[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Watchdog logic

To: Bernard Aboba <bernard_aboba@hotmail.com>
Subject: Re: Watchdog logic
From: Stefan Winter <stefan.winter@restena.lu>
Date: Fri, 19 Dec 2008 10:09:15 +0100
Cc: "radiusext@ops.ietf.org" <radiusext@ops.ietf.org>
In-reply-to: <BLU137-W393F844D0902CA849B54CD93F20@phx.gbl>
References: <BLU137-W393F844D0902CA849B54CD93F20@phx.gbl>
User-agent: Thunderbird 2.0.0.18 (X11/20081112)

Hello,

> I'm wondering what the implications would be of using two separate connections, 
> one for Status-Server/Access-Accept and the other 
> one for Access-Request/Access-Accept transactions. 
>
> The failover logic would change, to be sure.  For example, 
> a connection failure on the Request/Accept connection would probably trigger
> failover, regardless of the state of the Status-Server/Accept connection. 
>   

Separating into two connections is a very dangerous path, IMHO. The
scenario you depicted above may *wrongly* trigger failover in a roaming
scenario. The Request/Accept connection could be unresponsive due to the
server having proxied all its requests to a downstram server. I.e. it
could be up and running, waiting itself for answers. If that connection
is closed and fail-overed, actual traffic will be discarded without
reason. If, OTOH, Status-Server is sent within this connection, a
Status-Server/Accept pair can immediately enlighten the requesting
server that the other peer is indeed running.

> Also, the state of the two connections could get out of 
> sync; for example, if the Request/Accept connection was quite busy,
> then the Status/Accept connection might send little or no traffic,
> which might cause middleboxes (e.g. a NAT) to lose connection state
> on the Status/Accept connection.  In such a situation, you might just
> be able to bring up another Status/Accept connection rather than 
> triggering failover. 

I am not in favour of splitting the two connections. Fate-sharing is a
desirable property, IMHO.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: Watchdog logic
  - From: Stig Venaas <stig.venaas@uninett.no>

References:
- Watchdog logic
  - From: Bernard Aboba <bernard_aboba@hotmail.com>

Prev by Date: Re: Inner identities, privacy, and roaming termination
Next by Date: Re: Watchdog logic
Previous by thread: RE: Watchdog logic
Next by thread: Re: Watchdog logic
Index(es):
- Date
- Thread