On Wed, Aug 24, 2022 at 5:33 AM, Lars Eggert <l...@eggert.org> wrote:
> Hi, > > On 2022-8-24, at 2:08, Christian Hopps <cho...@chopps.org> wrote: > > How about we add the text "This MUST NOT be used when full admin control > over the network cannot be assured."? > > I don't really understand what "full admin control over the network" really means… well, I do know what that means, but I don't really know as an operator what the implication are. If I have a site with a 10GE primary link, and a 1GE for the backup, I have "full admin control", but I still presumably shouldn't configure this to use 2Gbps, or I need to ensure that I have firewall filters to block this traffic if the primary link goes down… I guess that I don't really understand how this would be expected to be deployed in practice and what sort of expected CBR is expected. Any solution which generates a constant rate of traffic and doesn't understand congestion certainly seems like it is likely to cause issues unless is can be constrained to a single path and / or be known to be the only traffic source on that path (like a bump-in-the-wire solution). > "full admin control" is a necessary prerequisite to mitigate/manage > issues, but not a solution in itself. > > This CBR ESP tunnel is basically identical to a CBR pseudowire. There was > quite a bit of work/discussion between PWE3 and various transport groups in > the past that resulted in a set of guidance on how such pseudowires are > safe to deploy. This guidance needs to be adopted here as well (or we'll > need a much longer discussion on what alternative guidance could look like > and why.) > > > I'll happily admit that I haven't read that / those discussions, but I'm glad that it sounds like there is existing work that can be cribbed from… W Thanks, > Lars >
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
