Re: [v6ops] Operational Implications of IPv6 Pack… Mark Smith
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Fernando Gont
- Re: [v6ops] Operational Implications of IPv6 Pack… Brian Carpenter
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Brian E Carpenter
- Re: [v6ops] Operational Implications of IPv6 Pack… Geoff Huston
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Geoff Huston
- Re: [v6ops] Operational Implications of IPv6 Pack… Fernando Gont
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Brian E Carpenter
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Geoff Huston
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Fernando Gont
- Re: [v6ops] Operational Implications of IPv6 Pack… Brian E Carpenter
- Re: [v6ops] Operational Implications of IPv6 Pack… Fernando Gont
- Re: [v6ops] Operational Implications of IPv6 Pack… Tim Chown
- Re: [v6ops] Operational Implications of IPv6 Pack… Vasilenko Eduard
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Nick Hilliard
- Re: [v6ops] Operational Implications of IPv6 Pack… Geoff Huston
- Re: [v6ops] Operational Implications of IPv6 Pack… Nick Hilliard
- Re: [v6ops] Operational Implications of IPv6 Pack… Tom Herbert
- Re: [v6ops] Operational Implications of IPv6 Pack… Fernando Gont