Re: [tsvwg] Consensus call on ECT(1)
Sebastian Moeller <moeller0@gmx.de> Thu, 14 May 2020 07:36 UTC
Return-Path: <moeller0@gmx.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 274D23A03FF for <tsvwg@ietfa.amsl.com>; Thu, 14 May 2020 00:36:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7NUIOrTfaJZX for <tsvwg@ietfa.amsl.com>; Thu, 14 May 2020 00:36:43 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 598323A03F6 for <tsvwg@ietf.org>; Thu, 14 May 2020 00:36:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1589441793; bh=pD3pI7/Nqf0uWjDqPt5ZjUQuRCKubOrHuuAITeMD2vU=; h=X-UI-Sender-Class:Subject:From:In-Reply-To:Date:Cc:References:To; b=gMMDD0RFeP+UQzX8mzT1lgw6rGtmoUslQvvfkgRS/+32m2oCKEGdCNhdwOm6aj4wN w4Zu1BoKB22l4uG9X52yzFvSZxDfAV8JZjGRbJFaVmi21otLVTePc7t3jtX1Hhbahe MzXj9SRAlebZdi2wGctgSlIdZ2ZmTuPcNuHW1nR0=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [10.11.12.16] ([134.76.241.253]) by mail.gmx.com (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1M2f5Z-1jWfJW2hh9-004FZh; Thu, 14 May 2020 09:36:33 +0200
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.14\))
From: Sebastian Moeller <moeller0@gmx.de>
In-Reply-To: <AA8650CE-8DAA-4E6D-BDAB-23986A1E505F@apple.com>
Date: Thu, 14 May 2020 09:36:30 +0200
Cc: Wesley Eddy <wes@mti-systems.com>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <53F2B9B0-583C-4983-BFF5-60204953C64C@gmx.de>
References: <46720ce0-ffcb-e97f-3e2d-6b5274b73b15@mti-systems.com> <AA8650CE-8DAA-4E6D-BDAB-23986A1E505F@apple.com>
To: Stuart Cheshire <cheshire=40apple.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3445.104.14)
X-Provags-ID: V03:K1:ObZQ1vPP0a4OOA3ctsQU/WPoW/zSpwZZoQiC6LJ6mULVUknOMHI dmgDBuQ4QeFgcqpfkEo5ZukSWqEvO+alSeRdbguTPJQ55KUmHbsZ+XBoqWD2cFim1Nq/u4f 29x/y0OXcBaSaJQAQmCXUP8OuKCseUJD+8TbUpBzXiHkmdhGz2ii4QesoI3RwPzeiUuafZo mV1PseAst52AA+K/C7zQQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:imO6eB9bvEQ=:yrVOlnZtuyuWZgm9/aRa25 iSkjvFsAmtRqw/TnBuiCfHBMlu9Yl+FuMWGPBLRDCb8aPL8O8Kvj0rhDWduMFq9RV6DXYdiIr TfKkb9CRP+/oa5GrzDmfR+BFRF4p//3wBQffGIokmBZzpSV+HoOsgDyBpIPt0kBukTxim2eod ag0hvdVLDH8LG2d85LM9PySC2QuuETUkv3aIhvsQQc+FNoqqOGeLHzZ95QSs2G9dyy3old1ao eQaIo3c7Gl2PJM7jUPLEXkJdtlNwmaQIjyr3W+NRhsOL9IGWyNh/OAzZLh9UChJreVyUqG905 yq9HxJQgSEYPFDSVbkXJEUiXgzVjlDAJETndCcChxFNMMwGRs17B/D4i9ARYg46EPkfwhk4lW 8nSD+tpDnOsVM0oIQV/JauUhjRYALjttoJBfm06L3p6G2LL3elJADZsPa8mvgt1xsK6eeW7nF EdarVoHjURaPOtiAIzFwVwPyV+hJloCtv18sgJJULfS3nwr0BpHO2qqmSJB5ndaTeWD4iSLVw gohn0vGHEsLVkGVCVoOGpTjtd/2eYy54nld7oYi3IJUFj8e26ap4LGcfvonfiWpm0tAChbMzr 0/RqIBvCNAims+vF86ydGLu6eXw95Kq/b1vvH63bqGPKufSOetKEFlNHOu4ndbsBICCoGaU9N L63IOIOd692qUXnyCLzrFJxkLpLvNxJT2GAWbceu/a+mihr0hcpOgnScGubWEVlhe58fjEgJg d+n3UuSsP/7rXexaC3ku/3uMDYSmyA7v/60QUbu9/Aw5G9XGdbw4f3moIjLvdBnQrfBaaME31 s8touIiFf7HFUvbxjSqGokqQydfUwvR9kn6g5EJyRD9etBMdZM+F96V3hWVZnARPWfdnkANkE A8rvXEwaHnUq4qzSySZHObe1GJLTC5cL0Wf5fyq9/x27GReXTitEBx2OVJaTVF1AXVPynKtOw nz4s8YXTj601WtEuLJSG64QLPjzF9ybIbGiOfjf9k7niPBRCImLzOeSq0D4y5wbgGzVbCWOt5 QqSCjO6QNOL7Y0aetmQgCZ0CYBXXnFY9hLElZ56SXBJCEY4naOCY1ce5lstY1nst/mNT1UlpA kT1tECq9OQCPlyKIYfW6340aalKA11dDZ3oQfNNE+0NqNz1RcZPcJvArwZh0aTTrdfzSgjQBS sVcOjlbeYA3r0L9MV9WxAow4N1vezBvtOd9ESLiv+hReh52T1LJoJIOThpeZns/EUmDbPWWsZ lZlU85T18d0DEHE2l
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/Wy7T89U9DKrg_PuXVe0F6oKoQbU>
Subject: Re: [tsvwg] Consensus call on ECT(1)
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 May 2020 07:36:45 -0000
Hi Stuart, I have a question about your rationale below. > On May 14, 2020, at 05:44, Stuart Cheshire <cheshire=40apple.com@dmarc.ietf.org> wrote: > > On 4 May 2020, at 11:15, Wesley Eddy <wes@mti-systems.com> wrote: > >> In this email thread, please state, concisely, which of the following viewpoints on ECT(1) you prefer. > > I support option 1, using ECT(1) as an *input* signal to the network. > > We need an input signal to the network because it allows the sender to signal to the network that it it is able to gracefully handle (and indeed, benefit from) ultra-shallow network queues. It also serves as a commitment by the sender not to abuse that shallow queue by bloating it (under pain of severe penalty if caught doing that by a stochastic traffic policer). Without an input signal to communicate the source’s request for the shallower queue (and acceptance of the corresponding consequences if caught cheating) the network can’t know to which traffic it can safely apply the stricter policy. [SM] The L4S RFCs make it explicitly clear, that no such "stochastic traffic policer" will be mandated (or maybe not even needed). In an earlier discussions here on the mailing list I got the impression that even the idea of mandating even just the implementation (let alone default activation) of such a monitoring and enforcement was rejected. The official L4S position seems to be that the shallowness of the LL-queue alone would be sufficient to act as disincentive against abuse. From https://datatracker.ietf.org/doc/html/draft-ietf-tsvwg-l4s-arch-06: "8.1. Traffic (Non-)Policing Because the L4S service can serve all traffic that is using the capacity of a link, it should not be necessary to police access to the L4S service. In contrast, Diffserv only works if some packets get less favourable treatment than others. So Diffserv has to use traffic rate policers to limit how much traffic can be favoured. In turn, traffic policers require traffic contracts between users and networks as well as pairwise between networks. Because L4S will lack all this management complexity, it is more likely to work end-to-end. [...] 8.2. 'Latency Friendliness' Like the Classic service, the L4S service relies on self-constraint - limiting rate in response to congestion. In addition, the L4S service requires self-constraint in terms of limiting latency (burstiness). It is hoped that self-interest and standardization of dynamic behaviour (especially flow start-up) will be sufficient to prevent transports from sending excessive bursts of L4S traffic, given the application's own latency will suffer most from such behaviour. Whether burst policing becomes necessary remains to be seen. Without it, there will be potential for attacks on the low latency of the L4S service. However it may only be necessary to apply such policing reactively, e.g. punitively targeted at any deployments of new bursty malware. A per-flow (5-tuple) queue protection function [I-D.briscoe-docsis-q-protection] has been developed for the low latency queue in DOCSIS, which has adopted the DualQ L4S architecture. It protects the low latency service from any queue- building flows that accidentally or maliciously classify themselves into the low latency queue. It is designed to score flows based solely on their contribution to queuing (not flow rate in itself). Then, if the shared low latency queue is at risk of exceeding a threshold, the function redirects enough packets of the highest scoring flow(s) into the Classic queue to preserve low latency. Such a queue protection function is not considered a necessary part of the L4S architecture, which works without it (in a similar way to how the Internet works without per-flow rate policing). Indeed, under normal circumstances, DOCSIS queue protection does not intervene, and if operators find it is not necessary they can disable it. Part of the L4S experiment will be to see whether such a function is necessary. " and https://tools.ietf.org/html/draft-ietf-tsvwg-aqm-dualq-coupled-11" "4.1. Overload Handling Where the interests of users or flows might conflict, it could be necessary to police traffic to isolate any harm to the performance of individual flows. However it is hard to avoid unintended side- effects with policing, and in a trusted environment policing is not necessary. Therefore per-flow policing (e.g. [I-D.briscoe-docsis-q-protection]) needs to be separable from a basic AQM, as an option under policy control." It seems clear that this position of not requiring a policer is not based on actual data, as otherwise there would be references demonstrating that. IMHO this is based on hope/wishful thinking. QUESTIONS: 1) Are you agreeing that these definitions are not fully aligned with your idea that misusing the input signal will have negative consequences for the abuser? 2) Are you proposing to make such policing mandatory (which would require at least changes to the cited section of RFC drafts) or are you fine with leaving this aspect purely for implementers? At that point L4S proponents will argue that this will drag in reading L4 headers something they want to avoid at all costs* Best Regards Sebastian *) IMHO this is misguided, a node not having access to L4 headers simply can use a 3-tupel (just from the IP header) for "flow-group" identification, or on IPv6 ualso se the flow label as part of the flow identification or not use ECN in its AQM at all. Or put differently, I do not assume meaningful roll-out of AQMs to this nodes, as the value equation that has made operators not deploy single queue PIE or Codel to those nodes still apply. And those single queue AQMs would already deliver the bulk of the latency improvement expected with L4S, from multiple 100s to 1000s of milliseconds down to the high single to low double digit millisecond range. But I digress. > > Stuart Cheshire >
- [tsvwg] Consensus call on ECT(1) Wesley Eddy
- Re: [tsvwg] Consensus call on ECT(1) Greg White
- Re: [tsvwg] Consensus call on ECT(1) Jonathan Morton
- Re: [tsvwg] Consensus call on ECT(1) Steven Blake
- Re: [tsvwg] Consensus call on ECT(1) Sebastian Moeller
- Re: [tsvwg] Consensus call on ECT(1) Jeremy Harris
- Re: [tsvwg] Consensus call on ECT(1) Smith, Kevin, Vodafone Group
- Re: [tsvwg] Consensus call on ECT(1) Roland Bless
- Re: [tsvwg] Consensus call on ECT(1) Neal Cardwell
- Re: [tsvwg] Consensus call on ECT(1) Mirja Kuehlewind
- Re: [tsvwg] Consensus call on ECT(1) Anders Bloom
- Re: [tsvwg] Consensus call on ECT(1) Finkelstein, Jeff (CCI-Atlanta)
- Re: [tsvwg] Consensus call on ECT(1) Tommy Pauly
- Re: [tsvwg] Consensus call on ECT(1) De Schepper, Koen (Nokia - BE/Antwerp)
- Re: [tsvwg] Consensus call on ECT(1) C. M. Heard
- Re: [tsvwg] Consensus call on ECT(1) Uma Chunduri
- Re: [tsvwg] Consensus call on ECT(1) Ruediger.Geib
- Re: [tsvwg] Consensus call on ECT(1) Kyle Rose
- Re: [tsvwg] Consensus call on ECT(1) Black, David
- Re: [tsvwg] Consensus call on ECT(1) Holland, Jake
- Re: [tsvwg] Consensus call on ECT(1) Ozer, Sebnem
- [tsvwg] 3) "There is a specific test or tests I n… Dave Taht
- Re: [tsvwg] Consensus call on ECT(1) Ranganathan, Ram
- Re: [tsvwg] Consensus call on ECT(1) Paul Vixie
- Re: [tsvwg] Consensus call on ECT(1) Bob Briscoe
- Re: [tsvwg] Consensus call on ECT(1) Adi Masputra
- Re: [tsvwg] Consensus call on ECT(1) Asad Sajjad Ahmed
- Re: [tsvwg] Consensus call on ECT(1) Christoph Paasch
- Re: [tsvwg] Consensus call on ECT(1) Scheffenegger, Richard
- Re: [tsvwg] Consensus call on ECT(1) Lars Eggert
- Re: [tsvwg] Consensus call on ECT(1) Tilmans, Olivier (Nokia - BE/Antwerp)
- Re: [tsvwg] Consensus call on ECT(1) Andreas Petlund
- Re: [tsvwg] Consensus call on ECT(1) Rodney W. Grimes
- Re: [tsvwg] Consensus call on ECT(1) Jana Iyengar
- Re: [tsvwg] Consensus call on ECT(1) Joakim Misund
- Re: [tsvwg] Consensus call on ECT(1) Pete Heist
- Re: [tsvwg] Consensus call on ECT(1) Stuart Cheshire
- Re: [tsvwg] Consensus call on ECT(1) Sebastian Moeller
- Re: [tsvwg] Consensus call on ECT(1) Vividh Siddha
- Re: [tsvwg] Consensus call on ECT(1) David Pullen
- Re: [tsvwg] Consensus call on ECT(1) Campos, Angel, Vodafone Spain
- Re: [tsvwg] Consensus call on ECT(1) Flinck, Hannu (Nokia - FI/Espoo)
- Re: [tsvwg] Consensus call on ECT(1) Karthik Sundaresan
- Re: [tsvwg] Consensus call on ECT(1) Praveen Balasubramanian
- Re: [tsvwg] Consensus call on ECT(1) philip.eardley
- Re: [tsvwg] Consensus call on ECT(1) Tom Henderson
- Re: [tsvwg] Consensus call on ECT(1) Dave Taht
- Re: [tsvwg] Consensus call on ECT(1) K. K. Ramakrishnan
- Re: [tsvwg] Consensus call on ECT(1) Liyizhou
- Re: [tsvwg] Consensus call on ECT(1) Dan Siemon
- Re: [tsvwg] Consensus call on ECT(1) Mohit P. Tahiliani
- [tsvwg] More testing (was: Consensus call on ECT(… Bob Briscoe
- Re: [tsvwg] Consensus call on ECT(1) Roland Bless
- Re: [tsvwg] Consensus call on ECT(1) Mikael Abrahamsson
- Re: [tsvwg] Consensus call on ECT(1) Steven Blake