IETF Logo Mail Archive

Re: [Apn] Problem statement

Adrian Farrel <adrian@olddog.co.uk> Thu, 04 May 2023 18:36 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: apn@ietfa.amsl.com
Delivered-To: apn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB7D5C151B33 for <apn@ietfa.amsl.com>; Thu, 4 May 2023 11:36:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.094
X-Spam-Level:
X-Spam-Status: No, score=-7.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=olddog.co.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q4WjTHfrZT1E for <apn@ietfa.amsl.com>; Thu, 4 May 2023 11:36:21 -0700 (PDT)
Received: from mta7.iomartmail.com (mta7.iomartmail.com [62.128.193.157]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA66DC15154E for <apn@ietf.org>; Thu, 4 May 2023 11:36:20 -0700 (PDT)
Received: from vs2.iomartmail.com (vs2.iomartmail.com [10.12.10.123]) by mta7.iomartmail.com (8.14.7/8.14.7) with ESMTP id 344IaFQ1001677; Thu, 4 May 2023 19:36:15 +0100
Received: from vs2.iomartmail.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1E31F4604B; Thu, 4 May 2023 19:36:15 +0100 (BST)
Received: from vs2.iomartmail.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F2A4C46048; Thu, 4 May 2023 19:36:14 +0100 (BST)
Received: from asmtp2.iomartmail.com (unknown [10.12.10.249]) by vs2.iomartmail.com (Postfix) with ESMTPS; Thu, 4 May 2023 19:36:14 +0100 (BST)
Received: from LAPTOPK7AS653V (82-69-109-75.dsl.in-addr.zen.co.uk [82.69.109.75]) (authenticated bits=0) by asmtp2.iomartmail.com (8.14.7/8.14.7) with ESMTP id 344IaESH001935 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 4 May 2023 19:36:14 +0100
Reply-To: adrian@olddog.co.uk
From: Adrian Farrel <adrian@olddog.co.uk>
To: 'Ted Hardie' <ted.ietf@gmail.com>, "'Pengshuping (Peng Shuping)'" <pengshuping=40huawei.com@dmarc.ietf.org>
Cc: apn@ietf.org
References: <484bb9971aff4810ae45a756e849420a@huawei.com> <CA+9kkMD7HxsoFemfAjYhJHNsp3RNn3-TeDvewpnMHQy+1bHZGw@mail.gmail.com>
In-Reply-To: <CA+9kkMD7HxsoFemfAjYhJHNsp3RNn3-TeDvewpnMHQy+1bHZGw@mail.gmail.com>
Date: Thu, 04 May 2023 19:36:14 +0100
Organization: Old Dog Consulting
Message-ID: <025101d97eb7$4ef7fc10$ece7f430$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0252_01D97EBF.B0BD7580"
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-gb
Thread-Index: AQGTpY3atbEg0enoC04VkF+FDPNFTQKJe3G8r8HLRnA=
X-Originating-IP: 82.69.109.75
X-Thinkmail-Auth: adrian@olddog.co.uk
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=olddog.co.uk; h=reply-to :from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type; s=20221128; bh=2N0ErdRs7EyDr+UeqyhGm 0uYGdd62TLWqisVi1x5A3Q=; b=QI5Jq7A7j9OPBVUotzeIstrzG6ke7OhiRkBJ4 7bpI+/qSvmbgrr/yWrC0ThlSFA6MZhqoOma2n4ewy4yzeTQ/CV8Y+mGUa59AtSz1 xD+STUFnMjCrjMDD6rlZNaTlGrbV+RY7sunZFCYXiHjOSThgPEyzKPHPu5Haid8n ChVxa9aCjWdhZLlN5KxlKE7jmSIPnPynrGUDFWSHLxG+j07An9uh/tr+9bD7kZL8 /YMw2mhOfzeInHcdI0+JYM6T90zqw2PUhkolay0o0f7M5W92+/sO+i30YeWLvV2e HHGk/BfE71sYvGaAe4flSUeJEaqKZN7px+Q9IdPPUmLLU0lgA==
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSVA-9.1.0.2090-9.0.0.1002-27606.000
X-TM-AS-Result: No--24.604-10.0-31-10
X-imss-scan-details: No--24.604-10.0-31-10
X-TMASE-Version: IMSVA-9.1.0.2090-9.0.1002-27606.000
X-TMASE-Result: 10--24.603600-10.000000
X-TMASE-MatchedRID: CxmI61mtwh/xIbpQ8BhdbGMugLQMu2GXqMXw4YFVmwhzLBnoG3Y5dwWM hTCqBekhwZGcXkaUPkTKGh5S5x2JleML3wm07pPhQ0Xm0pWWLkp2ZYwNBqM6IqEQSMuSdJfA5wF 47FiR21dK5sSN4F5OW2Wtl4lNeYdCjzShsBdWTBdFl9A34VWpsKHErxDyhjvnoGN51gfb0PBD2/ uSqfXuIuArY2JkKW9pcakWHPuzSJLsEz9ycWwbCodlc1JaOB1TAajW+EL+laPIgofMgahPrYfK5 MOZKGXulmBxd2hf7LBM0yeIkgjdeu2s4cFTx/b4CKFDk1kJexL5UnqVnIHSzz+B/tp8itBTrfve bhfbNrbi0jS+xbg0zpwcBUIRdbumn5+eMHrQvcttN2GsBybzwhjTE1ofkwPbIMYstsSWV73BwVC GVp8RwoOaK7R6v2MMK4YhweMqPCKlBA8TvXlsKgmyVrMCuJ9SkKAa/khZ3iTX45MWooXn2S4KQR LTd0YDAgbxNXiHGCraDF6lH4tpMPGU4m5A0eV9i95/KnWCU3RcKeig6Dj9udZ5C2tydwt9/2Fl7 Kds1UC/LyRt34YNm0eiA5216F/i6k5u/mZf6RUmZusHWPhfCmgU1o1xV13fYHEoQgBRP6XEr12a rzJxDzz75yF2//lYFUpxEqvctVL/X1ghZGlf4rU+IyHhkXf1xMZq+YajS9Yt7jtMcCO6P5/vLk4 ECKhoNtrqBJtuOX6BWjWj7hCG0se3wV6A2hchHEDUAqZUZM4IKj6WwO7KdQMuv289VbCIxUDTxL 3vuSBdWwRZWpipqGZhpDhdH8fMb8zosfc6NaueAiCmPx4NwGmRqNBHmBve1B0Hk1Q1KyLr8uVzX avvg1KMqIeOstifkU6UkIr/V+1nME/Jsn/m+g==
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
Archived-At: <https://mailarchive.ietf.org/arch/msg/apn/2DL-iSgrDwcWM9CG1rlhsvlGyyU>
Subject: Re: [Apn] Problem statement
X-BeenThere: apn@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Application-aware Networking <apn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apn>, <mailto:apn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apn/>
List-Post: <mailto:apn@ietf.org>
List-Help: <mailto:apn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apn>, <mailto:apn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 May 2023 18:36:24 -0000

Hi all,

 

Reasonable points, Ted.

 

In a network operator controlled domain, the ingress edge devices usually have access to much richer information, such as VLAN/QinQ, VPN, and access interface, which is used to classify the packets into fine granular virtual groups of flows at the edge. However, after the packets enter the network operator’s domain, all such information is lost together with the continuous fine granularity within the network.

 

"all such information is lost together with the continuous fine granularity within the network" seems to be the core of the problem statement.  I think it is not quite correct as stated, in that the information is not lost; it is distributed.  Because this is within a single operator's domain, the operator can construct the network to map data like VLAN to specific address announcements or DHCP assignments; even if there is a later NAT or CGNAT, the operator should control all of the devices which implement those mappings.  That means the operator has (or can have) this information now; it's just distributed through the network.  

 

I think you need to be clear about this because it makes it more obvious that you are describing a potential optimization, rather than truly new functionality.

 

In a network operator controlled domain, the ingress edge devices usually have access to much richer information, such as VLAN/QinQ, VPN, and access interface, which is used to classify the packets into fine granular virtual groups of flows at the edge. However, after the packets enter the network operator’s domain, all such information is lost together with the continuous fine granularity within the network. But maybe we should avoid trying to solve the problem statement and just focus on clarifying it.

 

But, anyway, you’re right that “lost” is the wrong word. Rather than “lost” we might have “not immediately visible”. But perhaps a few more words would help draw out this fundamental part of the problem statement and make clear the potential limitations of existing approaches (which leads on to the comment about “fine grained information”). So, perhaps…

 

In a network operator controlled domain, the ingress edge devices usually have access to rich information, such as VLAN/QinQ, VPN ID, and access interface, which is used to classify the packets into fine granular virtual groups of flows at the edge. However, after the packets enter the network operator’s domain, all such information is not immediately visible at transit nodes: it may be hidden inside encapsulation, masked by encryption, mapped to other protocol fields, or stripped from the packets completely. Furthermore, many mapping schemes, where they are used, lose some level of granularity from the information available at the network edge. For example, when the information is mapped into small fields like DSCP (6 bits) or MPLS EXP (3 bits) the result is that only relatively coarse grained QoS treatment can be provided. 

 

The packet treatments needed may vary at different parts of the packet’s path within the domain, and enough information is needed to determine these treatments. Thus, the continuous fine grained network services within the network domain cannot be provided efficiently. This information can be carried directly in the packet or achieved through a mapping from an opaque tag. Existing protocols such as SFC/NSH, SR/SRv6, MPLS, VXLAN, and IPv6, can be taken as implementation basis, but in each case the protocol may need extensions.

 

I also believe that you need to include a statement about what the network is going to do with the "fine grained information", because you can't judge whether a proposal serves the purpose adequately without that.   If your aim is to carry it to an orchestrator inside an operator network for action (as in the source quench example Adrian came up with), then this is a way of getting data to that orchestrator rather than using a set of database dips.  That has one set of characteristics, and my personal guess is that it would look much like service function chaining.

 

If your aim is to affect research consumption within the network, then you'd both need different data and you need the entire network to provide queues at the level of granularity that you're proposing.  As you point out, most things currently get mapped to things like DSCP or EXP, and I invite you to consider the tradeoff between complex queue management and additional capacity in that reality.  

 

s/research/resource/

 

I think this is a fundamental point as well. Obviously(?) if there is no specific planned use for the information, then there is no point in making it available.

One of my previous thoughts was that this information might be used to supplement routing information and help send traffic from different flows onto different paths according to the capabilities of the network and the demands of the traffic, but I think that this is not in scope of Shuping’s proposal.

More in scope, from what I understand, is to affect queuing behaviours. 

Now, as you say, “complex queue management” has historically been a significant drain on processing and hard to manage. There is a claim, however, that newer hardware can support very many queues and achieve fine-grained and complex scheduling and prioritisation.

 

But the message here is that the text needs to say what the purpose of the information is. I do believe that this is somewhat covered by the paragraph you quoted below (and I folded into my green text, above), but maybe it is not clear and clean enough what the use cases are. We need to be careful not to invent a tool and then look for uses: we need to have clear uses that drive the invention of the tool. (Of course, future uses may be discovered, and we should try to make the tool as generic as possible without losing the benefits of specialisation).

 

I also thought there was consensus that this proposal needed to have privacy considerations so that the same data that carries ingress port information did not carry information specific to the user.  While I am sure that the proponents are clear on this limitation, I think it would be appropriate to repeat that in the problem statement text, as that would help new participants understand that it is firmly out of scope.

 

I completely agree with this. I think it is very important to continue to make this clear because it is such a sensitive point for so many people. 

 

Best,

Adrian

 

best regards,

 

Ted Hardie

 

Indeed, the information is mapped into small fields like DSCP (6 bits) or MPLS EXP (3 bits). However, such small fields are only able to provide relatively coarse grained QoS treatment. The packet treatments needed may vary at different parts of the packet’s path within the domain, and enough information is needed to determine these treatments. Thus, the continuous fine grained network services within the network domain cannot be provided efficiently. This information can be carried directly in the packet or achieved through a mapping from an opaque tag. Existing protocols such as SFC/NSH, SR/SRv6, MPLS, VXLAN, and IPv6, can be taken as implementation basis, but in each case the protocol may need extensions.

 

=================

 

Best Regards,

Shuping 

-- 
Apn mailing list
Apn@ietf.org <mailto:Apn@ietf.org> 
https://www.ietf.org/mailman/listinfo/apn

v2.23.0 | Report a Bug | By Email