Mark, sorry, I am just using terminology from the slide. Look slides 21-29 from https://datatracker.ietf.org/meeting/111/materials/slides-111-rtgwg-sessb-3-selfhealing-network-01 It is easy to guess what it is: a device that terminates a TCP session, initiates a new one, and stitches both. Firewall, stateful load balancer. Stateful devices are not very scalable, hence, anycast distribution of the load in front of the stack of such devices is common practice. IMHO: It is not the bad terminology that Alexander used. It is easy to guess what is “TCP proxy”. I do not see the need for RFC. Eduard From: Mark Smith [mailto:[email protected]] Sent: Monday, August 2, 2021 1:13 AM To: Vasilenko Eduard <[email protected]> Cc: [email protected]; routing WG <[email protected]> Subject: Re: Self-healing Networking with Flow Label
What are TCP proxy engines? What are TCP flow engines? In which RFCs are they described? On Mon, 2 Aug 2021, 02:47 Vasilenko Eduard, <[email protected]<mailto:[email protected]>> wrote: Hi Alexander, Have I understood your presentation right? The client SHOULD change IPv6 flow label after SYN RTO to have a chance to be moved to the working path inside DC fabric (if DC fabric supports flow label for hash calculation) But at the same time The client SHOULD NOT change the IPv6 flow label after SYN RTO to avoid being switched to a different TCP proxy engine. Looks like a deadlock, especially if both things should happen for the same traffic: it should reach DC fabric and it should be hash load-balanced between different TCP proxy engines (or applications) inside DC Fabric. I see one bad solution (“Disable Flow Label”): Routers up to TCP proxy engine SHOULD be configured not to use flow label (by the way these are all routers on the Internet), TCP flow engines SHOULD be outside of the DC Fabric (CLOS) – probably in front of it. Routers/Switches inside DC Fabric SHOULD use flow labels. I see another bad solution (“Disable Anycast”): Disable anycast on routers in principle, use only stateful LB. It has been commented in the chat that Anycast is not possible in principle for stateful connection. It is too general a statement. Anycast is just not compatible with Flow Label. It is not a problem for IPv4 anycast even if the connection is stateful (TCP) because 5-tuple for hash would not change. Hence, IPv6 anycast has become dead at the time when Flow Label change has been added in LINUX for active TCP session. Among 3 thins: - Anycast - Flow Label load balancing (basic Flow Label functionality) - Flow Label change on the active session for application to be more active in new path search You have to choose which one to kill – all 3 are not compatible with each other at the same. I vote to disable Flow Label change in LINUX. Then wait till the network would fix itself. We have so many fancy TE tools our days. A broken link or a broken node could be excluded from routing for 50ms. PS: I am not subscribed to the RTGWG alias, please keep me on a copy of this thread. [cid:[email protected]] Best Regards Eduard Vasilenko Senior Architect Europe Standardization & Industry Development Department Tel: +7(985) 910-1105, +7(916) 800-5506 _______________________________________________ rtgwg mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/rtgwg
_______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
