Re: [tsvwg] Status of ECN encapsulation drafts (i.e., stuck)

Bob Briscoe <> Wed, 11 March 2020 02:53 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 319FB3A0FCC for <>; Tue, 10 Mar 2020 19:53:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mwe81BKy2RuJ for <>; Tue, 10 Mar 2020 19:53:54 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4D46C3A0FC9 for <>; Tue, 10 Mar 2020 19:53:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date: Message-ID:From:References:To:Subject:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=qqzwcMQSFyyBJQUfYSq/mh40Gm+6ERStFDFo4WNc7fI=; b=YFLgMX4Ab9eDHTf/98IRby8Aw 6+CC+J2L3vI6Sje3N8SrQR0VZ9bAVZyPn0O4QP2cvHZ1dcSB1TGyzWGmqhlmWvpUkExLb0/mA6Hro m6oUaBt/VQfnyvUEfBk8epErefT0+NO9cJJqPIefHp/mouN3CTkSHmZfMZZyU/AiMIfhBNSXihuSF NjnMIXUOIBlCPPq90F3TdBnnU10PTvOQ+sL8ysx56LaxHI8zeWB+d9LX27uX7lDi7qKt+n3xTLtiJ uA4shnkG9iaZpcvnqSMr9Kn4w7Q3R07ev6UfJW9VrBpjk6jQZqFXM7P/j5OpkYst0FSoB3b8pkl/f 97OejRQkQ==;
Received: from [] (port=48984 helo=[]) by with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from <>) id 1jBrVF-0007cK-Cn; Wed, 11 Mar 2020 02:53:50 +0000
To: "Black, David" <>, "" <>
References: <> <> <>
From: Bob Briscoe <>
Message-ID: <>
Date: Wed, 11 Mar 2020 02:53:48 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------53EA5A03CF8B9B9D39F20EAD"
Content-Language: en-GB
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: authenticated_id:
Archived-At: <>
Subject: Re: [tsvwg] Status of ECN encapsulation drafts (i.e., stuck)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 11 Mar 2020 02:53:57 -0000


On 10/03/2020 20:35, Black, David wrote:
> Bob,
> As draft shepherd, let me suggest an alternate way to think about 
> fragmentation and reassembly that may result in simpler text.
> The current situation arises in large part from viewing fragmentation 
> and reassembly as being part of tunnel encapsulation and tunnel 
> decapsulation respectively.
> Instead, I suggest that we view all four of these as separate but 
> related processes, specifically:
>   * A tunnel ingress encapsulates the inner packet and then fragments
>     the resulting (encapsulated) outer packet if necessary for
>     transmission.
>       o RFC 6040 and this document specify the ECN requirements for
>         encapsulation.  RFC 3168 specifies ECN requirements for
>         fragmentation.
>   * A tunnel egress reassembles the outer packet and then decapsulates
>     the resulting (still encapsulated) outer packet to produce the
>     inner packet.
>       o RFC 3168 specifies ECN requirements for reassembly.  RFC 6040
>         and this document specify the ECN requirements for decapsulation.
Yes, this is how I hope everyone understands how outer 
fragmentation/reassembly relates to encap/decap. But that's not the 
point at issue.

I was hoping for something less like approach A = explicitly refer to 
RFC3168 for fragmentation/reassembly (even tho it's broken).
And something closer to approach C = don't say anything about 

I suspect most fragmentation/re-assembly code in encap/decap 
implementations doesn't even consider what to do with the ECN field. I 
don't want to explicitly flag to people at this stage that they should 
have implemented RFC3168, if we're likely to update it soon.

>      o
> Optimized implementations may of course mix encapsulation and 
> decapsulation processing with fragmentation and reassembly processing, 
> respectively, but the results are required to be the same as if the 
> above orders of processing were followed and that processing adhered 
> to the requirements listed above.

If I used the major bullets, I would just remove "then", "resulting" and 
the words in parenthesis, so the order or operations is non-specific. Viz:
     "A tunnel ingress encapsulates the inner packet and fragments the 
outer packet if necessary for transmission."
     "A tunnel egress reassembles the outer packet and decapsulates the 
outer packet to produce the inner packet."

But I'd rather just not say anything if there's nothing new to say.

> I think the result will be clearer, and will also make it obvious that 
> nothing new is being required, especially if “RFC 6040 and this 
> document specify” can be changed to “RFC 6040 specifies” in both 
> sub-bullets above.
If nothing new is required, we don't have to say anything. I'd much 
rather just delete S.5 of rfc6040update-shim.

For now, if anyone needs to work out which RFC tells them how to do 
fragmentation / reassembly with ECN, they can do that by typing "ECN 
fragmentation RFC" into any good search engine.

Less is more.

Now for something completely different; ecn-encap-guidelines

Since the early days of the doc, there's been a section about 
re-framing. This is not about the mapping:
     1 packet <-> n fragments

It's about mapping ECN in these different cases:
     1 frame <-> n packets
     sequence of packets <-> byte stream <-> frames (oblivious to the 
original packet boundaries [e.g. DOCSIS])
     spraying pieces of packets into different frames (like 3G did).

The logical OR approach in RFC3168 was never written to cover these 
cases - it doesn't generalize to them anyway. If a large frame is 
congestion marked at a L2 AQM, you don't want all the packets inside to 
be marked, and none of the packets in other frames. Such bunching of 
congestion signals would not be good.

What do you think of the text I wrote on Monday night (see S.4.6):
Even tho not editorially brilliant, I think it's technically sound.

When Joe Touch pointed out that this draft didn't mention fragmentation, 
I just added fragments to the list in the first para. I can take it out 
if you think it's not appropriate.

Here's the diff from the stuff in the previous draft (I removed the 
octet preserving congestion marking stuff):

> What do you think of this approach?
> Thanks, --David
> *Fr"om:*Bob Briscoe <>
> *Sent:* Tuesday, March 10, 2020 2:47 PM
> *To:* Black, David;
> *Subject:* Re: [tsvwg] Status of ECN encapsulation drafts (i.e., stuck)
> David,
> I admit to curling up into a little ball and trying to ignore this 
> controversy when it arose.
> Let me try to sort this out now, for both ecn-encap-guidelines and 
> rfc6040update-shim.
> Back in Sep '19 (quoted at the end) you asked me not to use 
> rfc64040update-shim to update RFC3168's fragmentation behaviour, even 
> if it's the "right thing" to do, given I was saying that there were 
> problems with the RFC3168 approach.
> Background: Neither RFC3168 nor RFC6040 covered fragmentation & 
> reassembly during encap and decap. So Joe Touch suggested 
> rfc6040update-shim should fix that omission. Seems reasonable enough. 
> However, it doesn't seem right to fix an omission by the stop-gap of:
> 1. requiring the approach in RFC3168 that we know is potentially 
> problematic.
> 2. then planning to correct what we write, by updating it in a later RFC.
> Let's call that approach (A). I don't like that at all. What if step 
> #2 never happens?
> Fortunately, that's not the only way out of this. I can think of three 
> other ways:
>     B) The compromise text I've drafted below, which states the high
>     level intent of a good mechanism as a SHOULD, and gives an example
>     of how to do it. Then also allows the RFC3168 mechanism as a "MAY".
>     C) Say nothing about fragmentation and reassembly in
>     rfc64040update-shim or ecn-encap-guidelines. Then use a later RFC
>     to update them both (stds track and BCP) with a considered
>     'correct' approach. ecn-encap-guidelines would still say include
>     what it has always said about re-framing (which is a similar but
>     different subject).
>     D) Convince ourselves that fragmentation and reassembly during
>     encap and decap is allowed to be different from fragmentation and
>     reassembly without encapsulation.
> Last night, I took approach (B), but with too little time left to 
> discuss it on the list. I scrubbed the offending paras from 
> rfc6040update-shim and replaced them with those below (also at 
> ).
> Thinking about it further since last night, I'm now inclining towards 
> approach (C).
>     5.  ECN Propagation and Fragmentation/Reassembly
>     The following requirements updateRFC6040  <>, which omitted handling of
>     the ECN field during fragmentation or reassembly.  These changes
>     might alter how many ECN-marked packets are propagated by a tunnel
>     that fragments packets, but this would not raise any backward
>     compatibility issues:
>     If a tunnel ingress fragments a packet, it MUST set the outer ECN
>     field of all the fragments to the same value as it would have set if
>     it had not fragmented the packet.
>     During reassembly of outer fragments [I-D.ietf-intarea-tunnels  <>], if
>     the ECN fields of the outer headers being reassembled into a single
>     packet consist of a mixture of Not-ECT and other ECN codepoints, the
>     packet MUST be discarded.
>     As a tunnel egress reassembles sets of outer fragments
>     [I-D.ietf-intarea-tunnels  <>] into packets, as long as no fragment
>     carries the Not-ECT codepoint, it SHOULD propagate CE markings such
>     that the proportion of reassembled packets output with CE markings is
>     broadly the same as the proportion of fragments arriving with CE
>     markings.
>     The above statement describes the approximate desired outcome, not
>     the specific mechanism.  A simple to achieve this outcome would be to
>     leave a CE-mark on a reassembled packet if the head fragment is CE-
>     marked, irrespective of the markings on the other fragments.
>     Nonetheless, "SHOULD" is used in the above requirement to allow
>     similar perhaps more efficient approaches that result in
>     approximately the same outcome.
>     InRFC 3168  <>  the approach to propagating CE markings during fragment
>     reassembly required that a reassembled packet has to be be CE-marked
>     if any of its fragments is CE-marked.  This "logical OR" approach to
>     CE marking during reassembly was intended to ensure that no
>     individual CE marking is ever lost.  However, an unintended
>     consequence is that the proportion of packets with CE markings
>     increases.  For instance, with the logical OR approach, once a
>     sequence of packets each consisting of 2 fragments, has been
>     reassembled, the fraction of packets that are CE-marked roughly
>     doubles (because the number of marks remains roughly the same, but
>     the number of packets halves).
>     This specification does not rule out the logical OR approach ofRFC  <>
>     3168  <>.  So a tunnel egress MAY CE-mark a reassembled packet if any of
>     the fragments are CE-marked (and none are Not-ECT).  However, this
>     approach could result in reduced link utilization, or bias against
>     flows that are fragmented relative to those that are not.
> Regards
> Bob
> On 15/09/2019 22:07, Black, David wrote:
>     This email concerns draft-ietf-tsvwg-ecn-encap-guidelines and
>     draft-ietf-tsvwg-rfc6040update-shim, which are being handled
>     together for WG Last Call and RFC publication, and is posted in my
>     role as shepherd and responsible WG chair for these drafts.The
>     current situation is that both drafts are stuck due to a problem
>     with the fragementation text added to the rfc6040update-shim
>     draft.   Section 5 on ECN Propagation and Fragmentation/Reassembly
>     was added to that draft in response to a WGLC comment, and it
>     appears to have gone too far in the direction of trying to do the
>     proverbial “right thing”.
>     The core of the problem is in these two paragraphs in Section 5 of
>     that draft
>     (
>         As a tunnel egress reassembles sets of outer fragments
>         [I-D.ietf-intarea-tunnels] into packets, it SHOULD propagate CE
>         markings on the basis that a congestion indication on a packet
>         applies to all the octets in the packet.  On average, a tunnel egress
>         SHOULD approximately preserve the number of CE-marked and ECT(1)-
>         marked octets arriving and leaving (counting the size of inner
>         headers, but not encapsulating headers that are being stripped).
>         This process proceeds irrespective of the addresses on the inner
>         headers.
>         Even if only enough incoming CE-marked octets have arrived for part
>         of the departing packet, the next departing packet SHOULD be
>         immediately CE-marked.  This ensures that CE-markings are propagated
>         immediately, rather than held back waiting for more incoming CE-
>         marked octets.  Once there are no outstanding CE-marked octets, if
>         only enough incoming ECT(1)-marked octets have arrived for part of
>         the departing packet, the next departing packet SHOULD be immediately
>         marked ECT(1).
>     Much as that may be the proverbial “right thing” to do,
>     particularly with the benefit of 20/20 hindsight, that text is
>     inconsistent with the following text from Section 5.3 of RFC 3168
>     (, as Markku Kojo
>     has pointed out:
>         ECN-capable packets MAY have the DF (Don't Fragment) bit set.
>         Reassembly of a fragmented packet MUST NOT lose indications of
>         congestion.  In other words, if any fragment of an IP packet to be
>         reassembled has the CE codepoint set, then one of two actions MUST be
>         taken:
>            * Set the CE codepoint on the reassembled packet.  However, this
>              MUST NOT occur if any of the other fragments contributing to
>              this reassembly carries the Not-ECT codepoint.
>            * The packet is dropped, instead of being reassembled, for any
>              other reason.
>         If both actions are applicable, either MAY be chosen.  Reassembly of
>         a fragmented packet MUST NOT change the ECN codepoint when all of the
>         fragments carry the same codepoint.
>     The 6040update-shim draft is intended to update RFC 6040, and a
>     number of the tunnel protocol drafts, but it is not intended to
>     update RFC 3168, and hence the above new text (albeit
>     well-intentioned) is a showstopper.   Changing ECN fragmentation
>     behavior should be done in a separate draft.
>     Bob (as draft editor) – do you want to propose some new text to
>     the list, possibly after private email discussion with Marco and
>     me to figure out what it needs to say?
>     Thanks, --David
>     ----------------------------------------------------------------
>     David L. Black, Senior Distinguished Engineer
>     Dell EMC, 176 South St., Hopkinton, MA 01748
>     +1 (774) 350-9323 *New * Mobile: +1 (978) 394-7754
> <>
>     ----------------------------------------------------------------
> -- 
> ________________________________________________________________
> Bob Briscoe

Bob Briscoe