Re: [Detnet] draft-kmak-ocn: comment on interface to Detnet relay node
Kiran Makhijani <kiran.ietf@gmail.com> Thu, 10 August 2023 18:01 UTC
Return-Path: <kiran.ietf@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2150DC151989 for <detnet@ietfa.amsl.com>; Thu, 10 Aug 2023 11:01:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DoCY_4lTYlBv for <detnet@ietfa.amsl.com>; Thu, 10 Aug 2023 11:01:44 -0700 (PDT)
Received: from mail-oo1-xc35.google.com (mail-oo1-xc35.google.com [IPv6:2607:f8b0:4864:20::c35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7212DC151988 for <detnet@ietf.org>; Thu, 10 Aug 2023 11:01:44 -0700 (PDT)
Received: by mail-oo1-xc35.google.com with SMTP id 006d021491bc7-56cae50792fso142654eaf.1 for <detnet@ietf.org>; Thu, 10 Aug 2023 11:01:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691690503; x=1692295303; h=to:subject:message-id:date:mime-version:references:in-reply-to:from :from:to:cc:subject:date:message-id:reply-to; bh=2HC1RBC8RYtHV/lNSD92W0QthWCKND3vHOuDUi/Ax8c=; b=dkvCXK6o4lDqn+3WRZpWwuxnCn06N/qpVGo4aRJLakOuwcDcFZcPu3vauI++7I6EGa 52K0Gwuzl7Yw9n3qU1v6YBPTy28DoVJqaaRlUuY8Y4dlXMszepW71MwSfoOE8OLKNUiq qK5JleJVL4qvNuk7SZDFD8OhyG28ySA90PovT5IS27fGBjSbEbVVVpy+zpNdvjAOcSiF O/MII7rVTzA6Pz02I87mkppAvHl0RD8A6r7803Z2Dov/9Ey2qS5gTtLqvOZ4P0jladEQ pk1j+Q4UjGZu77IWF2eyImpR1ESxo0c+hWFUdIGCp5rXelQgxPGXU0W/jGEkcqZzmtFN AlUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691690503; x=1692295303; h=to:subject:message-id:date:mime-version:references:in-reply-to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2HC1RBC8RYtHV/lNSD92W0QthWCKND3vHOuDUi/Ax8c=; b=dcJug6R0wqcE5Ar0QPDrrqeUYm7w2szslCNasVI3Vcr+sr+r3t49zsvtqyAXyzbGsG eMfMu9RyWkfSjpV3CHRdn/nhfNruQVIyU7DU23NohVYi4wSsp2iS0lXP2x7m9SnP1h7g 1aRfqVvT2TBiDjOIlIiA2H09jG51/2ns/1wGVLbUpH7rJ0jgEUuEv7GchrOjhvkSJw+P Hqxl4mKg9FGfYHp1018a0FbLsUngWinA/D+8NHAh2FtGSsFdYCjMNXtnkF7GMF8wm25K BSk9V+twoBSFx3U0OwP/brGUbJt3UOsxlmw5Wv6IwnTUYeb2Xl7CJ9Os+pgIh+2V0PcV QL3w==
X-Gm-Message-State: AOJu0YzaHy/WnTNUyKRHlCtFGk8iFl+cO8fTi+3R6nhqm09+zf1hLpPA OGP40+PEFkUM2Nj7CoIeyxi8ZSw8oz5o3vSgH7rVcXDp
X-Google-Smtp-Source: AGHT+IFJ2wt/Y0AreQA9eyYHO1hqXZp8Lt+romq3Dq0SpncqPCcZhCcdS8XK4mywReBnj1/evnhJpDfbFpw7iz2MWVE=
X-Received: by 2002:a05:6808:1491:b0:3a7:56a6:bd2b with SMTP id e17-20020a056808149100b003a756a6bd2bmr3581518oiw.4.1691690503190; Thu, 10 Aug 2023 11:01:43 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 10 Aug 2023 11:01:42 -0700
From: Kiran Makhijani <kiran.ietf@gmail.com>
In-Reply-To: <39ed6c25-bafd-98fd-dabd-ca7ba9cdff1b@linutronix.de>
References: <SJ0PR03MB64694AABB5B68CACCA243B2EF713A@SJ0PR03MB6469.namprd03.prod.outlook.com> <39ed6c25-bafd-98fd-dabd-ca7ba9cdff1b@linutronix.de>
MIME-Version: 1.0
Date: Thu, 10 Aug 2023 11:01:42 -0700
Message-ID: <CAFV7YBrQc228C0bgpGC7Fhe6-N0u2rRcmi5Y56ijFvQgM1RAvw@mail.gmail.com>
To: Florian Kauer <florian.kauer@linutronix.de>, DetNet WG <detnet@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000833c8e06029563cb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/XMMX3jwPQNI6-3f7VYzCdktCL94>
Subject: Re: [Detnet] draft-kmak-ocn: comment on interface to Detnet relay node
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2023 18:01:46 -0000
Hi Florian, Thank you for participating in the discussion and bringing comments forward. Please see inline with [KM]. On August 10, 2023 at 4:09:21 AM, Florian Kauer (florian.kauer@linutronix.de) wrote: Hi all, as author of that cited comment, let me add some more context for clarification. So as brief recap how I understand the draft, it defines extension headers that specify per-packet (!) real-time requirements (e.g. bounded latency) that are sent by an industrial 'process controller' to a DetNet relay that in turn needs to select a matching DetNet flow - out of the already provisioned ones - to transmit that specific packet. [KM] That’s spot on. One of the very fundamental principles of deterministic communication in general (not only DetNet or TSN) is that before a packet is sent out, you must be sure that on the whole end-to-end path all resources are available to process the packet according to its real-time requirements. And in my opinion, that principle can not be guaranteed if you set up a system according to the current draft for two reasons: [KM] I'd just one-thing: this draft represents an endsystem's request without needing to know the details of network internals. Additional work to be done by the network (DetNet or another - TSN, wireless, 5G-radio) is assumed and to be out of the scope for this document. Although, we should add text to make our assumptions about operational view of end-to-end mechanics clear. 1. It is impossible to pre-provision a set of DetNet flows that is able to process packets with completely arbitrary real-time requirements. Lets say the provisioned DetNet flow with the lowest latency guarantees a delivery within 5 ms. Then you simply can't properly transmit an individual packet that specifies a 3 ms latency requirement. [KM] agree. We dont expect arbitrary latency requirements. They will be mapped to a pre-provisioned network (connecting endsystem as well as DetNet). If the document is under-specified, authors should say that explicitly (and we will). 2. The specified requirements only apply for the path through the DetNet, but neither for the path from process controller to the DetNet relay node, nor from the final DetNet relay node to e.g. the actuator (assuming it is not part of the DetNet itself). To address the second problem, Kiran suggested in her comment below to assume a contention-free path outside of the DetNet, but in my opinion that is an oversimplification that does not exist in reality. Even if you have set up e.g. a TSN, that also has a bound regarding the amount of traffic that can be transmitted contention-free as well as a bound on the achievable latency. The process controller can't simply generate arbitrary traffic hoping that it will be processed properly according to its per-packet real-time requirements. In the end, there is no way around the fact that the end-to-end (!) communication between two communication partners is somehow bounded with regard to real-time properties. In the given scenario that means the 'process controller' needs to be aware which traffic will be processed properly and which not, either explicitly (by providing the bounds via controller plane) or implicitly (by configuring its packet generation appropriately). And after we made the process controller to generate its traffic according to the end-to-end properties, I honestly see no advantage in further specifying per-packet real-time requirements. If the promised end-to-end properties are e.g. "max 5 ms latency for 100 packets/s of 200 bytes" then all packets will anyway be delivered after at most 5 ms as long as no more than 100 packets with 200 bytes are generated per second. We can't get faster by specifying "but I want to be delivered after 3 ms!" in the packet. And specifying "10 ms is fine for this packet" also has no real advantage in my opinion because the resources are anyway reserved for 5 ms delivery. Of course, we might have the situation of different kinds of traffic (e.g. "max 5 ms latency for 100 packets/s of 200 bytes" plus "max 20 ms latency for 50 packets/s of 3000 bytes") but also that needs to be guaranteed end-to-end and not only within the DetNet and that means classifying the traffic at the DetNet relay node is too late! For me that finally means we should either have logical (!) end-to-end (!) DetNet flows or TSN streams (tunneled via DetNet). [KM] That's how even we started this document, but I am not a fan of tunneling or exposing network internals to applications. It limits application portability. Especially more troubling for OT experts. Therefore, we first focus on just endsystem expressibility. However, a logical end-to-end DetNet flow/TSN stream does not necessarily imply that all devices are explicitly DetNet or TSN aware! With a single end-to-end traffic class, the DetNet relay node can simply identify the flow e.g. by the source/destination address and there is not need for the process controller to make any further per-packet specifications as outlined above. And in the case of different traffic classes, it is sufficient (but in my opinion necessary!) that the process controller differentiates the different classes by either L2 fields (MAC addresses/VLAN IDs resulting in logical TSN streams) or L3 fields (resulting in logical DetNet flows). [KM] This is the key to discussion. Is it possible to have single traffic class across different domains ? or is it sufficient? Semantics of traffic-class will differ across domains. I find this type of configuration quite static. While it may work in current usecases, I had a more dynamic system in mind. Our disconnect is with regards to the scope of this work. I split the problem in 2 parts, a) the expressibility of an endsystem's requirement and b) the capability of the networks between them. The document focuses on a) and i think with on going efforts in large-scale detnets, we can deal with part b) without repeating the work. For an end-to-end system, we should at least agree on doing things in L3 fields because media could change across domains. I like your choice of term 'logical DetNet flow'. The only difference now is the use of traffic-class vs OCN option EH. Tempted to add a little more here. The ocn-option is not only dealing with latency but is also epxresing other characteristics with a programmability mindset (or more dynamic behavior - BUT within the constraints of what network can offer). Cheers, Kiran In the latter case, the mapping of flow/stream identification to real-time requirements is either the responsibility of the controller plane or implicit by setting up the 'process controller' to generate appropriate traffic. But in any case, this is something to configure network-wide before a packet is sent and specifying the real-time requirements solely in the packet itself is too late. Do you agree with my assessment of the situation or do I overlook something? Greetings, Florian On 10.08.23 08:15, Kiran Makhijani wrote: > Hi WG, > I will start a series of discussions on the comments posted earlier. > > Pasting comment on section 3.2 for discussion. > --- > With your draft, you only have resource allocation within the DetNet but not between the process controller and the DetNet. And in my opinion that could easily lead to a situation where the constraints specified by the OCN extension header of a specific packet just cannot be fulfilled by the DetNet. > > As I understand the current draft, nothing would prevent an application from just sending thousands of very large packets where the OCN extension header specifies an upper latency bound of 1 ms. > --- > The issue is for the remote DC (where oc-controller will be) we do not specify the characteristics of connection between an oc-controller and DetNet relay node. When I started writing the document, I assumed this would be a contention-free logical or physical wire connection to keep the document simple. > > The question for the group is whether it is ok to go ahead with this assumption for the scope of this document? > Perhaps, a better way to deal with this is to explain on cases by case basis as in RFC8939 Section 3. > > 1. ref. Figure 1. DetNet service aware endsystem: - the interface between the endsystem and relay node is deterministic. > 2. ref. Figure 2. non-DetNet-aware IP endsystem: - endsystem to proxy node provides proprietary means of deterministic behavior. > > The benefit of OCN option from oc-controller is to express network requirements in a common IP-based approach. > > Please chime in. > Kiran > Detail comments at > https://docs.google.com/document/d/15MtFAbKQkrFwTHBiOLl_yYHG9ToqkHyBc5_LI6-Fr98/edit?pli=1 < https://docs.google.com/document/d/15MtFAbKQkrFwTHBiOLl_yYHG9ToqkHyBc5_LI6-Fr98/edit?pli=1 > > > > > > _______________________________________________ > detnet mailing list > detnet@ietf.org > https://www.ietf.org/mailman/listinfo/detnet
- [Detnet] draft-kmak-ocn: comment on interface to … Kiran Makhijani
- Re: [Detnet] draft-kmak-ocn: comment on interface… Florian Kauer
- Re: [Detnet] draft-kmak-ocn: comment on interface… Kiran Makhijani
- Re: [Detnet] draft-kmak-ocn: comment on interface… Florian Kauer
- Re: [Detnet] draft-kmak-ocn: comment on interface… Kiran Makhijani