Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
Balázs Varga A <balazs.a.varga@ericsson.com> Mon, 05 November 2018 04:12 UTC
Return-Path: <balazs.a.varga@ericsson.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BF75130E0F for <detnet@ietfa.amsl.com>; Sun, 4 Nov 2018 20:12:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.77
X-Spam-Level:
X-Spam-Status: No, score=-4.77 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=IQVIuSbY; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=ericsson.com header.b=dqv2gabm
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KsNCajD8M7Nj for <detnet@ietfa.amsl.com>; Sun, 4 Nov 2018 20:12:54 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21C32128CF2 for <detnet@ietf.org>; Sun, 4 Nov 2018 20:12:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1541391172; x=1543983172; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Trt3eK7L1YzCzYZ/OLbdlyTx+epfZucQ3AIt7nELPYo=; b=IQVIuSbYkjTbAqw6xswxD4elgfMCe0xpctfBFodwnRhi31M2zq8k68bDsfjUVCeO mjWoF5XPuQb+SGk06UYhHnAUM23lu96otRyU2n/vLmCwotvQKHL9dQ6o+v9PqQFg m+PEUHyn95k2MdrI5+YpsJG8VipRckXkHdKTkfiDrP0=;
X-AuditID: c1b4fb2d-425ff7000000434d-5c-5bdfc34429ab
Received: from ESESBMB501.ericsson.se (Unknown_Domain [153.88.183.114]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 96.65.17229.443CFDB5; Mon, 5 Nov 2018 05:12:52 +0100 (CET)
Received: from ESESSMR504.ericsson.se (153.88.183.126) by ESESBMB501.ericsson.se (153.88.183.184) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 5 Nov 2018 05:12:52 +0100
Received: from ESESSMB501.ericsson.se (153.88.183.162) by ESESSMR504.ericsson.se (153.88.183.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 5 Nov 2018 05:12:51 +0100
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Mon, 5 Nov 2018 05:12:51 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jCQ2Mq/dvtheZkb7el8VMJqBuEcS849uNanhkEjrmpI=; b=dqv2gabmCUV+0jtW/Ew+oKNG9Tl5KGVb+AsPWYza+gdY4hScYCMhMvU2kzSGEb969TsTw8hXxINWOYEnmZ7xNJAq4DR7HK4vxoc5cuayjPfqM4yLm8yxi8FuruyWyKvFS7bPM/dva/srX9CilKDfKTq4UHpz97MGbdZQQ678CMs=
Received: from VI1PR0701MB2525.eurprd07.prod.outlook.com (10.168.139.138) by VI1PR0701MB2319.eurprd07.prod.outlook.com (10.168.137.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.8; Mon, 5 Nov 2018 04:12:50 +0000
Received: from VI1PR0701MB2525.eurprd07.prod.outlook.com ([fe80::589e:7d97:409c:2ec2]) by VI1PR0701MB2525.eurprd07.prod.outlook.com ([fe80::589e:7d97:409c:2ec2%8]) with mapi id 15.20.1294.028; Mon, 5 Nov 2018 04:12:50 +0000
From: Balázs Varga A <balazs.a.varga@ericsson.com>
To: "Black, David" <David.Black@dell.com>, "detnet@ietf.org" <detnet@ietf.org>
Thread-Topic: IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
Thread-Index: AdR0WNCrZGGbU8NhRgmkuzkuVax3LAAY6CVA
Date: Mon, 05 Nov 2018 04:12:50 +0000
Message-ID: <VI1PR0701MB25253F5A9AB8890CAE3A8FDCACCA0@VI1PR0701MB2525.eurprd07.prod.outlook.com>
References: <CE03DB3D7B45C245BCA0D243277949363032B993@MX307CL04.corp.emc.com>
In-Reply-To: <CE03DB3D7B45C245BCA0D243277949363032B993@MX307CL04.corp.emc.com>
Accept-Language: hu-HU, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.a.varga@ericsson.com;
x-originating-ip: [2001:67c:1232:144:fdb4:ebfe:b87d:be96]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR0701MB2319; 6:lEskAsCsyBUUbkbjHLWQ+NxzZ8MD3NpSlVMmHgL4ajUJfXGbsarlKQUKxZmoMVePOqY1BSSq9aJKqk0HgwmU4VSPU0mxj8nCbNcXJX6Nk9i6/wsnseGcGwNKbB43xyYzR7+8Q/TnWigcgc1BVraWnTvTeySMu+B5UFlvcTHapfBEW1SvOaT2M9F3pzC5oohcxJmGPfSPk6NqUrwKOvMAsAvkmohPO7vsmD6JpJ2luxo5ks+zWb/RAsCvvnKdmYLBfYJf71l3JIt7OAjbVDGwRgPmGJSuOSK4s3OmjOZYihHLegthWS6PZX06z8lE7/z7nPzmHbTt+v+61gnbd4465vbAb3F5pQaEBZH86WF4mGWBPWsZqKMUEtTuQYCv/KPjUyCmC2iSs155xtDT6TjoqtZilladNGCSSoIL2fNE2ClQzVl/xrxKJeFd80p+dWmlRQlDsimsMS5vucE6mC9xHw==; 5:yAGe3CQG+CcEqQ3PqLZyZ0hagHOdbNXdd0ZEfmumkKAUwA56dcRIpNecJVKK99hk6QKLXj+k5GgCg9YzHrDZx+ic77M4iCUIL2BfLjKvVj3wY5oYLO3g3X8RvrQc9WBcRQZLosoqnFz+Zld7jEGnRvk0Esu1eOB2/HQBpeeskMI=; 7:pBnAQdI/S7bIDZ/aDFfB8y+brU9i5HJFuCEnJArvr+VcA9gNqQdKVM1z7s9fkuHxDv22Muo7zmwreSs8Q/yuKPrdRu6rTOaAZM6HUX2qac77QCcUV81ixZodrYynLzhAnyUiwiz5fgK8yFK0nZtctg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 4ddd7e3c-da6e-48cc-accb-08d642d4f396
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(49563074)(7193020); SRVR:VI1PR0701MB2319;
x-ms-traffictypediagnostic: VI1PR0701MB2319:
x-microsoft-antispam-prvs: <VI1PR0701MB23194B89FCBC3600D3710B52ACCA0@VI1PR0701MB2319.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(56004941905204)(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(102415395)(6040522)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231382)(944501410)(4983020)(52105095)(148016)(149066)(150057)(6041310)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:VI1PR0701MB2319; BCL:0; PCL:0; RULEID:; SRVR:VI1PR0701MB2319;
x-forefront-prvs: 08476BC6EF
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(136003)(366004)(346002)(376002)(189003)(199004)(53546011)(7696005)(46003)(6506007)(76176011)(110136005)(2501003)(8936002)(11346002)(99286004)(486006)(476003)(9686003)(236005)(54896002)(55016002)(6306002)(71190400001)(71200400001)(446003)(8676002)(6436002)(7736002)(6246003)(53936002)(106356001)(25786009)(105586002)(33656002)(74316002)(81166006)(81156014)(97736004)(316002)(229853002)(2900100001)(186003)(99936001)(102836004)(14444005)(68736007)(256004)(478600001)(2906002)(9326002)(14454004)(790700001)(5660300001)(6116002)(86362001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0701MB2319; H:VI1PR0701MB2525.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: I5DubhWy5I69VXdRnUBrJ1oN+P+2VSucjkH9xXG/Fpdxkdvre6RK14O5JC2eSsFNgg816Fc68EBkBF/388TbA28FaGb1apuCIlKQxtDmpbkB14z1hM37u1oattJAzWh/QAGqP6Htm6tuRJcedRErpEKddX05TvxJKQDG09slfsYEcEWyNKB1iOAuHXInqmg3rugvXaMQcC6J0TGM8oLHjyD0HHXMt/DbV5tKcMXGWPyRirQoZ699Nlf8OrbspXOumrYJepkUOIWlUh9P6ST/66M6xD0SxRAj+AsDIICdhRx6NUvrbkcZTwAAHUzsa1OwxVIVLA7M4P9rrr/xFk18mehD8V3rzjDMGePlLqeFr7g=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_00A3_01D474F8.79E92160"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ddd7e3c-da6e-48cc-accb-08d642d4f396
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2018 04:12:50.6351 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2319
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA2WSe0hTYRjG+c45m8fV6HMZvtgFGtIflTZNw64U2AhCkaDSLG3pydS52TlL MoKELtrESstyizJxmGwZWmpFI29dvFWaeUmisdRuVlZi6Yxs27co6L/f+7zP+3zvCx9Ly96K /NkUjY7jNSq1XCxhDDG3+MCIZlucwlEzK/yrsYwJn/p2kVlPbSo0FNObTKZJKpraIVmTxKlT Mjl+2brdkn397/vEGZ8+ooOm6msoG514jvTImwUcClX3yhk9krAyfB9B6/ccL1KMI3jzcvpv 0dMwgEhRRoHj/EnKVTD4DA0VtT006VygYLDruGdmGIH+0QTtekaMN8JYrl3sYl8cBS0V0259 Nk6DS1MWiuhqeFxp8HAItOU/YlzM4ADo7TvlXleKd4Ph8ml3jgxHgqXhqdvv7cy8eD3HySyL 8HywV4a7ZBr7wcBQCUUu9QV7V7uY8Bx4P/hL5GKE42GqPpt2jQJeCb3X0ollPjwryXNfDLhf DBMdp71IIxC+FBXRhCOhpOoVTUzdCIp/TotI0FI4d/UI8Wjhx/EJROTD4Dg7j8gLwJxvZ84g hfGfTY3OJBoXIBgfPUYb3Rf7QKthiCGmOPjxedzDCrA15YoIL4Hy0hGa8DI48dBC/6+vhXdt Ni/CC+Fcnt3DYTDy4Cu6gmaY0RyBE4T05JDlQRyfkigIWk2QhtPdQM4v11gzFXgbWUY2NCHM IvlM6Z56W5xMpMoUstKbUIAz53WVpRP5MxqthpP7SpsjnG1pkirrEMdrE/gDak5oQnNZRu4n DTJbd8hwskrHpXFcBsf/6VKst382Khj3+9zZb23PiY80yFoLb8qjKN2aF3xMql9zfYSpLleh HxuzRsv9rS2K1QvDxqKf1PzUKp+szTubmCC5vP/u6pNbtmdsU357W/S6ZLQlOKpxlUlpztrb 7VP6ofPoYO3OUF/H0MDKRXUdsUObSyfzdylDYrOH5YqOyRWpW1NDq+98kTPCPlXwYpoXVL8B P+mDGHoDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/lvFMhVIYTzOoe6VZW77-wYXFJWU>
Subject: Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2018 04:13:02 -0000
Hi David, Many thanks for your comments and suggestions. This is definitely something we must fix. Just two general statement as background: - ECN was not considered so far to be useful for DetNet flows. DetNet flows expect zero congestion loss. DetNet sources do not consider to react on ECN. - Masking for flow identification was considered as a general rule for the tuples (i.e. not DSCP specific). So, regarding your proposals A, No usage of ECN for flow identification: AGREE B, DSCP list instead of bitmask: AGREE, it can provide the same result. C, New DiffServ PHB for DetNet: Agree in principle, lets discuss the details Thanks Balazs From: detnet <detnet-bounces@ietf.org> On Behalf Of Black, David Sent: Sunday, November 4, 2018 11:27 PM To: detnet@ietf.org Subject: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification We have a problem here The detnet IP solution draft (draft-ietf-detnet-dp-sol-ip-01.txt) has this to say about use of DSCP and ECN fields in IP headers for detnet flow identification: 6.1.1.4. IPv4 Type of Service and IPv6 Traffic Class Fields These fields are used to support Differentiated Services [RFC2474] and Explicit Congestion Notification [RFC3168]. Implementations of this document MUST support DetNet flow identification based on the IPv4 Type of Service field when processing IPv4 packets, and the IPv6 Traffic Class Field when processing IPv6 packets. Implementations MUST support bimask based matching, where one (1) values in the bitmask indicate which subset of the bits in the field are to be used in determining a match. Note that a zero (0) value as a bitmask effectively means that these fields are ignored. That bitmask approach wont work, as it violates both RFC 2474 and RFC 3168. Starting with ECN (RFC 3168) the 2-bit ECN field is intended to enable ECN functionality to be applied to any flow, and the contents of the ECN field can be changed by any router. Using ECN field values to identify separate flows is wrong, see Section 5 of RFC 3168, which specifies the current use of that field.. That leaves the 6-bit DSCP field, which is defined by RFC 2474. The above bitmask approach is prohibited by the following paragraph in section 3 of RFC 2474: Implementors should note that the DSCP field is six bits wide. DS- compliant nodes MUST select PHBs by matching against the entire 6-bit DSCP field, e.g., by treating the value of the field as a table index which is used to select a particular packet handling mechanism which has been implemented in that device. The value of the CU field MUST be ignored by PHB selection. The DSCP field is defined as an unstructured field to facilitate the definition of future per-hop behaviors. The CU field is now the ECN field (see RFC 3168). My reading is that the current section 6.1.1.4 text in the IP solutions draft has managed to violate all three MUST requirements in that RFC 2474 paragraph, which is impressive and not in a good way. I suggest that several things be done: a. Abandon use of the ECN field for detnet flow identification. b. For the DSCP field, change from a bitmask approach to a list of DSCPs. a. I would note that a carefully chosen DSCP list can be implemented via a bitmask. c. Define one or more Diffserv PHBs that realize DetNet behavior. a. I suspect that much of the content needed for this already exists in the detnet drafts, so this should not be a from scratch exercise. I would also caution that the current IP solution draft text on 6-tuples for flow identification appears to allow multiple separate detnet flows that differ only in DSCP to use the same IP 5-tuple (source & destination addresses, transport protocol, source & destination ports). I believe that this also ought to be prohibited, as Diffserv uses 5-tuples for flow identification - see the definition and use of the term microflow in RFC 2475. A quick glance at the MPLS solution suggests that it does not have an analogous problem with the TC field in labels as the TC field does not appear to be used for detnet flow identification. Thanks, --David ---------------------------------------------------------------- David L. Black, Senior Distinguished Engineer Dell EMC, 176 South St., Hopkinton, MA 01748 +1 (774) 350-9323 New Mobile: +1 (978) 394-7754 David.Black@dell.com <mailto:David.Black@dell.com> ----------------------------------------------------------------
- [Detnet] IP Solution problem: Use of DSCP and ECN… Black, David
- Re: [Detnet] IP Solution problem: Use of DSCP and… Balázs Varga A
- Re: [Detnet] IP Solution problem: Use of DSCP and… Black, David
- Re: [Detnet] IP Solution problem: Use of DSCP and… Lou Berger
- Re: [Detnet] IP Solution problem: Use of DSCP and… Andrew G. Malis
- Re: [Detnet] IP Solution problem: Use of DSCP and… Lou Berger
- Re: [Detnet] IP Solution problem: Use of DSCP and… Greg Mirsky
- Re: [Detnet] IP Solution problem: Use of DSCP and… Lou Berger