IETF Logo Mail Archive

Re: [Detnet] Alvaro Retana's Discuss on draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT)

Alvaro Retana <aretana.ietf@gmail.com> Fri, 22 February 2019 11:02 UTC

Return-Path: <aretana.ietf@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 408041277CC; Fri, 22 Feb 2019 03:02:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTML_OBFUSCATE_10_20=0.093, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VuThWfEsW1KH; Fri, 22 Feb 2019 03:02:08 -0800 (PST)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D597124D68; Fri, 22 Feb 2019 03:02:08 -0800 (PST)
Received: by mail-ot1-x32e.google.com with SMTP id b3so1526399otp.4; Fri, 22 Feb 2019 03:02:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=3jKhbLq8SNNZOI/5mcuqkFBH0qptNR+q4s502/IRDQs=; b=N+IXFlB2S+m3cNYdsvS88PN+Cv5tekPRe0XL1mJYKnzSv3MO9yQZae3BrKeW0o+tBW U2x4faA/ua/CPyGLiABTXRkrp9dZNUUrrrR2ImYHOAA9gLvwzv5BmQ8P7tdAMkwE9nuT FGD9bBTuAuraN/yXx2C/9NXaIhRQqkdgWOQLnXWbC2vvCF+SKybedo7n3L8ZFvygVrG1 kn4yIn4b3IX/HHI+ZDBx5xdAP5gg4N49CD44QR+bYiIShoBLDJl2wq8NWQMFA1nK0+Nd Yvd5SADdqo/6Vwocb7hdpf/prykl+chIIcyqzhaJd7l1YapvrcQVu4EWKYwA7RVMTRXi QJww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=3jKhbLq8SNNZOI/5mcuqkFBH0qptNR+q4s502/IRDQs=; b=EIbDODXPfA5k1dkaoEGmTNVYv9N0YGfbpBit6U4FYiAKlXct/Ki8O3ifYPHz2Hl4Sn Lah+5GJ91W+TGBomchfqMGcPN9bu9sfIRcI5hLcH8wMEnLm6A1y441hJiaCg+IwjB9Cn 4JwRutw6H/h8mjcUrMePm2E9Sqqpm6w1WmPQ2CzOTtHg1Tao9pSYiSK4FHLiPMg3ESSR MsX221Y/sgssPu5IuVFrlQtYMhuXtA+SYbjCkw5OopyYcpnMzZ7G99NqoAlzNF9c97uj fdR2Y+9GrAoe2jloRMglwRpCd86Xrclhp5fEzzUf121ain5JmTN8/M4gStyeGtNCMha7 nY3w==
X-Gm-Message-State: AHQUAub57wpdX6RX01+UxyyV6HmrC9pFq7SC+ArQUFmAKSHZTg5ywVUB pPoazv2docxJA3kvSMBC+AP0ymdJIzE011CprTjXxwQM
X-Google-Smtp-Source: AHgI3IZ4/GGceaWPjalKYlh0aq85kiR2m9pdWoP2MEy/RGficwjBuy9aYqH8/evu2aYIJrg23UxRwyR323n/fYNkM1k=
X-Received: by 2002:a9d:6348:: with SMTP id y8mr2196319otk.287.1550833327713; Fri, 22 Feb 2019 03:02:07 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 22 Feb 2019 06:02:06 -0500
From: Alvaro Retana <aretana.ietf@gmail.com>
In-Reply-To: <7056c886-3aa9-2d85-7824-ee5f1ac9bb33@labn.net>
References: <155067820715.31361.3746519237969586434.idtracker@ietfa.amsl.com> <108f9294-fb9d-557a-011a-6a53156bcb37@labn.net> <CAMMESsx4juKOjPNPQW2iLDYRC6REr8jKWLJLBDUt-AsmC-eFmA@mail.gmail.com> <7056c886-3aa9-2d85-7824-ee5f1ac9bb33@labn.net>
MIME-Version: 1.0
Date: Fri, 22 Feb 2019 06:02:06 -0500
Message-ID: <CAMMESszvQ-QgZLNfPF2MMq6UNtCR5DLzhMvzuFF_eCiyUiu5qg@mail.gmail.com>
To: Lou Berger <lberger@labn.net>, The IESG <iesg@ietf.org>
Cc: detnet@ietf.org, draft-ietf-detnet-architecture@ietf.org, detnet-chairs@ietf.org
Content-Type: multipart/alternative; boundary="0000000000009ab5aa05827985d7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/grCTE_muJpKFloIlvl0gWTmgCGo>
Subject: Re: [Detnet] Alvaro Retana's Discuss on draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT)
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 11:02:16 -0000

On February 21, 2019 at 7:35:32 PM, Lou Berger (lberger@labn.net) wrote:

Hi!

>>> ----------------------------------------------------------------------
>>> DISCUSS:
>>> ----------------------------------------------------------------------
>>>
>>> I support Mirja's and Alissa's DISCUSSes...and have a related set of
concerns
>>> about the coexistence with non-DetNet traffic and privacy:
>>>
>>> §3.3.1 talks about what I think is a hard to achieve balance between
coexisting
>>> with non-DetNet traffic and keeping that traffic from disrupting DetNet
flows.
>>> Because of the constraints, the intent of prioritizing DetNet flows is
clear
>>> (and that is ok), but that may result in starvation of non-DetNet
>>> traffic...even if the text does explicitly say that it "must be
avoided".
>>>
>>> I would like to see the potential case of starving non-DetNet traffic
called
>>> out somewhere.
>>
>> This is the objective of section 3.3.1.
>>
>>
>>> I'm looking for something similar to the first paragraph in §5,
>>> but focused on the non-DetNet traffic.
>>
>> The current text reads:
>>
>> 3.3.1. Coexistence with normal traffic
>>
>> A DetNet network supports the dedication of a high proportion of the
>> network bandwidth to DetNet flows. But, no matter how much is
>> dedicated for DetNet flows, it is a goal of DetNet to coexist with
>> existing Class of Service schemes (e.g., DiffServ). It is also
>> important that non-DetNet traffic not disrupt the DetNet flow, of
>> course (see Section 3.3.2 and Section 5). For these reasons:
>>
>> o Bandwidth (transmission opportunities) not utilized by a DetNet
>> flow is available to non-DetNet packets (though not to other
>> DetNet flows).
>>
>> o DetNet flows can be shaped or scheduled, in order to ensure that
>> the highest-priority non-DetNet packet is also ensured a worst-
>> case latency.
>>
>> o When transmission opportunities for DetNet flows are scheduled in
>> detail, then the algorithm constructing the schedule should leave
>> sufficient opportunities for non-DetNet packets to satisfy the
>> needs of the users of the network. Detailed scheduling can also
>> permit the time-shared use of buffer resources by different DetNet
>> flows.
>>
>> Starvation of non-DetNet traffic must be avoided, e.g., by traffic
>> policing functions (e.g., [RFC2475]). Thus, the net effect of the
>> presence of DetNet flows in a network on the non-DetNet flows is
>> primarily a reduction in the available bandwidth.
>>
>>
>> I think we need a little bit more to understand what you'd like to see
changed or added. Can you suggest text or what specific topic you'd like to
see added/addressed?
>
> Yes, let me try to explain better…while comparing with the current
> text in §5, which basically says that even though the objective of
> DetNet is to provide bounded latency, a MIIM may delay the traffic and
> the objective may not be achieved.
>
> For non-DetNet traffic, the objective is to not starve it, while
> providing specific guarantees to the DetNet flows — said other way
> (from the Introduction): "Unused reserved resources are available to
> non-DetNet packets as long as all guarantees are fulfilled.”  However,
> the algorithms (maybe error, misconfiguration…or even maliciously) may
> end up*not* constructing the schedule to leave sufficient
> opportunities for non-DetNet packets (as suggested in the text above
> from §3.3.1).
>
> I see a parallel in how there is a risk of the intention for DetNet
> flows not being met (because of an attack) and how the intention for
> non-DetNet traffic may also not be met.
>
Okay, this sounds like basically the same point that Benjamin was
making, i.e., there must be mechanisms preventing non-detnet traffic
from impacting detnet traffic, and detnet traffic trying to use more
than its allocation and impacting non-detnet traffic. Is this correct or
are you asking for something different/additional?

Yes.  I’m not asking so much for a mechanism, but for at least the
recognition that it is a risk.




>
>>> Related to the above is the fact that the identification of flows could
be used
>>> to specifically *not* include some of them as DetNet flows. This is a
>>> variation of the concern outlined in §6, but applied to non-DetNet
flows, with
>>> the potential starvation mentioned above. Again, I would like to at
least see
>>> some discussion of this risk.
>>
>> I don't follow - what is the risk that should be addressed?
>>
> §6 talks about potential privacy concerns due to the identification of
> flows.  I interpret that as potentially being able to identify the
> user (application, or both maybe).
>
Currently flow identification is based on IP headers (6 tuple) and/or
MPLS labels.  So DetNet has the same privacy concerns as standard IP/MPLS.


> As far as I understand the architecture, DetNet flows are identified
> at the edge and then assigned to specific paths.  If the
> identification of flows can be used to identify the user (for
> example), then it can be used to not only attack specific DetNet flow,
> but also to decide to not provide guarantees to a specific flow based
> on who the user or the application may be.
>
Given DetNet flow identification, is this any different than standard PBR?

Right, it is not really different.  It is just not mentioned anywhere that
identification (or misidentification as it may be, maybe maliciously) can
lead to not providing guarantees, potential starving, etc..

Thanks!

Alvaro.

v2.23.0 | Report a Bug | By Email