IETF Logo Mail Archive

Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification

Greg Mirsky <gregimirsky@gmail.com> Thu, 08 November 2018 06:23 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 980EB130E10 for <detnet@ietfa.amsl.com>; Wed, 7 Nov 2018 22:23:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id skEAs3AtGKbI for <detnet@ietfa.amsl.com>; Wed, 7 Nov 2018 22:23:09 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0DD1130E04 for <detnet@ietf.org>; Wed, 7 Nov 2018 22:23:08 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id k19-v6so16945361lji.11 for <detnet@ietf.org>; Wed, 07 Nov 2018 22:23:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ug64hg7DHqEPup5VC8UwGXWIicPJG4IDMcIp2K1QuyE=; b=MJGkw1LYLNo4EI7piOWWsPPn8eq7W9hyOmAfYxsvhccSezSibcwgLQnMVBhdqhUfmx PsFTEcMof+Ga0L+SFT+/7Q4m4OOQ8YV2mHKUs1teBLYWCpLNfAcRNGoji2qbocmBdw4Z JvndaqZsf23kfPj2rhp0dhBlRf0bo9yWICcXlrKmPO3V/J8GmOg0Ke1Bl+8XAjxt7dgY pj8D2JGO++zRgpwUXitEgI3/JQd1JcB39yo5l78Ctgv7vVUsXKmoJAO7uClOAXxTAqVl muHkGaZHcPrW+jDlQRRvw6jXZLtdmxPk64tPRfBSjUsERBV4kiiFFpTGlq5PaIuo95jB NFGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ug64hg7DHqEPup5VC8UwGXWIicPJG4IDMcIp2K1QuyE=; b=ZSsIIUtSLyhYGVO9S3G6JP5C9062tGWu7HqUV11oU8FVMTTl8rO9tHSP1v8DuoR9vT hMS8OmJuqsx5D1ck2MlNAcLeUxH/yfdJqHeYgQg7Yvnt1VPRUOL2Xn3iBvgJ75Ip0WnA 2cPaSWcu5rgrf1yDwDyvq7IOuEUrL89/ecYwfKkQxE3+VaSWOp4PkGKsRHGukxhmzCYO duhCl0pHYFZt3H3Ev3gGOTYsWCGT0irWgWzvK3zjz3cnfubDwgLQuLy5W/N7Ex7lfewd vb/y3zQmGL243PsLIiKSCpfSKA+fJpRCWfbOnUjUi4i7mFoM5bzHa2MGwNaVXQmzygjQ 0ksg==
X-Gm-Message-State: AGRZ1gKsIfcKYEP/KUJESY2C7fS3F+bY12IUf3+7UI58UMdRRP2Liw/J uf13GN+cV0jops5kLY8xXUMRxRicKIlFl41dKwpitbVT
X-Google-Smtp-Source: AJdET5fzKcvWkBwiMUzy0O+9NH2m/WXm30GflIac78CemQV/jseXEcAeE4VksXccIOmsjgAcj07ODjACaXmgHC7HuzE=
X-Received: by 2002:a2e:7d15:: with SMTP id y21-v6mr1687824ljc.77.1541658186417; Wed, 07 Nov 2018 22:23:06 -0800 (PST)
MIME-Version: 1.0
References: <CE03DB3D7B45C245BCA0D243277949363032B993@MX307CL04.corp.emc.com> <VI1PR0701MB25253F5A9AB8890CAE3A8FDCACCA0@VI1PR0701MB2525.eurprd07.prod.outlook.com> <CE03DB3D7B45C245BCA0D243277949363033031C@MX307CL04.corp.emc.com> <4ce74c7f-09c0-cd54-c128-9405687b9d5e@labn.net>
In-Reply-To: <4ce74c7f-09c0-cd54-c128-9405687b9d5e@labn.net>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Thu, 08 Nov 2018 13:22:56 +0700
Message-ID: <CA+RyBmXCe1MJJD-9NPsN7eOz=jq2CDT+rX_BvtgYsiby8_vZ+A@mail.gmail.com>
To: Lou Berger <lberger@labn.net>
Cc: "Black, David" <David.Black@dell.com>, Balázs Varga <balazs.a.varga@ericsson.com>, DetNet WG <detnet@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000910a40057a2144e5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/qi48lY8sN2ofg9cK4oENOkiANqo>
Subject: Re: [Detnet] IP Solution problem: Use of DSCP and ECN fields in IP headers for detnet flow identification
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2018 06:23:13 -0000

Hi Lou, et al.,
one clarification question:

   - is it expected that DetNet flows will use several DSCP values or all
   DetNet services will use one?

Regards,
Greg

On Wed, Nov 7, 2018 at 8:07 PM Lou Berger <lberger@labn.net> wrote:

> Hi,
>
>      David and I took advantage of being together this week and came up
> with a proposed resolution to this.  The proposal is as follows:
>
> - ECN bits will *not* be mentioned as being used as part of flow
> identifications
> - DSCP configuration will use value lists, not masks
> - For the same 5-tuple value sender SHOULD NOT mix DSCP values used for
> DetNet with non-DetNet (DSCP) values
>
> Please let me/us know what you think,
>
> Lou
>
> Thanks to David for the discussion.
>
> On 11/6/2018 10:48 AM, Black, David wrote:
> >
> > Hi Varga,
> >
> > I’m pleased that we mostly agree, and I’ll be happy to discuss the PHB
> > further.
> >
> > This discussion may also provide insight into my concern about 5-tuple
> > vs. 6-tuple flow identification – it looks like we have two different
> > sorts of “flow identification” under discussion:
> >
> > - Identification of a flow in the network in general (network flow or
> > microflow in RFC 2475).
> >
> > - Identification of a flow that undergoes DetNet processing at a
> > DetNet node (DetNet flow).
> >
> > At the moment, we’re using 5-tuples (src & dst addresses, protocol,
> > src & dst ports) for network flow identification and 6-tuples (5-tuple
> > + DSCP) for Detnet flow identification. In other words, we’re
> > effectively saying that a network flow (defined by a 5-tuple), becomes
> > a DetNet flow when a DetNet DSCP is added to request DetNet forwarding
> > by the network. There’s a level of indirection here caused by the
> > Diffserv architecture – a DetNet DSCP designates a DetNet PHB, and any
> > a packet marked with a DetNet DSCP receives DetNet forwarding at a
> > DetNet node.
> >
> > That said, my concern is that the 6-tuple term for a DetNet flow seems
> > counter-intuitive to me, even though the DetNet forwarding plane in a
> > DetNet node may well be matching on all 6 elements involved in order
> > to decide whether to provide DetNet forwarding to each arriving packet.
> >
> > IMHO, a better description would be that a network flow (5-tuple) is
> > being uniformly marked with a DetNet DSCP to request DetNet treatment
> > from the network (and presumably DetNet router hardware is matching on
> > DetNet DSCPs to dispatch inbound packets to DetNet forwarding logic
> > instead of conventional forwarding logic).   The counter-intuitivity
> > of the 6-tuple term arises in the error case when someone uses a
> > “clever” marking of a single 5-tuple flow with a mixture of DetNet and
> > non-DetNet DSCPs.  I believe that the result of that “cleverness” is
> > not multiple flows (which would be implied by the “6-tuple” term),
> > even though it may look like that in a DetNet node implementation.  I
> > think the result is better described as a single not-entirely-DetNet
> > flow (defined by a 5-tuple) that receives bizarre forwarding treatment
> > at DetNet nodes - some of the packets get DetNet forwarding treatment
> > and some get other forwarding treatment, so in a loaded network,
> > significant reordering is likely, and the receiver is probably not
> > going to be happy with the resulting packet arrival order.
> >
> > If this all makes sense, that “clever” mixing of DetNet and non-DetNet
> > DSCPs in a single flow (hence mixing DetNet and non-DetNet forwarding
> > behavior in a single flow) deserves a “SHOULD NOT” statement in the
> > draft, with a warning about the bizarre forwarding behavior at DetNet
> > nodes that is a likely result, which seems like a better thing to do
> > than my original suggestion for some sort of prohibition on mixing
> > DetNet and non-DetNet packets in the same 5-tuple.
> >
> > Thanks, --David
> >
> > *From:* Balázs Varga A [mailto:balazs.a.varga@ericsson.com]
> > *Sent:* Sunday, November 4, 2018 11:13 PM
> > *To:* Black, David; detnet@ietf.org
> > *Subject:* RE: IP Solution problem: Use of DSCP and ECN fields in IP
> > headers for detnet flow identification
> >
> > Hi David,
> >
> > Many thanks for your comments and suggestions. This is definitely
> > something we must fix.
> >
> > Just two general statement as background:
> >
> > - ECN was not considered so far to be useful for DetNet flows. DetNet
> > flows expect zero congestion loss.
> >
> > DetNet sources do not consider to react on ECN.
> >
> > - Masking for flow identification was considered as a general rule for
> > the “tuples” (i.e. not DSCP specific).
> >
> > So, regarding your proposals
> >
> > A, No usage of ECN for flow identification: AGREE
> >
> > B, DSCP list instead of bitmask: AGREE, it can provide the same result.
> >
> > C, New DiffServ PHB for DetNet: Agree in principle, let’s discuss the
> > details
> >
> > Thanks
> >
> > Bala’zs
> >
> > *From:* detnet <detnet-bounces@ietf.org> *On Behalf Of *Black, David
> > *Sent:* Sunday, November 4, 2018 11:27 PM
> > *To:* detnet@ietf.org
> > *Subject:* [Detnet] IP Solution problem: Use of DSCP and ECN fields in
> > IP headers for detnet flow identification
> >
> > We have a problem here …
> >
> > The detnet IP solution draft (draft-ietf-detnet-dp-sol-ip-01.txt) has
> > this to say about
> >
> > use of DSCP and ECN fields in IP headers for detnet flow identification:
> >
> > 6.1.1.4.  IPv4 Type of Service and IPv6 Traffic Class Fields
> >
> >    These fields are used to support Differentiated Services [RFC2474]
> >
> >    and Explicit Congestion Notification [RFC3168].  Implementations of
> >
> >    this document MUST support DetNet flow identification based on the
> >
> >    IPv4 Type of Service field when processing IPv4 packets, and the IPv6
> >
> >    Traffic Class Field when processing IPv6 packets.  Implementations
> >
> >    MUST support bimask based matching, where one (1) values in the
> >
> >    bitmask indicate which subset of the bits in the field are to be used
> >
> >    in determining a match.  Note that a zero (0) value as a bitmask
> >
> >    effectively means that these fields are ignored.
> >
> > That bitmask approach won’t work, as it violates both RFC 2474 and RFC
> > 3168.
> >
> > Starting with ECN (RFC 3168) – the 2-bit ECN field is intended to
> > enable ECN functionality to be
> >
> > applied to any flow, and the contents of the ECN field can be changed
> > by any router.  Using ECN
> >
> > field values to identify separate flows is wrong, see Section 5 of RFC
> > 3168, which specifies the
> >
> > current use of that field..
> >
> > That leaves the 6-bit DSCP field, which is defined by RFC 2474.  The
> > above bitmask approach is
> >
> > prohibited by the following paragraph in section 3 of RFC 2474:
> >
> > Implementors should note that the DSCP field is six bits wide.  DS-
> >
> >    compliant nodes MUST select PHBs by matching against the entire 6-bit
> >
> >    DSCP field, e.g., by treating the value of the field as a table index
> >
> >    which is used to select a particular packet handling mechanism which
> >
> >    has been implemented in that device.  The value of the CU field MUST
> >
> >    be ignored by PHB selection.  The DSCP field is defined as an
> >
> > unstructured field to facilitate the definition of future per-hop
> >
> >    behaviors.
> >
> > The CU field is now the ECN field (see RFC 3168).  My reading is that
> > the current section 6.1.1.4 text in
> >
> > the IP solutions draft has managed to violate all three “MUST”
> > requirements in that RFC 2474
> >
> > paragraph, which is impressive … and not in a good way.
> >
> > I suggest that several things be done:
> >
> > a)Abandon use of the ECN field for detnet flow identification.
> >
> > b)For the DSCP field, change from a bitmask approach to a list of DSCPs.
> >
> > a.I would note that a carefully chosen DSCP list can be implemented
> > via a bitmask.
> >
> > c)Define one or more Diffserv PHBs that realize DetNet behavior.
> >
> > a.I suspect that much of the content needed for this already exists in
> the
> > detnet drafts, so this should not be a “from scratch” exercise.
> >
> > I would also caution that the current IP solution draft text on
> > 6-tuples for flow identification appears
> >
> > to allow multiple separate detnet flows that differ only in DSCP to
> > use the same IP 5-tuple (source &
> >
> > destination addresses, transport protocol, source & destination
> > ports).  I believe that this also ought
> >
> > to be prohibited, as Diffserv uses 5-tuples for flow identification -
> > see the definition and use of the
> >
> > term “microflow” in RFC 2475.
> >
> > A quick glance at the MPLS solution suggests that it does not have an
> > analogous problem with the TC
> >
> > field in labels as the TC field does not appear to be used for detnet
> > flow identification.
> >
> > Thanks, --David
> >
> > ----------------------------------------------------------------
> >
> > David L. Black, Senior Distinguished Engineer
> >
> > Dell EMC, 176 South St., Hopkinton, MA 01748
> >
> > +1 (774) 350-9323 *New *   Mobile: +1 (978) 394-7754
> >
> > David.Black@dell.com <mailto:David.Black@dell.com>
> >
> > ----------------------------------------------------------------
> >
> >
> > _______________________________________________
> > detnet mailing list
> > detnet@ietf.org
> > https://www.ietf.org/mailman/listinfo/detnet
>
> _______________________________________________
> detnet mailing list
> detnet@ietf.org
> https://www.ietf.org/mailman/listinfo/detnet
>

v2.23.0 | Report a Bug | By Email