Re: [tsvwg] Fragmentation & ECN encapsulation drafts, one more try
"Black, David" <David.Black@dell.com> Wed, 18 March 2020 19:22 UTC
Return-Path: <David.Black@dell.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47D863A1A85 for <tsvwg@ietfa.amsl.com>; Wed, 18 Mar 2020 12:22:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dell.com header.b=ZA3ItcsA; dkim=pass (1024-bit key) header.d=dell.onmicrosoft.com header.b=nH+vdvlm
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RtQZL4bB6Zs8 for <tsvwg@ietfa.amsl.com>; Wed, 18 Mar 2020 12:22:06 -0700 (PDT)
Received: from mx0a-00154904.pphosted.com (mx0a-00154904.pphosted.com [148.163.133.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 850943A1AE5 for <tsvwg@ietf.org>; Wed, 18 Mar 2020 12:22:05 -0700 (PDT)
Received: from pps.filterd (m0170391.ppops.net [127.0.0.1]) by mx0a-00154904.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02IJHCSa013748; Wed, 18 Mar 2020 15:21:19 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=smtpout1; bh=m8NpdKeMbUJImERJ5h25OZmysHGOiGzM1f3nxFIqY/E=; b=ZA3ItcsAxCzMJ3lM0tHnoBT+ouxZApWCmBcJ0q6mNmg2JT9Z3hka9Yy61w9KgOHoSJAo sEHPZYpgYh5BVlODfTUs+UL910XLQfNqK//cFkstAYpj9P3wdj0NCml+hVxRQQ3LXvAz WCEVCSSJd0NimfxXYGTkKUhanHIi7KWsoemN///WZI12y974kYpUcpTylmTx92wxHFUV MSlXGuftS4ex2eVO1CRyNX6OaGG29Q5c20WqGHoyvLPpbPnPCkS92HqsJXrabM91xEKG JcuTTDiB+QEi+hIduhhhLMnrkz0M52Iovn8zFL1pGbKzLVCJnb4DAoLEMBNiBee7x8HG rQ==
Received: from mx0b-00154901.pphosted.com (mx0b-00154901.pphosted.com [67.231.157.37]) by mx0a-00154904.pphosted.com with ESMTP id 2yu9n8vuw1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 18 Mar 2020 15:21:19 -0400
Received: from pps.filterd (m0144103.ppops.net [127.0.0.1]) by mx0b-00154901.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02IJBRFs077837; Wed, 18 Mar 2020 15:21:18 -0400
Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2175.outbound.protection.outlook.com [104.47.57.175]) by mx0b-00154901.pphosted.com with ESMTP id 2yu8x7pgms-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 18 Mar 2020 15:21:17 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XC/+MR2u/I0JPeXm2K5EgabqzVhTxAUVkXh+/uqb7kAKPUBCzE3Tis0xl+9CLTJd1SpnMeFGgPz/3f4J1X4Q/u6NYmo4NhISnVbfbESGcXOt0CaRgZ03jEw733xFdZkUL6QeJhH3RXfwxZXiL+FMI7MycUrKE76+VCX2DJaaqdLSTXLgEOQ55NPvvT7JDBdCAErExr0Nz+yaO+HsfaGL6PBSStXBN/QMEb0FdSNN3yFMayyIyluwshOP7eyymjFxpD9pfSQkrJzgH8ZP+yciaWKCwRvglnycWkVB+TFd4IWT+GHmLmBPmziZC9m3SA2+6J+PhG2C3F5DuoRD+uoBWg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=m8NpdKeMbUJImERJ5h25OZmysHGOiGzM1f3nxFIqY/E=; b=SW5xm6bIRVbcG2Zz67VcsTxHVYP0zXyqVanihz/vBSR2mLnc47+WFQs+HsXUSYraG095Cr9RbTi8cHrXtoE0cRgb7ECaBSr5yMgXYW+rHT5rK6H4e/NdGvdy+J7sPtncZg+H8zZ3zAqN0Nh3bXyw+dbM80D/j7LrSpd/LsRJ34atC2uCij2UYV/RmyrHAjl1VSsIFV/HJq106x9YFeI9H5+AHZvSMcK/6hrYdjxouxorWxjKmo/f4Hs/ccpN1YvNmA/Ci7Oxu5SrPV6npoXTyCPWOAiPm16LPTpT8X6TG46w7GoE07sii35hUYxe8W9vteY1yfsh56Gx+Z/fSd9F3g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=dell.com; dmarc=pass action=none header.from=dell.com; dkim=pass header.d=dell.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Dell.onmicrosoft.com; s=selector1-Dell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=m8NpdKeMbUJImERJ5h25OZmysHGOiGzM1f3nxFIqY/E=; b=nH+vdvlmXsw8eS4ssYa+XgIk/I+alNOd/2+zGGg5pJgmDY4IYlak+p+smkPyTckBYQrkXWz5pXsJo6L9g5AH8wUDwVE38hkP91GKWr6o4hh1Hh+lEqK4HRR0w4Tx4I8Tx9vtsA7+20ZwtV++dEHeu1psBx3Kt0q0Yt4m+Ak5vsE=
Received: from MN2PR19MB4045.namprd19.prod.outlook.com (2603:10b6:208:1e4::9) by MN2PR19MB3022.namprd19.prod.outlook.com (2603:10b6:208:ef::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2814.14; Wed, 18 Mar 2020 19:21:15 +0000
Received: from MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::8d12:8a24:ccb2:b2bd]) by MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::8d12:8a24:ccb2:b2bd%3]) with mapi id 15.20.2835.017; Wed, 18 Mar 2020 19:21:15 +0000
From: "Black, David" <David.Black@dell.com>
To: 'Bob Briscoe' <ietf@bobbriscoe.net>, "'tsvwg@ietf.org'" <tsvwg@ietf.org>
Thread-Topic: Fragmentation & ECN encapsulation drafts, one more try
Thread-Index: AdX9I5eQzoMXQoF1TKyUCz1zC10aRQANa7BA
Date: Wed, 18 Mar 2020 19:21:15 +0000
Message-ID: <MN2PR19MB40458BBFCF90136D7918C7E983F70@MN2PR19MB4045.namprd19.prod.outlook.com>
References: <MN2PR19MB40454A8F2A88B864C6A768BE83F70@MN2PR19MB4045.namprd19.prod.outlook.com>
In-Reply-To: <MN2PR19MB40454A8F2A88B864C6A768BE83F70@MN2PR19MB4045.namprd19.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Enabled=True; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd;MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Owner=david.black@emc.com; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_SetDate=2020-03-18T11:52:10.3308066Z; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Name=External Public; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Application=Microsoft Azure Information Protection; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Extended_MSFT_Method=Manual; aiplabel=External Public
x-originating-ip: [72.74.71.221]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a3773f81-61e2-4144-2240-08d7cb718731
x-ms-traffictypediagnostic: MN2PR19MB3022:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <MN2PR19MB3022FE9DA6969B46DA60064C83F70@MN2PR19MB3022.namprd19.prod.outlook.com>
x-exotenant: 2khUwGVqB6N9v58KS13ncyUmMJd8q4
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 03468CBA43
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(396003)(366004)(39860400002)(376002)(346002)(199004)(8676002)(107886003)(53546011)(316002)(6506007)(4326008)(81156014)(33656002)(81166006)(8936002)(786003)(71200400001)(30864003)(110136005)(55016002)(26005)(2906002)(7696005)(9686003)(66946007)(76116006)(186003)(52536014)(86362001)(5660300002)(66446008)(966005)(64756008)(66556008)(66476007)(2940100002)(478600001)(491001); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR19MB3022; H:MN2PR19MB4045.namprd19.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1;
received-spf: None (protection.outlook.com: dell.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XdVnoSgur+jEFWcJuq4hTzjLKhKaJP7OBviR1IwUK2cS2rVXU7+aP4X6IhAr2Q7llwXaJnjtl1ECUBd4i5DyHe6MbpN65GeHol4GFleRssWgrPg3PVdPgXC+QNVSLqVV5DT/lu3QusBP+iP2EIJ3PbyYGGenS596iBZKdnKSM93ZM9DIeHLy8xkqjfT5n8eMzhqLw7YMN9WJ5pLg0UAG1sU8eoELBIvy/IOB/CWfHhj8whbkbZNFOx/R1XYKPZ0nYa+7VGJILdOdNPQCNmf7L7M/tz1GDtzzGdhaKD7vNZnQrCQRfhMd0PaCNKMaV1g2oYu9tTIaYqqYyAqdLrd1a1b3ekC6ret/GlFzg5pES3mN0ZP5ypCy9EhKucpMza7G2LAMTCwBl/X7mTNjNpWmjnJDxb+kTwkKDKb131e1sTi5Cov/igrJhxNNu2/2ICYmGs/OxPi9SzkQOtMcRrsvannSmn5vZ7knvTGzyBfo4zOOnRO7NEIIVJUnHWglY5uNvF+/4wCYHDsK3geFsrGMC8PFHGM/NV5pauTzFJhMZjL9yfZmK6BIOK/pP8WcnoG8
x-ms-exchange-antispam-messagedata: QR6le38YdrWJW3Cd/Ziiw9h32rlzRa978MJpRpAVMUWMHlBNedN9Z+vX9aM45ZAuwrxpsNiUdX7SSAYWdYRcB3XDxaXbJJf3/gOW3OGyVdb+11UpEVoWKwgjjL7Om6BSSrfrgdo0i+jb/kIVcgyWNg==
Content-Type: multipart/alternative; boundary="_000_MN2PR19MB40458BBFCF90136D7918C7E983F70MN2PR19MB4045namp_"
MIME-Version: 1.0
X-OriginatorOrg: Dell.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a3773f81-61e2-4144-2240-08d7cb718731
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Mar 2020 19:21:15.4458 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 945c199a-83a2-4e80-9f8c-5a91be5752dd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 2sRG89Z1x4H231tufhIQ6iZr9VwQ8EYlyeBMfnH1+w0QDrhCueVrixnR2xswI4DzaRhJjqXSi6NqMHWEF+morw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR19MB3022
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.645 definitions=2020-03-18_07:2020-03-18, 2020-03-18 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 bulkscore=0 spamscore=0 phishscore=0 clxscore=1015 priorityscore=1501 mlxscore=0 adultscore=0 impostorscore=0 malwarescore=0 suspectscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003180086
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 phishscore=0 bulkscore=0 clxscore=1015 priorityscore=1501 lowpriorityscore=0 adultscore=0 mlxscore=0 spamscore=0 suspectscore=0 mlxlogscore=999 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003180086
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/EVIQ8es_zqFzl4qHnEw6sDbHV28>
Subject: Re: [tsvwg] Fragmentation & ECN encapsulation drafts, one more try
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Mar 2020 19:22:14 -0000
Replying to myself to insert a couple of clarifications (primarily for 6040update-shim draft): - RFC 3168 allows the inner and outer headers of a tunneled/encapsulated packet to have different ECN field values. o Fragmentation of the outer packet has to use same ECN field in all resulting fragments. - Reason for CE-marked fragment reassembly text to simply reference RFC 3168 is to avoid adding any text that might be (mis)read as a change to RFC 3168 for that situation. Thanks, --David From: Black, David Sent: Wednesday, March 18, 2020 8:49 AM To: Bob Briscoe; tsvwg@ietf.org Subject: Fragmentation & ECN encapsulation drafts, one more try Going back to Bob's message on the 4 options (A-D) and looking for a path forward, I believe the WG is converging on something close to option C): > C) Say nothing about fragmentation and reassembly in rfc6040update-shim or ecn-encap-guidelines. > Then use a later RFC to update them both (stds track and BCP) with a considered 'correct' approach. > ecn-encap-guidelines would still say include what it has always said about re-framing (which is a similar but different subject). Given how we got to this point, I believe that the rough consensus of the TSVWG WG is not to use either of these drafts to update RFC 3168, and instead to use a new draft to propose changes to RFC 3168 for fairness across fragmented and non-fragmented flows. Another important reason for a new draft is that this WG and other impacted WGs need to discuss the implementation impacts of the proposed changes, as implementations can be expected to have complied with the "MUST" in section 5.3 of RFC 3168 that results in fragmented IPv4 flows receiving more congestion indications that similar-sized flows that are not fragmented. That discussion and determination of what to do is going to take a while, including a broad WG Last Call that includes all the affected areas of the IETF - that's much better done via a new draft focused on that topic rather than the existing rfc6040update-shim draft. However, the path forward cannot just delete Section 5 of the rfc6040update-shim draft, thereby ignoring the concern, as we do have a WGLC comment to resolve that requires stating something about fragmentation. I suggest that the overall goal should be to state as little as possible. There appear to be 3 things that need to be dealt with: 1. When a tunnel ingress fragments a packet, the ECN field in every fragment has the same value as the original [David>] outer packet before it is fragmented. * This was implicit in RFC 3168, at least as I read Section 5.3 of RFC 3168. * It makes sense to state this explicitly with a MUST and have that statement update RFC 6040. Such a statement would not be changed by the new draft to propose updates to RFC 3168. 1. When a packet is reassembled by a tunnel egress, and one of the fragments is marked with CE, RFC 3168 specifies what to do. * Given the desire [David>] for these drafts to not change RFC 3168, that is all that should be stated here. * That avoids repeating or reinforcing text from RFC 3168 for which changes may be proposed in the not too distant future. 1. When a packet is reassembled by a tunnel egress, and none of the fragments are marked with CE, RFC 3168 does not specify what to do. * In fact, RFC 3168 even allows use of an ECN value that was in none of the fragments (see the last paragraph in Section 5.3 of RFC 3168), but I'd be surprised to find "running code" that behaves that way. * I think I've seen some list discussion to the effect that RFC 3168 applies a bitwise "logical OR" across the ECN field values in the fragments - RFC 3168 does not do that. The use of "logical OR" in the text below (from Bob) refers to case 2 above - if any fragment is marked with CE and the reassembled packet is forwarded, then RFC 3168 requires the reassembled packet to be marked with CE. * Going back to earlier list discussion (October of last year), the clear outcome was to use the ECN value from "any" fragment in the reassembled packet, with the implementation choosing the fragment from which that value is obtained. * Trying to walk a fine line, I'd suggest crafting text to state that using the ECN value from one of the fragments is a suggested implementation that meets the requirements of RFC 3168, and leave it there without applying a "SHOULD" keyword to that behavior, lest that keyword have to be updated in the not too distant future by proposed changes to RFC 3168. I believe that the approach to the first two items is clear from WG discussion to date. Item 3 is new. Please comment. Thanks, --David From: Bob Briscoe <ietf@bobbriscoe.net<mailto:ietf@bobbriscoe.net>> Sent: Tuesday, March 10, 2020 2:47 PM To: Black, David; tsvwg@ietf.org<mailto:tsvwg@ietf.org> Subject: Re: [tsvwg] Status of ECN encapsulation drafts (i.e., stuck) [EXTERNAL EMAIL] David, I admit to curling up into a little ball and trying to ignore this controversy when it arose. Let me try to sort this out now, for both ecn-encap-guidelines and rfc6040update-shim. Back in Sep '19 (quoted at the end) you asked me not to use rfc64040update-shim to update RFC3168's fragmentation behaviour, even if it's the "right thing" to do, given I was saying that there were problems with the RFC3168 approach. Background: Neither RFC3168 nor RFC6040 covered fragmentation & reassembly during encap and decap. So Joe Touch suggested rfc6040update-shim should fix that omission. Seems reasonable enough. However, it doesn't seem right to fix an omission by the stop-gap of: 1. requiring the approach in RFC3168 that we know is potentially problematic. 2. then planning to correct what we write, by updating it in a later RFC. Let's call that approach (A). I don't like that at all. What if step #2 never happens? Fortunately, that's not the only way out of this. I can think of three other ways: B) The compromise text I've drafted below, which states the high level intent of a good mechanism as a SHOULD, and gives an example of how to do it. Then also allows the RFC3168 mechanism as a "MAY". C) Say nothing about fragmentation and reassembly in rfc64040update-shim or ecn-encap-guidelines. Then use a later RFC to update them both (stds track and BCP) with a considered 'correct' approach. ecn-encap-guidelines would still say include what it has always said about re-framing (which is a similar but different subject). D) Convince ourselves that fragmentation and reassembly during encap and decap is allowed to be different from fragmentation and reassembly without encapsulation. Last night, I took approach (B), but with too little time left to discuss it on the list. I scrubbed the offending paras from rfc6040update-shim and replaced them with those below (also at https://tools.ietf.org/html/draft-ietf-tsvwg-rfc6040update-shim-10#section-5 ). Thinking about it further since last night, I'm now inclining towards approach (C). 5. ECN Propagation and Fragmentation/Reassembly The following requirements update RFC6040<https://tools.ietf.org/html/rfc6040>, which omitted handling of the ECN field during fragmentation or reassembly. These changes might alter how many ECN-marked packets are propagated by a tunnel that fragments packets, but this would not raise any backward compatibility issues: If a tunnel ingress fragments a packet, it MUST set the outer ECN field of all the fragments to the same value as it would have set if it had not fragmented the packet. During reassembly of outer fragments [I-D.ietf-intarea-tunnels<https://tools.ietf.org/html/draft-ietf-tsvwg-rfc6040update-shim-10#ref-I-D.ietf-intarea-tunnels>], if the ECN fields of the outer headers being reassembled into a single packet consist of a mixture of Not-ECT and other ECN codepoints, the packet MUST be discarded. As a tunnel egress reassembles sets of outer fragments [I-D.ietf-intarea-tunnels<https://tools.ietf.org/html/draft-ietf-tsvwg-rfc6040update-shim-10#ref-I-D.ietf-intarea-tunnels>] into packets, as long as no fragment carries the Not-ECT codepoint, it SHOULD propagate CE markings such that the proportion of reassembled packets output with CE markings is broadly the same as the proportion of fragments arriving with CE markings. The above statement describes the approximate desired outcome, not the specific mechanism. A simple to achieve this outcome would be to leave a CE-mark on a reassembled packet if the head fragment is CE- marked, irrespective of the markings on the other fragments. Nonetheless, "SHOULD" is used in the above requirement to allow similar perhaps more efficient approaches that result in approximately the same outcome. In RFC 3168<https://tools.ietf.org/html/rfc3168> the approach to propagating CE markings during fragment reassembly required that a reassembled packet has to be be CE-marked if any of its fragments is CE-marked. This "logical OR" approach to CE marking during reassembly was intended to ensure that no individual CE marking is ever lost. However, an unintended consequence is that the proportion of packets with CE markings increases. For instance, with the logical OR approach, once a sequence of packets each consisting of 2 fragments, has been reassembled, the fraction of packets that are CE-marked roughly doubles (because the number of marks remains roughly the same, but the number of packets halves). This specification does not rule out the logical OR approach of RFC<https://tools.ietf.org/html/rfc3168> 3168<https://tools.ietf.org/html/rfc3168>. So a tunnel egress MAY CE-mark a reassembled packet if any of the fragments are CE-marked (and none are Not-ECT). However, this approach could result in reduced link utilization, or bias against flows that are fragmented relative to those that are not. Regards Bob On 15/09/2019 22:07, Black, David wrote: This email concerns draft-ietf-tsvwg-ecn-encap-guidelines and draft-ietf-tsvwg-rfc6040update-shim, which are being handled together for WG Last Call and RFC publication, and is posted in my role as shepherd and responsible WG chair for these drafts.The current situation is that both drafts are stuck due to a problem with the fragementation text added to the rfc6040update-shim draft. Section 5 on ECN Propagation and Fragmentation/Reassembly was added to that draft in response to a WGLC comment, and it appears to have gone too far in the direction of trying to do the proverbial "right thing". The core of the problem is in these two paragraphs in Section 5 of that draft (https://tools.ietf.org/html/draft-ietf-tsvwg-rfc6040update-shim-09#section-5): As a tunnel egress reassembles sets of outer fragments [I-D.ietf-intarea-tunnels] into packets, it SHOULD propagate CE markings on the basis that a congestion indication on a packet applies to all the octets in the packet. On average, a tunnel egress SHOULD approximately preserve the number of CE-marked and ECT(1)- marked octets arriving and leaving (counting the size of inner headers, but not encapsulating headers that are being stripped). This process proceeds irrespective of the addresses on the inner headers. Even if only enough incoming CE-marked octets have arrived for part of the departing packet, the next departing packet SHOULD be immediately CE-marked. This ensures that CE-markings are propagated immediately, rather than held back waiting for more incoming CE- marked octets. Once there are no outstanding CE-marked octets, if only enough incoming ECT(1)-marked octets have arrived for part of the departing packet, the next departing packet SHOULD be immediately marked ECT(1). Much as that may be the proverbial "right thing" to do, particularly with the benefit of 20/20 hindsight, that text is inconsistent with the following text from Section 5.3 of RFC 3168 (https://tools.ietf.org/html/rfc3168#section-5.3), as Markku Kojo has pointed out: ECN-capable packets MAY have the DF (Don't Fragment) bit set. Reassembly of a fragmented packet MUST NOT lose indications of congestion. In other words, if any fragment of an IP packet to be reassembled has the CE codepoint set, then one of two actions MUST be taken: * Set the CE codepoint on the reassembled packet. However, this MUST NOT occur if any of the other fragments contributing to this reassembly carries the Not-ECT codepoint. * The packet is dropped, instead of being reassembled, for any other reason. If both actions are applicable, either MAY be chosen. Reassembly of a fragmented packet MUST NOT change the ECN codepoint when all of the fragments carry the same codepoint. The 6040update-shim draft is intended to update RFC 6040, and a number of the tunnel protocol drafts, but it is not intended to update RFC 3168, and hence the above new text (albeit well-intentioned) is a showstopper. Changing ECN fragmentation behavior should be done in a separate draft. Bob (as draft editor) - do you want to propose some new text to the list, possibly after private email discussion with Marco and me to figure out what it needs to say? Thanks, --David ---------------------------------------------------------------- David L. Black, Senior Distinguished Engineer Dell EMC, 176 South St., Hopkinton, MA 01748 +1 (774) 350-9323 New Mobile: +1 (978) 394-7754 David.Black@dell.com<mailto:David.Black@dell.com> ---------------------------------------------------------------- -- ________________________________________________________________ Bob Briscoe http://bobbriscoe.net/
- [tsvwg] Fragmentation & ECN encapsulation drafts,… Black, David
- Re: [tsvwg] Fragmentation & ECN encapsulation dra… Rodney W. Grimes
- Re: [tsvwg] Fragmentation & ECN encapsulation dra… Black, David
- Re: [tsvwg] Fragmentation & ECN encapsulation dra… Jonathan Morton
- Re: [tsvwg] Fragmentation & ECN encapsulation dra… Black, David
- Re: [tsvwg] Fragmentation & ECN encapsulation dra… Bob Briscoe