[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: your mail

To: Ramakrishna Gummadi <ramki@cs.berkeley.edu>
Subject: Re: your mail
From: "Jon (Taz) Mischo" <taz@tazlore.com>
Date: Wed, 18 Jul 2001 12:13:19 -0500 (CDT)
cc: Ramakrishna Gummadi <ramki@aciri.org>, aditya@grot.org, multi6@ops.ietf.org

On Wed, 18 Jul 2001, Ramakrishna Gummadi wrote:

> Which is why tools such as fair queuing and fair dropping exist--they give
> you the perfect isolation and bandwidth management guarantees. And I think
> they are present on most cisco's already on most high speed interfaces..

I'm sorry, but as a customer, I wouldn't want my traffic dropped because
someone else's OC-3 went down.

> We are not requiring anybody to accept traffic from those they don't peer
> with or have subscriber-provider relationships (and we don't require any
> extra physical links):

Yes, you ARE.  For it to work right, that's EXACTLY what you have to
require.

> D served by ISP2 and ISP3 that don't peer:
> 
> Scenario A: (normal operation):
> S-ISP1-Internet-ISP2-D.
> 
> Scenario B: (failure-mode operation):
> S-ISP1-Internet-ISP2-Internet-ISP3-D.

ISP2 and 3 would HAVE to peer to do this.  I'm sorry, but as a provider I
wouldn't want just anybody to be capable of building a tunnel.  Any
potential tunnels of this sort I'd want to be pre-configured so there
couldn't be abuse.  But who's to say it still won't be abused
anyway?  What if ISP2 brings up the tunnel because of a low bandwidth
situation?  As ISP3, I didn't sign up for that.

> How is B different than A, and how does ISP3 know the tunneled traffic
> originated in ISP2 (without looking at the internals of the packet, which
> can be forbidden by IPSec anyway)?

You're missing the point.  ISP3 can see the tunnel originated at
ISP2.  The tunnel would be from ISP2's router to ISP3's router.  Hard to
miss.  And if I don't trust ISP2 as ISP3, I'm sure as hell not going to
let them create a pipe and pour packets into my network.

> If ISP2 and ISP3 cooperatate, the system as a whole can achieve a more
> optimal operation point than if they don't. In both cases, however, it
> continues to work.

Again, they have to be peers or have a mutual trust relationship.  We're
right back to square one.  This can't work unless they cooperate.

> As an aside, should not one be first concerned that the Internet expects
> end-to-end congestion control out of hosts who can directly collapse an
> ISP if they are greedy? Because people got concerned about such problems,
> they invented fair queuing, etc., that allow the ISP full control over how
> to fairly manage traffic. These tools can be used in this scenario as
> well, if required.

Again, NO.  If you can't afford the bandwidth to do this, don't do it,
cause as a customer, I won't tolerate high packet loss.  Why bother at
that point?

> Finally, I don't see how any other multihoming scenario (end-to-end
> solutions included) that has to
> provide failure protection can behave significantly better---after all,
> the goal is to redistribute the load onto working links, with a possible
> degradation in performance.

Lots of scenarios can behave FAR better than this.  You're not looking at
the big picture here.  You're assuming someone's T1 fails over.  Most
people with T1's aren't going to be buying this these days.

-Taz

-- 
        "Be liberal in what you accept,
      and conservative in what you send."
--Jon Postel (1943-1998) RFC 1122, October 1989

Prev by Date: Re: your mail
Next by Date: Re: your mail
Prev by thread: Re: your mail
Next by thread: Re: your mail
Index(es):
- Date
- Thread