Re: [tsvwg] L4S/3168 Coexistence
Martin Duke <martin.h.duke@gmail.com> Fri, 14 May 2021 19:10 UTC
Return-Path: <martin.h.duke@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31D733A3D07 for <tsvwg@ietfa.amsl.com>; Fri, 14 May 2021 12:10:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJpace_0Ly4C for <tsvwg@ietfa.amsl.com>; Fri, 14 May 2021 12:10:17 -0700 (PDT)
Received: from mail-io1-xd2d.google.com (mail-io1-xd2d.google.com [IPv6:2607:f8b0:4864:20::d2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C4923A3CEE for <tsvwg@ietf.org>; Fri, 14 May 2021 12:10:17 -0700 (PDT)
Received: by mail-io1-xd2d.google.com with SMTP id z24so29043230ioi.3 for <tsvwg@ietf.org>; Fri, 14 May 2021 12:10:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=IfmJNnacaFjJxNePlV4+HKU9D01TW71Ucu8KOmetfUc=; b=OxCCKZbVsXjqN3y1W5m3h40SAwW9QckkDsTf4DYrG0ZlY37fFqRD4mj4osvSoQL2eo c2qIJOYJdN5veRpSmEqCX6QdnfS+U3DMvtu/z3I+1MM1joGdcISO6ZkN2FrWcTXbknyP K72L0YGmoEJd2DX0G5p0Qn9B1VmAwMeTa+myA/I/AhB2YY4CsVntN3EEJjYTSZytEPIX SsURS6AAm/QVTYK7xJFeK1Rb32Mp7FSlWxJp4sExcE3dolcAmpX+vdYSmEfoqFqY2Dm5 ZKzO7laSJznYALEnWJ+6rrT8fWGiJAKafX38tZCyzab3yBO2LMdudZFuqV8UIwRO6M6B RPgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=IfmJNnacaFjJxNePlV4+HKU9D01TW71Ucu8KOmetfUc=; b=bW409tKnKx9+BcretKfw651jPykILi/PrqgwxbIZYtrz0KOkmO0tAkeTVdN15WRe4a 7b/ztxKt8S4Gt1bFL8EOwcjqqPncaTnHlLdudDmw6oRghV3VXRwe4izpK5sF6YWQrJ2w NiXWVSqyTTElLHnHLqyJN5fvoKvppLY9nuXRRZgRszZlTjANQQO7MyQC464zDUDurUL5 NEL/6vRCU/mjtLXZMS3JkB883Og7r0kC/NcwSTY4p8K8wc+HoEKQM67gx9O2dTqagQU1 saFIlYOeq2YIa7NThdqOPyAD2HRCLByOx+r7IcR9W8eFj7J3bk4fndUHUNx3kmqcyFq3 +PUA==
X-Gm-Message-State: AOAM531K7ZPk+ep7zlsutXqlEUtLY0oYdHc/uKnyyVKSebdKOXcB91A9 wTi0gaWj6CPv3zXIZc39Cf5Pa8y1rP+JhyfLwEA=
X-Google-Smtp-Source: ABdhPJwLeNeNFeNyeLgdPjJUGNLyQ76nL3wGEHlTqu+QIJJxUzQ4fdRyb7MXjm9Oo1AVkBYh2jxjBClfBkTCPF64OM0=
X-Received: by 2002:a02:cf32:: with SMTP id s18mr15571044jar.31.1621019415271; Fri, 14 May 2021 12:10:15 -0700 (PDT)
MIME-Version: 1.0
References: <CAM4esxTOzAihAvHm1EtB5PX_1yjP4j2SYTygqnLtU3BvCtaoQQ@mail.gmail.com> <A60B344E-82E9-41B7-A40B-64A6DA814113@gmail.com>
In-Reply-To: <A60B344E-82E9-41B7-A40B-64A6DA814113@gmail.com>
From: Martin Duke <martin.h.duke@gmail.com>
Date: Fri, 14 May 2021 12:10:04 -0700
Message-ID: <CAM4esxS8jVDkPCQ8GzS5LhXvV_ZOGehGiaz_rNbs-2f-1WNbmA@mail.gmail.com>
To: Jonathan Morton <chromatix99@gmail.com>
Cc: tsvwg <tsvwg@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006bdb7b05c24efe88"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/59hreq3VrayBoRr_lS0alUxBh94>
Subject: Re: [tsvwg] L4S/3168 Coexistence
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 May 2021 19:10:20 -0000
Thanks all, This thread has improved my understanding. On Tue, May 11, 2021 at 3:00 AM Jonathan Morton <chromatix99@gmail.com> wrote: > > On 10 May, 2021, at 7:49 pm, Martin Duke <martin.h.duke@gmail.com> > wrote: > > > > (As an individual) > > > > I have not been able to follow these threads as well as I'd like. > Assuming I'm not the only one, I would like to confirm that the current > state of the coexistence discussion is that L4S will create problems for > "classic flows" under the following conditions: > > > > (1) There are 3168 routers in the path (order of 1%) > > Our data suggests it's more like 10% from an Eastern Europe perspective. > If you happen to be Norwegian or French or Mexican, the deployment > prevalence in those places is even higher, due to active adoption by major > consumer ISPs in those regions. There is also evidence that deployment is > increasing significantly over time, and I think Stuart Cheshire mentioned > that he was aware of some impending major deployments. > > Some brands of CPE routinely include RFC-3168 AQM as part of their wifi > stack and/or "bufferbloat mitigation" features, which are advertised on the > packaging. > > > (2) These 3168 routers implement shared queues (no known examples, but > it might happen), AND > > As you note, single-queue RFC-3168 AQMs are RFC-compliant and should > therefore be an expected occurrence on the Internet. There are also > various ways that the "flow aware" mechanisms in most of the > actually-deployed AQMs can fail to distinguish flows. I will leave most of > that discussion to Jake for now. > > > (3) The heuristics result in a false negative (<<1%?) > > Said heuristics were disabled by default in the reference implementation > after we published data showing they were nowhere near that level of > reliability, and have not yet been replaced by a more reliable algorithm. > I refuse to rely on the reliability of something that I can successfully > predict and provoke failure modes for. These algorithms also have not been > specified in an IETF document, only in an external white paper - so from a > procedural perspective, it could be argued that they are not even part of > the specification. > > > On the face of it (1% * 1%? * <<1%?) seems to be a small price to pay in > the aggregate. I hope we'd agree on that! So the argument against, ISTM, > would rest on two things: > > > > (A) These failures are not uniformly distributed, and there is some > non-negligible use case that will suffer grievously. It would be very > helpful to me if someone could concisely state what this use case is and > where it exists. Nothing in the congestion control space is provably > optimal across all parameters and generalized fear that bad parameters > might exist somewhere is IMO not constructive. > > > > (B) Because you can't have a vague MUST, we aren't REQUIRING any > particular limit to false negatives. If experiment participants are going > to agree to do something, I wonder if we can't converge on some words here > that prevent really dumb stuff? > > The above combination is also *not* the only scenario in which great harm > may occur to conventional traffic. Within the past week, we were > introduced to the Replay Protection Window that is a feature of many VPN > tunnels, and quickly realised that this interacted badly with DualQ to the > point where an attacker could conduct a full DoS attack on it, even if the > target did not use L4S traffic themselves. See the other thread for > details. > > In my risk analysis chart, the RFC-3168 interaction is a potential Major > category occurrence, while the VPN Replay Window attack is a Serious > category occurrence. Serious is only one step below Catastrophic, and > would require correspondingly rigorous measures to ensure that it basically > cannot happen. > > Such measures are designed into VPNs to guard against a similar attack > involving Diffserv (which has existed for a long time by now), but L4S is a > new thing and no such protections yet exist. Additionally, one of the main > techniques for dealing with Diffserv (simply not copying the DSCP to the > outer header) is not applicable to L4S, which REQUIRES the special ECN > codepoint to avoid triggering the other pathology. > > > Maybe I have this wrong! The debate is quite hard to follow. > > I think some participants in the discussion deliberately try to make it > hard to follow, so that misconceptions easily arise in their favour. > Please be on guard against that. > > - Jonathan Morton > >
- [tsvwg] L4S/3168 Coexistence Martin Duke
- Re: [tsvwg] L4S/3168 Coexistence Greg White
- Re: [tsvwg] L4S/3168 Coexistence Holland, Jake
- Re: [tsvwg] L4S/3168 Coexistence Jonathan Morton
- Re: [tsvwg] L4S/3168 Coexistence Martin Duke