Re: [Detnet] Alvaro Retana's Discuss on draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT)
Alvaro Retana <aretana.ietf@gmail.com> Wed, 20 February 2019 18:24 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 941A7130E57; Wed, 20 Feb 2019 10:24:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JnP0Wq2AKogT; Wed, 20 Feb 2019 10:24:30 -0800 (PST)
Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCE68130E2F; Wed, 20 Feb 2019 10:24:29 -0800 (PST)
Received: by mail-ot1-x335.google.com with SMTP id i5so41767929oto.9; Wed, 20 Feb 2019 10:24:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=Jx57uaHCor5dpnmiG6dSlz4DGnws+M1r1ztOfsU2r+Q=; b=J87dxuPZrC8Bpf5oIofNeXXLpL7keorVkHgI3tNddYwi5S7ggq5VaUhnDC5tk8yOWu gYrxxCxzjrmdaaKwbnSyvNr53IMVI/HfcbejLxhCKHQw915m717cbjTnI2ouAmBQHXeq 53wkkN97+kQQKN+q0ZcVOiAM72MMThANFkxq9g/JMlzJfVci01QwAdiLiXg4rOgKHHAC DcJHOhiMqoX+cEieAxbudB/Zh1qZiHl9U+k43iLyXxqLyNr4v3fpuk8i3GLKwq6AVQgc 5jZPyzECNU4Jy670EqVZSX6sHYbCf06+YeMY0q11S4XUujBVBMHSYfnXu2VMSln5iDf+ R6sg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=Jx57uaHCor5dpnmiG6dSlz4DGnws+M1r1ztOfsU2r+Q=; b=LTjOX3zXShr3Je0+bL8LyjylhZG7shhRFi1GuoE0tUQv1ach4i3SP7mshUgt6rkeI4 4Y1jBl0UCbrmWV3rOU/GOx9srAbmG+cLKAa6ryokGvOOR2iMtHTBwNL9hjRqCjLtWJqH PCIu2XjM9Sy7/eZBXI8Tl9Uyv08uKE5TUJ0C81jQOzQdQvMHhTeUV6l1lxUh2OhjXOLM DHBi8ukyK5zlKxM+pHrtw5f13k9DznsjAhzH5aq9E/nGZzl4ttFHUY7xeni2oLsMpwZo RkIE6ZORg1Ea8PEWIVyzPUST5rdNvf6oItRqdFUY46sakW41pwZRnttWYT4Ku9ASmGTZ Ym8w==
X-Gm-Message-State: AHQUAuZoN2sRWaDj0kRMsXRPXjaHdza6xBpxX5ZA8WlW+ZTWO44aDkjJ Fw5kMfyYcbGljzSkrzuMO3Pi9Xzu4vWxbQCGtqvstF8A
X-Google-Smtp-Source: AHgI3Ib9+WuLMDiavcRGB6ON+VDWj7qQKKEpr0yTiFZGuVWnhx0bPCy593vjlWSIrWcPXllSJcF2OqxJkTfzY5Jlpe4=
X-Received: by 2002:a9d:3de2:: with SMTP id l89mr22628633otc.239.1550687069074; Wed, 20 Feb 2019 10:24:29 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Wed, 20 Feb 2019 13:24:28 -0500
From: Alvaro Retana <aretana.ietf@gmail.com>
In-Reply-To: <108f9294-fb9d-557a-011a-6a53156bcb37@labn.net>
References: <155067820715.31361.3746519237969586434.idtracker@ietfa.amsl.com> <108f9294-fb9d-557a-011a-6a53156bcb37@labn.net>
MIME-Version: 1.0
Date: Wed, 20 Feb 2019 13:24:28 -0500
Message-ID: <CAMMESsx4juKOjPNPQW2iLDYRC6REr8jKWLJLBDUt-AsmC-eFmA@mail.gmail.com>
To: Lou Berger <lberger@labn.net>, The IESG <iesg@ietf.org>
Cc: detnet-chairs@ietf.org, detnet@ietf.org, draft-ietf-detnet-architecture@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e9023005825777bb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/DyxsanAuYjygMoKL1IkuQE8fzAw>
Subject: Re: [Detnet] Alvaro Retana's Discuss on draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT)
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2019 18:24:33 -0000
On February 20, 2019 at 4:11:45 PM, Lou Berger (lberger@labn.net) wrote: Hi Alissa, …Alvaro… :-) Hi! ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I support Mirja's and Alissa's DISCUSSes...and have a related set of concerns about the coexistence with non-DetNet traffic and privacy: §3.3.1 talks about what I think is a hard to achieve balance between coexisting with non-DetNet traffic and keeping that traffic from disrupting DetNet flows. Because of the constraints, the intent of prioritizing DetNet flows is clear (and that is ok), but that may result in starvation of non-DetNet traffic...even if the text does explicitly say that it "must be avoided". I would like to see the potential case of starving non-DetNet traffic called out somewhere. This is the objective of section 3.3.1. I'm looking for something similar to the first paragraph in §5, but focused on the non-DetNet traffic. The current text reads: 3.3.1. Coexistence with normal traffic A DetNet network supports the dedication of a high proportion of the network bandwidth to DetNet flows. But, no matter how much is dedicated for DetNet flows, it is a goal of DetNet to coexist with existing Class of Service schemes (e.g., DiffServ). It is also important that non-DetNet traffic not disrupt the DetNet flow, of course (see Section 3.3.2 and Section 5). For these reasons: o Bandwidth (transmission opportunities) not utilized by a DetNet flow is available to non-DetNet packets (though not to other DetNet flows). o DetNet flows can be shaped or scheduled, in order to ensure that the highest-priority non-DetNet packet is also ensured a worst- case latency. o When transmission opportunities for DetNet flows are scheduled in detail, then the algorithm constructing the schedule should leave sufficient opportunities for non-DetNet packets to satisfy the needs of the users of the network. Detailed scheduling can also permit the time-shared use of buffer resources by different DetNet flows. Starvation of non-DetNet traffic must be avoided, e.g., by traffic policing functions (e.g., [RFC2475]). Thus, the net effect of the presence of DetNet flows in a network on the non-DetNet flows is primarily a reduction in the available bandwidth. I think we need a little bit more to understand what you'd like to see changed or added. Can you suggest text or what specific topic you'd like to see added/addressed? Yes, let me try to explain better…while comparing with the current text in §5, which basically says that even though the objective of DetNet is to provide bounded latency, a MIIM may delay the traffic and the objective may not be achieved. For non-DetNet traffic, the objective is to not starve it, while providing specific guarantees to the DetNet flows — said other way (from the Introduction): "Unused reserved resources are available to non-DetNet packets as long as all guarantees are fulfilled.” However, the algorithms (maybe error, misconfiguration…or even maliciously) may end up*not* constructing the schedule to leave sufficient opportunities for non-DetNet packets (as suggested in the text above from §3.3.1). I see a parallel in how there is a risk of the intention for DetNet flows not being met (because of an attack) and how the intention for non-DetNet traffic may also not be met. Related to the above is the fact that the identification of flows could be used to specifically *not* include some of them as DetNet flows. This is a variation of the concern outlined in §6, but applied to non-DetNet flows, with the potential starvation mentioned above. Again, I would like to at least see some discussion of this risk. I don't follow - what is the risk that should be addressed? §6 talks about potential privacy concerns due to the identification of flows. I interpret that as potentially being able to identify the user (application, or both maybe). As far as I understand the architecture, DetNet flows are identified at the edge and then assigned to specific paths. If the identification of flows can be used to identify the user (for example), then it can be used to not only attack specific DetNet flow, but also to decide to not provide guarantees to a specific flow based on who the user or the application may be. I’m trying to point at a scenario where the identification may lead to flag a flow as non-DetNet — and then (back to the initial point) potentially starve it: eliminating the ability of that user to communicate. The use case and problem statement documents outline specific applications that may not have non-DetNet traffic, and the Introduction supports that. However, the architecture described in this document may be used in more general networks to provide guarantees to specific traffic... IOW, even if the intention is there, there is no guarantee that DetNet will only be used in the expected use cases. You're not requesting any change in the document here, right? Right. Just pointing out that not all deployments of DetNet may be in the expected use cases, potentially exposing them to other risks, or other applications. Hope this makes more sense. Thanks! Alvaro.
- [Detnet] Alvaro Retana's Discuss on draft-ietf-de… Alvaro Retana
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… Lou Berger
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… Alvaro Retana
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… Lou Berger
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… Alvaro Retana
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… Lou Berger
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… Alvaro Retana
- Re: [Detnet] Alvaro Retana's Discuss on draft-iet… János Farkas