IETF Logo Mail Archive

Re: [re-ECN] Preferential Dropping

Bob Briscoe <rbriscoe@jungle.bt.co.uk> Mon, 17 May 2010 17:41 UTC

Return-Path: <rbriscoe@jungle.bt.co.uk>
X-Original-To: re-ecn@core3.amsl.com
Delivered-To: re-ecn@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F238E3A6A67 for <re-ecn@core3.amsl.com>; Mon, 17 May 2010 10:41:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.144
X-Spam-Level:
X-Spam-Status: No, score=0.144 tagged_above=-999 required=5 tests=[AWL=-0.339, BAYES_50=0.001, DNS_FROM_RFC_BOGUSMX=1.482, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SBb0WGJWGEC6 for <re-ecn@core3.amsl.com>; Mon, 17 May 2010 10:41:16 -0700 (PDT)
Received: from smtp4.smtp.bt.com (smtp4.smtp.bt.com [217.32.164.151]) by core3.amsl.com (Postfix) with ESMTP id 937E13A689D for <re-ecn@ietf.org>; Mon, 17 May 2010 10:41:14 -0700 (PDT)
Received: from i2kc06-ukbr.domain1.systemhost.net ([193.113.197.70]) by smtp4.smtp.bt.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 17 May 2010 18:41:06 +0100
Received: from cbibipnt05.iuser.iroot.adidom.com ([147.149.196.177]) by i2kc06-ukbr.domain1.systemhost.net with Microsoft SMTPSVC(6.0.3790.4675); Mon, 17 May 2010 18:41:05 +0100
Received: From bagheera.jungle.bt.co.uk ([132.146.168.158]) by cbibipnt05.iuser.iroot.adidom.com (WebShield SMTP v4.5 MR1a P0803.399); id 1274118064867; Mon, 17 May 2010 18:41:04 +0100
Received: from MUT.jungle.bt.co.uk ([10.215.130.87]) by bagheera.jungle.bt.co.uk (8.13.5/8.12.8) with ESMTP id o4HHf4fM001778; Mon, 17 May 2010 18:41:04 +0100
Message-Id: <201005171741.o4HHf4fM001778@bagheera.jungle.bt.co.uk>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Mon, 17 May 2010 18:41:06 +0100
To: John Leslie <john@jlc.net>
From: Bob Briscoe <rbriscoe@jungle.bt.co.uk>
In-Reply-To: <20100517162109.GH2670@verdi>
References: <20100517143717.GF2670@verdi> <274D46DDEB9F2244B2F1EA66B3FF54BC06B2F753@de01exm70.ds.mot.com> <20100517162109.GH2670@verdi>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Scanned-By: MIMEDefang 2.56 on 132.146.168.158
X-OriginalArrivalTime: 17 May 2010 17:41:05.0546 (UTC) FILETIME=[203B5EA0:01CAF5E8]
Cc: re-ecn@ietf.org
Subject: Re: [re-ECN] Preferential Dropping
X-BeenThere: re-ecn@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: re-inserted explicit congestion notification <re-ecn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/re-ecn>, <mailto:re-ecn-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/re-ecn>
List-Post: <mailto:re-ecn@ietf.org>
List-Help: <mailto:re-ecn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/re-ecn>, <mailto:re-ecn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 May 2010 17:41:28 -0000

John,

At 17:21 17/05/2010, John Leslie wrote:
>McCann Peter-A001034 <pete.mccann@motorola.com> wrote:
> > John Leslie wrote:
> >>
> >> Backbone routers either do or don't support ECN marking in place of
> >> dropping packets.
> >
> > It would still be desirable to implement the preferential dropping
> > scheme on congested links in the backbone, no?
>
>    This probably deserves some discussion; and I see no reason we
>can't discuss it before ConEx is chartered.

Yes, let's have some technical discussion for a change, on the 
understanding pref drop is not a candidate for the initial charter. 
Those who want charter discussions can tune out.


>    I'm not sure whether preferential dropping belongs in ConEx at all.
>It seems like an ECN thing to me.

A queue can do some cool OPTIONAL protection against DDoS using 
preferential drop based on ConEx (specifically re-ECN) markings. This 
might be in a server's IP stack, or in a router. I would expect more 
relevant for access routers, assuming core routers might better 
absorb flooding with raw power.

Here's the intuition. A queue under a flooding attack will drop lots 
of packets and nearly all ECN-capable packets that manage to get 
through will be marked CE (red). So a behaving re-ECN sender should 
have marked nearly all arriving traffic for ~100% expected congestion 
(~100% black). Therefore, a flooded queue can focus drop on any 
packets that claim to support re-ECN but are not black. And it can 
further focus drop on any packets that don't support re-ECN.

A network using re-ECN for traffic management will police heavy 
sources of black packets at every entrance to the network. So, a DDoS 
source is caught between a rock and a hard place. To avoid focused 
drop at the congested queue it has to colour most packets black. But 
to avoid drop at the ingress policer it has to not colour packets 
black. Either way, its packets generally get dropped before harming 
packets that are behaving.

See the second bullet "Preferential Drop" in S.5.3 of the re-ECN draft:
<http://www.bobbriscoe.net/projects/refb/draft-briscoe-tsvwg-re-ecn-tcp-08.html#retcp_Router_Forwarding_Behaviour>
[Yes, I know, it's expired - now I'm back in circulation I'll rev it.]

The analysis I did on this showed that re-ECN can raise the bar 
against DDoS so that the army has to be N times bigger to achieve the 
same *sustained* attack force, where N=1/p and p is the 'normal' 
level of congestion in the network. E.g. if normal congestion is 
0.001%, a sustained attack against a re-ECN internetwork has to be 
100,000 times bigger to cause the same damage as it could against a 
network without re-ECN.

Obviously, there are assumptions and details, but that was the 
take-home message. If anyone wants more details, just ask.


>    The benefit of ECN marking instead of dropping is that a congestion
>signal can trigger a slowing of sending rate more quickly if we don't
>have to wait for a packet drop to be recognized.
>
>    The downside is that we can't be sure that an ECN mark will actually
>make it through and result in a backoff of sending rate. A misguided
>operator might scrub ECN markings; an ECN-marked packet might encounter
>_other_ congestion and be dropped;

SUch a drop will still be an (eventual) congestion signal

>or the signal could fail to make it
>back to the sender for a number of reasons.
>
>    The issue is whether anything about ConEx markings could signal a
>trustworthy assurance that ECN marking is more likely to result in
>earlier backoff.

So far I'm not convinced by preferential drop based on ECN markings.


>    This doesn't feel particularly in-charter to me (at least not in
>the initial charter); but we have until Thursday at least to discuss
>things that are _not_ in-charter.

I also believe strongly that pref drop is off-charter, at least initially.

Incidentally, I've also worked out that it is perfectly possible to 
add the above preferential drop behaviour to the specs later, without 
creating an incremental deployment problem.


Bob


>    ;^)
>
>--
>John Leslie <john@jlc.net>
>_______________________________________________
>re-ECN mailing list
>re-ECN@ietf.org
>https://www.ietf.org/mailman/listinfo/re-ecn

________________________________________________________________
Bob Briscoe,                                BT Innovate & Design

v2.23.0 | Report a Bug | By Email