Re: [ippm] Comparing Alternate Marking and Explicit Flow Measurements (Spin bit, ...)

Ian Swett <ianswett@google.com> Mon, 29 March 2021 12:01 UTC

Return-Path: <ianswett@google.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0FA13A0DD9 for <ippm@ietfa.amsl.com>; Mon, 29 Mar 2021 05:01:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZZTsA7T1lxFY for <ippm@ietfa.amsl.com>; Mon, 29 Mar 2021 05:01:01 -0700 (PDT)
Received: from mail-wr1-x42d.google.com (mail-wr1-x42d.google.com [IPv6:2a00:1450:4864:20::42d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6949D3A1016 for <ippm@ietf.org>; Mon, 29 Mar 2021 05:00:44 -0700 (PDT)
Received: by mail-wr1-x42d.google.com with SMTP id j18so12584903wra.2 for <ippm@ietf.org>; Mon, 29 Mar 2021 05:00:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0PRyxjNsVkJwyQRRPiDqA8oWns0sQdKPdBgx07AxWlI=; b=jSvPznSBET3PV8iB1IPtcJk7Pys2+avciJkMJ+TaY0qXygduGnzHmhcZCLf2Jk+nwP X/wXDoZ4M5y2xFGD7tse+H7TP7qtYLnG+mQt5QJDYudcH4ld4snk2A9iO3u9HytvrMns YxIOejHs48sLs3fkuU4gV/dy1RkKn6OiTPQh/oBjne5+pSPPpjF2gPovT/CD2QSULQ2X R7siYMV7osWjpQI4Ev27N7UZ9adFb3/w1bEW+kTsN/0yweypWrdn4yUj6bvMew1RrAcB rhNkk1BDM4WzCpYYhDNqaSTdr2ltly93dgDyCSxPBBCDoWhvzSjDBF19dDLeh3r5BQ43 BHVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0PRyxjNsVkJwyQRRPiDqA8oWns0sQdKPdBgx07AxWlI=; b=aegNlpSSoRN41B1fkwvIKLGf7qL10WO5UCipfGQsBxBDJ898k5NB2G+mjvLw4hJi/n 7uy/jVav6lmVSJCOHUPmpdYqov48vhXsBTTiob3XTdaTUfxmpSZzEC3ajxHDbG5os3/d AXmdcB9+LRSpHSMXw8JsN5E3+iJkdflsNpUbPUb/XgAiJzbFk8J+/k11mdrxITcCsTyN 8fuTc7lLsOKKlONNFpsQBtNiLciM+wdhAuiAJZMa6KnBcUEmbtLTnRWLhNdr0QicMDes vG5hrAXhB8yZYch7jHd7mCnxWfzaOIeZCvsk967x0YOu4l0Fdsjrx0I3AnVB3ZM0BMo9 B3LQ==
X-Gm-Message-State: AOAM532hgyuiIGBQZkX/iG0T454eRR8YTSofbbxKRFERni6dmfLQDW71 25Xx9CaECEjdMacnwpm6BaTUnBSuBEejZqIHAs8tMw==
X-Google-Smtp-Source: ABdhPJxRHSAyZ9ZuFkP9x6U238HjidTEM0zVl0uzrrbI9+/jR5j5qJMpeni11U9BOrivvI/u+TSjtbMdpj3eKAT1e60=
X-Received: by 2002:adf:9148:: with SMTP id j66mr28748142wrj.124.1617019241829; Mon, 29 Mar 2021 05:00:41 -0700 (PDT)
MIME-Version: 1.0
References: <8f60ffc8e0fd4376ba911c03f5c43039@TELMBXD14BA020.telecomitalia.local> <56398ea2e37a4a6ca53e85eb39add9a2@usma1ex-dag1mb5.msg.corp.akamai.com>
In-Reply-To: <56398ea2e37a4a6ca53e85eb39add9a2@usma1ex-dag1mb5.msg.corp.akamai.com>
From: Ian Swett <ianswett@google.com>
Date: Mon, 29 Mar 2021 08:00:00 -0400
Message-ID: <CAKcm_gNb-J59S3w806V4h2P_K5TkozRXNJCpNmMHbUcSOVjnUQ@mail.gmail.com>
To: "Lubashev, Igor" <ilubashe@akamai.com>
Cc: Cociglio Mauro <mauro.cociglio=40telecomitalia.it@dmarc.ietf.org>, "IETF IPPM WG (ippm@ietf.org)" <ippm@ietf.org>, "explicit-meas@ietf.org" <explicit-meas@ietf.org>, "alexandre.ferrieux@orange.com" <alexandre.ferrieux@orange.com>, "HAMCHAOUI Isabelle IMT/OLN" <isabelle.hamchaoui@orange.com>, "quic@ietf.org" <quic@ietf.org>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000816c4705beaba11c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/W8G1_I6vETDhhnhdzLk5gOXSj6U>
Subject: Re: [ippm] Comparing Alternate Marking and Explicit Flow Measurements (Spin bit, ...)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Mar 2021 12:01:06 -0000

Thanks for the maprg slides Igor, it's great to hear you'd enable this if
it was standardized.

<Taking off my WG chair hat>

Has Akamai conducted any privacy analysis it would be willing to share with
the IETF?  For this to be widely deployed, I think that will need to be
done, similar to the spin bit.

On Sat, Mar 27, 2021 at 4:29 PM Lubashev, Igor <ilubashe@akamai.com> wrote:

> Thank you, Mauro.
>
> I would like to point out to IPPM WG that some of the proposed measurement
> techniques have already been implemented and had been running on the
> Internet in 2019 and 2020.  Namely, Akamai has implemented Loss Bits (L+Q)
> and enabled them on a large portion of QIUC traffic served to Orange
> Telecom users in several countries, while Orange implemented observers that
> collected and analyzed the measurements.  We have discussed the
> measurements and techniques in MAPRG during IETF-105 (and at other WGs and
> meetings).
>
> Here is our IETF-105 MAPRG presentation discussing the data
> https://datatracker.ietf.org/meeting/105/materials/slides-105-maprg-packet-loss-signaling-for-encrypted-protocols-01
> .
>
> In short, we found that unidirectional observations of QUIC traffic with
> L+Q bits alone to be effective for measuring both upstream and downstream
> packet loss and characterizing the magnitude of packet reordering.
>
> During the last meeting Ian asked whether Akamai would implement and
> enable these measurements techniques for QUIC on the large scale, if all
> the relevant drafts get standardized by IETF.  The answer is that, yes, we
> would.  We are very interested in doing what it takes to improve Internet
> performance for the users, and we would work hard to implement techniques
> that can help network operators to improve QOS on their networks.
>
> - Igor
>
> > -----Original Message-----
> > From: Cociglio Mauro <mauro.cociglio=40telecomitalia.it@dmarc.ietf.org>
> > Sent: Tuesday, March 16, 2021 9:48 AM
> > To: IETF IPPM WG (ippm@ietf.org) <ippm@ietf.org>rg>; explicit-meas@ietf.org
> > Cc: quic@ietf.org; tsvwg@ietf.org
> > Subject: [ippm] Comparing Alternate Marking and Explicit Flow
> > Measurements (Spin bit, ...)
> >
> > Hi.
> > Last Friday during the IPPM meeting,  after the "Explicit Flow
> Measurements"
> > draft presentation
> > (https://urldefense.com/v3/__https://tools.ietf.org/html/draft-mdt-ippm-
> > explicit-flow-measurements-01__;!!GjvTz_vk!CC-VjNQml5au1pXfCN50J-D-
> > O99Zvrz686frIu4shWxPEipwQd7TTuOM3NTyNCU$ ), Greg Mirsky raised an
> > issue that I think is very important.
> > The question is about differences and similarities between the two types
> of
> > production traffic packet marking for performance measurements, proposed
> > in IETF and initiated in the IPPM WG: Alternate Marking and Explicit Flow
> > Measurements.
> >
> > The first technique known as Alternate Marking or AM/PM (Alternate
> > Marking Performance Monitoring) is defined, in general terms, in RFC8321
> > (the point-to-point version) and RFC8889 (the multipoint version).
> > It is essentially a Telco measurement, born to measure packet delay and
> loss
> > between the input and output of a network, or between 2 internal points
> of
> > the network, in order to identify and localize a problem. It is a network
> > measure and it is the network operator that performs the marking by
> > modifying packets on the fly.
> > The strength of this technique comes from the decoupling of marking and
> > measurement. We can mark all traffic, using a fixed marking interval
> (typically
> > "big": from 1 second up to 5 minutes), then we decide what to measure
> > based on the resources I want to use. In case of packet loss measurement
> > we can start from a single packet counter for all traffic for each
> measurement
> > point (possibility described in RFC8889), to have a network measurement,
> to
> > arrive to a counter for each point-to-point connection you want to
> monitor
> > (as described in RFC8321).
> > In order to obtain the measurement it is necessary to compare the data
> > collected from at least 2 measurement points (counters for packet loss,
> > timestamps for delay). Then a "communication" between measurement
> > points, or with a Network Measurement Center, is needed.
> > There are already commercial implementations of this technique (also for
> > IPv4) and IETF drafts that are standardizing it for various protocols
> (IPv6,
> > MPLS, Segment Routing, BIER, ...).
> > The Alternate Marking methodology is evolving into the draft "Big Data
> > AltMark" (https://urldefense.com/v3/__https://tools.ietf.org/html/draft-
> > c2f-ippm-big-data-alt-mark-01__;!!GjvTz_vk!CC-VjNQml5au1pXfCN50J-D-
> > O99Zvrz686frIu4shWxPEipwQd7TTuOM_yNIIgs$ ) that defines point-to-point
> > flows measurements applying post processing to performance data collected
> > by sampling a single network multipoint flow.
> >
> > The second marking technique for performance monitoring of packet
> > networks has been called Explicit Flow Measurements (EFM), and is more
> > recent because it's born with the Spin bit RTT measurement. And it came
> > about primarily to have an end-to-end performance measure, from the
> > terminal, on which an application is running, to the server at the
> opposite
> > end of the network. EFM can be seen as complementary measures to
> > Alternate Marking.
>

One question on this.  As a QUIC WG member I was under the impression the
spin bit would enable measurement within networks, but I agree that it is
best as an end-to-end measurement.  However, network endpoints can and
do(ie: qlog) export metrics and traces to provide detailed information
that's much richer than spin or loss bits, which makes me less clear on the
value of EFM.  Igor indicated it worked as intended, but there is the
separate question of whether it provides enough value on top of endpoint
logging and Alternate Marking.


> > It requires certain characteristics of the protocols to which it can be
> applied,
> > which are client-server, and it is particularly convenient for protocols
> that
> > prevent the marking of packets on the fly (e.g. QUIC), because the
> marking
> > occurs only on the end-points of the connection.
> > The disadvantage with respect to the previous technique is that it always
> > works for client-server point-to-point connection, it is not possible to
> > aggregate measurements saving on monitoring resources as described in
> > RFC8889. The advantage is that it can also work with a single monitoring
> > point, even if having more points enhances it and allows intradomain
> > measurements. With a single measurement point you can obtain end-to-end
> > measures (Spin bit, Delay bit for delay and Loss bit, rT loss bit for
> packet loss)
> > or end-to-observer measures (sQuare bit and Reflection bit for packet
> loss).
> > End-to-observer measurements and scalability considerations make it
> > particularly convenient to place a measurement point on the client (see
> > https://urldefense.com/v3/__https://tools.ietf.org/html/draft-cnbf-ippm-
> > user-devices-explicit-monitoring-01__;!!GjvTz_vk!CC-VjNQml5au1pXfCN50J-
> > D-O99Zvrz686frIu4shWxPEipwQd7TTuOMvZGbbWs$ ).
> >
> > Best Regards.
> >
> > Mauro
> > _____________________
> > Mauro Cociglio
> > TIM - Telecom Italia
> > Via G. Reiss Romoli, 274
> > 10148 - Torino (Italy)
> > Tel.: +390112285028 <+39%20011%20228%205028>
> > Mobile: +393357669751 <+39%20335%20766%209751>
> > _____________________
> >
> >
> > TIM - Uso Interno - Tutti i diritti riservati.
> >
> > Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle
> > persone indicate. La diffusione, copia o qualsiasi altra azione
> derivante dalla
> > conoscenza di queste informazioni sono rigorosamente vietate. Qualora
> > abbiate ricevuto questo documento per errore siete cortesemente pregati
> di
> > darne immediata comunicazione al mittente e di provvedere alla sua
> > distruzione, Grazie.
> >
> > This e-mail and any attachments is confidential and may contain
> privileged
> > information intended for the addressee(s) only. Dissemination, copying,
> > printing or use by anybody else is unauthorised. If you are not the
> intended
> > recipient, please delete this message and any attachments and advise the
> > sender by return e-mail, Thanks.
> >
> > Rispetta l'ambiente. Non stampare questa mail se non è necessario.
> >
> > _______________________________________________
> > ippm mailing list
> > ippm@ietf.org
> > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ippm_
> > _;!!GjvTz_vk!CC-VjNQml5au1pXfCN50J-D-
> > O99Zvrz686frIu4shWxPEipwQd7TTuOMMXmeW4s$
>