[GitHub] [trafficcontrol] dneuman64 opened a new issue #4912: Enhanced Geo Location bypass in Traffic Router

[GitBox <gi...@apache.org>]

dneuman64 opened a new issue #4912:
URL: https://github.com/apache/trafficcontrol/issues/4912


   <!--
   ************ STOP!! ************
   If this issue identifies a security vulnerability, DO NOT submit it! Instead, contact
   the Apache Software Foundation Security Team at security@trafficcontrol.apache.org and follow the
   guidelines at https://www.apache.org/security/ regarding vulnerability disclosure.
   -->
   
   <!--
   - For *SUPPORT QUESTIONS*, use the
   [Traffic Control slack channels](https://traffic-control-cdn.slack.com) or [Traffic Control mailing lists](http://trafficcontrol.apache.org/mailing_lists/).
   - Before submitting, please **SEARCH GITHUB** for a similar issue or PR. -->
   
   ## I'm submitting a ...
   <!-- (check all that apply with "[x]") -->
   <!--- security vulnerability (STOP!! - see above)-->
   - [ ] bug report
   - [x] new feature / enhancement request
   - [ ] improvement request (usability, performance, tech debt, etc.)
   - [ ] other <!--(Please do not submit support requests here - see above)-->
   
   ## Traffic Control components affected ...
   <!-- (check all that apply with "[x]") -->
   - [ ] CDN in a Box
   - [ ] Documentation
   - [ ] Grove
   - [ ] Traffic Control Client
   - [ ] Traffic Monitor
   - [x] Traffic Ops
   - [ ] Traffic Ops ORT
   - [x] Traffic Portal
   - [x] Traffic Router
   - [ ] Traffic Stats
   - [ ] Traffic Vault
   - [ ] unknown
   
   ## Current behavior:
   <!-- Describe how the bug manifests / how the current features are insufficient. -->
   Currently if a client/resolver IP cannot be resolved via CZF and Maxmind does not know the location, Maxmind defaults to sending a lat/long that is exactly the center of the country.  Traffic Router then uses this to route to the closest cache group, which ends up being whichever is closest to the center of the country.  This can result in a non-trivial amount of traffic being incorrectly routed to one cache group causing potential capacity issues.
   
   ## Expected / new behavior:
   <!-- Describe what the behavior would be without the bug / how the feature would improve Traffic Control -->
   
   Traffic Control can be configured such that Traffic Router knows what the default location is for a country and will use the Geo Miss Default Latitude  and Geo Miss Default Longitude for a DS when Maxmind returns the default lat/long for a country.  This will allow the traffic to be sent to a cache group that makes the best sent and can alleviate pressure on the most central cache group. 
   
   When this scenario is hit, TR should log a new rtype so that this traffic can be seen.  It should be something like GEO_DS
   
   
   ## Minimal reproduction of the problem with instructions:
   <!--
   If the current behavior is a bug or you can illustrate your feature request better with an example,
   please provide the *STEPS TO REPRODUCE* and include the applicable TC version.
   -->
   
   How to validate this is working as expected: 
   
   - DS1 is configured with a default lat/long
   - TR is configured to know to use the DS default lat/long for DS1
   - TR is configured to know the default lat/long for the US (37.751,-97.822)
   - If a request for DS1 comes into TR and has the default location, TR uses the default lat/long configured on the DS to choose a cache
   - TR logs the message with a new rtype to distinguish this from a regular GEO hit
   
   ## Anything else:
   <!-- e.g. stacktraces, related issues, suggestions how to fix -->
   
   <!--
   Licensed to the Apache Software Foundation (ASF) under one
   or more contributor license agreements.  See the NOTICE file
   distributed with this work for additional information
   regarding copyright ownership.  The ASF licenses this file
   to you under the Apache License, Version 2.0 (the
   "License"); you may not use this file except in compliance
   with the License.  You may obtain a copy of the License at
   
       http://www.apache.org/licenses/LICENSE-2.0
   
   Unless required by applicable law or agreed to in writing,
   software distributed under the License is distributed on an
   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   KIND, either express or implied.  See the License for the
   specific language governing permissions and limitations
   under the License.
   -->


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficcontrol] mattjackson220 closed issue #4912: Enhanced Geo Location bypass in Traffic Router

[GitBox <gi...@apache.org>]

mattjackson220 closed issue #4912:
URL: https://github.com/apache/trafficcontrol/issues/4912


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org