Re: [aqm] ECT(1)

[Gorry Fairhurst <gorry@erg.abdn.ac.uk>]

A few comments in-line, as someone interested in taking things forward:

On 04/08/2015 13:42, Bob Briscoe wrote:
> John,
>
> [Ignore previous - clicked 'send' too early]
>
> There was much discussion about this identifier issue in Prague. Many 
> people are well-aware that the sticking point is availability of an 
> identifier, and its associated politics.
>
>
> On 04/08/15 05:08, John Leslie wrote:
>> Bob Briscoe <research@bobbriscoe.net> wrote:
>>> I do not believe an IP (v4) option or a v6 extension would be 
>>> necessary.
>>> If ECT(1) were used that would surely be sufficient alone.
>>     Alas, we're facing a political question: not just a technical one.
>>
>>     I think folks are ready to deprecate ECN Nonce; but I'm not
>> optimistic that folks are ready to embrace "Low-Latency, Low-Loss and
>> Scalable" (L4S) service, as introduced in 
>> draft-briscoe-aqm-dualq-coupled
>> (Has this draft been posted?).
>>
>>     (IMHO, this work promises to be very valuable for the _many_ uses
>> that are latency-sensitive; but adoption is going to be a major
>> challenge!)
>>
>>     We may indeed eventually get to where Bob is thinking today; but
>> I don't see a clear path to IETF-wide consensus yet. Even getting an
>> Experimental RFC approved which re-purposes ECT(1) strikes me as a
>> very significant challenge. :^(
>>
However, it's not the ECT(1) codepoint that would be problematic, but 
more the fact that there is only a single CE-mark. Hence, if one 
redefined ECT(1) to indicate a different use of ECN in the network, then 
it would likely need to result in CE-marking. Such packets would be 
indistinguishable from packets marked from ECT(0). All CE-marks would 
then need to be queued (and counted) the accounted for the same in the 
marking algorithms. As far as I understand, that isn't what the 
dual-queue method was wanting.

>>> I believe the main criteria for an identifier for this new service are:
>>> 1. preferably orthogonal to Diffserv classes.
>>     IMHO, Diffserv classes are poison!
>>
>>     There are a number of good folks pursing a Less-than-Best-Effort
>> diffserv class. I wish them luck! But I'd be amazed if they succeed.
>>
>>     Diffserv classes are the private preserve of a _large_ number of
>> network-service-providers. Best-Effort is the only one with universal
>> agreement what it means.
>>
>>     All the others are subject to non-documented shuffling at the
>> boundaries between providers (and "bleaching" to Best-Effort at many
>> points within providers' networks).
>
> DSCPs are only poison in standards. As you say, ISPs use DSCPs for 
> many internal services already.
>
There may be signs of hope here for increased use of network-wide 
markings (ever optimistic).
> (BTW, the request for a global scope DSCP for less-than-BE is very 
> different to this case, because bleaching LBE (remarking to the 
> all-zeros DSCP at borders) always /increases/ its priority.)
>
>>> 2. preferably end-to-end in scope
>>     I'm really not sure how we can make L4S useful if it lacks an
>> End-to-End meaning. The signal must enter at the sender and mostly
>> survive all the way to the receiver in order that the receiver
>> (by whatever magic) can tell the sender about any congestion.
>
> ISPs could go ahead with using a local DSCP now for L4S for their own 
> premium services. A large proportion of traffic these days is served 
> from within the same ISP as the user is connected to (esp using CDNs), 
> so this would be very "useful". Using a DSCP for alternate ECN 
> semantics is already recommended in RFC4774, so the IETF would not 
> really need to do anything to get L4S started.
>
> The IETF might want to head-off possible interop problems by assigning 
> a global-scope DSCP for the alternate ECN semantics, which we all know 
> are in short supply. If we did use a global-scope DSCP it would be 
> solely for a migration period, which is a double-edged sword:
> * if the migration period were truly short-lived, the global codepoint 
> would become available soon.
> * if the migration period took longer, fears that burning a global 
> DSCP for a just a brief migration period would have proved unfounded.
>
> If local-only L4S usage became widespread, it /could/ be used between 
> domains by simply ignoring the DSCP and only using ECN as the 
> classifier. But that all depends what the take-up of classic ECN is in 
> the meantime, and whether all the major classic ECN host 
> implementations migrate to L4S. (In the TCP Prague Bar BoF, Andrew 
> McGregor made the point that all the major OS developers who control 
> what nearly all the Internet's traffic looks like were in the room.) 
> Then the IETF could come along afterwards and standardise the new ECN 
> semantics.
>
>
>>> 3. preferably classic (RFC168) ECN and 'L4S' ECN would not permanently
>>>     burn two codepoints, since it seems that 'L4S' could eventually
>>>     subsume classic ECN (a fork would not be needed, because classic
>>>     ECN doesn't seem to do anything that L4S cannot do).
>>>
>>     This is "nice to have", I suppose; but it seems too optimistic
>> to take seriously. Deployment of L4S will take at least five years;
>> and nobody's crystal-ball is good enough to see beyond that.
>
> Deployment of something that enables new valuable apps and products 
> can take 2yrs.
>
> Nonetheless, your general point is true.
>>
>>     Furthermore, I don't see how we can _ever_ entirely eradicate the
>> RFC 3168 behavior of "same as drop".
>
> <Flippant> According to measurement studies RFC3168 behaviour is 
> currently entirely eradicated. At least at such a low level that the 
> two CE packets that seemed to exhibit the behaviour are probably a 
> symptom of bugs.
> </Flippant>
>
Even this remark, I can't resist a response (although I see this also is 
discussed again later):

That was not what our measurements looked for - the measurements we did 
with Brian, Mirja and Richard did not try to induce congestion. 
Specifically they were short test sequences to test ability to pass and 
negotiate the ECN codepoint usage. We hence don't *know* whether any 
network devices had ECN-marking support enabled, we just know that if 
they had, these devices didn't experience congestion at the time of the 
test. We also know they didn't experience (congestive) loss, for what 
little that's worth.

My point is: I *do* have ECN enabled in at least one of my home routers, 
presently it's not a bottleneck, and hence I see no CE-marks, and if it 
becomes congested I know it will use FQ-Codel to mark (whatever way that 
does) - I can't control this as an endpoint - and in general as a 
transport I can't find out what ECN-marking has deployed along my path, 
if there happens to be any.
> <Seriously>I know what you mean: RFC3168 behaviour is latent in 
> ECN-enabled servers waiting for a client request.
>
So: It's going to be hard to require (MUST) a new replacement marking in 
network devices. It may be possible to allow one, and this would be 
great if there were appropriate mechanisms at the endpoints to detect 
this and do something sensible.
> I have proposed that L4S behaviour is associated with e2e negotiation 
> of new Accurate ECN semantics. Nonetheless, even if an L4S client 
> attempts to negotiate AccECN with a server, if the server only 
> supports classic ECN, the session should{Note 1} fall back to classic 
> ECN. So we will need to distinguish classic ECN from L4S ECN... unless 
> we all agree that AccECN must fall back to drop, even if the other end 
> says it supports classic ECN.
>
> {Note 1} AccECN is yet to be specified by the IETF, but this is the 
> current thinking, which seems reasonable.
> </Seriously>
>
>> Furthermore, L4S _can't_
>> eliminate packet drops; and IMHO a packet-drop in an L4S stream
>> must be treated _differently_ than a L4S congestion mark.
>
> No-one is questioning that behaviour on drop needs to stay as in Reno 
> or Cubic. The question is only over whether behaviour in response to 
> ECN-CE should be distinct from drop behaviour.
>
I'd agree. Both ABE (as proposed in TCPM) and DCTP (also TCPM) would 
change this, as I believe should any new TCPM-defined methods based on 
AccECN.
>>> *ECT(1) **
>>> *Seems a good identifier, but it has the following problems:
>>>
>>> a) L4S traffic would need to be distinguished from classic ECN both
>>>     when unmarked (ECT0 vs ECT1) and when marked (CE vs CE???).
>>>     Ie. congestion experienced (CE) would have to be shared between
>>>     the classes.
>>
>>     Actually, there are _two_ ways ECT(1) could be used:
>> - ECT(1) could be set to request L4S forwarding rules marking CE
>>    to indicate L4S congestion; or
>> - L4S forwarders could change ECT(1) to ECT(0) (or vice-versa?),
>>    to mark L4S congestion.
>
> The latter doesn't work, I'm afraid. Reason:
> * If all buffers on a path (say X, Y, Z) classify L4S and Classic by 
> ECT(1) and ECT(0) resp.,
> * and if buffer X indicates L4S congestion by changing some L4S 
> packets from ECT(1) to ECT(0)
> * then at subsequent buffers on the path (Y or Z), the L4S packets 
> that X remarked to ECT(0) will get classified into the Classic queue 
> at Y and Z.
>
> Result: a proportion L4S packets will get 'demoted' into low latency 
> queues, introducing intermittent re-ordering delay, thus increasing 
> the effective delay of the low latency L4S service to that of the 
> classic queues.
>
Sadly, I think probably true for any general deployment - this I think 
was one of the motivations for marking this method with a different DSCP 
when used internally within a provider network when RFC4774 was discussed.
>>
>>>     It would not be so problematic if all queues classified all CE
>>>     packets as the lowest latency class (L4S); CE packets from classic
>>>     flows would then be delivered early out of order, requiring some
>>>     buffering, but probably no more buffering than is already needed
>>>     for retransmissions, and at least they would never be late out of
>>>     order. See also {Note 1}.
>>     I'm trying to follow this...
>>
>>     What exactly does Bob mean by "all queues"? Mostly we think of
>> queues as part of the forwarding action. But some forwarders choose
>> their action upon packet entry to the queue; other at packet exit.
>> And, AFAIR, no forwarder takes an action based upon the packet being
>> CE-marked when it arrives.
>
> I didn't intend to say anything about whether actions are on entry or 
> on exit to the queue - I don't think that's relevant here.
>
> Again, I was thinking about the problem of one queue remarking some 
> packets in both L4S and Classic ECN to CE, then how those CE packets 
> would get classified at subsequent queues on the path.
>
> With solely L3 classification, all CE packets would have to be 
> classified as L4S, including those from Classic ECN flows marked as CE 
> earlier on the path.
>
> (I tried ASCII art, but email mangled it.)
>
> As I said, mis-classifying is not a problem as long as it is arranged 
> to be from the worse to the better queue.
>
>
>>
>>> b) ECT(1) is the last available ECN codepoint (for both v4 & v6).
>>>     Using ECT(1) for L4S and ECT(0) for Classic ECN would burn the last
>>>     codepoint just for migration purposes (contravening my criterion
>>>     #3). If we could predict that migration might one day finish, we
>>>     could foresee a time when ECT(0) might become available again.
>>>     But that's a long shot.
>>     This is a political problem, more than a technical one.
>>
>>     We've painted ourselves into a corner, where there aren't spare
>> bits -- and the "spare bits" in IPv6 turn out to be unusable. (We
>> seem to have done this quite deliberatly -- I don't understand why!)
>>
>>     Nonetheless, we have a major need to mark incipient congestion, so
>> that we can avoid over-filling buffers at forwarding nodes. The fact
>> that we have only half-a-bit left to do this is the inevitable result
>> of our refusal to allocate enough bits in the first place (or if you
>> prefer, our insistence on using six bits for DSCP, defined in such a
>> way as to prevent end-to-end meaning of them).
>>
>>     (Personally, I'd love to reclaim a few bits from DSCP; but to 
>> propose
>> this would label me a clueless kook, so I won't.)
>>
>>     ECT(1) is there! It's allocated for ECN use. Refusing to define it
>> with an ECN meaning is simply irrational.
>>
>>     Furthermore: there _is_ another bit! See RFC 3514. ;^)
>>
>>> c) For the record, the following uses of ECT(1) have been proposed by
>>>     the IETF and by researchers:
>>>   * receiver cheat detection (the ECN nonce [RFC3540] - experimental)
>>>   * ECN path testing (ECN for RTP [RFC6679] - standards track)
>>>   * various intermediate congestion level proposals (including PCN
>>>     [RFC6660] - standards track)
>>>   * various fast-start proposals (in research, e.g. VCP)
>>     IMHO, only RFCs count as "proposals".
>>
>>     RFC 3540 is ripe for deprecation, IMHO.
>>
>>     RFC 6679 covers "ECN for RTP over UDP". Somehow I missed it coming
>> out in 2012 (though I must have been listening to the IESG telechat
>> where it was approved). Mea culpa!
>
> I missed it too. During the WG process in AVT I wrote a long review 
> including concern about the ECT(1) parts. The authors took lots of my 
> concerns into account, but I wasn't awake to notice that they had left 
> in the ECT(1) parts when it went to WG last call and subsequently to 
> IESG.
>
>>
>>     It's not an easy read (58 pages, heavy with RTP details)! At first
>> blush, I don't see what it's trying to do with ECT(1). It references
>> RFC 3168 for the meaning of ECT(1); it keeps separate counters for
>> ECT(0) and ECT(1); and it has a "random" mode (not RECOMMENDED) which
>> is supposed to randomize whether ECT(0) or ECT(1) is sent.
>>
>>     The overall impression is that it tries to define feedback for all
>> possible ECN cases: thus supporting ECN Nonce use as well as all other
>> uses known at the time it was written.
>>
>>     To deprecate ECN Nonce, we'd need to UPDATE RFC 6679
>
> What about existing implementations of 6679?
>
>> as well as
>> RFC 3168; but I don't see any new issues introduced by 6679 (and the
>> features of it are already appropriate for L4S.
>>
>>> d) PCN is defined for a controlled environment, so that's not a 
>>> problem.
>>>     The wording or RTP-ECN does not mandate the use of ECT(1), but 
>>> it is
>>>     not always clear that it is optional either.
>>     Clearly, keeping separate counters for ECT(1) and ECT(0) is 
>> required;
>> but sending ECT(1) vs ECT(0) is not specified within RFC 6679.
>>
>>>     So I am trying to find out whether any implementations have used
>>>     ECT(1).
>>     At first blush, it would appear that the only _current_ use of 
>> ECT(1)
>> would be for ECN Nonce. But of course, RFC 6679 says nothing to prevent
>> its use for L4S.
>>
>>>     Even if none of the IETF uses of ECT(1) are problematic in 
>>> practice,
>>>     we should think very carefully before burning ECT(1) for L4S,
>>>     because there do appear to be new uses being proposed for it that
>>>     address a new potentially important class of problems: getting 
>>> up to
>>>     speed fast.
>>     Some citations, please...
>
> VCP: Xia, Y., Subramanian, L., Stoica, I. & Kalyanaraman, S., "One 
> more bit is enough," Proc. ACM SIGCOMM'05, Computer Communication 
> Review 35(4):37--48 In: SIGCOMM '05: Proceedings of the 2005 
> conference on Applications, technologies, architectures, and protocols 
> for computer communications Vol.35 No.4 pp.37-48 ACM Press (2005)
> <http://doi.acm.org/10.1145/1080091.1080098>
>
> Kunniyur, S.S., "AntiECN Marking: A Marking Scheme for High Bandwidth 
> Delay Connections ," In: Proc. ICC'03 IEEE (May 2003)
> <http://repository.upenn.edu/cgi/viewcontent.cgi?article=1053&context=ese_papers> 
>
>
>>
>>     (BTW, I think L4S could be _very_ helpful for "speeding up" 
>> slow-start.)
>
> Indeed. I have ideas myself too (unsurprisingly).
>
> I think the only workable schemes ought not to rely on a new packet 
> marking, but we might not be able to achieve this ideal, so I would be 
> wary of burning the last ECN codepoint 'just' to distinguish between 
> something we want to get to, and something we know will be legacy one 
> day.
>
>
>>
>>> *DSCP**
>>> *It might be better to distinguish L4S ECN from Classic ECN by using
>>> only ECT(0) and CE, but also using a distinctive DS codepoint for L4S.
>>> L4S could start off local-network only (e.g. for a network operator's
>>> premium services), or a global DSCP could be burned so that hosts could
>>> set it without needing to be configured for the network they happen to
>>> be connected to at any one time.
>>     I don's see L4S as useful in "local-network-only" mode.
>
> Please listen to the ISPs who have seen the DCttH demo. They have 
> their own ideas of what is 'useful' to them.
>
>>
>>     Granted, there _are_ many cases where the benefit of L4S would be
>> greatest at the first hop (DOCSIS box). But the expected "bleaching"
>> could be very confusing as to the meaning of CE marking that could be
>> generated farther along the path. There is no such thing as a condition
>> where _only_ the first hop can experience congestion.
>
> If an ISP were using L4S for delivery from its local caches and 
> servers, it would be doing the bleaching itself at its border. It 
> would not be overly concerned if its bleaching prevented 'OTT' 
> traffic  from using the L4S queues in the bottlenecks within its 
> access network.
>
>>
>>> Then, assuming all Classic ECN might eventually migrate to L4S ECN,
>>> a DSCP would no longer be needed as well as ECT(0) to identify L4S.
>>> Then the ECN field alone could represent L4S end-to-end.
>>     This is overly optimistic.
>
> Again, in Prague people from the major OS developers were talking as 
> if such optimism would not be so mad.
>
>>
>>> We all know that DSCP has the following problems:
>>> a) Diffserv is not orthogonal to Diffserv (obviously), so multiple 
>>> DSCPs
>>>     might be needed for L4S in each DS class
>>     That seems fatal...
>
> Not necessarily. For instance, a separate L4S DSCP might only be 
> needed to distinguish BE L4S from BE Classic.
>
> Indeed, once L4S gives all traffic low latency, ISPs and enterprises 
> don't necessarily need to distinguish between EF and AF, etc. Then an 
> ISP or enterprise might make all its 'premium' (non-BE) traffic solely 
> L4S without any need to distinguish a Classic subset.
>
>>
>>> b) DS is not end-to-end
>>> c) few global DSCPs left, altho certainly there are more DS codepoints
>>>     than ECN codepoints left.
>>     Network operators don't believe in "global DSCPs" They bleach 
>> anyway.
>>
>>     (I would tend to support carving out part of the "Experimental"
>> subset of DHCPs as "must propagate if not understood" -- and possibly
>> in ten years there might be enough equipment out there that respected
>> that... but for now, it _all_ gets bleached.)
>
> Half true. Bilteral arrangements are starting to appear at some 
> borders (DT is leading the way). Where there is a global DSCP, this 
> helps make such bilateral arrangements simple to administer and deploy.
>
> (BTW, there is no point writing RFCs that dictate what operational 
> policies must be used.)
>
>>
>>> *Summary**
>>> *Combining ECT(0) and CE with a globally assigned DSCP solely during
>>> initial deployment of L4S seems the least worst choice.
>>     We certainly could Experiment with that; but I'm very pessimistic.
>
> Unfortunately, I think the IETF has to make a choice.
>
> I overheard Spencer Dawkins say: "The IETF is only good at doing the 
> right thing when there is no other choice."
>
>>
>>     OTOH, Experimenting with ECT(1) seems likely to work. IMHO...
>
> I already said that either could 'work'. I tend to agree that using 
> DSCP /and/ ECN is likely to fall foul of the union of the sets of 
> problems that both suffer from.
>
> I'm currently in information gathering and promulgation mode, not 
> decision mode - I might switch to preferring ECT(1) depending on what 
> we find out.
>
> My concern is primarily about burning the last ECN codepoint merely 
> for a transition arrangement.
>
I'd certainly need more persausion to use ECT(1) for this, given all 
that is above. A new DSCP requires a lot of consensus if it is to be 
standards action, and less if local use. To me at least, I think this is 
worth exploring, if the arguments can be presented simply.
>
> Bob
>
>>
>> -- 
>> John Leslie <john@jlc.net>
>>
>> _______________________________________________
>> aqm mailing list
>> aqm@ietf.org
>> https://www.ietf.org/mailman/listinfo/aqm
>
Gorry