Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
Greg Mirsky <gregimirsky@gmail.com> Thu, 08 November 2018 06:23 UTC
Return-Path: <gregimirsky@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 980EB130E10 for <detnet@ietfa.amsl.com>; Wed, 7 Nov 2018 22:23:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id skEAs3AtGKbI for <detnet@ietfa.amsl.com>; Wed, 7 Nov 2018 22:23:09 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0DD1130E04 for <detnet@ietf.org>; Wed, 7 Nov 2018 22:23:08 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id k19-v6so16945361lji.11 for <detnet@ietf.org>; Wed, 07 Nov 2018 22:23:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ug64hg7DHqEPup5VC8UwGXWIicPJG4IDMcIp2K1QuyE=; b=MJGkw1LYLNo4EI7piOWWsPPn8eq7W9hyOmAfYxsvhccSezSibcwgLQnMVBhdqhUfmx PsFTEcMof+Ga0L+SFT+/7Q4m4OOQ8YV2mHKUs1teBLYWCpLNfAcRNGoji2qbocmBdw4Z JvndaqZsf23kfPj2rhp0dhBlRf0bo9yWICcXlrKmPO3V/J8GmOg0Ke1Bl+8XAjxt7dgY pj8D2JGO++zRgpwUXitEgI3/JQd1JcB39yo5l78Ctgv7vVUsXKmoJAO7uClOAXxTAqVl muHkGaZHcPrW+jDlQRRvw6jXZLtdmxPk64tPRfBSjUsERBV4kiiFFpTGlq5PaIuo95jB NFGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ug64hg7DHqEPup5VC8UwGXWIicPJG4IDMcIp2K1QuyE=; b=ZSsIIUtSLyhYGVO9S3G6JP5C9062tGWu7HqUV11oU8FVMTTl8rO9tHSP1v8DuoR9vT hMS8OmJuqsx5D1ck2MlNAcLeUxH/yfdJqHeYgQg7Yvnt1VPRUOL2Xn3iBvgJ75Ip0WnA 2cPaSWcu5rgrf1yDwDyvq7IOuEUrL89/ecYwfKkQxE3+VaSWOp4PkGKsRHGukxhmzCYO duhCl0pHYFZt3H3Ev3gGOTYsWCGT0irWgWzvK3zjz3cnfubDwgLQuLy5W/N7Ex7lfewd vb/y3zQmGL243PsLIiKSCpfSKA+fJpRCWfbOnUjUi4i7mFoM5bzHa2MGwNaVXQmzygjQ 0ksg==
X-Gm-Message-State: AGRZ1gKsIfcKYEP/KUJESY2C7fS3F+bY12IUf3+7UI58UMdRRP2Liw/J uf13GN+cV0jops5kLY8xXUMRxRicKIlFl41dKwpitbVT
X-Google-Smtp-Source: AJdET5fzKcvWkBwiMUzy0O+9NH2m/WXm30GflIac78CemQV/jseXEcAeE4VksXccIOmsjgAcj07ODjACaXmgHC7HuzE=
X-Received: by 2002:a2e:7d15:: with SMTP id y21-v6mr1687824ljc.77.1541658186417; Wed, 07 Nov 2018 22:23:06 -0800 (PST)
MIME-Version: 1.0
References: <CE03DB3D7B45C245BCA0D243277949363032B993@MX307CL04.corp.emc.com> <VI1PR0701MB25253F5A9AB8890CAE3A8FDCACCA0@VI1PR0701MB2525.eurprd07.prod.outlook.com> <CE03DB3D7B45C245BCA0D243277949363033031C@MX307CL04.corp.emc.com> <4ce74c7f-09c0-cd54-c128-9405687b9d5e@labn.net>
In-Reply-To: <4ce74c7f-09c0-cd54-c128-9405687b9d5e@labn.net>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Thu, 08 Nov 2018 13:22:56 +0700
Message-ID: <CA+RyBmXCe1MJJD-9NPsN7eOz=jq2CDT+rX_BvtgYsiby8_vZ+A@mail.gmail.com>
To: Lou Berger <lberger@labn.net>
Cc: "Black, David" <David.Black@dell.com>, Balázs Varga <balazs.a.varga@ericsson.com>, DetNet WG <detnet@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000910a40057a2144e5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/qi48lY8sN2ofg9cK4oENOkiANqo>
Subject: Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2018 06:23:13 -0000
Hi Lou, et al., one clarification question: - is it expected that DetNet flows will use several DSCP values or all DetNet services will use one? Regards, Greg On Wed, Nov 7, 2018 at 8:07 PM Lou Berger <lberger@labn.net> wrote: > Hi, > > David and I took advantage of being together this week and came up > with a proposed resolution to this. The proposal is as follows: > > - ECN bits will *not* be mentioned as being used as part of flow > identifications > - DSCP configuration will use value lists, not masks > - For the same 5-tuple value sender SHOULD NOT mix DSCP values used for > DetNet with non-DetNet (DSCP) values > > Please let me/us know what you think, > > Lou > > Thanks to David for the discussion. > > On 11/6/2018 10:48 AM, Black, David wrote: > > > > Hi Varga, > > > > I’m pleased that we mostly agree, and I’ll be happy to discuss the PHB > > further. > > > > This discussion may also provide insight into my concern about 5-tuple > > vs. 6-tuple flow identification – it looks like we have two different > > sorts of “flow identification” under discussion: > > > > - Identification of a flow in the network in general (network flow or > > microflow in RFC 2475). > > > > - Identification of a flow that undergoes DetNet processing at a > > DetNet node (DetNet flow). > > > > At the moment, we’re using 5-tuples (src & dst addresses, protocol, > > src & dst ports) for network flow identification and 6-tuples (5-tuple > > + DSCP) for Detnet flow identification. In other words, we’re > > effectively saying that a network flow (defined by a 5-tuple), becomes > > a DetNet flow when a DetNet DSCP is added to request DetNet forwarding > > by the network. There’s a level of indirection here caused by the > > Diffserv architecture – a DetNet DSCP designates a DetNet PHB, and any > > a packet marked with a DetNet DSCP receives DetNet forwarding at a > > DetNet node. > > > > That said, my concern is that the 6-tuple term for a DetNet flow seems > > counter-intuitive to me, even though the DetNet forwarding plane in a > > DetNet node may well be matching on all 6 elements involved in order > > to decide whether to provide DetNet forwarding to each arriving packet. > > > > IMHO, a better description would be that a network flow (5-tuple) is > > being uniformly marked with a DetNet DSCP to request DetNet treatment > > from the network (and presumably DetNet router hardware is matching on > > DetNet DSCPs to dispatch inbound packets to DetNet forwarding logic > > instead of conventional forwarding logic). The counter-intuitivity > > of the 6-tuple term arises in the error case when someone uses a > > “clever” marking of a single 5-tuple flow with a mixture of DetNet and > > non-DetNet DSCPs. I believe that the result of that “cleverness” is > > not multiple flows (which would be implied by the “6-tuple” term), > > even though it may look like that in a DetNet node implementation. I > > think the result is better described as a single not-entirely-DetNet > > flow (defined by a 5-tuple) that receives bizarre forwarding treatment > > at DetNet nodes - some of the packets get DetNet forwarding treatment > > and some get other forwarding treatment, so in a loaded network, > > significant reordering is likely, and the receiver is probably not > > going to be happy with the resulting packet arrival order. > > > > If this all makes sense, that “clever” mixing of DetNet and non-DetNet > > DSCPs in a single flow (hence mixing DetNet and non-DetNet forwarding > > behavior in a single flow) deserves a “SHOULD NOT” statement in the > > draft, with a warning about the bizarre forwarding behavior at DetNet > > nodes that is a likely result, which seems like a better thing to do > > than my original suggestion for some sort of prohibition on mixing > > DetNet and non-DetNet packets in the same 5-tuple. > > > > Thanks, --David > > > > *From:* Balázs Varga A [mailto:balazs.a.varga@ericsson.com] > > *Sent:* Sunday, November 4, 2018 11:13 PM > > *To:* Black, David; detnet@ietf.org > > *Subject:* RE: IP Solution problem: Use of DSCP and ECN fields in IP > > headers for detnet flow identification > > > > Hi David, > > > > Many thanks for your comments and suggestions. This is definitely > > something we must fix. > > > > Just two general statement as background: > > > > - ECN was not considered so far to be useful for DetNet flows. DetNet > > flows expect zero congestion loss. > > > > DetNet sources do not consider to react on ECN. > > > > - Masking for flow identification was considered as a general rule for > > the “tuples” (i.e. not DSCP specific). > > > > So, regarding your proposals > > > > A, No usage of ECN for flow identification: AGREE > > > > B, DSCP list instead of bitmask: AGREE, it can provide the same result. > > > > C, New DiffServ PHB for DetNet: Agree in principle, let’s discuss the > > details > > > > Thanks > > > > Bala’zs > > > > *From:* detnet <detnet-bounces@ietf.org> *On Behalf Of *Black, David > > *Sent:* Sunday, November 4, 2018 11:27 PM > > *To:* detnet@ietf.org > > *Subject:* [Detnet] IP Solution problem: Use of DSCP and ECN fields in > > IP headers for detnet flow identification > > > > We have a problem here … > > > > The detnet IP solution draft (draft-ietf-detnet-dp-sol-ip-01.txt) has > > this to say about > > > > use of DSCP and ECN fields in IP headers for detnet flow identification: > > > > 6.1.1.4. IPv4 Type of Service and IPv6 Traffic Class Fields > > > > These fields are used to support Differentiated Services [RFC2474] > > > > and Explicit Congestion Notification [RFC3168]. Implementations of > > > > this document MUST support DetNet flow identification based on the > > > > IPv4 Type of Service field when processing IPv4 packets, and the IPv6 > > > > Traffic Class Field when processing IPv6 packets. Implementations > > > > MUST support bimask based matching, where one (1) values in the > > > > bitmask indicate which subset of the bits in the field are to be used > > > > in determining a match. Note that a zero (0) value as a bitmask > > > > effectively means that these fields are ignored. > > > > That bitmask approach won’t work, as it violates both RFC 2474 and RFC > > 3168. > > > > Starting with ECN (RFC 3168) – the 2-bit ECN field is intended to > > enable ECN functionality to be > > > > applied to any flow, and the contents of the ECN field can be changed > > by any router. Using ECN > > > > field values to identify separate flows is wrong, see Section 5 of RFC > > 3168, which specifies the > > > > current use of that field.. > > > > That leaves the 6-bit DSCP field, which is defined by RFC 2474. The > > above bitmask approach is > > > > prohibited by the following paragraph in section 3 of RFC 2474: > > > > Implementors should note that the DSCP field is six bits wide. DS- > > > > compliant nodes MUST select PHBs by matching against the entire 6-bit > > > > DSCP field, e.g., by treating the value of the field as a table index > > > > which is used to select a particular packet handling mechanism which > > > > has been implemented in that device. The value of the CU field MUST > > > > be ignored by PHB selection. The DSCP field is defined as an > > > > unstructured field to facilitate the definition of future per-hop > > > > behaviors. > > > > The CU field is now the ECN field (see RFC 3168). My reading is that > > the current section 6.1.1.4 text in > > > > the IP solutions draft has managed to violate all three “MUST” > > requirements in that RFC 2474 > > > > paragraph, which is impressive … and not in a good way. > > > > I suggest that several things be done: > > > > a)Abandon use of the ECN field for detnet flow identification. > > > > b)For the DSCP field, change from a bitmask approach to a list of DSCPs. > > > > a.I would note that a carefully chosen DSCP list can be implemented > > via a bitmask. > > > > c)Define one or more Diffserv PHBs that realize DetNet behavior. > > > > a.I suspect that much of the content needed for this already exists in > the > > detnet drafts, so this should not be a “from scratch” exercise. > > > > I would also caution that the current IP solution draft text on > > 6-tuples for flow identification appears > > > > to allow multiple separate detnet flows that differ only in DSCP to > > use the same IP 5-tuple (source & > > > > destination addresses, transport protocol, source & destination > > ports). I believe that this also ought > > > > to be prohibited, as Diffserv uses 5-tuples for flow identification - > > see the definition and use of the > > > > term “microflow” in RFC 2475. > > > > A quick glance at the MPLS solution suggests that it does not have an > > analogous problem with the TC > > > > field in labels as the TC field does not appear to be used for detnet > > flow identification. > > > > Thanks, --David > > > > ---------------------------------------------------------------- > > > > David L. Black, Senior Distinguished Engineer > > > > Dell EMC, 176 South St., Hopkinton, MA 01748 > > > > +1 (774) 350-9323 *New * Mobile: +1 (978) 394-7754 > > > > David.Black@dell.com <mailto:David.Black@dell.com> > > > > ---------------------------------------------------------------- > > > > > > _______________________________________________ > > detnet mailing list > > detnet@ietf.org > > https://www.ietf.org/mailman/listinfo/detnet > > _______________________________________________ > detnet mailing list > detnet@ietf.org > https://www.ietf.org/mailman/listinfo/detnet >
- [Detnet] IP Solution problem: Use of DSCP and ECN… Black, David
- Re: [Detnet] IP Solution problem: Use of DSCP and… Balázs Varga A
- Re: [Detnet] IP Solution problem: Use of DSCP and… Black, David
- Re: [Detnet] IP Solution problem: Use of DSCP and… Lou Berger
- Re: [Detnet] IP Solution problem: Use of DSCP and… Andrew G. Malis
- Re: [Detnet] IP Solution problem: Use of DSCP and… Lou Berger
- Re: [Detnet] IP Solution problem: Use of DSCP and… Greg Mirsky
- Re: [Detnet] IP Solution problem: Use of DSCP and… Lou Berger