<div><br></div><div><br><div class="gmail_quote"><div>On Wed, Apr 19, 2017 at 5:54 PM Robert Edmonds <<a href="mailto:edmonds@mycre.ws" target="_blank">edmonds@mycre.ws</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Barry Raveendran Greene wrote:<br>
> > I would guess that per-packet load balancing among different upstream<br>
> > providers in edge networks is going to be a bigger factor in failed root<br>
> > zone AXFRs than BGP topology changes in the core. I'd also guess that<br>
> > RIPE Atlas *anchors* are going to be on better managed networks and<br>
> > you'd be less likely to encounter that kind of load-balancing from Atlas<br>
> > anchors.<br>
><br>
> I’m trying to foresee any situation where a per packet load balancing issue would come up in this situation. Even with equal cost upstream exists, C & J would have 4 tuple selection on the path up (minimizing unnecessary asymmetric flows). Also, once you get a couple of BGP hops into the path, flows would stabilized to the anycasted NSID.<br>
<br>
If you're hashing on the 4-tuple I wouldn't call that "per-packet" load<br>
balancing. By "per-packet" I mean individual packets in a particular<br>
flow being sprayed across different upstream providers.</blockquote><div><br></div><div><br></div><div>Yeah, that is true -- however, actual per-packet load balancing is basically extinct; even if you are not connecting to anything anycast, the out of order packet issues make "real" per-packet so sucky that almost everything now does per-flow (tuple).</div><div><br></div><div>For example, Juniper has a "per-packet" mode (policy-statement foo mach bar then load-balance per-packet), but this actually hashes on src ip, dst ip and protocol for v4, and many more things for v6.</div><div><br></div><div>Cisco (for the last many years) is similar -- around 10 years ago I actually wanted to do "real" per-packet (for testing), and I was not able to find a platform/ ios combination which would do it - CEF (and hardware magic) conspired to make shooting myself in the foot hard.</div><div><br></div><div>I'm fairly sure that Linux also hashes for equal cost -- I managed to make it do actual per-packet, but I *think* I needed to jump through hoops to force it.</div><div><br></div><div>Many things (like LinkedIn, a number of CDNs) are TCP Anycast. So yes, actual per-packet may cause issues with AXFR, but it causes so many other issues that it is vanishingly small.</div><div><br></div><div>W</div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
<br>
--<br>
Robert Edmonds<br>
_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net" target="_blank">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operationsdns-operations" rel="noreferrer" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations<br>
dns-operations</a> mailing list<br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations" rel="noreferrer" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations</a></blockquote></div></div>