Re: [MBONED] mboned: draft-ietf-bier-multicast-http-response
"Holland, Jake" <jholland@akamai.com> Mon, 24 January 2022 23:02 UTC
Return-Path: <jholland@akamai.com>
X-Original-To: mboned@ietfa.amsl.com
Delivered-To: mboned@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D71A23A1596; Mon, 24 Jan 2022 15:02:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.675
X-Spam-Level:
X-Spam-Status: No, score=-2.675 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5i8p5ZP8r3Mg; Mon, 24 Jan 2022 15:02:08 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B62083A1593; Mon, 24 Jan 2022 15:02:05 -0800 (PST)
Received: from pps.filterd (m0050095.ppops.net [127.0.0.1]) by m0050095.ppops.net-00190b01. (8.16.1.2/8.16.1.2) with ESMTP id 20OJ0ajR009872; Mon, 24 Jan 2022 23:01:49 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=KYV8GJb0hkIWdz0AwpV/knmqtIbw20g0/hpeU47u63o=; b=ZFM4n+eU9SPyTmCqg8ELVt6gg3MFRzpZlTfUX8Zlw4/TGbzaEvyCBtAhGEeEY1JpzVSR +kShv9zUvStycmF0DmALZqdL+HMnj+5xTtLSMibPVarUpXqUJPYRmaoU6jKX8GBpOy4J 1CwDvnA/Jzx0njkTEf4IgaKqgq5PkbponfdZ4mv7iC0StWQDcCoexFLKLdKVMcJxtZWc UWkIJWvGVwTYid7jyI0GwPMzN8iKVP1sRN7YeVFUrxvrM5/c0d1imAhPtTAP6iNNnKl7 xc6oTjBzwrjSIpQzx3SQmk99rfmNbMzQ7xyUtZhjFlTrfq/yJqUzRDcMh5/DyMbLVmeA NA==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19] (may be forged)) by m0050095.ppops.net-00190b01. (PPS) with ESMTPS id 3dsf0dde8a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 24 Jan 2022 23:01:48 +0000
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.1.2/8.16.1.2) with SMTP id 20OMn36M025997; Mon, 24 Jan 2022 18:01:47 -0500
Received: from email.msg.corp.akamai.com ([172.27.123.34]) by prod-mail-ppoint2.akamai.com with ESMTP id 3dre53c09p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 24 Jan 2022 18:01:47 -0500
Received: from usma1ex-dag3mb5.msg.corp.akamai.com (172.27.123.55) by usma1ex-dag4mb7.msg.corp.akamai.com (172.27.91.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.922.19; Mon, 24 Jan 2022 18:01:46 -0500
Received: from usma1ex-dag3mb5.msg.corp.akamai.com (172.27.123.55) by usma1ex-dag3mb5.msg.corp.akamai.com (172.27.123.55) with Microsoft SMTP Server (TLS) id 15.0.1497.26; Mon, 24 Jan 2022 18:01:46 -0500
Received: from usma1ex-dag3mb5.msg.corp.akamai.com ([172.27.123.55]) by usma1ex-dag3mb5.msg.corp.akamai.com ([172.27.123.55]) with mapi id 15.00.1497.026; Mon, 24 Jan 2022 18:01:46 -0500
From: "Holland, Jake" <jholland@akamai.com>
To: Toerless Eckert <tte@cs.fau.de>, "mboned@ietf.org" <mboned@ietf.org>
CC: "draft-ietf-bier-multicast-http-response@ietf.org" <draft-ietf-bier-multicast-http-response@ietf.org>
Thread-Topic: [MBONED] mboned: draft-ietf-bier-multicast-http-response
Thread-Index: AQHYEXZc7KM1BS5WiEaOW6Be7+/Hag==
Date: Mon, 24 Jan 2022 23:01:46 +0000
Message-ID: <EC1CC679-0BD6-47CF-8A1C-076E0BF38F90@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.57.22011101
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.118.139]
Content-Type: text/plain; charset="utf-8"
Content-ID: <3C7A9473A727664C83ACF1660E517387@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.816 definitions=2022-01-24_07:2022-01-24, 2022-01-24 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 suspectscore=0 phishscore=0 mlxscore=0 bulkscore=0 malwarescore=0 spamscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2201240146
X-Proofpoint-GUID: P87tVAIvfL0L8e02twEqw95khg7wYWWT
X-Proofpoint-ORIG-GUID: P87tVAIvfL0L8e02twEqw95khg7wYWWT
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-24_09,2022-01-24_02,2021-12-02_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 phishscore=0 spamscore=0 lowpriorityscore=0 adultscore=0 priorityscore=1501 clxscore=1011 mlxlogscore=999 impostorscore=0 bulkscore=0 mlxscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2201240147
Archived-At: <https://mailarchive.ietf.org/arch/msg/mboned/7Qfpw4Ql4J2kdlYeARU9RUKY-p0>
Subject: Re: [MBONED] mboned: draft-ietf-bier-multicast-http-response
X-BeenThere: mboned@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Mail List for the Mboned Working Group <mboned.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mboned>, <mailto:mboned-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mboned/>
List-Post: <mailto:mboned@ietf.org>
List-Help: <mailto:mboned-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mboned>, <mailto:mboned-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2022 23:02:14 -0000
Hi, Sorry for the very late response to this. I read through draft-ietf-bier-multicast-http-response. It was an interesting solution described for an interesting use case. My high-level overview is that I was a bit confused about its relationship to BIER, and I suspect some restructuring or high- level changes to the doc might make it more useful. Some specific points jumped out at me as possibly worth raising, which I think mostly illustrate why I landed on that high-level summary, and I'll detail them below. I'm offering this review as purely advisory, not an objection to moving the doc forward. I'm just trying to explain where I found things confusing and point out things that I thought might be worth considering more carefully, in hopes you find it helpful. Please feel free to use these comments or not, as you see fit. 1. This draft seems to be informational about a use case, but the BIER charter currently says: " 3) Use Case: The WG will produce one use-case document that clearly articulates the potential benefits of BIER for different use-cases." I guess this would come with a minor charter update to allow for multiple use-case docs, unless it merges with the use cases doc? (Unless this falls under another charter point? I didn't see one...) Anyway, not really a problem with the doc per se, just kind of a confusing thing I noticed. 2. This looks like a description of a system just like the one in this paper, which I think shares an author with this draft?: "fCDN: A Flexible and Efficient CDN Infrastructure without DNS Redirection or Content Reflection" (Al-Naday, Reed, Riihijarvi, Trossen, Thomos, Al-Khalidi) https://arxiv.org/pdf/1803.00876.pdf (I recently saw that paper because it was referenced from the latest coinrg use cases doc.) It seems most of the explanation of this system could be handled by reference to that paper, rather than explaining it in the i-d, unless there's some essential differences that escaped me? Anyway, the point is that at a high level, I think this i-d would benefit by focusing much more on why the kind of scalability BIER provides is essential to this use case, ideally with a quantitative model for how much more can be supported with BIER as compared to a similarly provisioned system using traditional multicast. 3. Both the paper and the i-d seem to elide the way multicast IP is used and mapped into BIER's bit index settings (or not?) in this system. I think this is describing a system where the SNAP does BIER encapsulation based on the contents carried in the packets and which CNAPs need to receive that content. While left unsaid, it seems designed so the BIER index mapping (and the corresponding set of CNAP receivers) can be completely decoupled from the mapping of content into its IP addressing, correct? I wasn't clear from the docs whether the intent was to actually share (S,G) and ports at the IP/UDP layer, and have different CNAPs getting different content for sockets listening on the same address depending on the bits set in the BIER header at the SNAP, (a feat that only be accomplished by BIER, as it breaks the group addressing model of IP multicast), or whether this is intended to have each piece of content mapped to a specific (S,G) and for CNAPs to listen on all the mapped UDP sockets dynamically for each piece of content they're expecting, in addition to the SNAPs sending BIER bit-fields that match the IP mapping of the content (a feat that could be done in a fast-enough and scalable-enough multicast IP system, but can benefit from the scaling benefits of BIER). I also wasn't clear on if it's that 2nd one, whether the client thrash on sockets per individual piece of content would have any similar scaling problems as HTTP/1.0 in the CNAP that could impact its suitability, if it has trouble reusing active sockets instead of creating new ones. (Or if it's the first, whether non-cacheable pass-through content with the same path and differentiated by cookies or something would have a risk of collision, or shouldn't be transported by this system, or what exactly.) 4. I didn't see a description of how reliability is handled? I did see "We assume TCP friendly transport, which can assure reliable delivery.", but I don't think that's true--TCP-friendly is a term I only know from UDP congestion control (either TFRC or TFMRC), but I believe systems that use it still can suffer loss. Anyway, in DASH MABR I think reliability in the multicast transport comes via either version of FLUTE (RFCs 6726 or 3926) (though I think without the WEBRC congestion controller), and in the Cablelabs reference I think it uses ROUTE, which IIRC uses something based on NORM (RFC 5740). Of course HTTP transport will need reliability, but I didn't see an explanation of what the supported options are for how this system achieves it, or an explanation of how the different design choices impact the performance characteristics (and in particular whether there's any impact to the scalability considerations that BIER brings in cases where there's loss in different parts of the network). 5. This bit from section 5 seems to misrepresent the way that systems like DASH MABR work: ... As soon as there is at least one Client connected to a CNAP for one particular content, the CNAP would join all 11 multicast groups for this content. Usually you would just join the one (or 2, if audio is separated from video) relevant stream for the single client's bitrate, and the systems that understand that it's DASH content as opposed to generic random HTTP would also understand that being joined to a particular bitrate implies a likelihood of remaining joined to the same bitrate. (Or at least: I haven't seen implementations that would automatically join all bitrates given a subscription to any of them?). Unlike the transparent reactive HTTP approach outlined in this doc, behavior for things like DASH and ROUTE are closer to a server push to pre-load a cache either embedded in the receiving app or on a caching server adjacent to it. 6. The architecture for supporting the security model probably would benefit from a section explaining it earlier in the doc than the security considerations section at the end. This whole setup relies on the BIER domain understanding the contents, so this system is only applicable for a CDN-like system where the CNAPs (and SNAPs) have full knowledge of the contents, and HTTPS is only used downstream from the CNAPs and upstream from the SNAPs. It was hard for me to read thru the whole rest of the doc with that hanging over my thoughts, and thinking you were only going to apply to non-https. Whether or not you move that info to clarify the architecture's approach to https to an earlier section, the security considerations section for a system like this (outside of the design of having CDN-like key sharing to support https downstream) probably also should either reference something like RFC 6707's security considerations that gives an overview of CDN security considerations or copy some of its contents that would apply to this system. But more importantly, it should probably say more about the considerations NOT covered by that doc. For example, it should cover the requirement to control all the forwarding nodes in the bier domain to ensure no attacker-controlled on-path forwarders have an opportunity to change the packets (or mention the recommended methods to prevent changing of the packets by on-path forwarders). Nits: 2nd paragraph on 5.2 doesn't end with a period, and I'm not sure the sentence was completed. On 12-20, 12:17 PM, "Toerless Eckert" <tte@cs.fau.de> wrote: Dear Mboned WG I would like to invite WG members to review, and comment to bier@ietf.org subject draft. It is very much about aspects of using BIER that fall into the scope of what i think should be very much of interest to Mboned member. Here is a a motivational summary of the purpose of this document: Adaptive bitrate streaming (such as today DASH) for live-streaming or short-tail can use Multicast to improve network efficiency by eliminating duplicate transmission of the same data segments to multiple users requiring the same bitrate. This was shown and used in products as early as 200x (e.g.: Digital Fountain). These solutions never proliferated because of the intrinsic signaling problems of IP Multicast causing severe performance/scale/operational issues. These IP Multicast limitations can today be overcome with the novel BIER multicast mechanism. This document describes an application solution layer architecture in which BIER is used as the multicast mechanism for HTTP adaptive bitrate streaming including the use of BIER-TE for including path steering optimizations into the solution. This document is solely informational and does not intend to establish any standards for the IETF. Thank you so much Toerless (for the authors) _______________________________________________ MBONED mailing list MBONED@ietf.org https://www.ietf.org/mailman/listinfo/mboned
- [MBONED] mboned: draft-ietf-bier-multicast-http-r… Toerless Eckert
- Re: [MBONED] mboned: draft-ietf-bier-multicast-ht… Holland, Jake
- Re: [MBONED] mboned: draft-ietf-bier-multicast-ht… Dirk Trossen