Re: [sip-overload] AD review of draft-ietf-soc-overload-rate-control
"NOEL, ERIC C" <en5192@att.com> Tue, 19 August 2014 18:16 UTC
Return-Path: <en5192@att.com>
X-Original-To: sip-overload@ietfa.amsl.com
Delivered-To: sip-overload@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72AD41A0650 for <sip-overload@ietfa.amsl.com>; Tue, 19 Aug 2014 11:16:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.866
X-Spam-Level:
X-Spam-Status: No, score=-4.866 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zsYXAgoDI1zS for <sip-overload@ietfa.amsl.com>; Tue, 19 Aug 2014 11:16:39 -0700 (PDT)
Received: from nbfkord-smmo05.seg.att.com (nbfkord-smmo05.seg.att.com [209.65.160.92]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDA041A045C for <sip-overload@ietf.org>; Tue, 19 Aug 2014 11:16:38 -0700 (PDT)
Received: from unknown [144.160.229.24] (EHLO alpi155.enaf.aldc.att.com) by nbfkord-smmo05.seg.att.com(mxl_mta-7.2.2-0) over TLS secured channel with ESMTP id 68493f35.0.4476180.00-1979.12518043.nbfkord-smmo05.seg.att.com (envelope-from <en5192@att.com>); Tue, 19 Aug 2014 18:16:39 +0000 (UTC)
X-MXL-Hash: 53f394876a5c2969-d57c41a3f6a8335f43787f0c560a10fbcc7e9c1b
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id s7JIGbFX024917; Tue, 19 Aug 2014 14:16:37 -0400
Received: from mlpi408.sfdc.sbc.com (mlpi408.sfdc.sbc.com [130.9.128.240]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id s7JIGN3v024738 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 19 Aug 2014 14:16:28 -0400
Received: from MISOUT7MSGHUBAD.ITServices.sbc.com (MISOUT7MSGHUBAD.itservices.sbc.com [130.9.129.148]) by mlpi408.sfdc.sbc.com (RSA Interceptor); Tue, 19 Aug 2014 18:16:04 GMT
Received: from MISOUT7MSGUSRDC.ITServices.sbc.com ([169.254.3.38]) by MISOUT7MSGHUBAD.ITServices.sbc.com ([130.9.129.148]) with mapi id 14.03.0195.001; Tue, 19 Aug 2014 14:16:04 -0400
From: "NOEL, ERIC C" <en5192@att.com>
To: Richard Barnes <rlb@ipv.sx>, "sip-overload@ietf.org" <sip-overload@ietf.org>, "draft-ietf-soc-overload-rate-control@tools.ietf.org" <draft-ietf-soc-overload-rate-control@tools.ietf.org>
Thread-Topic: AD review of draft-ietf-soc-overload-rate-control
Thread-Index: Ac+72ZhiW6xlsLdOQ/KYZpwg4QvfWQ==
Date: Tue, 19 Aug 2014 18:16:04 +0000
Message-ID: <432544DCDB78E046B9E22D0EE8F419030107CA8F@MISOUT7MSGUSRDC.ITServices.sbc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.91.97.116]
Content-Type: multipart/alternative; boundary="_000_432544DCDB78E046B9E22D0EE8F419030107CA8FMISOUT7MSGUSRDC_"
MIME-Version: 1.0
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-AnalysisOut: [v=2.0 cv=b98FFK6x c=1 sm=1 a=dhB6nF3YHL5t/Ixux6cINA==:17 a]
X-AnalysisOut: [=PdzCSuWvdmIA:10 a=yaq_SOOJso4A:10 a=ofMgfj31e3cA:10 a=no7]
X-AnalysisOut: [Oisa4l3IA:10 a=BLceEmwcHowA:10 a=zQP7CpKOAAAA:8 a=XIqpo32R]
X-AnalysisOut: [AAAA:8 a=48vgC7mUAAAA:8 a=rN-QVLpvFO7XukCOFaUA:9 a=QEXdDO2]
X-AnalysisOut: [ut3YA:10 a=QYbaF5LxmtMA:10 a=Hz7IrDYlS0cA:10 a=lZB815dzVvQ]
X-AnalysisOut: [A:10 a=mHa2IAb1FJoA:10 a=g1mrHRD8E5-biB1E:21 a=2Sbpb4Piqun]
X-AnalysisOut: [EW-O-:21 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=Q6UBZLD4zToMl]
X-AnalysisOut: [3DW8F4A:9 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K]
X-AnalysisOut: [0A:10 a=frz4AuCg-hUA:10 a=aiDOH4FQ_7UVVX5P:21 a=N_6sY2VWwe]
X-AnalysisOut: [MvnFQp:21]
X-Spam: [F=0.2000000000; CM=0.500; S=0.200(2014051901)]
X-MAIL-FROM: <en5192@att.com>
X-SOURCE-IP: [144.160.229.24]
Archived-At: http://mailarchive.ietf.org/arch/msg/sip-overload/xAfM_bdJDmFYYYU4onoe0YDTqsU
Subject: Re: [sip-overload] AD review of draft-ietf-soc-overload-rate-control
X-BeenThere: sip-overload@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Overload <sip-overload.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sip-overload>, <mailto:sip-overload-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-overload/>
List-Post: <mailto:sip-overload@ietf.org>
List-Help: <mailto:sip-overload-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-overload>, <mailto:sip-overload-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Aug 2014 18:16:42 -0000
Richard, Thanks for spending the time reviewing the draft. Please see below my proposed resolutions: MAJOR: Section 2. "The normative statements in this specification ... that does not support this specification." This paragraph seems tautological to me. "An implementation must support this protocol only if it supports this protocol." Are you trying to say something different, maybe clarifying that requirements apply to the client and the server separately? Or can this paragraph be deleted? => EN: I will delete this paragraph. Note that this paragraph is identical to the one in section 2 of [draft-ietf-soc-overload-control-15] Section 3.4. "server must allocate" This isn't actually true, is it? The server could set oc=0, in which case the client would send no messages. This seems more like a suggestion, "should". => EN: For the rate algorithm to operate optimally (maximize carried load while protecting the overloaded server), the server is required to allocate the estimated target SIP request rate to each of its client. Presumably it could set oc=0 to some of the clients as long as the combined oc equals the target rate. That is why we used a “must” in the text. Section 3.5. "1/T" The parameter T is not defined before this. Suggest adding a paragraph to the beginning of this section of the form """ The "oc" parameter defines the maximum number of messages per second that the client may send to the server. In the below discussion, we will instead refer to the arrival rate T = 1/oc-value. """ =>EN: Yes we need to define T before introducing it. Would the following text work? “In determining whether or not to transmit a specific message, the client may use any algorithm that limits the message rate to the "oc" parameter in units of messages per second. For ease of discussion, we define T = 1/["oc" parameter] as the target inter-SIP request interval.” Section 6. I expect that this section is a little too minimal to get past the Security ADs. I would suggest a few more words, of the form: """ Aside from the resonance concerns discussed in Section 3.5.3, this mechanism does not introduce any security concerns beyond the general overload-control security issues discussed in [draft-ietf-soc-overload-control-15]. Methods to mitigate the risk of resonance are discussed in Section 3.5.3. """ => EN: Will modify as suggested MINOR / EDITORIAL: Section 3.2. It would be very helpful if you could include a brief example Via header at the end of this section, showing how the oc-algo and oc parameters are set to indicate a particular level of rate control. => EN: Would a reference to section 4 examples suffices? “Consult Section 4 for an illustration of the via header oc parameters usage.” Section 3.4. "is the client responsibility" -> "is the client's responsibility" => EN: Will modify as suggested Section 3.5.1. "negotiated independently" -> "negotiated out of band" "Independently" suggests (to me) that the client and server do it independently of one another. => EN: Would the following modification be acceptable “…or they may be negotiated between client and server independently of the SIP based overload control solution.” Section 3.5.1. "any other equivalent algorithm" -> "any other algorithm meeting the upper bound of 1/T messages per second" Also, this seems redundant with the previous paragraph. Can one of them be deleted? =>EN: I will delete the first reference and make the following modification in the second one: “…the client MAY use the proposed default algorithm for rate-based control or any other equivalent algorithm that forward messages in conformance with the upper bound of 1/T messages per second.” Section 3.5.1. "Servers with a very large number of clients..." It seems odd for this paragraph to be written in terms of server benefit, since clients are the ones that choose TAU values. Rephrase as guidance to clients, or optionally what the server might tell clients if there's an out-of-band way for them to configure this? =>EN: Clients select (operator pre provisioning or out of band client-server negotiation) TAU to maximize carried load at servers while protecting servers from overload. That is why this paragraph is written in terms of server benefits. In light of this information, would you agree to keep the text as is? Thank you again, Eric Noel AT&T Labs, Inc. Rethink Possible Optimization, Reliability and Customer Analytics 200 South Laurel Avenue, D5-3D19 Middletown, NJ 07748 P: 732.420.4174 ecnoel@att.com<mailto:jsmith@att.com> From: Richard Barnes [mailto:rlb@ipv.sx] Sent: Friday, August 08, 2014 4:55 PM To: sip-overload@ietf.org<mailto:sip-overload@ietf.org>; draft-ietf-soc-overload-rate-control@tools.ietf.org<mailto:draft-ietf-soc-overload-rate-control@tools.ietf.org> Subject: AD review of draft-ietf-soc-overload-rate-control I have reviewed this document in preparation for IETF LC. Overall, it's a nice read, thanks! I have requested LC, and there are a few comments below that I would like you to address along with any LC comments. --Richard MAJOR: Section 2. "The normative statements in this specification ... that does not support this specification." This paragraph seems tautological to me. "An implementation must support this protocol only if it supports this protocol." Are you trying to say something different, maybe clarifying that requirements apply to the client and the server separately? Or can this paragraph be deleted? Section 3.4. "server must allocate" This isn't actually true, is it? The server could set oc=0, in which case the client would send no messages. This seems more like a suggestion, "should". Section 3.5. "1/T" The paramter T is not defined before this. Suggest adding a paragraph to the beginning of this section of the form """ The "oc" parameter defines the maximum number of messages per second that the client may send to the server. In the below discussion, we will instead refer to the arrival rate T = 1/oc-value. """ Section 6. I expect that this section is a little too minimal to get past the Security ADs. I would suggest a few more words, of the form: """ Aside from the resonance concerns discussed in Section 3.5.3, this mechanism does not introduce any security concerns beyond the general overload-control security issues discussed in [draft-ietf-soc-overload-control-15]. Methods to mitigate the risk of resonance are discussed in Section 3.5.3. """ MINOR / EDITORIAL: Section 3.2. It would be very helpful if you could include a brief example Via header at the end of this section, showing how the oc-algo and oc parameters are set to indicate a particular level of rate control. Section 3.4. "is the client responsibility" -> "is the client's responsibility" Section 3.5.1. "negotiated independently" -> "negotiated out of band" "Independently" suggests (to me) that the client and and server do it independently of one another. Section 3.5.1. "any other equivalent algorithm" -> "any other algorithm meeting the upper bound of 1/T messages per second" Also, this seems redundant with the previous paragraph. Can one of them be deleted? Section 3.5.1. "Servers with a very large number of clients..." It seems odd for this paragraph to be written in terms of server benefit, since clients are the ones that choose TAU values. Rephrase as guidance to clients, or optionally what the server might tell clients if there's an out-of-band way for them to configure this?
- [sip-overload] AD review of draft-ietf-soc-overlo… Richard Barnes
- Re: [sip-overload] AD review of draft-ietf-soc-ov… NOEL, ERIC C