[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Proxies and dead home servers



> When the proxy server doesn't have an alternative home server, then
> what does it do? If it doesn't respond to the NAS, the NAS may
> erroneously believe it is dead, and reject the session. If it does
> respond with an Access-Reject, then the NAS will believe that the server
> is still alive, and reject the session.
>
> I think that the second alternative is preferable to the first one.
 
That depends on the proxy retransmission and backoff behavior.   For example, assume that the RTT between the proxy and home server is high (e.g. several seconds).  If the proxy doesn't estimate RTT or back off its retransmission timer, then it might retransmit several times before concluding that the server is dead.  When the server finally responds, it is too late because the proxy has already sent an Access-Reject. 
 
> If the proxy doesn't respond to the requests for "example.com", then
> the NAS may erroneously perform failover, and send the "example.net"
> requests to a secondary proxy server. If there's no secondary proxy
> server, the NAS may decide that the proxy is down, and erroneously
> reject the "example.net" request. This will cause spurious network
> outages for users trying to log in.
 
> If the proxy server does not respond to *any* of the retransmissions
> from the NAS, then there are cases where the NAS may conclude that the
> proxy server is dead, even though it is actually alive.
 
Yes.

>
> > This provides the NAS with an equivalent of an "end to end" connection
> > to the home server in a transport behavior sense. This is discussed in
> > RFC 3539.
>
> The end-to-end transport issues discussed in RFC 3539 apply only to
> TCP or SCTP streams, where the client receives an explicit indication
> that the connection has been closed.
 
The discussion in the Appendix applies to UDP as well.  The issue is whether the proxy behavior satisfies "conservation of packets".
 
> My $0.02 is that it may be useful for the proxy to synthesize an
> Access-Reject to the NAS when the home server does not respond. This
> indicates to the NAS that the proxy is still alive, and does not change
> other NAS behavior such as rejecting the user login attempt.

I would agree as long as the proxy implements appropriate retransmission and backoff logic.