headers
Hott, Robert W CIV B35-Branch | 9 Mar 2006 19:31
Picon
Favicon

Latest update to draft-ietf-vrrp-ipv4-timers

All,
        I have made some minor editorial changes and one logic error change in the Initialize state (thank you Sonum) in draft-ietf-vrrp-ipv4-timers-01.txt

        I was late in posting the updated draft so it will not be posted in the drafts location until after the upcoming IETF meeting. For this reason, the draft was placed on the link, below, by Brian Haberman. Please take a look at the draft and provide any and all comments you might have. Karen O'Donoghue was hoping to discuss this draft and the way forward at the upcoming IETF. Thank you!

Bob Hott

http://www.innovationslab.net/~brian/drafts/draft-ietf-vrrp-ipv4-timers-02.txt


Robert (Bob) W. Hott
NSWC-DD
Code B35, Bldg. 1500A/122A
17320 Dahlgren Road
Dahlgren, VA 22448-5100
540-653-1497 (W)
540-653-8673 (FAX)
robert.hott <at> navy.mil (E-mail) 

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 0 comments |
headers
Radia Perlman | 17 Mar 2006 22:50
Picon

Security considerations...SEND interaction....IESG "discuss" item

I guess I'll put on my security advisor hat and take off my cochair hat 
for this thread.

Sam Hartman brought up a good point, which is how might VRRP interact 
with SEND. (secure
neighbor discovery). The basic idea of SEND (from my memory) is that 
with IPv6 addresses, a
node can select the bottom 8 bytes of its address to be a hash of a 
public key, and then sign
ND advertisements using the private key.

So, one way I could imagine SEND impacting VRRP is that the routers 
would all have to know
the private key associated with the shared IP address, so that they 
could then do the ND advertisements
if they took over as master.

Sam specifically asked though whether there might actually be some use 
for authentication of VRRP
messages in the SEND case. And that's a good point. Otherwise, someone 
could prevent one
of the real guys from getting elected, impersonating a VRRP router in 
the election, whereas SEND would
have prevented them from answering ND queries. So it is possible in that 
case that if neighbor discovery
is being armored, that VRRP should be similarly armored.

I haven't thought about this a lot, but my inclination would be to have, 
in that case, the VRRP message
signed with the same mechanism, and with the same private key, as the 
IPv6 address key.

Is there anyone else who wants to think about this?

Radia

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 0 comments |
headers
Steve Bates | 23 Mar 2006 00:04
Picon

Questions on draft-ietf-vrrp-ipv4-timers-02.txt

Hi Bob,

I've posted these comments before but I'll rephrase them based on the 02
draft.

1) Back in early December there was a flurry of comments about mismatched
advertisement intervals causing multiple masters.  The consensus seemed to
be that virtual routers of a lower priority would ignore a mismatch if the
higher priority interval was less than their configured interval and make
the higher priority interval their own operational value when it was greater
than their configured interval.  I was under the impression, based on
Radia's response to your original December 2nd post, that this would be
reflected in the draft.  Other than the omission of the phrase "the receiver
MUST discard the packet" in the final paragraph of section 4.1 I don't see
anything about this.  

2) This may become a greater issue with the addition of advertising interval
granularity.  It's conceivable that one implementation might not be able to
support as fine(?) a granularity as another, while both are type 2 virtual
routers.  For example, suppose a higher priority virtual router A is
configured with adver_cnt = 3, aig = 1, and adver_int = 1, while a lower
priority virtual router B is configured with adver_cnt = 3, aig = 2, and
adver_int = 1.  Virtual router B MUST accept virtual router A's values to
avoid flapping - unless it discards the FAST ADVERTISEMENT and creates a two
master situation.  Conversely, if the priorities are reversed B's values are
useless to A if A is incapable of supporting the finer granularity but at
least A will maintain it's backup state.  Am I mistaken?

3) The two bit granularity field seems a bit shortsighted.  A) There are
some RTOSes where a "tick" is defined as 1/60th of a second.  This makes
achieving centisecond granularity difficult.  A decisecond value would be
nice.  B) But if we do that we've used up all the values in the field.  Ten
years from now we'll be on terabit networks and someone may want microsecond
granularity.  Another bit might be a good idea.

4) I don't dispute the desirability of  a configurable advertisement count
but I'm not sure we gain much passing it in the advertisement.

5) For the VRRPv3 packet there are only 4 bits available since the
advertisement interval uses 12.  Do you have an idea how to migrate this
draft to the IPv6 case?

Steve Bates

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 0 comments |
headers
Vincent Jardin | 23 Mar 2006 10:38

Two MAC addresses for a same IP Primary address

Hi all,

According to the RFC3768, when a multicast VRRP packet is sent, the 
source IP address must be the *Primary IP Address* (section 5.2.1) and 
the source MAC address must be the *Virtual Router MAC Address*.

Moreover, the source MAC address of the the ICMP, TCP, ARP packets 
related to the *IP Address Owner*, must (of course) be the *Virtual 
Router MAC Address*.

Two routers running VRRP should have 2 differents *Primary IP Address*, 
and (of course) the same *IP Address Owner*.

So, if from a host, which is on the same Ethernet network, I send an 
ICMP echo request to:
   - the *Primary IP Address*, which source MAC address should the ICMP 
echo reply use ?
     According to me, it must NOT be the *Virtual Router MAC Address*.
   - the *IP Address Owner*, which source MAC address should the ICMP 
echo reply use ?
     According to me, it must be the *Virtual Router MAC Address*.

So it means that for any packets, when the source IP address is the 
*Primary IP Address*, the source MAC address could be any MAC address of 
the NIC; but when it is a VRRP Multicast packet to 224.0.0.18, the 
source MAC address must be the *Virtual Router MAC Address*.

Conclusion: a *Primary IP Address* can have two MAC addresses !!!, the 
*Virtual Router MAC Address* and the MAC address of the NIC !

It is not logical, so what are we missing ?

According to me:
   -Option1: the section 5.2.1 should specify that the source address 
should be an *IP Address Owner*, instead of the *Primary IP address*.
   -Option2: remove the constraint of the source MAC address of the VRRP 
packet = the *Virtual Router MAC Address*.

I prefer option 2 because it avoids the Ethernet switch from oscillating 
during a transition state.

Regards,
   Vincent

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 3 comments |
headers
don provan | 23 Mar 2006 18:37
Favicon

RE: Two MAC addresses for a same IP Primary address

Vincent,

What you are missing is that there is no relation between the
source IP address in an IP packet and the source MAC address
in the ethernet packet carrying it. There is no requirement
whatsoever for them to match in any way, and thank goodness
because it would make routed packets somewhat difficult to
handle since they have source IP addresses completely unrelated
to any MAC address sending on the local network.

In other words, there is no such requirement as:

>Moreover, the source MAC address of the the ICMP, TCP, ARP
>packets related to the *IP Address Owner*, must (of course)
>be the *Virtual Router MAC Address*.

>Conclusion: a *Primary IP Address* can have two MAC
>addresses !!!, the *Virtual Router MAC Address* and
>the MAC address of the NIC !

The VR IP address "has" one MAC address: the VR MAC.
ARP should always advertise that mapping and no other.
But this has no relevance to the selection of source
MAC address when transmitting a packet.

I understand how startling this observation can be, but it's
just basic IP logic, nothing VRRP specific about it. Once
you get your thoughts around it, VRRP falls out nicely.
In particular, you realize that there is only one reason, ever,
to use the VR's MAC address as the source of an ethernet packet,
and that is to teach the ethernet switching infrastructure
where to send packets with that MAC address as the destination.
That is accomplished by sending the advertisement packets with
the VR MAC address as source since those packets are known to
be sent at the appropriate times.

For all other packets, the source MAC address retains its
original purpose: to identify the hardware that transmitted
the packet. If anything, this becomes *more* important in
a VRRP environment, since problems can be much harder to
diagnose if it's impossible to tell which system sent which
packets.

-don

-----Original Message-----
From: Vincent Jardin [mailto:Vincent.Jardin <at> 6wind.com] 
Sent: Thursday, March 23, 2006 1:38 AM
To: vrrp <at> ietf.org
Subject: [VRRP] Two MAC addresses for a same IP Primary address

Hi all,

According to the RFC3768, when a multicast VRRP packet is sent, the source
IP address must be the *Primary IP Address* (section 5.2.1) and the source
MAC address must be the *Virtual Router MAC Address*.

Moreover, the source MAC address of the the ICMP, TCP, ARP packets related
to the *IP Address Owner*, must (of course) be the *Virtual Router MAC
Address*.

Two routers running VRRP should have 2 differents *Primary IP Address*, and
(of course) the same *IP Address Owner*.

So, if from a host, which is on the same Ethernet network, I send an ICMP
echo request to:
   - the *Primary IP Address*, which source MAC address should the ICMP echo
reply use ?
     According to me, it must NOT be the *Virtual Router MAC Address*.
   - the *IP Address Owner*, which source MAC address should the ICMP echo
reply use ?
     According to me, it must be the *Virtual Router MAC Address*.

So it means that for any packets, when the source IP address is the *Primary
IP Address*, the source MAC address could be any MAC address of the NIC; but
when it is a VRRP Multicast packet to 224.0.0.18, the source MAC address
must be the *Virtual Router MAC Address*.

Conclusion: a *Primary IP Address* can have two MAC addresses !!!, the
*Virtual Router MAC Address* and the MAC address of the NIC !

It is not logical, so what are we missing ?

According to me:
   -Option1: the section 5.2.1 should specify that the source address should
be an *IP Address Owner*, instead of the *Primary IP address*.
   -Option2: remove the constraint of the source MAC address of the VRRP
packet = the *Virtual Router MAC Address*.

I prefer option 2 because it avoids the Ethernet switch from oscillating
during a transition state.

Regards,
   Vincent

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 2 comments |
headers
Vincent Jardin | 24 Mar 2006 09:24

Re: Two MAC addresses for a same IP Primary address

Don,

> What you are missing is that there is no relation between the
> source IP address in an IP packet and the source MAC address
> in the ethernet packet carrying it.

I definitively agree, that's why I was suspicious with our understanding 
of the RFC !

> 
>>Moreover, the source MAC address of the the ICMP, TCP, ARP
>>packets related to the *IP Address Owner*, must (of course)
>>be the *Virtual Router MAC Address*.
> 
> 
>>Conclusion: a *Primary IP Address* can have two MAC
>>addresses !!!, the *Virtual Router MAC Address* and
>>the MAC address of the NIC !
> 
> 
> The VR IP address "has" one MAC address: the VR MAC.

Here, what you call VR IP address is defined by *IP Address Owner* into 
the RFC, isn't it ?

> ARP should always advertise that mapping and no other.
> But this has no relevance to the selection of source
> MAC address when transmitting a packet.

I agree that Address Resolution (ARP) of *IP Address Owner* must only 
adverise the *Virtual Router MAC Address*.

> In particular, you realize that there is only one reason, ever,
> to use the VR's MAC address as the source of an ethernet packet,
> and that is to teach the ethernet switching infrastructure
> where to send packets with that MAC address as the destination.

Of course, it is the basic goal of VRRP.

> That is accomplished by sending the advertisement packets with
> the VR MAC address as source since those packets are known to
> be sent at the appropriate times.

Please, here, when you write "by sending the advertisement packets with 
VR MAC address", please, what is the IPv4 source address ?
   1-> the *IP Address Owner*
   2-> xor the *Primary IP Address*

Our issue is related to the fact that 2 IP addresses are defined into 
the RFC *IP Address Owner* and *Primary IP Address*. It is clear how the 
*IP Address Owner* must be used with the VR MAC address on many gateways 
running VRRP on a same link, but it is unclear for the *Primary IP Address*.

I would be interested in better understanding how is supposed to be used 
the *Primary IP Address* on 3 gateways running VRRP on a same link:
   -> There are 3 *Primary IP addresses* at least, aren't there ?

   -> Are these 3 *Primary IP addresses* reachable at anytime even if 
the gateway is in the backup state ?

Thanks,
   Vincent

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 1 comment |
headers
Don Provan | 24 Mar 2006 20:23
Favicon

RE: Two MAC addresses for a same IP Primary address

> Here, what you call VR IP address is defined by *IP Address 
> Owner* into the RFC, isn't it ?

There is a VR IP address. The VR IP address has an owner, but
it is the VR master, whether currently the owner or not, that
uses the VR MAC address.

> > ARP should always advertise that mapping and no other.
> > But this has no relevance to the selection of source
> > MAC address when transmitting a packet.
> 
> I agree that Address Resolution (ARP) of *IP Address Owner* must only 
> adverise the *Virtual Router MAC Address*.

The *master* is the one that ARPs the VR IP address, regardless
of whether it is the VR IP address owner. In any case, we agree
with the important point: ARP always maps VR IP address to VR MAC
address.

> Please, here, when you write "by sending the advertisement 
> packets with 
> VR MAC address", please, what is the IPv4 source address ?
>    1-> the *IP Address Owner*
>    2-> xor the *Primary IP Address*

The source is the primary IP address of the interface through
which the advertisement is sent. For the VR IP address owner,
this could be the VR IP address itself, but for any other router
supporting this VR, it has to be an IP address unrelated to the
VR. (In my implementation, even the VR IP address owner uses
an unrelated IP address as it's primary IP address.)

> Our issue is related to the fact that 2 IP addresses are defined into 
> the RFC *IP Address Owner* and *Primary IP Address*. It is 
> clear how the *IP Address Owner* must be used with the VR MAC address on 
> many gateways running VRRP on a same link, but it is unclear for the 
> *Primary IP Address*.

The primary IP address uniquely identifies each router participating
in the VR. It is the IP address assigned to the router because it is
an IP node on that network; it was nothing to do with the fact that
the router is now assigned to support VRRP.

> I would be interested in better understanding how is supposed 
> to be used 
> the *Primary IP Address* on 3 gateways running VRRP on a same link:
>    -> There are 3 *Primary IP addresses* at least, aren't there ?

Yes. Each router has its own, unique primary IP address on the
network VRRP is running on. (The VR IP address owner is allowed but
not required to use the VR IP address as its primary IP address.)

>    -> Are these 3 *Primary IP addresses* reachable at anytime even if 
> the gateway is in the backup state ?

The primary IP address are assigned to the physical router. Its
reachability is unrelated to the VRRP protocol in any way. One would
expect the address to be reachable whenever that interface is up just
as one would expect any other node's IP addresses to be reachable when
the node is active. As it turns out, VRRP doesn't even require that much:
VRRP never sends a packet *to* the Primary IP address (unless I'm
forgetting something....), so for VRRP to work, the Primary IP address
need not be actually reachable, although I don't think the protocol spec
itself mentions this unimportant detail.

-don

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 0 comments |
headers
Hott, Robert W CIV B35-Branch | 28 Mar 2006 06:49
Picon
Favicon

RE: Questions on draft-ietf-vrrp-ipv4-timers-02.txt

Steve,

  Sorry I missed your comments the first go around. I did get them
and missed responding. Thank you for hitting me with them again. You
have some good questions. I think the draft needs to have wording
added to clarify what needs to happen. I also think some discussion
on the reflector is in order with regard to timers, granularity, and
counts. Thank you for the comments. See my response and observations
below. Hopefully this will get some discussion going!!

Bob Hott

-----Original Message-----
From: Steve Bates [mailto:Steve.Bates <at> alcatel.com]
Sent: Wednesday, March 22, 2006 18:04
To: Hott, Robert W CIV B35-Branch; vrrp <at> ietf.org
Subject: [VRRP] Questions on draft-ietf-vrrp-ipv4-timers-02.txt


Hi Bob,

I've posted these comments before but I'll rephrase them based on the 02
draft.

1) Back in early December there was a flurry of comments about mismatched
advertisement intervals causing multiple masters.  The consensus seemed to
be that virtual routers of a lower priority would ignore a mismatch if the
higher priority interval was less than their configured interval and make
the higher priority interval their own operational value when it was greater
than their configured interval.  I was under the impression, based on
Radia's response to your original December 2nd post, that this would be
reflected in the draft.  Other than the omission of the phrase "the receiver
MUST discard the packet" in the final paragraph of section 4.1 I don't see
anything about this. 

Steve, removing the phrase from Section 4.1 about discarding the packet
was needed so that mismatches would get handled in the STATE MACHINE.
If the Advertisements were discarded, multiple Masters could occur.
Now, with regard to which timer to use, I think that the consensus was
to use the MASTER values when there was a mis-match. Clock granularity could
impact what is actually used, see my response to your question #2, below.
When I look at your questions and the draft, I think the draft needs
to better identify and discuss the values used; whether it is the
configured value, the value received from the MASTER, etc...


2) This may become a greater issue with the addition of advertising interval
granularity.  It's conceivable that one implementation might not be able to
support as fine(?) a granularity as another, while both are type 2 virtual
routers.  For example, suppose a higher priority virtual router A is
configured with adver_cnt = 3, aig = 1, and adver_int = 1, while a lower
priority virtual router B is configured with adver_cnt = 3, aig = 2, and
adver_int = 1.  Virtual router B MUST accept virtual router A's values to
avoid flapping - unless it discards the FAST ADVERTISEMENT and creates a two
master situation.  Conversely, if the priorities are reversed B's values are
useless to A if A is incapable of supporting the finer granularity but at
least A will maintain it's backup state.  Am I mistaken?


Okay, so here is how it should work, not saying that the wording is in
place:

If Router A is Master (or any router with a granularity less than its
Backups), then the Master will propagate its values to the Backups.
The Backups, in this case Router B, should be able to set its
timer (Master_Down_Timer) based on the received adver_cnt and adver_int
in the advertised clock granularity (centiseconds) units, since its
own clock granularity was milliseconds. This should work fine.

Now for the opposite situation, where the Master has a clock
granularity greater that its Backups. So, Router B is now the Master
and Router A is the Backup. Here, Router B sends the advertisement
once every millisecond. Since Router A cannot set its timer to 1
millisecond, it should set its timer based upon its own lowest setting.
In this case, 1 centisecond should be used. Router A won't failover to
become Master as fast as Router B would like (3 microseconds) but it
will eventually become Master, as soon as it can. Once Router B
becomes the Master, if it does, it would use its configured settings.

I think the draft needs to better describe which settings should be
used, based upon clock granularity. Thus, the Master_Down_Interval
needs to reflect the Master settings and the internal settings.

3) The two bit granularity field seems a bit shortsighted.  A) There are
some RTOSes where a "tick" is defined as 1/60th of a second.  This makes
achieving centisecond granularity difficult.  A decisecond value would be
nice.  B) But if we do that we've used up all the values in the field.  Ten
years from now we'll be on terabit networks and someone may want microsecond
granularity.  Another bit might be a good idea.

I tend to agree with you about the need for more bits for granularity.
This kind of relates to your last question, below. I figured that
the last bit would be used for microseconds, but wondered about the
decisecond need. I thought that the 10 bits for centiseconds would
cover the decisecond requirement.

4) I don't dispute the desirability of  a configurable advertisement count
but I'm not sure we gain much passing it in the advertisement.

The issue that I have with the current Master_Down_Interval is that it
is based upon a fixed Advertisement Count of 3. As you move into lower
time intervals between Advertisements, missing 3 Advertisements is very
likely and flapping occurs. I think that missing 3 Advertisements was
reasonable when the failovers were in the order of seconds. I guess
one option would be to change to way that the advertisement_interval
is calculated and only pass the acceptable outage period ( failover_time).
What do you / everyone think about that? So, in the Advertisement, you
would pass the desired failover time. On the Master, it is configured to
send Advertisements every
(Failover_Time / Configured_number_per_interval). The Backups would
only care about Failover_Time and clock granularity.


5) For the VRRPv3 packet there are only 4 bits available since the
advertisement interval uses 12.  Do you have an idea how to migrate this
draft to the IPv6 case?

I think the right way to handle this for IPv6 is to do the same thing
for both V4 and V6. If the discussion on your 4th question moves the
standard to specify a failover time, then I think there will be
enough room to specify a clock granularity. My original proposal
was not to introduce a new version of VRRP, but add a new
message type. If IPv4 and IPv6 were aligned, maybe it would be
better to use a single type advertisement and introduce a new
version. What do folks think?


Steve Bates

Bob Hott 

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 2 comments |
headers
Don Provan | 29 Mar 2006 01:33
Favicon

RE: Questions on draft-ietf-vrrp-ipv4-timers-02.txt

First, I just want to mention that I think Bob has the
answer to the "which time to use" question spot on. I
recall that the wording in the spec wasn't quite right
last time I read it (and it sounds like Bob agrees it
needs a little work), but the description Bob has here
in this e-mail agrees exactly with both my ponderings
and my experience on what can go wrong and what the
rules should be to make sure they don't.
 
But my purpose for writing this is to explore another
question, one that comes up over and over and I've
never felt satisfied about. Bob says, "As you move into lower 
time intervals between Advertisements, missing 3 Advertisements is very 
likely and flapping occurs." 
 
Now I *don't* have experience in actual networks where
these lower tolerances are required, so I ask this
without having an opinion, but is it in fact true that
that per packet failure rate increases in cases where
a shorter failover time is desired? What is the
characteristic of these environments that makes
the standard of 3 packets less reliable that in an
environment where a 3 second failover is acceptable?
It seems counter intuitive to me -- when you retransmit
faster, it causes a problem, and the solution to that
problem is to retransmit *even faster*? -- but, as I
say, it's probably just something about the target
application that I don't yet understand.
 
Or is this just because people have always wanted to
be able to configure the number of retransmissions, so
now's the chance? I admit to being a little concerned
with depending on only 3 retransmissions regardless of
the rate, but I've never actually been able to justify
any reason why three packets wouldn't be enough.
 
-don
Attachment (winmail.dat): application/ms-tnef, 7616 bytes
_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 0 comments |
headers
Hott, Robert W CIV B35-Branch | 29 Mar 2006 13:49
Picon
Favicon

RE: Questions on draft-ietf-vrrp-ipv4-timers-02.txt

Don,
    What I have seen in doing some testing with faster advertisement
intervals and more/fewer advertisements leads me to a conclusion
with may or may not be correct. I will offer my observation though.
 
    I have done testing of various techniques for providing
survivable network environments. I have looked at standards-based
solutions as well as proprietary enhancements. I have looked for
solutions that can detect failures and recover in less than 1 second.
 
    When I have tested VRRP using timer settings which adhere
to the standard, I have seen very little problems. I can certainly
introduce a load on the network with can cause packets to be
dropped, but for the most part, devices are capable of transmitting
and receiving an advertisement within the 3 second window.
 
    When I have tested VRRP, and other protocols, using timer
settings which permit sub-second failovers, there have been
instances where flapping has occurred and I did not need to
introduce a load on the network. This observation leads me to
believe that the issue is in the implementation of the particular
survivability technology. With some technologies, it appeared
that the protocol was activated based upon a timer and that
the protocol would not perform faster than a certain rate,
regardless of the settings. In these cases, if the rate and
number of messages missed were configured in such a way,
flapping would occur! I have also seen cases where the
load on the network APPEARS to slow down the handling of
the advertisements (i.e., not high enough priority process),
and flapping has occurred. In some cases, enabling logging
has been enough to cause flapping to occur, when using
sub-second intervals. Please note that I have not always been
able to test with a particular vendor's top-of-the-line
device. That is one reason why I think it is important to test these
technologies with devices, and images, that are planned for
a particular computing environment.
 
    I hope this has cast a little light on my interest in sub-second
capability and a little on what I have seen when looking at
various technologies and implementations.
 
Bob Hott
 
-----Original Message-----
From: Don Provan [mailto:dprovan <at> bivio.net]
Sent: Tuesday, March 28, 2006 18:33
To: Hott, Robert W CIV B35-Branch; 'Steve Bates'; vrrp <at> ietf.org
Cc: Odonoghue, Karen F CIV B35-Branch
Subject: RE: [VRRP] Questions on draft-ietf-vrrp-ipv4-timers-02.txt

First, I just want to mention that I think Bob has the
answer to the "which time to use" question spot on. I
recall that the wording in the spec wasn't quite right
last time I read it (and it sounds like Bob agrees it
needs a little work), but the description Bob has here
in this e-mail agrees exactly with both my ponderings
and my experience on what can go wrong and what the
rules should be to make sure they don't.
 
But my purpose for writing this is to explore another
question, one that comes up over and over and I've
never felt satisfied about. Bob says, "As you move into lower
time intervals between Advertisements, missing 3 Advertisements is very
likely and flapping occurs." 
 
Now I *don't* have experience in actual networks where
these lower tolerances are required, so I ask this
without having an opinion, but is it in fact true that
that per packet failure rate increases in cases where
a shorter failover time is desired? What is the
characteristic of these environments that makes
the standard of 3 packets less reliable that in an
environment where a 3 second failover is acceptable?
It seems counter intuitive to me -- when you retransmit
faster, it causes a problem, and the solution to that
problem is to retransmit *even faster*? -- but, as I
say, it's probably just something about the target
application that I don't yet understand.
 
Or is this just because people have always wanted to
be able to configure the number of retransmissions, so
now's the chance? I admit to being a little concerned
with depending on only 3 retransmissions regardless of
the rate, but I've never actually been able to justify
any reason why three packets wouldn't be enough.
 
-don
 
_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp
Permalink | Reply | 1 comment |

Gmane