IETF Logo Mail Archive

Re: [ippm] [tsvwg] [iccrg] New Internet Draft: Congestion Signaling (CSIG)

Sebastian Moeller <moeller0@gmx.de> Tue, 20 February 2024 20:22 UTC

Return-Path: <moeller0@gmx.de>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7D82C180B69; Tue, 20 Feb 2024 12:22:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.853
X-Spam-Level:
X-Spam-Status: No, score=-6.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bxzqryHjn3jf; Tue, 20 Feb 2024 12:22:09 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93F27C180B6E; Tue, 20 Feb 2024 12:22:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.de; s=s31663417; t=1708460522; x=1709065322; i=moeller0@gmx.de; bh=5pe/cPk28XVOF7yc7WLAXRvgK0Bo4qdcL+5gq8A13FY=; h=X-UI-Sender-Class:Subject:From:In-Reply-To:Date:Cc:References: To; b=BCyeU6Gm0CDDybP71BRLQxvGDOhTrowTaaPovSizs+BCmxJN0DTqeEtrNcmWJvOx 6qJQa0aiR+mG/5UD1uqzkhm8ZRG+DuiWVA5FWrzVf4fE+qin+sD9mXEG7cphyHqkz /yrGgUi9/y8QCrkeGqaJFTZldpqffZPxn22Rjr2hRyWDfL0zJ0afHp9w/nBWaI6cY TZXkPegVrh7+Yu9hL/1OpI8xyJ6/Il3fymXfdVBOIeF5yCI6uStWikaBvKnWeA8jl xLejoHfRV2QS92DRhY4S7I/8ifbnHkmt2mOO8O0JQ0cVi1DtBH95CUQJ3ZYGCXoUH JoVZT5gWhWHT5IGbBg==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from smtpclient.apple ([95.112.170.242]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MvK0R-1qlerD2hwP-00rJ1V; Tue, 20 Feb 2024 21:22:02 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
From: Sebastian Moeller <moeller0@gmx.de>
In-Reply-To: <9a0b8228-ed26-431c-92df-03a29d5f1a0d@huitema.net>
Date: Tue, 20 Feb 2024 21:21:51 +0100
Cc: Tom Herbert <tom@herbertland.com>, tsvwg <tsvwg@ietf.org>, Jai Kumar <jai.kumar@broadcom.com>, IETF IPPM WG <ippm@ietf.org>, Nandita Dukkipati <nanditad@google.com>, iccrg@irtf.org, Naoshad Mehta <naoshad@google.com>, ccwg@ietf.org, Abhiram Ravi <abhiramr@google.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <22C7F864-23E6-4780-A334-8A6208155513@gmx.de>
References: <CAF0+TDD+44TAHf7y05GzmCgbau66ey7AU2RaVroim_Tukf=7nQ@mail.gmail.com> <CALx6S35V8xyDBkN0m8kDEcNk0N734Fqq0Ne8ZJ284ZnSSUwV9w@mail.gmail.com> <CALx6S35XNyBe5=gh7JpaCKEkiXaEwPGHrDZe=E-EPkiF5mUCLA@mail.gmail.com> <CAB_+Fg5McYXt=M5MNkuxHrKrXQgZMS6PLRoVeUKiSUe5Qb7LjA@mail.gmail.com> <CALx6S35OHyhWjmkV2jiOqO-sB9Csugx0umB_yF_ann9rB8Tgbw@mail.gmail.com> <CAEsRLK9_bHrhyvFqCz3do=Ax3mKZor4EtqXY2chdfL7fzi1UMw@mail.gmail.com> <500388A6-50D3-4535-84CB-E6EF454960DD@gmx.de> <CALx6S37gOatLC_DZiM4M=e8qrzyE9y1D1i+UqOYXatd7Y6Nauw@mail.gmail.com> <918C1325-EC13-48CF-9B29-50EEB3A0FF1C@gmx.de> <CALx6S37zGrNMai+9khwG2_rpsiQuTd8bSiWbxZK-oiVEB0aimQ@mail.gmail.com> <A68A0319-7942-482D-A395-BB72901B2EA7@gmx.de> <CALx6S36AON6GkPLLcBVaq1uKxaRwgvc-txCkb9PCyX0DGs7ktw@mail.gmail.com> <4E3C7A28-C810-4420-A799-81ACC320A5D2@gmx.de> <9a0b8228-ed26-431c-92df-03a29d5f1a0d@huitema.net>
To: Christian Huitema <huitema@huitema.net>
X-Mailer: Apple Mail (2.3774.400.31)
X-Provags-ID: V03:K1:5oTEVm1Y4wZSS9XxxJy1KwLmigViJkWUnc/Nff8pfBydNdc96jU vlqTxaF+hX739Ha7WVoIatUJ83Yc+9hpz4h0ymGT7p/RFLHGB8ZJPx8s4rXAzYcIZrjSGFR bfkgmriYbTuf1M/rN0/gOadLDrFDaNYZjIR84Ij6BMqSMoDfh3I0L6a5eB54JF8v6sU78SP MxTxpobe3ZV0Mf6LVEFiA==
UI-OutboundReport: notjunk:1;M01:P0:0q3wI8cRHJM=;468+giJN7nIK6qPzvnKBwemSosi uUX0ALhmudEE5hMBcZ3Q0qA9Fibm224z65mVG1xLRGq4tctLv8ejOh/GiIHMfPCB7A/eHbDGK N5P/9A1ouHx0o5DeK99jggQ4Yo7BGDsu2wOYtqKjmILw3fEWzoIUa7KRwBFCTQOBUg0IfxfgZ FaAn/40Nk27RVBIO7UvwkxjkGntEtkUs6lXHwQEyYG7qKq4uvPJbOmxuHtHGICGrYOqJ21CzE xQHCvgzTn53bhMVUHKTStez3OWp7sxlWid4nITnvUCBqz1P30W8Iu56WTiKYmLb1mfb90K0sA sETD7L4OiwTok9kv3PauWtFr5FChIPrrfQOlV5hXXQRio7He2ytQBvGi+jggByatxbWzV9sIb Lk6EHqujhM+Kq3MUkJLNk9x8nrxV8yzOLimf6rTs7wjaj36viAKQjkdlsTygLgojdFxxaRf+1 YzRIkIDMrNu+N4LhrSPouSWAMqgfaqzkV3Dm8wAmGqZecJH830Ll5oprMD7xfbOlfpqIvCFua uV3LIW/xx6QNqyp7kziPO8NLqQKzZC9y45Y4cwBYe/cc3TeMF7KOX8Owk+XQISHNIPQEElaYG xgs1qaXN/D/R2f8TopiPQAzDUWndcgtmIsyNslIDQFngmc1I85Df2HGYHKyLE0JUiHnXeVQZC /IEIbPe3nbyewj7a+936LNyXueOEYbK49/ZvRYii2l667a75e9cU4Sk4QTaHr2SSnVTKRfyNj wYjPiF+A0ZtNPwOBHjIQAMD3yVYCpOAgImZPw7nAWlZKP8TF9YjEE4F/G5Q5NkOsvgTQ5m0ot S1khtb828MHY72NrHiIET5iNNUaVd47jDgvYl/WQ19Lzg=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/Ri7c_Djn8SpatD9x9LoU_hBH3Uc>
X-Mailman-Approved-At: Wed, 21 Feb 2024 03:45:32 -0800
Subject: Re: [ippm] [tsvwg] [iccrg] New Internet Draft: Congestion Signaling (CSIG)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Feb 2024 20:22:13 -0000

Hi Christian,


> On 20. Feb 2024, at 21:08, Christian Huitema <huitema@huitema.net> wrote:
> 
> 
> 
> On 2/20/2024 9:55 AM, Sebastian Moeller wrote:
>>> That's more of a statement of security and not feasibility. There's simply no security in the Internet, so we cannot trust or validate that anonymous intermediate nodes are going to write correct information. Any plain text in a packet on the Internet is subject to inspection and modification if the data isn't authenticated, and in the worst case this could be a DoS vector by writing bad information.
>> [SM3] Indeed, but e.g. for TCP you would need to know a lot about the most recent packet to be able to play games, no? So either you are on path and already can drop/duplicate packets at will or you are off path but still need a recent enough veridical packet to be able cause mischief, no? (I might be insufficiently creative in attack vectors)
> 
> I am analysis congestion control information using the framework of "honest signals". In human communication, "honest signals" are those that cannot be easily faked by the communicator. For example, smiling is not really a honest signal, because it is easy to fake; blushing, on the other hand, is hard to fake.
> 
> When it come to Internet wide congestion control, we have pretty much the same issue. Networks may want to fool the application for a variety of reasons, and may start faking congestion signals. Some of these signals are hard to fake. End to end data rate for example: slowing a specific stream of packets is hard to fake; measuring the end to end data rate is a pretty good indication of the state of the network. End to end RTT is also a rather honest signal: yes, routers could put some specific packets in a slow queue, but that requires resource.

[SM] This is the approach that BBR went, and it ran smack into not working well on paths with AQM at the bottleneck. It now detects and special cases these situations, but this shows that achievable rate and delay are NOT sufficient pieces of information, at least not generally.

> Packet losses almost belong in that category. They are not hard to fake, routers could play favorites and selectively drop packets with a certain profile. But dropping too many packets affects the "quality rating" of a provider, so there is some pressure to not fake it. That pressure is probably one of the reasons behind bufferbloat. The main problem with packet loss as a signal is that losses may have other causes than congestion.
> 
> ECN is not really a honest signal. Setting a bit in a packet header does not require a lot of efforts, so routers could do that to play favorites. In fact, past bugs in some networks caused almost all packets to be marked as CE. Using ECN is very nice when you can trust it, but end nodes should probably do that cautiously, detecting for example a sudden raise in ECN marks rather than reacting to an average value.
> 
> ECN is just one bit. There is always a temptation to do a better ECN with many more bits. For example, CE directs a sender to slow down. It would be nice to have a corresponding "All clear" signal telling the senders that they can speed up. L4S attempts to do that by modulating the CE bit, so that a low frequency kinda indicates "all clear", while a high frequency says "slow down", and give some indication of how much. Suddenly, one bit becomes several bits, just spread over many packets.

[SM] But that is the point, L4S already uses a multi-bit signal, albeit one that combined the trust problem withe problem of rate codes... And that latter thing clearly isa not generally understood, I hear proposals for QUIC to onle send the fiorst CE mark quickly to the sender while delaying followingCE marks is considered OK. That is IMHO not how rate coding works, or at least not how it works well and in a timely fashion, but I digress. My point is the multibit horse is out of the barn, now we can at least do multibit correctly... (One of the other flaws of the L4S approach is that the congestin state rate code gets sprayed over a set of packets of wildy different flows).

> The idea of adding more bits in packet headers is not exactly new

[SM] Yes that has been quite obvious for a long time, but recent research has demonstrated the superiority of true multi-bit over single-bit other bit banged rate codes...

> -- see for example TCP QUIC Start by Sally Floyd et al., RFC 4782, January 2007. The problem is that the more bits you add, the more you exacerbate issues of trust, and also risks of bugs. "Many more bits" may work in a controlled environment, but I really do not see that working on the whole Internet.

[SM] congestion information might not need many more bits... see Arslan, Serhat, and Nick McKeown. “Switches Know the Exact Amount of Congestion.” In Proceedings of the 2019 Workshop on Buffer Sizing, 1–6, 2019. where a 4 bit signal already delivers most of the improvement. Now I am not saying 4bit is the perfect solution, but I am also not convinced that 'Many more bits' are required and that hence the increase in attack surface might well be worth the improvement in congestion response.

Sebastian

> 
> -- Christian Huitema
>

v2.39.1 | Report a Bug | By Email | System Status