Re: [sfc] Proposal for congestion control in draft-farrel-sfc-convent
"Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net> Fri, 16 February 2018 11:40 UTC
Return-Path: <ietf@kuehlewind.net>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBE4D12D879 for <sfc@ietfa.amsl.com>; Fri, 16 Feb 2018 03:40:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); domainkeys=pass (1024-bit key) header.from=ietf@kuehlewind.net header.d=kuehlewind.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ubKT_gyHTdt for <sfc@ietfa.amsl.com>; Fri, 16 Feb 2018 03:40:43 -0800 (PST)
Received: from kuehlewind.net (kuehlewind.net [83.169.45.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E35112D7EE for <sfc@ietf.org>; Fri, 16 Feb 2018 03:40:42 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=kuehlewind.net; b=seEXbwhtTRRYW6PvHHiKPQ3cbMfI7O1tw6ThJp0Xq8Tz2gP+tsUNorh48ibfAOqAUT3cQVdRHM75szLaHYrFE371KM15FVK+P+DnpiW6aceQREBptTAEOIGy2x65kt2Mq7QmfYWslytgPw6195lmtUFeM/EUI0OGJF3MvulqbUs=; h=Received:Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-PPP-Message-ID:X-PPP-Vhost;
Received: (qmail 20060 invoked from network); 16 Feb 2018 12:40:40 +0100
Received: from mue-88-130-61-170.dsl.tropolys.de (HELO ?192.168.178.33?) (88.130.61.170) by kuehlewind.net with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 16 Feb 2018 12:40:40 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: "Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net>
In-Reply-To: <BLUPR05MB370BC7BDC9E741CC09ABD47BBF70@BLUPR05MB370.namprd05.prod.outlook.com>
Date: Fri, 16 Feb 2018 12:40:39 +0100
Cc: "mls.ietf@gmail.com" <mls.ietf@gmail.com>, "sfc@ietf.org" <sfc@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <80F5D055-BA2A-4FCF-B586-75A2147FA13D@kuehlewind.net>
References: <BLUPR05MB370BC7BDC9E741CC09ABD47BBF70@BLUPR05MB370.namprd05.prod.outlook.com>
To: Adrian Farrel <afarrel@juniper.net>
X-Mailer: Apple Mail (2.3445.5.20)
X-PPP-Message-ID: <20180216114040.20054.44308@lvps83-169-45-111.dedicated.hosteurope.de>
X-PPP-Vhost: kuehlewind.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/Y2ievTdKLGB-baUjORGR9PJbVWU>
Subject: Re: [sfc] Proposal for congestion control in draft-farrel-sfc-convent
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Feb 2018 11:40:45 -0000
Hi Adrian, this text looks really good to me. Thanks! I only comment I have is that is would be even better if you could give some more concrete guidance what the rate should be limited to. I don’t know if that makes sense for the SFC use case but in RFC8085 the guidance would be: „... not sending on average more than one UDP datagram per RTT to a destination“. Please update the draft, depending on the wg feedback of course, and I’ll clear my discuss. Mirja > Am 12.02.2018 um 23:33 schrieb Adrian Farrel <afarrel@juniper.net>: > > Hi Mirja and Martin, > > Here is a proposal to address Mirja’s Discuss. It is a new top-level section. > > It is for discussion, so please tell me what it is missing and how we should work on it. > > It makes sense (to me) for the WG to comment about this as well. > > Thanks, > Adrian > > ==== > 6. Management and Congestion Control Considerations > > The mechanisms described in this document allow SFC-aware nodes in an SFC network to generate additional packets. While these packets are in the nature of in-band control packets and not intended to be sent frequently for any flow, there is still a risk that they might flood the network. For example, if an attempt is made to use this mechanism for “per-packet metadata” (Section 5.6) then this might double the number of packets in the network. Similarly, if this mechanism is used for a form of aliveness detection OAM that requires very frequent test messages, then the number of additional messages may be very high. Such additional messages risk causing congestion in the network. > > The underlay network (that is the tunnels across the underlay between SFC nodes) will not distinguish between data-carrying packets and those packets with next protocol set to none. All packets will be treated the same and will need to fall within the capabilities of the underlay network to process and forward packets. > > Nodes in the SFC overlay network will need to perform special processing on the additional packets according to their roles and according to the application for the metadata. For example, an SFF will likely only have to forward per-SFC metadata, while an SF will need to extract it and process it as it would if the metadata was carried in a packet with user data. On the other hand, metadata might also be used to cause actions at all nodes (see Sections 5.3, 5.4 and 5.5) and could increase the processing load. > > In view of these potential issues, all implementations SHOULD implement rate limits on the generation of SFC packets with next protocol set to none. Furthermore, these rate limits SHOULD be configurable and applied per SFC and per application so that one application on one SFC does not encumber a different application on a different SFC. When an implementation finds that it is unable to generate or send a packet it SHOULD increment a counter that is accessible by the operator, and MAY raise an alert (although such alerts SHOULD, themselves, be rate limited). > > Additionally, an SFC node needs to protect itself against another node in the network not applying suitable rate limits. Therefore, implementations SHOULD apply incoming rate limits for SFC packets with next protocol set to none. Such rate limits SHOULD be application-aware, per SFC or interface, and SHOULD be configurable, but implementations MAY be more subtle if they are aware of internal processing loads and have access to queues/buffers. In any case, when an implementation drops a received packed because of these rate limits it SHOULD increment a counter that is accessible by the operator, and MAY raise an alert (although such alerts SHOULD, themselves, be rate limited). > ====
- [sfc] Proposal for congestion control in draft-fa… Adrian Farrel
- Re: [sfc] Proposal for congestion control in draf… Mirja Kuehlewind (IETF)
- Re: [sfc] Proposal for congestion control in draf… Carlos Pignataro (cpignata)
- Re: [sfc] Proposal for congestion control in draf… Adrian Farrel
- Re: [sfc] Proposal for congestion control in draf… Carlos Pignataro (cpignata)