On Wed, Aug 24 2022 at 8:35 PM, Christian Hopps <cho...@chopps.org> wrote:
> Warren Kumari <war...@kumari.net> writes: > > On Wed, Aug 24, 2022 at 5:33 AM, Lars Eggert <l...@eggert.org> wrote: > > > > > > > Hi, > > > > > On 2022-8-24, at 2:08, Christian Hopps <cho...@chopps.org> wrote: > > > > > How about we add the text "This MUST NOT be used when full > admin control over the network cannot be assured."? > > > > > > > > > I don't really understand what "full admin control over the network" > really means… well, I do know what that means, but I don't really know as > an operator what the implication are. If I have a site with a 10GE primary > link, and a 1GE for the backup, I have "full admin control", but I still > presumably shouldn't configure this to use 2Gbps, or I need to ensure that > I have firewall filters to block this traffic if the primary link goes > down… > > It means you own, have rights to, and/or control the entire network the > tunnel will operate over. > > I guess that I don't really understand how this would be expected to be > deployed in practice and what sort of expected CBR is expected. Any > solution which generates a constant rate of traffic and doesn't understand > congestion certainly seems like it is likely to cause issues unless is can > be constrained to a single path and / or be known to be the only traffic > source on that path (like a bump-in-the-wire solution). > > If you own/control/have the rights to the entire network, then you have > the same over all the paths through the network. There are organizations > that wish to deploy IPTFS protected tunnels at their fixed rate w/o > congestion control, over said networks. And they should be able to. > I'm not trying to stop you / them, but I *am* trying to minimize the chances of foot-shooting. Having text which helps operators deploy this in a manner that doesn't cause issues for their network, especially during events like described above, means that they are more likely to actually deploy and use it. I'm sure that there are organizations who do want to deploy this - it has some very cool properties - but if they do, and it bites them because there was some operational advice/considerations that were left out, they will turn it off... W Thanks, > Chris. > > > > > > > > > > > > > "full admin control" is a necessary prerequisite to mitigate/ > manage issues, but not a solution in itself. > > > > > This CBR ESP tunnel is basically identical to a CBR pseudowire. > There was quite a bit of work/discussion between PWE3 and various > transport groups in the past that resulted in a set of guidance > on how such pseudowires are safe to deploy. This guidance needs > to be adopted here as well (or we'll need a much longer > discussion on what alternative guidance could look like and why.) > > > > > > > > > > > > > I'll happily admit that I haven't read that / those discussions, but I'm > glad that it sounds like there is existing work that can be cribbed from… > > > > > W > > > > > > > > > Thanks, > Lars > > > >
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
