Re: [tsvwg] DSCPs and L4S: Label DSCP
Gorry Fairhurst <gorry@erg.abdn.ac.uk> Sun, 30 May 2021 11:20 UTC
Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37A5A3A38ED for <tsvwg@ietfa.amsl.com>; Sun, 30 May 2021 04:20:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W4Tr-I90ZG-S for <tsvwg@ietfa.amsl.com>; Sun, 30 May 2021 04:20:08 -0700 (PDT)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [IPv6:2001:630:42:150::2]) by ietfa.amsl.com (Postfix) with ESMTP id 9626A3A38EC for <tsvwg@ietf.org>; Sun, 30 May 2021 04:20:08 -0700 (PDT)
Received: from GF-MBP-2.lan (fgrpf.plus.com [212.159.18.54]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPSA id 7F7FD1B0015C; Sun, 30 May 2021 12:20:02 +0100 (BST)
To: Jonathan Morton <chromatix99@gmail.com>, "Black, David" <David.Black@dell.com>
Cc: "tsvwg@ietf.org" <tsvwg@ietf.org>
References: <MN2PR19MB4045CC6F321E5B64B152FF0183229@MN2PR19MB4045.namprd19.prod.outlook.com> <6B4684DD-8130-4D0D-9061-DB2671650797@gmail.com>
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Message-ID: <e2bd16c2-373f-8eba-039e-445337e2aaf0@erg.abdn.ac.uk>
Date: Sun, 30 May 2021 12:20:01 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0) Gecko/20100101 Thunderbird/78.10.0
MIME-Version: 1.0
In-Reply-To: <6B4684DD-8130-4D0D-9061-DB2671650797@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/Ea9OEnmqUIR4UnaKWtzec438f_g>
Subject: Re: [tsvwg] DSCPs and L4S: Label DSCP
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 May 2021 11:20:11 -0000
On 29/05/2021 22:48, Jonathan Morton wrote: >> On 29 May, 2021, at 1:01 am, Black, David <David.Black@dell.com> wrote: >> >> The "Label DSCP" approach takes that assumption as a suggestion and accepts the suggestion, i.e., network domains experimenting with L4S MUST use DSCPs to indicate the alternate semantics of the ECN field, specifically the ECT(1) and CE codepoints. > Okay, let me summarise this proposal from a different perspective, to be sure that everyone understands it correctly. Specifically, in terms of concrete requirements on implementations and deployments. > > L4S senders are required to emit the Label DSCP, either natively or by passing through a filter before the first possible bottleneck. L4S receivers are *not* required to verify the Label DSCP is still on the packet. > > The paragraph quoted above implies that any traffic reaching a DualQ instance and *not* carrying the Label DSCP, will go into the C queue and receive RFC-3168 compliant treatment. For this traffic, DualQ will behave exactly like a single-queue RFC-3168 AQM. > > Traffic that *does* carry the Label DSCP will be sorted between the C and L queues based primarily on the ECN field. Such traffic that goes to the L queue will receive L4S type CE marking, while the C queue will still apply conventional CE marking and/or dropping. > > This does not imply that *only* L4S traffic carries the Label DSCP, but that using the Label DSCP indicates at least passive participation in the L4S experiment, which includes the interactions between conventional and L4S traffic. Non-participating traffic receives only conventional treatment, and is thus independent of L4S' redefinitions of ECN field codepoints and semantics. > > L4S traffic reaching the boundary of the participating network will encounter the existing DSCP filtering infrastructure. It is this which takes primary responsibility for "containment" of the L4S experiment within the participating networks. (Another necessary aspect of this containment is refraining from deploying L4S endpoints outside that boundary.) Merely bleaching the DSCP field will simply lead to L4S traffic that crosses the boundary passing through single-queue RFC-3168 AQMs with all the attendant adverse effects on conventional traffic. Therefore, some more robust measure (rate limiting, blocking) must be applied at the boundary. > > VPNs ensure that a single DSCP is applied to outer packet headers of a given SA, by default CS0, regardless of the inner packet's DSCP or ECN fields. VPNs *may* be configured to create a distinct SA for traffic carrying the Label DSCP, and apply the Label DSCP to the outer header of that SA. If packets with CS0 on the outer header will all go into the C queue, this avoids accidentally enabling the VPN Replay Window DoS attack for existing VPNs. Only VPNs specifically configured for the Label DSCP will be vulnerable, and this can be used to explore the problem space. > > Obviously, L4S traffic entering a default VPN SA will also go through the C queue, as well as through the same FQ bucket as the rest of the SA, and its modified response to CE marks will have the same effects as have been widely discussed so far. This is why *all* L4S senders must emit the Label DSCP under this proposal. > > If I managed to fundamentally misunderstand anything here, please do clarify. > > - Jonathan Morton Thank you Jonathon, From my own view, I also see a few more things: * This proposed approach is/was already possible for an operator/network using DiffServ without any IETF specification using an Experimental or Local Use DSCP from Pool 2. One key aspect of the proposed re-design is to require assignment of a specific Pool1/3 DSCP or set of DSCPs to identify L4S traffic. It seems highly unlikely the IETF will want to standardise a large set of DSCPs. * I expect the proposed experiment will not be attractive to people who are already using a set of DSCPs (e.g. to ensure traffic is queued/mapped in a way that reduces the latency of WiFI, MPLS and other subnets). How would such a DSCP assignment consider methods that expect some DSCPs to be mapped to lower latency treatments that are below IP? Is that OK? * Specifically, I don't think the current proposed behaviour of the DSCP Label is what was requested in the NQB draft. I think the latter seeks codepoints that can work end-to-end, and wouldn't be remarked at DiffServ domain edges. I'm not sure whether NQB traffic would therefore be counted as L4S? * l can see the proposal could be used to defer the assignment of the ECT(1) codepoint, and would postpone any decisions about the need to obsolete the current ECT(0) usage - perhaps this is good for those who are focussed on other proposals, but is this delay to allow more experiments what is also wanted by others? I see this as David's individual email - so, also as an individual, I'd love everyone to know they are welcome to send emails to support this proposal or not. Gorry (as individual)
- [tsvwg] DSCPs and L4S: Label DSCP Black, David
- Re: [tsvwg] DSCPs and L4S: Label DSCP Jonathan Morton
- Re: [tsvwg] DSCPs and L4S: Label DSCP Gorry Fairhurst
- Re: [tsvwg] DSCPs and L4S: Label DSCP Jonathan Morton
- Re: [tsvwg] DSCPs and L4S: Label DSCP C. M. Heard
- Re: [tsvwg] DSCPs and L4S: Label DSCP Jonathan Morton
- Re: [tsvwg] DSCPs and L4S: Label DSCP Martin Duke
- Re: [tsvwg] DSCPs and L4S: Label DSCP C. M. Heard
- Re: [tsvwg] DSCPs and L4S: Label DSCP Jonathan Morton