Re: [tsvwg] Fwd: New Version Notification for draft-heist-tsvwg-ecn-deployment-observations-02.txt

Jonathan Morton <chromatix99@gmail.com> Tue, 23 March 2021 10:03 UTC

Return-Path: <chromatix99@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BC5A3A0994 for <tsvwg@ietfa.amsl.com>; Tue, 23 Mar 2021 03:03:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BDu9YWxiJc6I for <tsvwg@ietfa.amsl.com>; Tue, 23 Mar 2021 03:03:45 -0700 (PDT)
Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3A693A098D for <tsvwg@ietf.org>; Tue, 23 Mar 2021 03:03:44 -0700 (PDT)
Received: by mail-lj1-x232.google.com with SMTP id r20so24829302ljk.4; Tue, 23 Mar 2021 03:03:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9FsuJthSOrTHqubuOX+EYCWkA+dOC+pDZXg8t9v9O7g=; b=AVLuOc3ZIrYgu8yWlCESHurEIGu8c7zjLOG0ggoKQ8MBOJEx/5BNTsTsBXRIF3XXDT l0hIkPsDz/e5hhPeTWwDQvOi8ZjgFdcJr3t3ZgsOfwVYOf812EfIak69o/5Ra1drFJL3 WacU/JP780V9bGH0J4pssP+5SPtPR/Xt5JpBpHh19rmJdpGyNOlCSFnNlLIH4/HhD7MQ wRMn9FPVAAzNHyJRB2l2HDVd1bvvTjBRXaNlxpQJ3yEaQXTaiXnDTN1fLgbjlK1Rvwxy sLB7Upwr2+uJFrJ7xs9/vHsc8bxdLdjDb7S0myqYAnNb5tjKctlJ4AjFbu0y0OOUkbzW DZ7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9FsuJthSOrTHqubuOX+EYCWkA+dOC+pDZXg8t9v9O7g=; b=dnmYYAW1QThNp5VbVEfHiFH2RfvX65F05GFYpOYK/0qByhozF90FXg4rITw160VX+H PAqP/ZQ49H9Fwnmu3AKHBhC+FcbIX05U7QD+YQ5wCfIMSC33HjT1s/M9KfL4tYfsqfl2 ptO0sDkNsM81JbKSI9nCcSq+vWHj7C5YpPClbiak7Abcx9kLPzLllloShxDdgaxVFFXv BbfkY02VXzQ8C574jmMfD+CwV4AykYFYGo0i8ovUxYsCmZRUU6+UJM4zmxSXHy8sZE1A C4SWBrkYIK8WKbDfkpJUDLqJ6hk0vmhMtVzKInkIm19UaDLyHxrh6/ZvKf1UFIDd1lWP LXtQ==
X-Gm-Message-State: AOAM533YdBvwb3u8jTUwTf/kZjHsgDAMDD8ejKL/NKRkkulyEJq3/9GY /oBAH4GSwTklKeoEd62KYEw=
X-Google-Smtp-Source: ABdhPJz757KD6ISUS39Xz+dbnAci7Gqk0NwDNLkGpw0VaQHXv1ht7wiGKOLdR1Pju31nmjoaBDlZRA==
X-Received: by 2002:a2e:924e:: with SMTP id v14mr2688637ljg.362.1616493822524; Tue, 23 Mar 2021 03:03:42 -0700 (PDT)
Received: from jonathartonsmbp.lan (178-55-25-11.bb.dnainternet.fi. [178.55.25.11]) by smtp.gmail.com with ESMTPSA id d26sm1808374lfl.84.2021.03.23.03.03.41 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 23 Mar 2021 03:03:42 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.7\))
From: Jonathan Morton <chromatix99@gmail.com>
In-Reply-To: <ab5add35-529e-6d12-5768-693123004338@bobbriscoe.net>
Date: Tue, 23 Mar 2021 12:03:40 +0200
Cc: Pete Heist <pete@heistp.net>, tsvwg IETF list <tsvwg@ietf.org>, maprg@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <EC497853-611C-44AA-B4F0-6F54B94925CD@gmail.com>
References: <161519742798.12373.8424747645620734074@ietfa.amsl.com> <4cc306ea278dab68741b0c27713bfb7c84522e11.camel@heistp.net> <72467bfe9a38edee74c4ab8e12ec350e23315ec9.camel@heistp.net> <ce2c8397-1bb9-8634-7822-88b9ba6d3b22@bobbriscoe.net> <0f8a406dc56a24d90a76a337074f62a07b4d4aec.camel@heistp.net> <ab5add35-529e-6d12-5768-693123004338@bobbriscoe.net>
To: Bob Briscoe <ietf@bobbriscoe.net>
X-Mailer: Apple Mail (2.3445.9.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/OoVWztvM8CT2M4_2Ji30a4JjQb0>
Subject: Re: [tsvwg] Fwd: New Version Notification for draft-heist-tsvwg-ecn-deployment-observations-02.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 10:03:50 -0000

> On 22 Mar, 2021, at 6:53 pm, Bob Briscoe <ietf@bobbriscoe.net> wrote:
> 
> The results for the 38 IPs backhauled via the FQ-CoDel nodes (known to support ECN) are even more unexpected (again taking only the TCP results, because they show both directions):
> * In the direction from the LAN, 10 of these 38 IPs saw no ECN marking from the LAN side (including none from those FQ-CoDel nodes), but they did see the feedback of ECN marking from somewhere deeper into the network.
> * The results in the direction from the WAN are more what I would expect: 30 of the 38 IPs saw no ECN marking from the WAN side, but they did see the feedback of ECN marking that must have occurred on the LAN side (where the FQ-CoDel nodes are).

Some members of this ISP run servers.  This might be surprising from a UK or US perspective, as the incumbent telcos have tended to prevent people from doing that on a "domestic grade" service contract.  But since this is a cooperative ISP, the rules are different.

These servers are "found" by the background of port scanners that has been a feature of the Internet for many years now.  These port scanners often perform a "fingerprint" analysis of servers they find, which includes a probe of their ECN behaviour.  Each port scan is thus associated with an equal number of "artificial" CE marks and ECE flags.  As described, we filtered patterns like that out of our results post-hoc.

This leaves open the possibility of servers at "our" end which see port-scanning activity, also see little congestion within the ISP, but see a small amount of congestion, occasionally, at the client end of their connections, some small fraction of which are ECN Capable.  This is what we think those cases you refer to probably represent.

One possible explanation for this is clients connecting over wifi, through an AP that supports the Airtime Fairness feature introduced for several popular wifi chipset drivers in Linux some years ago.  This includes ath9k, ath10k, and mt76, which together account for a large fraction of deployed wifi APs.  It would not be strange for a wifi link to sometimes be a lot narrower than some of the ISP members' links.

 - Jonathan Morton