IETF Logo Mail Archive

Re: [Detnet] draft-kmak-ocn: comment on interface to Detnet relay node

Kiran Makhijani <kiran.ietf@gmail.com> Thu, 10 August 2023 18:01 UTC

Return-Path: <kiran.ietf@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2150DC151989 for <detnet@ietfa.amsl.com>; Thu, 10 Aug 2023 11:01:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DoCY_4lTYlBv for <detnet@ietfa.amsl.com>; Thu, 10 Aug 2023 11:01:44 -0700 (PDT)
Received: from mail-oo1-xc35.google.com (mail-oo1-xc35.google.com [IPv6:2607:f8b0:4864:20::c35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7212DC151988 for <detnet@ietf.org>; Thu, 10 Aug 2023 11:01:44 -0700 (PDT)
Received: by mail-oo1-xc35.google.com with SMTP id 006d021491bc7-56cae50792fso142654eaf.1 for <detnet@ietf.org>; Thu, 10 Aug 2023 11:01:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691690503; x=1692295303; h=to:subject:message-id:date:mime-version:references:in-reply-to:from :from:to:cc:subject:date:message-id:reply-to; bh=2HC1RBC8RYtHV/lNSD92W0QthWCKND3vHOuDUi/Ax8c=; b=dkvCXK6o4lDqn+3WRZpWwuxnCn06N/qpVGo4aRJLakOuwcDcFZcPu3vauI++7I6EGa 52K0Gwuzl7Yw9n3qU1v6YBPTy28DoVJqaaRlUuY8Y4dlXMszepW71MwSfoOE8OLKNUiq qK5JleJVL4qvNuk7SZDFD8OhyG28ySA90PovT5IS27fGBjSbEbVVVpy+zpNdvjAOcSiF O/MII7rVTzA6Pz02I87mkppAvHl0RD8A6r7803Z2Dov/9Ey2qS5gTtLqvOZ4P0jladEQ pk1j+Q4UjGZu77IWF2eyImpR1ESxo0c+hWFUdIGCp5rXelQgxPGXU0W/jGEkcqZzmtFN AlUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691690503; x=1692295303; h=to:subject:message-id:date:mime-version:references:in-reply-to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2HC1RBC8RYtHV/lNSD92W0QthWCKND3vHOuDUi/Ax8c=; b=dcJug6R0wqcE5Ar0QPDrrqeUYm7w2szslCNasVI3Vcr+sr+r3t49zsvtqyAXyzbGsG eMfMu9RyWkfSjpV3CHRdn/nhfNruQVIyU7DU23NohVYi4wSsp2iS0lXP2x7m9SnP1h7g 1aRfqVvT2TBiDjOIlIiA2H09jG51/2ns/1wGVLbUpH7rJ0jgEUuEv7GchrOjhvkSJw+P Hqxl4mKg9FGfYHp1018a0FbLsUngWinA/D+8NHAh2FtGSsFdYCjMNXtnkF7GMF8wm25K BSk9V+twoBSFx3U0OwP/brGUbJt3UOsxlmw5Wv6IwnTUYeb2Xl7CJ9Os+pgIh+2V0PcV QL3w==
X-Gm-Message-State: AOJu0YzaHy/WnTNUyKRHlCtFGk8iFl+cO8fTi+3R6nhqm09+zf1hLpPA OGP40+PEFkUM2Nj7CoIeyxi8ZSw8oz5o3vSgH7rVcXDp
X-Google-Smtp-Source: AGHT+IFJ2wt/Y0AreQA9eyYHO1hqXZp8Lt+romq3Dq0SpncqPCcZhCcdS8XK4mywReBnj1/evnhJpDfbFpw7iz2MWVE=
X-Received: by 2002:a05:6808:1491:b0:3a7:56a6:bd2b with SMTP id e17-20020a056808149100b003a756a6bd2bmr3581518oiw.4.1691690503190; Thu, 10 Aug 2023 11:01:43 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 10 Aug 2023 11:01:42 -0700
From: Kiran Makhijani <kiran.ietf@gmail.com>
In-Reply-To: <39ed6c25-bafd-98fd-dabd-ca7ba9cdff1b@linutronix.de>
References: <SJ0PR03MB64694AABB5B68CACCA243B2EF713A@SJ0PR03MB6469.namprd03.prod.outlook.com> <39ed6c25-bafd-98fd-dabd-ca7ba9cdff1b@linutronix.de>
MIME-Version: 1.0
Date: Thu, 10 Aug 2023 11:01:42 -0700
Message-ID: <CAFV7YBrQc228C0bgpGC7Fhe6-N0u2rRcmi5Y56ijFvQgM1RAvw@mail.gmail.com>
To: Florian Kauer <florian.kauer@linutronix.de>, DetNet WG <detnet@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000833c8e06029563cb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/XMMX3jwPQNI6-3f7VYzCdktCL94>
Subject: Re: [Detnet] draft-kmak-ocn: comment on interface to Detnet relay node
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2023 18:01:46 -0000

Hi Florian,
Thank you for participating in the discussion and bringing comments forward.
Please see inline with [KM].


On August 10, 2023 at 4:09:21 AM, Florian Kauer (florian.kauer@linutronix.de)
wrote:

Hi all,
as author of that cited comment, let me add some more context for
clarification.
So as brief recap how I understand the draft, it defines extension headers
that specify per-packet (!) real-time requirements (e.g. bounded latency)
that are sent by an industrial 'process controller' to a DetNet relay that
in turn needs to select a matching DetNet flow - out of the already
provisioned ones - to transmit that specific packet.

[KM] That’s spot on.



One of the very fundamental principles of deterministic communication in
general (not only DetNet or TSN) is that before a packet is sent out, you
must be sure that on the whole end-to-end path all resources are available
to process the packet according to its real-time requirements. And in my
opinion, that principle can not be guaranteed if you set up a system
according to the current draft for two reasons:

[KM] I'd just one-thing: this draft represents an endsystem's request
without needing to know the details of network internals. Additional work
to be done by the network (DetNet or another - TSN, wireless, 5G-radio) is
assumed and to be out of the scope for this document. Although, we should
add text to make our assumptions about operational view of end-to-end
mechanics clear.



1. It is impossible to pre-provision a set of DetNet flows that is able to
process packets with completely arbitrary real-time requirements. Lets say
the provisioned DetNet flow with the lowest latency guarantees a delivery
within 5 ms. Then you simply can't properly transmit an individual packet
that specifies a 3 ms latency requirement.

[KM] agree. We dont expect arbitrary latency requirements. They will be
mapped to a pre-provisioned network (connecting endsystem as well as
DetNet). If the document is under-specified, authors should say that
explicitly (and we will).



2. The specified requirements only apply for the path through the DetNet,
but neither for the path from process controller to the DetNet relay node,
nor from the final DetNet relay node to e.g. the actuator (assuming it is
not part of the DetNet itself).

To address the second problem, Kiran suggested in her comment below to
assume a contention-free path outside of the DetNet, but in my opinion that
is an oversimplification that does not exist in reality. Even if you have
set up e.g. a TSN, that also has a bound regarding the amount of traffic
that can be transmitted contention-free as well as a bound on the
achievable latency.

The process controller can't simply generate arbitrary traffic hoping that
it will be processed properly according to its per-packet real-time
requirements. In the end, there is no way around the fact that the
end-to-end (!) communication between two communication partners is somehow
bounded with regard to real-time properties. In the given scenario that
means the 'process controller' needs to be aware which traffic will be
processed properly and which not, either explicitly (by providing the
bounds via controller plane) or implicitly (by configuring its packet
generation appropriately).

And after we made the process controller to generate its traffic according
to the end-to-end properties, I honestly see no advantage in further
specifying per-packet real-time requirements. If the promised end-to-end
properties are e.g. "max 5 ms latency for 100 packets/s of 200 bytes" then
all packets will anyway be delivered after at most 5 ms as long as no more
than 100 packets with 200 bytes are generated per second. We can't get
faster by specifying "but I want to be delivered after 3 ms!" in the
packet. And specifying "10 ms is fine for this packet" also has no real
advantage in my opinion because the resources are anyway reserved for 5 ms
delivery.

Of course, we might have the situation of different kinds of traffic (e.g.
"max 5 ms latency for 100 packets/s of 200 bytes" plus "max 20 ms latency
for 50 packets/s of 3000 bytes") but also that needs to be guaranteed
end-to-end and not only within the DetNet and that means classifying the
traffic at the DetNet relay node is too late!

For me that finally means we should either have logical (!) end-to-end (!)
DetNet flows or TSN streams (tunneled via DetNet).

[KM] That's how even we started this document, but I am not a fan of
tunneling or exposing network internals to applications. It limits
application portability. Especially more troubling for OT experts.
Therefore, we first focus on just endsystem expressibility.


However, a logical end-to-end DetNet flow/TSN stream does not necessarily
imply that all devices are explicitly DetNet or TSN aware! With a single
end-to-end traffic class, the DetNet relay node can simply identify the
flow e.g. by the source/destination address and there is not need for the
process controller to make any further per-packet specifications as
outlined above. And in the case of different traffic classes, it is
sufficient (but in my opinion necessary!) that the process controller
differentiates the different classes by either L2 fields (MAC
addresses/VLAN IDs resulting in logical TSN streams) or L3 fields
(resulting in logical DetNet flows).

[KM] This is the key to discussion. Is it possible to have single traffic
class across different domains ? or is it sufficient? Semantics of
traffic-class will differ across domains. I find this type of configuration
quite static. While it may work in current usecases, I had a more dynamic
system in mind. Our disconnect is with regards to the scope of this work. I
split the problem in 2 parts, a) the expressibility of an endsystem's
requirement and b) the capability of the networks between them. The
document focuses on a) and i think with on going efforts in large-scale
detnets, we can deal with part b) without repeating the work.
For an end-to-end system, we should at least agree on doing things in L3
fields because media could change across domains. I like your choice of
term 'logical DetNet flow'. The only difference now is the use of
traffic-class vs OCN option EH.

Tempted to add a little more here. The ocn-option is not only dealing with
latency but is also epxresing other characteristics with a programmability
mindset (or more dynamic behavior - BUT within the constraints of what
network can offer).
Cheers,
Kiran

In the latter case, the mapping of flow/stream identification to real-time
requirements is either the responsibility of the controller plane or
implicit by setting up the 'process controller' to generate appropriate
traffic. But in any case, this is something to configure network-wide
before a packet is sent and specifying the real-time requirements solely in
the packet itself is too late.

Do you agree with my assessment of the situation or do I overlook something?


Greetings,
Florian


On 10.08.23 08:15, Kiran Makhijani wrote:
> Hi WG,
> I will start a series of discussions on the comments posted earlier.
>
> Pasting comment on section 3.2 for discussion.
> ---
> With your draft, you only have resource allocation within the DetNet but
not between the process controller and the DetNet. And in my opinion that
could easily lead to a situation where the constraints specified by the OCN
extension header of a specific packet just cannot be fulfilled by the
DetNet.
>
> As I understand the current draft, nothing would prevent an application
from just sending thousands of very large packets where the OCN extension
header specifies an upper latency bound of 1 ms.
> ---
> The issue is for the remote DC (where oc-controller will be)  we do not
specify the characteristics of connection between an oc-controller and
DetNet relay node. When I started writing the document, I assumed this
would be a contention-free logical or physical wire connection to keep the
document simple.
>
> The question for the group is whether it is ok to go ahead with this
assumption for the scope of this document?
> Perhaps, a better way to deal with this is to explain on cases by case
basis as in RFC8939 Section 3.
>
> 1. ref. Figure 1. DetNet service aware endsystem: - the interface between
the endsystem and relay node is deterministic.
> 2. ref. Figure 2. non-DetNet-aware IP endsystem: - endsystem to proxy
node provides proprietary means of deterministic behavior.
>
> The benefit of OCN option from oc-controller is to express network
requirements in a common IP-based approach.
>
> Please chime in.
> Kiran
> Detail comments at
>
https://docs.google.com/document/d/15MtFAbKQkrFwTHBiOLl_yYHG9ToqkHyBc5_LI6-Fr98/edit?pli=1
<
https://docs.google.com/document/d/15MtFAbKQkrFwTHBiOLl_yYHG9ToqkHyBc5_LI6-Fr98/edit?pli=1
>
>
>
>
>
> _______________________________________________
> detnet mailing list
> detnet@ietf.org
> https://www.ietf.org/mailman/listinfo/detnet

v2.23.0 | Report a Bug | By Email