SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: iSCSI ERT: data SACK/replay buffer/"semi-transport"



    Venkat,
    
    > Not to beat a dead horse, the reason link level CRCs may not be of
    > much help is because of the following.
    
    I understand.  My point is that when you start talking about `bit
    error rates', you're usually in path which covered by link error
    detection.
    
    The packet permutations which the TCP checksum (and other e2e checks)
    protect against are usually not meaningfully discussed in bit error
    rate terms.  Not that CRC isn't a good (or even better) end-to-end
    mechanism, it's just that that what we have is checksum, and for these
    types of errors, it's still pretty darned likely to detect them.
    
    When I mentioned link error detection, I was explicitly trying to
    factor out detecting that portion of the error behavior with an end to
    end check.
    
    > So, the escape rate depends quite a bit on number of middle boxes and the
    > exposure of data paths. How much do we rely on middle boxes to never
    > introduce an error during the exposure?
    
    No.  However, middlebox-proofing we do will be circumvented when the
    middle box decides it wants to look in iSCSI as a L7 protocol.  I know
    it sounds horrible, but there are zillions of companies doing this for
    HTTP now.  The reason why middle boxes manipulate the data is because
    that allows them to provide the desired behavior.  It seems like a
    really natural product idea for some people (personally I don't get
    it) to plumb HTTP and iSCSI (hey, why not CIFS, NFS, SIP and RTP while
    we're at it :^) into one big, happy L7 router/switch type box.
    Fundamentally, if the middle box is going to diddle in the payload,
    there's not squat we can do.
    
    An ultimate solution to this is to run secured end-to-end.  That will
    keep those middleboxes from messing with the data :^) The ones that
    want and need to will just break.  As long as the protocol is
    in-the-clear (and without a security significant digest), there's a
    lot less we can do.  The box vendors seem to operate on the `easier to
    get forgiveness than permission' model.
    
    I am somewhat ambivalent about CRC digests (I'd rather have end-to-end
    security and kill all those birds with the same stone), but what I'm
    really averse to is assuming that digest failures are frequent, and a
    less than brute force (connection bounce) recovery mechanism is
    required.
    
    Steph
    


Home

Last updated: Tue Sep 04 01:05:08 2001
6315 messages in chronological order