Re: [Tsv-art] Tsvart telechat review of draft-ietf-bmwg-ngfw-performance-13
bmonkman@netsecopen.org Wed, 25 May 2022 18:13 UTC
Return-Path: <bmonkman@netsecopen.org>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 535E5C2D7341 for <tsv-art@ietfa.amsl.com>; Wed, 25 May 2022 11:13:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=netsecopen-org.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0jv9EwAkR_es for <tsv-art@ietfa.amsl.com>; Wed, 25 May 2022 11:13:04 -0700 (PDT)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9173EC2BCDFA for <tsv-art@ietf.org>; Wed, 25 May 2022 11:13:04 -0700 (PDT)
Received: by mail-qt1-x832.google.com with SMTP id hh4so17633674qtb.10 for <tsv-art@ietf.org>; Wed, 25 May 2022 11:13:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netsecopen-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:thread-index :content-language; bh=trZVI2t1oRzVDEyFHa9GJbrZ36vCz3duE5D5U9CeCAA=; b=Q7fgPjHPnKifxrd8HiS9AWHNhdScqWsJBteGi0Nrb0x+QgIoLBu0KHeJDcdyKKaDsM yZw/hg9I+RiYpbupikSQ6oF3/qRFi4csbtHam595at8HtlV6UWHAuaehNUjZ/wChBWI8 XwhZ9k3tDYX17VoM+oHcXVHYlKlJAsckGCpKYtYCNgwgtcM0bJPFzk4vitx6WD3/lX03 Hmyb3c9ZgwQBdow1LBpkpxt8hoXcEQ/fl+eBelW3yEo1razIeHYAQzgQQMJpgH9x2dmb jqVE8uAX5N5jOp0xwWp6tBEeL4Lr946LuejfaiD8bxudEGUXdRTKxLhgoZDwZTQcpXH6 NF9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-transfer-encoding:thread-index :content-language; bh=trZVI2t1oRzVDEyFHa9GJbrZ36vCz3duE5D5U9CeCAA=; b=k8GBR6hE+BuIMvFGx3r+Wjf/y8d/vPEwDBUGQm7wF2leaDL2OdIhlCLEhes12+QUIM SCrL+Y+gxIoeXCd0Nz6fSUX85xmQM5h5c/KgIs00PmUr94B8ntaA+GrO5IHVLzPhXwZ0 G+IbGu4S4t/udUDwQNzKb1YA48zHZMYVE/olHogkoY0vdeknDgtK7RLoE7kLwYEoY93v m77InxTe0oU0dkk2IeeyirehlsiNEu4qYsysH0L3Y8IsDflj6f943ba28iWFhIPsXreM hCkUqmS3swctZlF5ju8IxEZ0P1ZkSaNUj1oKJQEBRTrhkU9f4/6v2Oax9GAviPieIpSt eeMw==
X-Gm-Message-State: AOAM530ZJVf4PKUoKA+7eTvXjEYYj060MXNyw9pcntnYS4XudPGs2ja0 7J8lPoul56/6vCZITNLg3bgcSQ==
X-Google-Smtp-Source: ABdhPJzVUl/iEWs5uGTF/iQDH9HK4MDflC2r5FfsGSs8tZcpuo3/ePM/vDyqop/UHdEZ4m6EwRrB5g==
X-Received: by 2002:a05:622a:11ce:b0:2f3:f091:10f8 with SMTP id n14-20020a05622a11ce00b002f3f09110f8mr25582987qtk.35.1653502383241; Wed, 25 May 2022 11:13:03 -0700 (PDT)
Received: from DESKTOP42TMNEU (c-98-235-212-118.hsd1.pa.comcast.net. [98.235.212.118]) by smtp.gmail.com with ESMTPSA id u12-20020a05620a454c00b0069fc13ce1d7sm1997282qkp.8.2022.05.25.11.13.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 May 2022 11:13:02 -0700 (PDT)
From: bmonkman@netsecopen.org
To: 'Tommy Pauly' <tpauly@apple.com>, tsv-art@ietf.org
Cc: bmwg@ietf.org, draft-ietf-bmwg-ngfw-performance.all@ietf.org, last-call@ietf.org
References: <165344815123.30275.7776382242105466570@ietfa.amsl.com>
In-Reply-To: <165344815123.30275.7776382242105466570@ietfa.amsl.com>
Date: Wed, 25 May 2022 14:13:00 -0400
Message-ID: <008301d87063$12091d10$361b5730$@netsecopen.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQL/b3lB9ovSklAPtVDISVBo2AxD66rh5CWQ
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/3ThMG1JyTadRm7S-1K1TFb1cuTU>
Subject: Re: [Tsv-art] Tsvart telechat review of draft-ietf-bmwg-ngfw-performance-13
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2022 18:13:08 -0000
Hi Tommy, Thanks for you reply. The general consensus amongst the authors and contributors is that there is a need to get into the weeds when it comes to TCP configuration of the test tools and elements of the test bed. This draft is meant to address the test tools in order to ensure (hopefully) results can be replicated. I can certainly understand your position when it comes to production environments. But that is not what we are concerned about. The various test tools we have looked at and worked with have varied default settings. Which is what led us to our approach. That said however, Al Morton pointed us to RFC7414 (https://datatracker.ietf.org/doc/html/rfc7414) as a possible reference that lists/consolidates all the TCP requirements and defaults that are relevant or in-force today. We could reference that RFC and specific sections for the requirements we need. This RFC is over 7 years old. Is there anything more current? Thoughts? Brian -----Original Message----- From: Tommy Pauly via Datatracker <noreply@ietf.org> Sent: Tuesday, May 24, 2022 11:09 PM To: tsv-art@ietf.org Cc: bmwg@ietf.org; draft-ietf-bmwg-ngfw-performance.all@ietf.org; last-call@ietf.org Subject: Tsvart telechat review of draft-ietf-bmwg-ngfw-performance-13 Reviewer: Tommy Pauly Review result: Almost Ready This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC tsv-art@ietf.org if you reply to or forward this review. I agree with the points Lars made about this document being too specific and constrained with regards to TCP details, and not nearly as specific with other protocol details. This was brought up in my initial TSVART review, which I will quote here since it still applies: "From a transport perspective, I’m concerned that some things are over-specified (details of TCP implementations) and others are underspecified (how throughput is measured, how loss and delay are tested)... I’d like to see transports (TCP/UDP/QUIC/other) be treated more consistently throughout the document, particularly since non-TCP traffic will become increasingly relevant for the devices these tests are targeting. ... The client configuration section 4.3.1.1 details TCP stack configuration, but does not address other transports. Discussing QUIC seems like it will be relevant soon. Overall, for this section, I am struck that there’s a lot of detail that seems over-specified, with lots of normative language. For example, the TCP connection MUST end with a three- or four-way handshake. What if there’s a RST? I don’t understand what we’re requiring of these TCP implementations apart from being a functional and compliant TCP implementation. How much of this is actually required?" Given the IESG reviews, I do agree this needs to be addressed before moving forward. While we could spend a long time with transport area folks trying to fix the details and flesh out equal levels of detail for QUIC and HTTP/1.1 / HTTP/2 / HTTP/3 configurations, I don't think that is appropriate for this document. My suggestion would be to strike the details about TCP entirely, particularly the extraneous normative requirements. If your concern is how the test equipment will behave with 1000s of connections, express that as a top-level requirement for any transport; describe that the transports need to be tuned with common options to ensure fairness and consistent use of the available bandwidth, etc. Getting at the reasons will make it clearer. You also already say that "these are the defaults in most client operating systems". Rather than duplicating what you currently believe are the defaults, just encourage the use of defaults.
- [Tsv-art] Tsvart telechat review of draft-ietf-bm… Tommy Pauly via Datatracker
- Re: [Tsv-art] Tsvart telechat review of draft-iet… bmonkman