[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RAM] Tunnelling Route Reduction Protocol

To: "Brian E Carpenter" <brian.e.carpenter at gmail.com>
Subject: Re: [RAM] Tunnelling Route Reduction Protocol
From: "William Herrin" <bill at herrin.us>
Date: Wed, 22 Aug 2007 18:41:43 -0400
Cc: ram at iab.org
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=sQ7c4xk87iOv/5WmQaCZc6cloMzGxDqMzZ3rKqs7bXi+i3Xo0YIAPMmoaTAOhAq62+UxSTGzaWSv9A5y3srLMXU5BT35YTVt0pbM0bwFBEjs3jP1C0a191dzkj9rMTylfOpgHRWFRxH822vBPM3r5CADj8OVlQqIG49mmPK0bfA=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=ksHbYTcKp9PITnB311rD5GAN5SqIdzR9CCd17Q1i5MnjFBo8QVrqlZTO5hiE8+g4y+DJwN03xupmM8sdaSKkK5zUkdqhL3fdkD2A86lUYIDcX0uJzkIlp8WRY33YEHyqI3L80XQbakAoga9eVT+qBhFyHwtwFVUCLusrGS/QEH8=
In-reply-to: <46CBF4A6.3020100@gmail.com>
List-archive: <http://www1.ietf.org/pipermail/ram>
List-help: <mailto:ram-request@iab.org?subject=help>
List-id: Routing and Addressing Mailing List <ram.iab.org>
List-post: <mailto:ram@iab.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=unsubscribe>
References: <3c3e3fca0708200646j391fd621n568f2b791c93a36f@mail.gmail.com> <46CA50F0.2040001@firstpr.com.au> <3c3e3fca0708210630r7d559c6fk94bc38c1aaa68df7@mail.gmail.com> <46CBF4A6.3020100@gmail.com>

On 8/22/07, Brian E Carpenter <brian.e.carpenter at gmail.com> wrote:
> On 2007-08-21 15:30, William Herrin wrote:
> > 1. 99.9% of the time, the originator of the packet has already had to
> > do a DNS lookup or some other lookup to map a name to an IP address.
>
> Wouldn't that be 49.95%? Half of all first packets tend to be
> responses such as SYN/ACK that involve no DNS lookup.

Hi Brian,

Its still 99.9%; the return packet is part of the initial transaction.
But you're right, there are potentially two extra lookup delays on
that first transaction in addition to the original name to IP lookup.

If the network operator is sloppy then there could be more. If the DNS
resolver doesn't refer queries through a resolver on globally routable
space or the authoratative name to ip DNS server isn't on globally
routable space then there could be a dozen lookups to get to the point
where the two endpoints are talking and all pertinent routes are
cached.

That's avoided by good operations practice, so I'm not too worried about it.

> For a server
> handling thousands of requests per second, adding a lookup means
> holding thousands of TCBs in a wait state for the duration of the
> lookup. There are perhaps some interesting DDOS attacks there.

Shouldn't be much different that you see with SYN floods and SYN cookies now.

I suspect the worst DOS would involve sending packets to random
addresses. The ITR lookups run afoul of the same problem that Cisco
fast-switching did: overwhelming the cache. The ITR would have to take
care not to discard routes for sessions that have seen a lot of
packets in favor of pending lookups or routes that have only seen a
few packets.

Regards,
Bill Herrin

-- 
William D. Herrin                  herrin at dirtside.com  bill at herrin.us
3005 Crane Dr.                        Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

_______________________________________________
RAM mailing list
RAM at iab.org
https://www1.ietf.org/mailman/listinfo/ram

References:
- [RAM] Tunnelling Route Reduction Protocol
  - From: William Herrin
- Re: [RAM] Tunnelling Route Reduction Protocol
  - From: Robin Whittle
- Re: [RAM] Tunnelling Route Reduction Protocol
  - From: William Herrin
- Re: [RAM] Tunnelling Route Reduction Protocol
  - From: Brian E Carpenter

Prev by Date: [RAM] (no subject)
Next by Date: Re: [RAM] Tunnelling Route Reduction Protocol
Previous by thread: Re: [RAM] Tunnelling Route Reduction Protocol
Next by thread: Re: [RAM] Tunnelling Route Reduction Protocol
Index(es):
- Date
- Thread