Re: [bmwg] Tsvart telechat review of draft-ietf-bmwg-ngfw-performance-13
bmonkman@netsecopen.org Wed, 25 May 2022 18:13 UTC
Return-Path: <bmonkman@netsecopen.org>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E04D6C2BCDFC for <bmwg@ietfa.amsl.com>; Wed, 25 May 2022 11:13:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=netsecopen-org.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pdW1mbcBLaZA for <bmwg@ietfa.amsl.com>; Wed, 25 May 2022 11:13:05 -0700 (PDT)
Received: from mail-qt1-x82a.google.com (mail-qt1-x82a.google.com [IPv6:2607:f8b0:4864:20::82a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EE0EC28F5A3 for <bmwg@ietf.org>; Wed, 25 May 2022 11:13:05 -0700 (PDT)
Received: by mail-qt1-x82a.google.com with SMTP id f35so5003408qtb.11 for <bmwg@ietf.org>; Wed, 25 May 2022 11:13:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netsecopen-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:thread-index :content-language; bh=trZVI2t1oRzVDEyFHa9GJbrZ36vCz3duE5D5U9CeCAA=; b=Q7fgPjHPnKifxrd8HiS9AWHNhdScqWsJBteGi0Nrb0x+QgIoLBu0KHeJDcdyKKaDsM yZw/hg9I+RiYpbupikSQ6oF3/qRFi4csbtHam595at8HtlV6UWHAuaehNUjZ/wChBWI8 XwhZ9k3tDYX17VoM+oHcXVHYlKlJAsckGCpKYtYCNgwgtcM0bJPFzk4vitx6WD3/lX03 Hmyb3c9ZgwQBdow1LBpkpxt8hoXcEQ/fl+eBelW3yEo1razIeHYAQzgQQMJpgH9x2dmb jqVE8uAX5N5jOp0xwWp6tBEeL4Lr946LuejfaiD8bxudEGUXdRTKxLhgoZDwZTQcpXH6 NF9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-transfer-encoding:thread-index :content-language; bh=trZVI2t1oRzVDEyFHa9GJbrZ36vCz3duE5D5U9CeCAA=; b=pzafSMgLORa3OCXMn6ajOf1LTuJOwAWwgLDxLdm2pI5kWlVzZM7vdqIVrUiWMnXHmB nQawXmFbbpy8a7d3bhhQDQ0hI/ojQux41iSch+tdyKBftWMlUWyeQtyMaRixnlPJZDDl 2Xbax7BoRYh1pcIFvjUm3lLveaQ93FixPz4RGhj34xwP/71+rPuP7BWAs8IcBuerDc8k 7F7wN50HFM5QA2nUhuWNrwuHPiVAPChQwClViBfow/ckCLja1EWtoLgyN5xY1Vdwu4a0 EccwoUvg+cGMq3gz3610uKHsnqL7VDs/S9eelIX5bXYyt5d93XyVdiTGZWDQv0K5UFWR BodA==
X-Gm-Message-State: AOAM5321D60F3E1Vc6b5xTxWsDALbHZKJ9+lQDQV3//QER223eJR2r2h 3lm5LrUuS0GDGFgRqEmlagLeokoruLvUOg==
X-Google-Smtp-Source: ABdhPJzVUl/iEWs5uGTF/iQDH9HK4MDflC2r5FfsGSs8tZcpuo3/ePM/vDyqop/UHdEZ4m6EwRrB5g==
X-Received: by 2002:a05:622a:11ce:b0:2f3:f091:10f8 with SMTP id n14-20020a05622a11ce00b002f3f09110f8mr25582987qtk.35.1653502383241; Wed, 25 May 2022 11:13:03 -0700 (PDT)
Received: from DESKTOP42TMNEU (c-98-235-212-118.hsd1.pa.comcast.net. [98.235.212.118]) by smtp.gmail.com with ESMTPSA id u12-20020a05620a454c00b0069fc13ce1d7sm1997282qkp.8.2022.05.25.11.13.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 May 2022 11:13:02 -0700 (PDT)
From: bmonkman@netsecopen.org
To: 'Tommy Pauly' <tpauly@apple.com>, tsv-art@ietf.org
Cc: bmwg@ietf.org, draft-ietf-bmwg-ngfw-performance.all@ietf.org, last-call@ietf.org
References: <165344815123.30275.7776382242105466570@ietfa.amsl.com>
In-Reply-To: <165344815123.30275.7776382242105466570@ietfa.amsl.com>
Date: Wed, 25 May 2022 14:13:00 -0400
Message-ID: <008301d87063$12091d10$361b5730$@netsecopen.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQL/b3lB9ovSklAPtVDISVBo2AxD66rh5CWQ
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/bmwg/b0iPwQkwY4vRz1k_9oHDDJUmzRA>
Subject: Re: [bmwg] Tsvart telechat review of draft-ietf-bmwg-ngfw-performance-13
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2022 18:13:07 -0000
Hi Tommy, Thanks for you reply. The general consensus amongst the authors and contributors is that there is a need to get into the weeds when it comes to TCP configuration of the test tools and elements of the test bed. This draft is meant to address the test tools in order to ensure (hopefully) results can be replicated. I can certainly understand your position when it comes to production environments. But that is not what we are concerned about. The various test tools we have looked at and worked with have varied default settings. Which is what led us to our approach. That said however, Al Morton pointed us to RFC7414 (https://datatracker.ietf.org/doc/html/rfc7414) as a possible reference that lists/consolidates all the TCP requirements and defaults that are relevant or in-force today. We could reference that RFC and specific sections for the requirements we need. This RFC is over 7 years old. Is there anything more current? Thoughts? Brian -----Original Message----- From: Tommy Pauly via Datatracker <noreply@ietf.org> Sent: Tuesday, May 24, 2022 11:09 PM To: tsv-art@ietf.org Cc: bmwg@ietf.org; draft-ietf-bmwg-ngfw-performance.all@ietf.org; last-call@ietf.org Subject: Tsvart telechat review of draft-ietf-bmwg-ngfw-performance-13 Reviewer: Tommy Pauly Review result: Almost Ready This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC tsv-art@ietf.org if you reply to or forward this review. I agree with the points Lars made about this document being too specific and constrained with regards to TCP details, and not nearly as specific with other protocol details. This was brought up in my initial TSVART review, which I will quote here since it still applies: "From a transport perspective, I’m concerned that some things are over-specified (details of TCP implementations) and others are underspecified (how throughput is measured, how loss and delay are tested)... I’d like to see transports (TCP/UDP/QUIC/other) be treated more consistently throughout the document, particularly since non-TCP traffic will become increasingly relevant for the devices these tests are targeting. ... The client configuration section 4.3.1.1 details TCP stack configuration, but does not address other transports. Discussing QUIC seems like it will be relevant soon. Overall, for this section, I am struck that there’s a lot of detail that seems over-specified, with lots of normative language. For example, the TCP connection MUST end with a three- or four-way handshake. What if there’s a RST? I don’t understand what we’re requiring of these TCP implementations apart from being a functional and compliant TCP implementation. How much of this is actually required?" Given the IESG reviews, I do agree this needs to be addressed before moving forward. While we could spend a long time with transport area folks trying to fix the details and flesh out equal levels of detail for QUIC and HTTP/1.1 / HTTP/2 / HTTP/3 configurations, I don't think that is appropriate for this document. My suggestion would be to strike the details about TCP entirely, particularly the extraneous normative requirements. If your concern is how the test equipment will behave with 1000s of connections, express that as a top-level requirement for any transport; describe that the transports need to be tuned with common options to ensure fairness and consistent use of the available bandwidth, etc. Getting at the reasons will make it clearer. You also already say that "these are the defaults in most client operating systems". Rather than duplicating what you currently believe are the defaults, just encourage the use of defaults.
- [bmwg] Tsvart telechat review of draft-ietf-bmwg-… Tommy Pauly via Datatracker
- Re: [bmwg] Tsvart telechat review of draft-ietf-b… bmonkman