From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <toke@toke.dk>
Received: from mail.toke.dk (mail.toke.dk [IPv6:2a00:7660:6da:2001::664])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by lists.bufferbloat.net (Postfix) with ESMTPS id AE03C3B29D
 for <ecn-sane@lists.bufferbloat.net>; Wed, 13 Nov 2019 05:45:53 -0500 (EST)
From: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023;
 t=1573641951; bh=AaNBCsyGuxyiY2AELKDFBVgM466vFjXhGGHBnUpMvjY=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From;
 b=xqthJQEAMVmErVpzwDGP4zLnWYEwwW6Kqmen9vmQIitUCXPpFwCXe3SVFhOi39imf
 TEEn4c9O4Qu1sPEdlfdgFnPBc2J1toGNp+5Fz+gyhzOQeLRG088VIQc24KdohJEALH
 N/MZs+sjg+4E8wMn8Z+cFzpHccfPcKlO+HalX8haYkD4+EDH9S/Pok8/m38FTGT3LJ
 jhEyMSWlFLLprRoExBESB4o64bczPFVHttoQSER6TWtWgYCE5emRvPz5GTv+JtkIaq
 n8dRz//4Ez57tNshi15n9OdmuQGawteVJIdFXF6iG4R18sdByXJBOzPI26MLlIfZRe
 4aBzKkG7oBhZw==
To: Luca Muscariello <muscariello@ieee.org>,
 "Rodney W. Grimes" <4bone@gndrsh.dnsmgr.net>
Cc: ECN-Sane <ecn-sane@lists.bufferbloat.net>,
 Rich Brown <richb.hanover@gmail.com>
In-Reply-To: <CAH8sseQZkSFKfRCsyrJwwV17bOYbZaBPRm4Q7yRJvOe8vwqvZA@mail.gmail.com>
References: <878sokpxdl.fsf@toke.dk>
 <201911130004.xAD04Vx6041534@gndrsh.dnsmgr.net>
 <CAH8sseQZkSFKfRCsyrJwwV17bOYbZaBPRm4Q7yRJvOe8vwqvZA@mail.gmail.com>
Date: Wed, 13 Nov 2019 11:45:51 +0100
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <8736esoy00.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain
Subject: Re: [Ecn-sane] Meanwhile, over on NANOG...
X-BeenThere: ecn-sane@lists.bufferbloat.net
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussion of explicit congestion notification's impact on the
 Internet <ecn-sane.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/ecn-sane>,
 <mailto:ecn-sane-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/ecn-sane>
List-Post: <mailto:ecn-sane@lists.bufferbloat.net>
List-Help: <mailto:ecn-sane-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/ecn-sane>,
 <mailto:ecn-sane-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2019 10:45:53 -0000

Luca Muscariello <muscariello@ieee.org> writes:

> TCP anycast fails in this case and I would not blame the load balancer for
> that.
> Some people will have a different opinion on that.
>
> The current Internet just does not support well these use cases.
>
> At the same time this DNS service is supposed to be used in a different
> way. So we may even blame the user? Toke in this case ?
>
> DNS anycast works as long as it uses UDP.
> The IP address returned by the resolver should be unicast and TCP should
> run over unicast addresses.
>
> Toke,  Looks like you are doing an HTTP GET directly toward an anycast
> address. This is where things are supposed to break and they break.

I was just using 1.1.1.1 as a convenient example because it's easy to
type. I get the same behaviour to an actual web site hosted on
Cloudflare (which is how I discovered it in the first place). Cloudflare
makes heavy use of anycast, including to its HTTP endpoints.

> If you traceroute over unicast addresses you should see the load
> balancer providing stickiness.

As I replied to Rod, the non-stickiness was indeed user error on my
part. The problem is that the load balancer is hashing on headers
including the ECN bits.

I guess I'll go reply to the NANOG thread... :)

-Toke