Re: Load Balancing Protocol (was Re: your mail)

[Nick Phillips <nwp () CHECKAPRICE COM>]

On Fri, Oct 27, 2000 at 03:42:46PM -0700, Crist Clark wrote:

> Such a thing already exists: the ICMP ping packet. Any protocol to allow
> you to bounce a packet off of a client is just a re-invention of ping.

In the same way that the Ferrari F40 is just a reinvention of a horse and
cart; doesn't stop it being more useful ;)

> The problem is that "a protocol which would enable [someone] to send a
> packet to [a] client which would elicit a useful response from any client"
> is basically building in the capability for someone to do a scan of
> your network to identify the number of hosts, where they live, and the
> topology of the network. This is why people block incoming echo requests
> (pings) now.

That's why we need some kind of extra protocol. I would envisage that anyone
who was worried about the information being sent back would be in a position
to run this protocol's "server" at their firewall, which would be returning
information as configured by the admin, and if it explicitly said "I ain't
telling you", then that should be respected by the loadbalancer, which should
not then try to extract information in any other way.

> People will always seek to break any "load balancing" protocol because
> the information the load balancers want may be considered sensitive.

As I said, that's why we need a protocol to allow us to define what
information we are willing to give them.

> If someone devises a protocol that _does_ always work, it will be broken
> very quickly as someone just as clever would quickly come up with a fix.
> Any feature (supporting load balancers) that cannot be turned off is a
> bug.

There we go; we include the "turned off" in the protocol, but explicitly.
Then *anyone*, loadbalancer or not, who starts probing in any other way is
to be treated as hostile.

All we have to do is to define the protocol...




Nick