IETF Logo Mail Archive

Re: [bmwg] [Last-Call] Genart telechat review of draft-ietf-bmwg-ngfw-performance-13

Toerless Eckert <tte@cs.fau.de> Wed, 02 February 2022 08:20 UTC

Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85D7C3A28C6; Wed, 2 Feb 2022 00:20:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S-R6slaXdikd; Wed, 2 Feb 2022 00:20:40 -0800 (PST)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0C1F3A28BA; Wed, 2 Feb 2022 00:20:39 -0800 (PST)
Received: from faui48e.informatik.uni-erlangen.de (faui48e.informatik.uni-erlangen.de [131.188.34.51]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTPS id 7F58A58C4B4; Wed, 2 Feb 2022 09:20:33 +0100 (CET)
Received: by faui48e.informatik.uni-erlangen.de (Postfix, from userid 10463) id 76D384EA52C; Wed, 2 Feb 2022 09:20:33 +0100 (CET)
Date: Wed, 02 Feb 2022 09:20:33 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: Matt Joras <matt.joras@gmail.com>
Cc: Carsten Rossenhoevel <cross@eantc.de>, last-call@ietf.org, gen-art@ietf.org, draft-ietf-bmwg-ngfw-performance.all@ietf.org, bmwg@ietf.org
Message-ID: <Yfo+0ckUSEDPHVB0@faui48e.informatik.uni-erlangen.de>
References: <164373365337.23647.13599772226951368639@ietfa.amsl.com> <ddf11891-8034-f28f-32d6-648ea2bf917f@eantc.de> <CADdTf+hwZefRf9A3rEx94rH_bReKcgMoGMySCWN_dvn08_9-Dg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CADdTf+hwZefRf9A3rEx94rH_bReKcgMoGMySCWN_dvn08_9-Dg@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bmwg/SqqJxZ4TEGWuOXGxBMOe0HzGvC0>
Subject: Re: [bmwg] [Last-Call] Genart telechat review of draft-ietf-bmwg-ngfw-performance-13
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Feb 2022 08:20:45 -0000

On Tue, Feb 01, 2022 at 11:32:29PM -0800, Matt Joras wrote:
> If it were me I would perhaps instead make a note of QUIC as a potential
> transport protocol for HTTP, and acknowledge that the document will not
> attempt to enumerate specific testing procedures for it. The current text
> probably would not lead to useful results for QUIC performance testing
> relative to TCP.

I would very much hope that a new protocol like QUIC would NOT require the same
amount of nerd-knob tuning as potentially decade old TCP stacks.  The need
to tune parameters in TCP for different situations has been one of the core
operational pain points.

Besides: this document does not attempt to test the variety of "challenged path"
situations, which should it make it even more benighn to test with just defaults.
(and those challenged path performance measurements are better done in a 
 non-security-device specific BMWG document).

If anything, the main security relevant TCP/QUIC comparison that i would like
to see in future IETF work is a comparison to the extend that the same security
device can perform the same degree of inspection for TCP vs QUIC flows.
Given how QUIC further enhances end-to-end privacy and hides transport level parameters,
i would imagine that the security device on average can do less. But i have not seen good
quantitative or even qualitative comparisons (some of this already applied to
TCP with TLS-1.3).

Cheers
    Toerless

> That's my two cents anyway.
> 
> Matt Joras
> 
> On Tue, Feb 1, 2022, 11:14 PM Carsten Rossenhoevel <cross@eantc.de> wrote:
> 
> > Dear Matt,
> >
> > Thank you for your review!
> >
> > We added QUIC to the draft during one of the BMWG sessions based on
> > suggestions from the attendees.  The authors are a bit unsure how to fix
> > the draft that's up for approval so that it would be precise and fully
> > compliant with QUIC environments.
> >
> > Do you have any specific suggestions how to correct the text, keeping
> > QUIC in scope?
> >
> > Alternatively, we could remove QUIC references and take it out of scope
> > and cover it in a future amendment.  Not the best solution, but after
> > more than three years of drafting with so many contributors, we would
> > like to avoid opening a new discussion area that would likely delay the
> > work by another year.
> >
> > Best regards, Carsten
> >
> >
> > Am 2/1/2022 um 5:40 PM schrieb Matt Joras via Datatracker:
> > > Reviewer: Matt Joras
> > > Review result: Ready with Issues
> > >
> > > I am the assigned Gen-ART reviewer for this draft. The General Area
> > > Review Team (Gen-ART) reviews all IETF documents being processed
> > > by the IESG for the IETF Chair. Please wait for direction from your
> > > document shepherd or AD before posting a new version of the draft.
> > >
> > > For more information, please see the FAQ at
> > >
> > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
> > >
> > > Document: draft-ietf-bmwg-ngfw-performance-13
> > > Reviewer: Matt Joras
> > > Review Date: 2022-01-31
> > > IETF LC End Date: 2021-12-29
> > > IESG Telechat date: 2022-02-03
> > >
> > > Nits/editorial comments:
> > >
> > > Section 4.3.1.1
> > > This section details TCP stack attributes in great detail. However,
> > > subsequently HTTP/3 and QUIC are both mentioned in 4.3.1.3.. QUIC is in
> > need of
> > > tuning just as much as TCP, if not more.
> > >
> > > " HTTP/3 emulated browser uses QUIC ([RFC9000]) as transport protocol."
> > should
> > > be reworded, and I'm not exactly sure what it is trying to convey.
> > >
> > > "Depending on test scenarios and selected HTTP version, HTTP header
> > compression
> > > MAY be set to enable or disable." should probably read " be enabled or
> > > disabled."
> > >
> > > Similarly in sections 7, there is a lot of specific mention of TCP
> > connections,
> > > TCP RSTs, FINs, etc. and continued mentioning of HTTP. Since QUIC is a
> > > significant carrier of HTTP traffic it seems these sections should not
> > be so
> > > specific to TCP. Especially since it seems as though for these kinds of
> > devices
> > > their limits may very well be different for UDP or TCP flows.
> > >
> > >
> > --
> > Carsten Rossenhövel
> > Managing Director, EANTC AG (European Advanced Networking Test Center)
> > Salzufer 14, 10587 Berlin, Germany
> > office +49.30.3180595-21, fax +49.30.3180595-10, mobile +49.177.2505721
> > cross@eantc.de, https://www.eantc.de
> >
> > Place of Business/Sitz der Gesellschaft: Berlin, Germany
> > Chairman/Vorsitzender des Aufsichtsrats: Herbert Almus
> > Managing Directors/Vorstand: Carsten Rossenhövel, Gabriele Schrenk
> > Registered: HRB 73694, Amtsgericht Charlottenburg, Berlin, Germany
> > EU VAT No: DE812824025
> >
> >

> -- 
> last-call mailing list
> last-call@ietf.org
> https://www.ietf.org/mailman/listinfo/last-call


-- 
---
tte@cs.fau.de

v2.23.0 | Report a Bug | By Email