Re: [Stackevo-discuss] When provider networks don't t trust the stack set by the end points ....

Brian Trammell <ietf@trammell.ch> Tue, 08 December 2015 12:29 UTC

Return-Path: <ietf@trammell.ch>
X-Original-To: stackevo-discuss@ietfa.amsl.com
Delivered-To: stackevo-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B39111A92BA for <stackevo-discuss@ietfa.amsl.com>; Tue, 8 Dec 2015 04:29:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.912
X-Spam-Level:
X-Spam-Status: No, score=-1.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vpE72mL1ehR0 for <stackevo-discuss@ietfa.amsl.com>; Tue, 8 Dec 2015 04:29:54 -0800 (PST)
Received: from trammell.ch (trammell.ch [5.148.172.66]) by ietfa.amsl.com (Postfix) with ESMTP id 404B11A1B82 for <stackevo-discuss@iab.org>; Tue, 8 Dec 2015 04:29:53 -0800 (PST)
Received: from [IPv6:2001:67c:10ec:2a49:8000::b9] (unknown [IPv6:2001:67c:10ec:2a49:8000::b9]) by trammell.ch (Postfix) with ESMTPSA id 6BFB11A0213; Tue, 8 Dec 2015 13:29:22 +0100 (CET)
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Content-Type: multipart/signed; boundary="Apple-Mail=_7BE1C10D-4156-47E4-A6B7-A44BFAA8BA29"; protocol="application/pgp-signature"; micalg=pgp-sha512
X-Pgp-Agent: GPGMail 2.5.2
From: Brian Trammell <ietf@trammell.ch>
In-Reply-To: <4A95BA014132FF49AE685FAB4B9F17F657DADD4A@dfweml701-chm>
Date: Tue, 8 Dec 2015 13:29:21 +0100
Message-Id: <2DB15837-8F2D-4BD9-A0DE-C11E2CE32446@trammell.ch>
References: <4A95BA014132FF49AE685FAB4B9F17F657DADD4A@dfweml701-chm>
To: Linda Dunbar <linda.dunbar@huawei.com>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/stackevo-discuss/l4qCXRMH0uAgo4OX0viLGF3g9eY>
Cc: "stackevo-discuss@iab.org" <stackevo-discuss@iab.org>
Subject: Re: [Stackevo-discuss] When provider networks don't t trust the stack set by the end points ....
X-BeenThere: stackevo-discuss@iab.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IP Stack Evolution Discussion List <stackevo-discuss.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/stackevo-discuss>, <mailto:stackevo-discuss-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stackevo-discuss/>
List-Post: <mailto:stackevo-discuss@iab.org>
List-Help: <mailto:stackevo-discuss-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/stackevo-discuss>, <mailto:stackevo-discuss-request@iab.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2015 12:29:56 -0000

Hi, Linda,

> On 07 Dec 2015, at 23:30, Linda Dunbar <linda.dunbar@huawei.com> wrote:
> 
> I find the use cases for SPUD are very real and definitely need a good approach to make it happen.
> 
> However, a lot of discussions have been centered around the SPUD layer being encoded by End Points, and expect the network to apply certain rules for those traffic.

As presently envisioned in the stackevo-explicit-coop draft, this is not so much an expectation that the network will apply certain rules, as an exposure of information about traffic in the hope that the network will use that information, together with network-specific policy, to make better decisions about how to handle the traffic.

> Having an In-band standard signaling among end points and network has its advantages: allowing network to treat packets without getting into the encrypted payload, and not requiring any  extra components across the networks between the end points.
> 
> However,  Virtually all traffic today go through provider networks (most likely multiple). Provider network usually don’t (can’t) trust the signaling or requests from end points because any end points can set their own traffic as “requiring the least latency” or “passing through the network”. Provider network set traffic based on the SLA clients pay.  For example all the DiffServ set by the endpoints are ignored by the provider network, instead Provider Network set its own DiffServ based on the SLA from the customers.

Yep. A big issue here, in my opinion, is that DSCP provides an imperative signaling facility, where each codepoint is tied to some particular "type" of traffic (see table 2 in RFC 4594), such that (1) most of the treatments expected can disadvantage other traffic on the same paths and (2) there is an incentive to mark "better" treatment than required for a given application.

Removing incentives to over-mark would be one way to make this work in an interdomain environment. There are several approaches here: First, markings that are declarative ("this traffic has property X") as opposed to imperative ("reserve 300kb/s for this flow"), such that the endpoint cannot predict the outcome of the marking, would tend to reduce incentives to lie. One could also define markings in terms of tradeoffs as opposed to priorities: latency-sensitive traffic generally has higher loss tolerance. Markings for "worse than standard" treatment could be used for loss- and-latency tolerant bulk transfer transports, as well, trading off something against nothing.

> The Network Service Header (NSH) introduced by SFC (http://datatracker.ietf.org/doc/draft-ietf-sfc-nsh/ ) is effectively another layer of stack added to the packets (added by the ingress node).
> 
> My question is:
> Should SPUD allow multiple types of layer added to data packets? Or only focusing on the layer end points can add?

Not sure what you mean by multiple types of layer. Certainly, a lot of the thought that's gone in to SPUD as of the present set of requirements is end-to-end, but there's no reason the mechanisms couldn't be applied to two tunnel endpoints as opposed to application endpoints.

Thanks, cheers,

Brian