IETF Logo Mail Archive

Re: [v6ops] Flow label setting [WG Doc? draft-gont-v6ops-ipv6-ehs-packet-drops]

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 15 March 2016 03:09 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B63412D6A6 for <v6ops@ietfa.amsl.com>; Mon, 14 Mar 2016 20:09:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9BUdL3lSUX0L for <v6ops@ietfa.amsl.com>; Mon, 14 Mar 2016 20:09:28 -0700 (PDT)
Received: from mail-pf0-x230.google.com (mail-pf0-x230.google.com [IPv6:2607:f8b0:400e:c00::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B70212D840 for <v6ops@ietf.org>; Mon, 14 Mar 2016 20:09:28 -0700 (PDT)
Received: by mail-pf0-x230.google.com with SMTP id u190so8012624pfb.3 for <v6ops@ietf.org>; Mon, 14 Mar 2016 20:09:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=SF6g2l1RbszTVmchDhHE5/04Z/h9I3Hj/0qWvBwBYrU=; b=flal3L6v4XKCmUVNyWUR7A/DMygaLdw1rK1ZD1qh7tPViySX2Km+p397N0ApcPcgsA kIO5hgLYfC4wqOP6xCif4Cv9oNntF1+6RD2yabzAsWzRNSRWMw9rRn2nmZll36G2rc38 Z3b96NYVBoeu0Z7uVF7U+VwDJfh8KfOV1UTXgBC4xLpufexNV3w4Xmhtu4TFcHylK9v2 tov9hPv7J1qqDMvEslxB2og5Bl3b4y61RZ6QBuHfQITkamc69bZRZ2ZPwu4PADahhV5c TmD3p2jgNRgIi5Y3jaW4dINFFil/Fflo32xz80eE7gT0fbvZzSlYXl9S9xeiyxNdHp8+ K4Kw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=SF6g2l1RbszTVmchDhHE5/04Z/h9I3Hj/0qWvBwBYrU=; b=DLpdIGGQCD4cq1G5nnQWXUqVVc868t0RNNjRtE5cX3PBGoJ09+Cu8bxbuOLjvAQAeE P3TKOTxSCwL2+XBeV/Ho8TDoWgdionbJXsX5EhIkznRKwxkXpO8Q90CuekRsjQXrKMJZ WGfhcqumofE+GcBliDN80ajFV7ZqqcmVtyVFWcmZlZYom29p3w6wcOIHrbv3d79vYAMt JWIRR0xQn7piDcW2QI/aKga5LYBwlnZsdr8Kb6EvzdrR4LF5oaB/Qyj6dzIh114HWoC9 n3iUvavRZxK/zpAqHvS/vf0Icyir6xWJf1r83XMltngwclNDRP9Juw8J4YsTK8izboj3 ZtoQ==
X-Gm-Message-State: AD7BkJLnq2A7uCg9oUvzM/5IwsfPI+9lo/FvR3EYmr19zT66+gJJVGQQoNobk8VETo1Oug==
X-Received: by 10.66.152.231 with SMTP id vb7mr43127744pab.132.1458011367627; Mon, 14 Mar 2016 20:09:27 -0700 (PDT)
Received: from [10.1.9.199] ([103.23.18.15]) by smtp.gmail.com with ESMTPSA id p74sm35247015pfa.11.2016.03.14.20.09.24 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 14 Mar 2016 20:09:26 -0700 (PDT)
To: Tom Herbert <tom@herbertland.com>
References: <A277BE71-BD70-4AFE-97DA-F224D7DBBCB8@cisco.com> <BDA56C2D-788D-421C-B44A-1A29578F0F78@employees.org> <56E318C7.5020200@gmail.com> <F57DFD38-FC99-45AE-B41D-51B0565148B1@employees.org> <CALx6S37vNXk-g=W4n_Qvd2J=7xkgydvGEUwrhu8pRQig0hoqLg@mail.gmail.com> <1BB37194-0F5B-45C1-9DFA-87B1C28264D2@employees.org> <CALx6S37vfDcchTa5Tch+BS8rQAGgPP_EeYbVz19WBchSHTqExg@mail.gmail.com> <56E60B0D.6070600@gmail.com> <CALx6S36_Vi4XZfPvCNY42zpbXy9dXeXzwE8KedxYDhne371HHA@mail.gmail.com> <56E6326B.2090303@gmail.com> <CALx6S353ognNHWnjbNSdW5hb_e6Hv3LqLa_r+e9yEW4F=cjH=A@mail.gmail.com> <56E6FC18.1060304@foobar.org> <CALx6S35pcSj_LLnDWJ68KwSYiHeu6FwrXTaR4N2xE6aY7MRO1A@mail.gmail.com> <56E71F40.9030102@gmail.com> <CALx6S34XYWe=BB5xw8gwmZF7m3LP=fY=5Mf9PZuz4h8FkzsEZg@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <56E77CE4.2010303@gmail.com>
Date: Tue, 15 Mar 2016 16:09:24 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <CALx6S34XYWe=BB5xw8gwmZF7m3LP=fY=5Mf9PZuz4h8FkzsEZg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/SG6r2yRPmWyBWcAanGv8rljkW_c>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] Flow label setting [WG Doc? draft-gont-v6ops-ipv6-ehs-packet-drops]
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2016 03:09:30 -0000

On 15/03/2016 11:32, Tom Herbert wrote:

...
> - Linux (e.g. Android will): sets the flow label for new connections
> (TCP or connected UDP socket) using prandom_u32 (pseudo random
> number). The flow label for a connection may change if the connection
> is failing in hopes of finding a better route

In that case, it really doesn't matter as far as ECMP or load balancing goes
if the flow label changes, since the path will be changing anyway.
(OK, it might matter for server load balancing at the destination,
but that is a corner case that has to be dealt with regardless.)

> -- either the networking
> stack detects a bad route (i.e. TCP is retransmitting) or userspace
> can request a route change if it has information about path quality.
> So flow labels are not necessarily persistent which probably makes
> flow label filtering a bad idea

It's a bad idea, period. If you are trying to detect malicious traffic
you will need DPI anyway.

> at least if persistence for the
> lifetime of a connection is required for that (see
> http://www.maths.tcd.ie/~dwmalone/p/ec2nd05.pdf). For cases with no
> connection state (unconnected UDP, forward and encapsulate), the flow
> label is generated by parsing the packet to determine a hash based on
> L3/L4 information.
> 
> - Windows: I believe you mentioned that Windows 7 doesn't seem to have
> support for setting flow labels.

I couldn't find anything. Presumably it can be done by apps through the
Winsock API, but that isn't very useful.

> Maybe someone from Microsoft can
> clarify this and let us know what the prospects are for getting flow
> label support.

Please.
   Brian

v2.23.0 | Report a Bug | By Email