IETF Logo Mail Archive

Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification

Balázs Varga A <balazs.a.varga@ericsson.com> Mon, 05 November 2018 04:12 UTC

Return-Path: <balazs.a.varga@ericsson.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BF75130E0F for <detnet@ietfa.amsl.com>; Sun, 4 Nov 2018 20:12:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.77
X-Spam-Level:
X-Spam-Status: No, score=-4.77 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=IQVIuSbY; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=ericsson.com header.b=dqv2gabm
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KsNCajD8M7Nj for <detnet@ietfa.amsl.com>; Sun, 4 Nov 2018 20:12:54 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21C32128CF2 for <detnet@ietf.org>; Sun, 4 Nov 2018 20:12:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1541391172; x=1543983172; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Trt3eK7L1YzCzYZ/OLbdlyTx+epfZucQ3AIt7nELPYo=; b=IQVIuSbYkjTbAqw6xswxD4elgfMCe0xpctfBFodwnRhi31M2zq8k68bDsfjUVCeO mjWoF5XPuQb+SGk06UYhHnAUM23lu96otRyU2n/vLmCwotvQKHL9dQ6o+v9PqQFg m+PEUHyn95k2MdrI5+YpsJG8VipRckXkHdKTkfiDrP0=;
X-AuditID: c1b4fb2d-425ff7000000434d-5c-5bdfc34429ab
Received: from ESESBMB501.ericsson.se (Unknown_Domain [153.88.183.114]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 96.65.17229.443CFDB5; Mon, 5 Nov 2018 05:12:52 +0100 (CET)
Received: from ESESSMR504.ericsson.se (153.88.183.126) by ESESBMB501.ericsson.se (153.88.183.184) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 5 Nov 2018 05:12:52 +0100
Received: from ESESSMB501.ericsson.se (153.88.183.162) by ESESSMR504.ericsson.se (153.88.183.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 5 Nov 2018 05:12:51 +0100
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Mon, 5 Nov 2018 05:12:51 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jCQ2Mq/dvtheZkb7el8VMJqBuEcS849uNanhkEjrmpI=; b=dqv2gabmCUV+0jtW/Ew+oKNG9Tl5KGVb+AsPWYza+gdY4hScYCMhMvU2kzSGEb969TsTw8hXxINWOYEnmZ7xNJAq4DR7HK4vxoc5cuayjPfqM4yLm8yxi8FuruyWyKvFS7bPM/dva/srX9CilKDfKTq4UHpz97MGbdZQQ678CMs=
Received: from VI1PR0701MB2525.eurprd07.prod.outlook.com (10.168.139.138) by VI1PR0701MB2319.eurprd07.prod.outlook.com (10.168.137.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.8; Mon, 5 Nov 2018 04:12:50 +0000
Received: from VI1PR0701MB2525.eurprd07.prod.outlook.com ([fe80::589e:7d97:409c:2ec2]) by VI1PR0701MB2525.eurprd07.prod.outlook.com ([fe80::589e:7d97:409c:2ec2%8]) with mapi id 15.20.1294.028; Mon, 5 Nov 2018 04:12:50 +0000
From: Balázs Varga A <balazs.a.varga@ericsson.com>
To: "Black, David" <David.Black@dell.com>, "detnet@ietf.org" <detnet@ietf.org>
Thread-Topic: IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
Thread-Index: AdR0WNCrZGGbU8NhRgmkuzkuVax3LAAY6CVA
Date: Mon, 05 Nov 2018 04:12:50 +0000
Message-ID: <VI1PR0701MB25253F5A9AB8890CAE3A8FDCACCA0@VI1PR0701MB2525.eurprd07.prod.outlook.com>
References: <CE03DB3D7B45C245BCA0D243277949363032B993@MX307CL04.corp.emc.com>
In-Reply-To: <CE03DB3D7B45C245BCA0D243277949363032B993@MX307CL04.corp.emc.com>
Accept-Language: hu-HU, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.a.varga@ericsson.com;
x-originating-ip: [2001:67c:1232:144:fdb4:ebfe:b87d:be96]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR0701MB2319; 6:lEskAsCsyBUUbkbjHLWQ+NxzZ8MD3NpSlVMmHgL4ajUJfXGbsarlKQUKxZmoMVePOqY1BSSq9aJKqk0HgwmU4VSPU0mxj8nCbNcXJX6Nk9i6/wsnseGcGwNKbB43xyYzR7+8Q/TnWigcgc1BVraWnTvTeySMu+B5UFlvcTHapfBEW1SvOaT2M9F3pzC5oohcxJmGPfSPk6NqUrwKOvMAsAvkmohPO7vsmD6JpJ2luxo5ks+zWb/RAsCvvnKdmYLBfYJf71l3JIt7OAjbVDGwRgPmGJSuOSK4s3OmjOZYihHLegthWS6PZX06z8lE7/z7nPzmHbTt+v+61gnbd4465vbAb3F5pQaEBZH86WF4mGWBPWsZqKMUEtTuQYCv/KPjUyCmC2iSs155xtDT6TjoqtZilladNGCSSoIL2fNE2ClQzVl/xrxKJeFd80p+dWmlRQlDsimsMS5vucE6mC9xHw==; 5:yAGe3CQG+CcEqQ3PqLZyZ0hagHOdbNXdd0ZEfmumkKAUwA56dcRIpNecJVKK99hk6QKLXj+k5GgCg9YzHrDZx+ic77M4iCUIL2BfLjKvVj3wY5oYLO3g3X8RvrQc9WBcRQZLosoqnFz+Zld7jEGnRvk0Esu1eOB2/HQBpeeskMI=; 7:pBnAQdI/S7bIDZ/aDFfB8y+brU9i5HJFuCEnJArvr+VcA9gNqQdKVM1z7s9fkuHxDv22Muo7zmwreSs8Q/yuKPrdRu6rTOaAZM6HUX2qac77QCcUV81ixZodrYynLzhAnyUiwiz5fgK8yFK0nZtctg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 4ddd7e3c-da6e-48cc-accb-08d642d4f396
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(49563074)(7193020); SRVR:VI1PR0701MB2319;
x-ms-traffictypediagnostic: VI1PR0701MB2319:
x-microsoft-antispam-prvs: <VI1PR0701MB23194B89FCBC3600D3710B52ACCA0@VI1PR0701MB2319.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(56004941905204)(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(102415395)(6040522)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231382)(944501410)(4983020)(52105095)(148016)(149066)(150057)(6041310)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:VI1PR0701MB2319; BCL:0; PCL:0; RULEID:; SRVR:VI1PR0701MB2319;
x-forefront-prvs: 08476BC6EF
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(136003)(366004)(346002)(376002)(189003)(199004)(53546011)(7696005)(46003)(6506007)(76176011)(110136005)(2501003)(8936002)(11346002)(99286004)(486006)(476003)(9686003)(236005)(54896002)(55016002)(6306002)(71190400001)(71200400001)(446003)(8676002)(6436002)(7736002)(6246003)(53936002)(106356001)(25786009)(105586002)(33656002)(74316002)(81166006)(81156014)(97736004)(316002)(229853002)(2900100001)(186003)(99936001)(102836004)(14444005)(68736007)(256004)(478600001)(2906002)(9326002)(14454004)(790700001)(5660300001)(6116002)(86362001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0701MB2319; H:VI1PR0701MB2525.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: I5DubhWy5I69VXdRnUBrJ1oN+P+2VSucjkH9xXG/Fpdxkdvre6RK14O5JC2eSsFNgg816Fc68EBkBF/388TbA28FaGb1apuCIlKQxtDmpbkB14z1hM37u1oattJAzWh/QAGqP6Htm6tuRJcedRErpEKddX05TvxJKQDG09slfsYEcEWyNKB1iOAuHXInqmg3rugvXaMQcC6J0TGM8oLHjyD0HHXMt/DbV5tKcMXGWPyRirQoZ699Nlf8OrbspXOumrYJepkUOIWlUh9P6ST/66M6xD0SxRAj+AsDIICdhRx6NUvrbkcZTwAAHUzsa1OwxVIVLA7M4P9rrr/xFk18mehD8V3rzjDMGePlLqeFr7g=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_00A3_01D474F8.79E92160"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ddd7e3c-da6e-48cc-accb-08d642d4f396
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2018 04:12:50.6351 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2319
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA2WSe0hTYRjG+c45m8fV6HMZvtgFGtIflTZNw64U2AhCkaDSLG3pydS52TlL MoKELtrESstyizJxmGwZWmpFI29dvFWaeUmisdRuVlZi6Yxs27co6L/f+7zP+3zvCx9Ly96K /NkUjY7jNSq1XCxhDDG3+MCIZlucwlEzK/yrsYwJn/p2kVlPbSo0FNObTKZJKpraIVmTxKlT Mjl+2brdkn397/vEGZ8+ooOm6msoG514jvTImwUcClX3yhk9krAyfB9B6/ccL1KMI3jzcvpv 0dMwgEhRRoHj/EnKVTD4DA0VtT006VygYLDruGdmGIH+0QTtekaMN8JYrl3sYl8cBS0V0259 Nk6DS1MWiuhqeFxp8HAItOU/YlzM4ADo7TvlXleKd4Ph8ml3jgxHgqXhqdvv7cy8eD3HySyL 8HywV4a7ZBr7wcBQCUUu9QV7V7uY8Bx4P/hL5GKE42GqPpt2jQJeCb3X0ollPjwryXNfDLhf DBMdp71IIxC+FBXRhCOhpOoVTUzdCIp/TotI0FI4d/UI8Wjhx/EJROTD4Dg7j8gLwJxvZ84g hfGfTY3OJBoXIBgfPUYb3Rf7QKthiCGmOPjxedzDCrA15YoIL4Hy0hGa8DI48dBC/6+vhXdt Ni/CC+Fcnt3DYTDy4Cu6gmaY0RyBE4T05JDlQRyfkigIWk2QhtPdQM4v11gzFXgbWUY2NCHM IvlM6Z56W5xMpMoUstKbUIAz53WVpRP5MxqthpP7SpsjnG1pkirrEMdrE/gDak5oQnNZRu4n DTJbd8hwskrHpXFcBsf/6VKst382Khj3+9zZb23PiY80yFoLb8qjKN2aF3xMql9zfYSpLleh HxuzRsv9rS2K1QvDxqKf1PzUKp+szTubmCC5vP/u6pNbtmdsU357W/S6ZLQlOKpxlUlpztrb 7VP6ofPoYO3OUF/H0MDKRXUdsUObSyfzdylDYrOH5YqOyRWpW1NDq+98kTPCPlXwYpoXVL8B P+mDGHoDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/lvFMhVIYTzOoe6VZW77-wYXFJWU>
Subject: Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2018 04:13:02 -0000

Hi David,

 

Many thanks for your comments and suggestions. This is definitely something
we must fix.

Just two general statement as background:

- ECN was not considered so far to be useful for DetNet flows. DetNet flows
expect zero congestion loss.

DetNet sources do not consider to react on ECN.

- Masking for flow identification was considered as a general rule for the
“tuples” (i.e. not DSCP specific).

 

So, regarding your proposals

A, No usage of ECN for flow identification: AGREE

B, DSCP list instead of bitmask: AGREE, it can provide the same result.

C, New DiffServ PHB for DetNet: Agree in principle, let’s discuss the
details

 

Thanks

Bala’zs

 

From: detnet <detnet-bounces@ietf.org> On Behalf Of Black, David
Sent: Sunday, November 4, 2018 11:27 PM
To: detnet@ietf.org
Subject: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP
headers for detnet flow identification

 

We have a problem here …

 

The detnet IP solution draft (draft-ietf-detnet-dp-sol-ip-01.txt) has this
to say about

use of DSCP and ECN fields in IP headers for detnet flow identification:

 

6.1.1.4.  IPv4 Type of Service and IPv6 Traffic Class Fields

 

   These fields are used to support Differentiated Services [RFC2474]

   and Explicit Congestion Notification [RFC3168].  Implementations of

   this document MUST support DetNet flow identification based on the

   IPv4 Type of Service field when processing IPv4 packets, and the IPv6

   Traffic Class Field when processing IPv6 packets.  Implementations

   MUST support bimask based matching, where one (1) values in the

   bitmask indicate which subset of the bits in the field are to be used

   in determining a match.  Note that a zero (0) value as a bitmask

   effectively means that these fields are ignored.

 

That bitmask approach won’t work, as it violates both RFC 2474 and RFC 3168.

 

Starting with ECN (RFC 3168) – the 2-bit ECN field is intended to enable ECN
functionality to be

applied to any flow, and the contents of the ECN field can be changed by any
router.  Using ECN

field values to identify separate flows is wrong, see Section 5 of RFC 3168,
which specifies the

current use of that field..

 

That leaves the 6-bit DSCP field, which is defined by RFC 2474.  The above
bitmask approach is

prohibited by the following paragraph in section 3 of RFC 2474:

 

   Implementors should note that the DSCP field is six bits wide.  DS-

   compliant nodes MUST select PHBs by matching against the entire 6-bit

   DSCP field, e.g., by treating the value of the field as a table index

   which is used to select a particular packet handling mechanism which

   has been implemented in that device.  The value of the CU field MUST

   be ignored by PHB selection.  The DSCP field is defined as an

   unstructured field to facilitate the definition of future per-hop

   behaviors.

 

The CU field is now the ECN field (see RFC 3168).  My reading is that the
current section 6.1.1.4 text in

the IP solutions draft has managed to violate all three “MUST” requirements
in that RFC 2474

paragraph, which is impressive … and not in a good way.

 

I suggest that several things be done:

a.	Abandon use of the ECN field for detnet flow identification. 
b.	For the DSCP field, change from a bitmask approach to a list of
DSCPs.

a.	I would note that a carefully chosen DSCP list can be implemented
via a bitmask.

c.	Define one or more Diffserv PHBs that realize DetNet behavior.

a.	I suspect that much of the content needed for this already exists in
the
detnet drafts, so this should not be a “from scratch” exercise.

 

I would also caution that the current IP solution draft text on 6-tuples for
flow identification appears

to allow multiple separate detnet flows that differ only in DSCP to use the
same IP 5-tuple (source &

destination addresses, transport protocol, source & destination ports).  I
believe that this also ought

to be prohibited, as Diffserv uses 5-tuples for flow identification - see
the definition and use of the

term “microflow” in RFC 2475.

 

A quick glance at the MPLS solution suggests that it does not have an
analogous problem with the TC

field in labels as the TC field does not appear to be used for detnet flow
identification.

 

Thanks, --David

----------------------------------------------------------------

David L. Black, Senior Distinguished Engineer

Dell EMC, 176 South St., Hopkinton, MA  01748

+1 (774) 350-9323 New    Mobile: +1 (978) 394-7754

David.Black@dell.com <mailto:David.Black@dell.com> 

----------------------------------------------------------------

v2.23.0 | Report a Bug | By Email