[tsvwg] Review of draft-ietf-tsvwg-nqb-21
Bob Briscoe <ietf@bobbriscoe.net> Tue, 12 December 2023 18:18 UTC
Return-Path: <ietf@bobbriscoe.net>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F090C23961B for <tsvwg@ietfa.amsl.com>; Tue, 12 Dec 2023 10:18:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SHARE_50_50=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bobbriscoe.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id itoSmTzpO83m for <tsvwg@ietfa.amsl.com>; Tue, 12 Dec 2023 10:18:42 -0800 (PST)
Received: from mail-ssdrsserver2.hostinginterface.eu (mail-ssdrsserver2.hostinginterface.eu [185.185.85.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB6E9C23960F for <tsvwg@ietf.org>; Tue, 12 Dec 2023 10:18:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bobbriscoe.net; s=default; h=In-Reply-To:Cc:References:To:Subject:From: MIME-Version:Date:Message-ID:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=faDUEUndCeB32Kaoq4jJQiNN58Whsvyuvl09c0tALTY=; b=1+nOwiIobEbo6EdE7X9T/UMfY1 vZNFLXbFWphNq223r0a5e98ga9KbIH/+CZ16yLcYlMOZkvN3o3FuQC+pr974xEBN0OakYP0RXrVq3 kabmzsnYICea6GXRDB7C4w61eoDatYL9VOW9j5uOuRxnQrATwNjviH6HfkQ/hiGGZBJCq4F4Dgc/z T8FT4vUf2I901+XN19A5Ny+jEw7JIXQfqyNYhy9J5diPIU6/JEhbs0UuwrBnvezlzvkmaXH3PkRqe Y9Wz9aweo8HZEAO2KUXO0M+r3p2wwc+U50gPblIpksgjdXJmkJ1GLcx40O9w+K/F5uU7QpTIwEYN6 iEKFicaw==;
Received: from 67.153.238.178.in-addr.arpa ([178.238.153.67]:48842 helo=[192.168.1.29]) by ssdrsserver2.hostinginterface.eu with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96.2) (envelope-from <ietf@bobbriscoe.net>) id 1rD7L9-00031X-05; Tue, 12 Dec 2023 18:18:39 +0000
Content-Type: multipart/alternative; boundary="------------3f6CaFE7qb1TrqF0o7uQdQKP"
Message-ID: <ad0f22e7-1044-4bfe-804c-e08ee3e5952c@bobbriscoe.net>
Date: Tue, 12 Dec 2023 18:18:36 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Bob Briscoe <ietf@bobbriscoe.net>
To: Greg White <g.white@CableLabs.com>, Thomas Fossati <Thomas.Fossati@linaro.org>, Ruediger GEIB <Ruediger.Geib@telekom.de>
References: <3fa10357-da53-4757-bdc4-f514e0036ed4@bobbriscoe.net>
Content-Language: en-GB
Cc: tsvwg IETF list <tsvwg@ietf.org>
In-Reply-To: <3fa10357-da53-4757-bdc4-f514e0036ed4@bobbriscoe.net>
X-MagicSpam-TUUID: b946dc9b-8c3c-4e1e-8724-5b0972c41a8a
X-MagicSpam-SUUID: 447b9c09-5552-4a8b-814e-27c7cdd1e43f
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ssdrsserver2.hostinginterface.eu
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bobbriscoe.net
X-Get-Message-Sender-Via: ssdrsserver2.hostinginterface.eu: authenticated_id: in@bobbriscoe.net
X-Authenticated-Sender: ssdrsserver2.hostinginterface.eu: in@bobbriscoe.net
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/XPehj4puGc4Yo2EK2NrKfW5FcHI>
Subject: [tsvwg] Review of draft-ietf-tsvwg-nqb-21
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Dec 2023 18:18:47 -0000
Greg, Thomas, Rüdiger, Here's my review of draft-ietf-tsvwg-nqb-21, which I understand is approaching WGLC shortly. I haven't read the draft through in one sitting for some time. So, I'm afraid my review is long, but I've tried to suggest text for all the nits, which are by far the largest contributor to the length. ------------------------------------------------------------------------ A Gap Link technology burstiness There is no requirement for an NQB PHB to limit the burstiness of traffic entering the link layer from the PHB. For instance, WiFi aggregation could otherwise cause queueing downstream. Section 5.5 of RFC9331 provides text that could pretty much be lifted verbatim, except replacing 'L4S behaviour' with 'NQB PHB'. It includes two subsections, one for the link behaviour that the PHB at a bottleneck feeds, and one for links upstream of the bottleneck. ------------------------------------------------------------------------ Technical Comments §4.4.1 Interoperability with Non-DS-Capable Domains "...it is RECOMMENDED that the operator of the upstream domain re-mark NQB traffic to DSCP 0 (Default) before delivering traffic into a non-DS-capable domain. ... As an alternative to re-marking, such an operator could deploy a traffic protection (see Section 5.2) or a shaping/policing function ..." I suggest these remedies are switched round, with policing as the primary recommendation, and re-marking as a less-preferred alternative. Also the choice of re-marking to the relevant class selector should be allowed (as per RFC2475, §4), particularly where the downstream domain is another ISP rather than an end-customer. Reason: 'Opportunistically' ruining any possibility of the DSCP being used to isolate NQB in a downstream domain is irreversible. However, the upstream domain is often only guessing that the downstream domain is Non-DS-Capable. Also re-marking ruins the NQB service for any further downstream domains, not just the immediate neighbour. §4.4.1 Interoperability with Non-DS-Capable Domains "the policer/shaper rate SHOULD be set to ... 5% of the interconnection data rate ... with excess traffic being either re-marked and classified for Default forwarding or dropped." I don't believe drop should be recommended here with the same strength as re-marking. The 5% limit (or whatever limit is chosen) has been derived on fairly arm-waving foundations. There is no traffic contract that the sender has broken, so shouldn't only re-marking be recommended (and maybe drop at some significantly higher limit)? Alternatively, the pros and cons of the two could be listed for operators to choose, without the IETF recommending either. §5.2. Traffic Protection [placement] "the NQB PHB SHOULD support a "traffic protection" function that can identify microflows that are inconsistent with the sender requirements in Section 4.1" It needs to be spelled out that, in the case of low-stat-mux PHBs, traffic protection is likely to be highly inefficient unless located directly in front of the actual potential bottleneck PHB. Diffserv practitioners expect traffic conditioning to be located at domain boundaries, so it needs to be clear that this is *not* what is recommended here (that's sort-of implied, but not clear). It wouldn't harm to add another recommendation, e.g. "In low-stat-mux cases, a single traffic protection function SHOULD be deployed in front of the PHB itself (as opposed to conditioners at multiple ingress points)." This ought to be explained/justified as well. I've written a first attempt in {Note 1} at the end, but it's too long, partly 'cos I spelled it out for non-experts. The three statements quoted below from §5.2 need qualification/modification, as I explain in the bullets after them: 1. "One potential implementation of such a traffic protection algorithm is a per-microflow rate policer,..." 2. "An alternative is to use a traffic protection algorithm that bases its decisions on the detection of actual queuing (i.e. by monitoring the queuing delay experienced by packets in the NQB queue)" ...(many para's later)... 3. "Additionally, some networks might prefer to police the application of the NQB DSCP at the ingress edge, so that per-hop traffic protection is not needed." * #1 should make it clear that "such a traffic protection algorithm" means one local to the PHB. * #2 should also make it clear that actual queue detection cannot be located remote from the PHB. * For low stat-mux links, #2 should be given as the preferred alternative, with #1 less preferred (conditioning on flow rates has to remove most bursts in case they coincide with bursts from other sources, whereas conditioning at the actual queue only needs to remove bursts that do actually coincide - see {Note 1} for details). * For low-stat-mux PHBs, it should be made clear why #3 will tend to be highly inefficient (see Note 1). o And s/per-hop/per-bottleneck-hop/ It would be useful to give the pros and cons of each approach, rather than just drop them in as possible alternatives with unstated merits. Some suggestions: * instantaneous flow rate can be measured at a dedicated edge node, whereas actual queue needs to be measured wherever the bottleneck actually is (this relates to the last sentence of the section, which could be moved here, given it seems not to be related to anything else near where it is) * flow rate is not a good predictor of actual queuing, particularly where statistical multiplexing is low, because queuing depends on correlation of a number of higher rate or bursty flows including correlation with traffic in equal or higher priority queues * to protect low-stat-mux access links, protection local to each potential bottleneck is more feasible, whereas remote conditioning is more appropriate for hi-stat-mux cases. * per-flow rate cannot protect against queuing caused by large numbers of low-rate flows * ...more? Perhaps a subsection on placement is needed at the start of the section about traffic protection. Then it could be used as context for caveats around statements like those above. For instance, #2 could be recommended for lo-stat-mux, and #3 deprecated if there were multiple ingress points. Differences in placement of conditioning are also missing from the differences between NQB and EF (Appendix B), given EF has generally been discussed in the context of a hi-stat-mux RFC2475-style architecture. §5.2. Traffic Protection "There are some situations where traffic protection is potentially not necessary. For example, a network element designed for use in controlled environments (e.g., enterprise LAN) where a network administrator is expected to manage the usage of DSCPs." Another important example: highly aggregated links, where burstiness is a) averaged out, and b) only leads to tiny amounts of delay even when many bursts coincide. (BTW, there should also be a new para before the last sentence of this para, which is on a different subject.) §5.2. Traffic Protection CURRENT: "Such a function SHOULD base its decisions upon the behavior of each microflow rather than on application-layer constructs (such as the port number used by the application or the source/destination IP address)" PROPOSED: "Such a function SHOULD NOT base its decisions upon application-layer constructs (such as the port number used by the application or the source/destination IP address). Instead it ought to base its decisions on the actual behavior of each microflow." REASON: I think the wording was trying to preclude certain approaches that prejudge behaviour based solely on well-known identifiers, but the requirement is written the wrong way round for that. Also, note the use of 'ought to' and the absence of any normative (capitalized) requirement language in the second sentence, because it does not seem appropriate to recommend a particular way for traffic protection to work (as stated in the subsequent para). For instance, it might be possible to design an aggregate policer without per-flow awareness that picks out packets likely to be responsible for high delay. §5.2. Traffic Protection CURRENT: "In the case of a traffic protection algorithm that re-marks and reclassifies offending traffic," Re-marking should be separated from reclassifying, as two of three possible penalties (the third being discard in the next para). Indeed, reclassifying ought to be recommended over re-marking, as in the last 2 paras of §5.5 of the DOCSIS queue protection draft, which recommends reclassification without re-marking (of the ECN field in that case), based on a requirement in Section 5.4.1.2 of RFC9331: https://datatracker.ietf.org/doc/html/draft-briscoe-docsis-q-protection-06#section-5.5-4 Reason: this policer is based on actual queuing, and so any queuing could be transient, and is likely to imply the policer is at the bottleneck and therefore, further queuing downstream will be less likely. In contrast, with flow-rate-based policers, re-marking makes more sense (because the flow rate is broadly the same along the length of each flow). If an operator finds it necessary to use the results of one traffic protection function (actual queue-based or flow-rate-based) to protect other downstream queue(s), docsis-q-protection recommends re-marking to a local-use DSCP. The NQB draft ought to recommend a local-use DSCP too (if the operator wants to make its QProt function act for its whole domain). This DSCP could then be re-mapped to 45 before leaving the domain, so that the local decision does not pollute treatment of NQB in downstream domains. ------------------------------------------------------------------------ Nits *Throughout:* §1 Intro "...managed by an end-to-end congestion control algorithm. Many of the commonly-deployed congestion control algorithms, such as Reno, Cubic or BBR, are designed to seek the available capacity of the end-to-end path..." §3.2 "...it has not been used for these purposes end-to-end across the Internet." §3.2 "...meeting the performance requirements of an application in an end-to-end context " §3.2 "These mechanisms can be difficult or impossible to implement in an end-to-end context." §3.2 "...the NQB PHB ... could conceivably be deployed end-to-end across the Internet." §3.2 "...the performance requirements of applications cannot be assured end-to-end," §4.4: "End-to-end usage and DSCP re-marking" §4.4 "...this PHB is expected to be used end-to-end across the Internet," §4.4 "...To ensure reliable end-to-end NQB PHB treatment," Appx A. "...it will severely limit the ability to provide NQB treatment end-to-end." In the IETF transport area, "end-to-end" normally means 'between the end hosts without network involvement'. Perhaps 'whole-path' or other alternatives could be used, except in the very first case above? s/this draft/this document/ (2 occurrences) Abstract **"properties and characteristics" just one or the other would be sufficient, wouldn't it? §1. Intro "microflows (see [RFC2475] for the definition of a microflow)" Summarize cross-reference: Surely it would be worth briefly restating this definition here, e.g. "microflows (application-to-application flows [RFC2475])." I went to RFC2475 to check whether it was somehow different to the well-understood definition of microflow. "...managed by a classic congestion control algorithm (as defined in [RFC9330])," Summarize cross-reference: As this is not a term that Diffserv engineers are likely to have come across, surely the referenced definition ought to be summarized here, e.g. "(one that coexists with standard Reno congestion control [RFC5681])" "...to effectively use the link..." I tripped up on this, initially assuming the alternative meaning of effectively (as in "it's effectively worthless"). How about: "...to use the link effectively..." "...to use the link efficiently..." "Active Queue Management (AQM) mechanisms (such as PIE [RFC8033], DOCSIS-PIE [RFC8034], or CoDel [RFC8289])..." It would be better to say specifically that you are talking about single queue AQMs here: "Active Queue Management (AQM) mechanisms intended for single queues (such as PIE [RFC8033], DOCSIS-PIE [RFC8034], or PI2 [RFC9332])..." and I think it would be preferable to leave mention of CoDel until FQ-CoDel later in the para - it would be controversial to imply that CoDel manages a single queue well (potentially with a large number of flows). "If the AQM attempted to control the queue much more tightly, applications using those algorithms would not perform well." Unnecessarily vague. How about "...would not fully utilize the link"? "but these [FQ] are not appropriate for all bottleneck links, due to complexity or other reasons." Rather than writing as if the IETF is pronouncing on this, how about "but not all operators think they are appropriate for all bottleneck links, due to complexity or other reasons." §3,. "Context" You wouldn't normally expect an introductory section headed 'Context' to contain normative requirements. However, a couple of 'SHOULD's appear in the last para of §3.3. It might be better to shift that whole last para into the relevant requirements section (e.g. as a new subsection after §§4.2 & 4.3 which are also about mixtures of codepoints). Then state at the beginning of §3 that the whole section is informative only. However, perhaps I'm being too purist. §3.1. Non-Queue-Building Behavior CURRENT: "highly unlikely to exceed the available capacity of the network path between source and sink." PROPOSED: Add "...even at an inter-packet timescale." or similar wording. REASON: people usually think of data rate as an averaged measure. §3.2. Relationship to the Diffserv Architecture CURRENT: "and given no reserved bandwidth other than the bandwidth that it shares with Default traffic." PROPOSED: "and given no reserved bandwidth other than any minimum bandwidth that it shares with Default traffic." REASON: The current wording implies that all operators always give Default some reserved bandwidth. CURRENT: "Instead, the goal of the NQB PHB is to provide statistically better loss, latency, and jitter performance for traffic that is itself only an insignificant contributor to those degradations." PROPOSED: "Instead, the sole goal of the NQB PHB is to isolate NQB traffic from other traffic that degrades loss, latency and jitter, given that the NQB traffic is itself only an insignificant contributor to those degradations. REASON: The current wording implies that the PHB provides the better performance, which contradicts the statement in the introduction that it is NQB senders that provide the better performance, not the PHB. It would be worth repeating that here. (see also similar comment later about the first para of §5.1 "Primary Requirements") CURRENT: "...relatively low data rates" PROPOSED: "...relatively low and smooth data rates" CURRENT: "The main distinctions between NQB and EF are discussed in Appendix B." Summarize cross-reference: It would be useful to give a summary sentence here {Note 2 was my first attempt, but it's too long}. §4.1. Non-Queue-Building Sender Requirements CURRENT: "Microflows that align with the description of behavior in the preceding paragraphs in this section SHOULD be identified to the network using a Diffserv Code Point (DSCP) of 45 (decimal) so that their packets can be queued separately from QB microflows." PROPOSED: "Microflows that mark their packets using a Diffserv Code Point (DSCP) of 45 (decimal) SHOULD align with the description of behavior in the preceding paragraphs in this section, so that their packets can be queued separately from QB microflows with minimal harm to other NQB traffic." REASONING: The current wording is the wrong way round. It shouldn't recommend that all traffic that behaves like NQB has to be marked as NQB. Otherwise it would be saying that most EF, CS5, etc traffic SHOULD be marked as NQB instead. §4.2.Aggregation... I'd prefer to see the last para shifted to after the first. These are the two paras with normative requirements in them, then the others are sort-of mitigations and exceptions. Also, the last para highlights the difference between treating NQB traffic as if it's Default, and re-marking it to be Default, which is the big important point here. However, I can also see that the 3 paras in the middle at the moment relate more to the first para. So if the authors think the logical flow would be better as it is, I won't fight for this. Retitle §4.2 & §4.3 (Aggregation of the NQB DSCP into another PHB; and Aggregation of other DSCPs into the NQB PHB)? The (unspoken) distinction between these two sections seems to be more that: * §4.2 is about typically uncongested core networks, where separation from Default (or another similar PHB) might not be necessary, * §4.3 is really about where a PHB isolated from Default has been provided, and could be used for an aggregate of classes that would all benefit from such isolation. The current titles focus on what *name* a PHB started with before it was aggregated, which is a bit academic, because aggregates don't necessarily bear the name of any of the classes they consist of (e.g. the Elastic aggregate). Perhaps: §4.2. Aggregation of the NQB DSCP without isolation from Default traffic §4.3. Aggregation of the NQB DSCP preserving isolation from Default traffic Strictly, §4.2 also discusses aggregation with real-time, instead of Default, but I've assumed that such detail doesn't need to be explained in the section heading. §4.3. Aggregation of other DSCPs in the NQB PHB If you prefer not to change the section headings as above, pls consider... s/in/into/ because my parser tripped up on 'in' (and 'into' is consistent with the §4.2 heading). §4.4.1. s/occuring/occurring/ §4.5. The NQB DSCP and Tunnels "reordering-sensitive tunnel protocol" Summarize cross-reference: An example of one would be useful, or an explanation of the implications. §4.1 of RFC2983 gives examples, but we shouldn't have to read references to get at least a grasp of what this draft is talking about. §4.5. The NQB DSCP and Tunnels "In the case of the pipe model, any DSCP manipulation (re-marking) of the outer header by intermediate nodes would be discarded at tunnel egress, potentially improving the possibility of achieving NQB treatment in subsequent nodes." The contrary could equally apply. If the DSCP re-marking of the outer was part of an interconnection contract, it could well have been designed to preserve the NQB treatment in downstream domains. §5. NQB PHB Requirements This section is built on the goal of incentive alignment. In the IETF, there ought to be consensus on incentive-alignment as a goal, but I have detected that some IETF participants dismiss incentive alignment if a network service does not *also* protect against malicious attack (or accidents). So perhaps the following would be a useful introductory sentence... "Incentive alignment ensures a system is robust to the behaviour of the large majority of individuals and organizations who can be expected to act in their own interests (including application developers and service providers who act in the interests of their users). Malicious behaviour is not necessarily based on rational self-interest, so incentive alignment is not a sufficient defence, but the large majority of users do not act out of malice. Protection against malicious attacks (and accidents) is addressed in Section 5.2 on Traffic Protection and Section 11 on Security Considerations summarizes it." This could replace the parenthesis later in the first para: "(this is discussed further in this section and Section 11 <https://datatracker.ietf.org/doc/html/draft-ietf-tsvwg-nqb-21#Security>)" which read oddly to me, because it doesn't explain why the split between this section and section 11 anyway. §5.1. Primary Requirements "...the NQB PHB makes no guarantees ..., but instead aims to provide an upper-bound to queuing delay for as many such marked microflows as it can." This contradicts the premise that the network does not provide the low delay - the low queueing delay is provided by the collective action of NQB senders, and the PHB only isolates them from QB traffic. Just the mention of an upper-bound gives the wrong impression that a max queuing delay number can be calculated. And 'for as many such marked microflows as it can' is also strange, given that delay variation tends to reduce for links designed for more flows (but admittedly not when more flows are used in a link than it is designed for). Indeed, I'm not sure that this is the right place for any of the first para. It does not define a requirement. The first part about making no guarantees could be moved to the introduction. And perhaps the second part after the comma can just be dropped? §5.1. Primary Requirements CURRENT: "An exception to this recommendation is discussed in Section 4.4.1." PROPOSED: "An exception to this recommendation for traffic sent towards a non-DS-capable domain is discussed in Section 4.4.1." REASON: Summarize cross-reference: A short decription helps the reader more than just a bare section number. §5.1. Primary Requirements CURRENT: "e.g., a deficit round-robin scheduler with equal weights" " (e.g. with equal DRR scheduling)" I couldn't tell whether DRR was the main focus of these examples, or the fact that the weights are equal. For equal preference, the weights of a DRR scheduler have to be proportionate to the aggregate rates of each class of traffic. That's hard to determine with capacity-seeking traffic, but NQB is not capacity-seeking: * Each NQB application is meant to limit its instantaneous rate to within a small proportion of typical total capacity - the draft suggests 1%. So giving NQB 50% forwarding preference effectively gives it much more preference than it needs. Certainly, we need to allow for the possibility of multiple NQB flows, therefore multiples of 1%. And certainly, it would be reasonable to give NQB somewhere close to the maximum proportion of capacity it might need, or a little more, so that its queuing delay remains low relative to Default traffic. o For example, if there's 6Mb/s of unresponsive NQB traffic scheduled by 50:50 DRR into a 100Mb/s link, and the balance is consumed by 10 capacity-seeking QB flows that is probably fine. However, a 45Mb/s unresponsive but smooth NQB flow could also take advantage of a 50:50 scheduler. Then the 10 flows would share the balance, getting 5.5Mb/s each. o This inequality isn't a problem per se, but it is problematic to hold up 50% scheduler weight as somehow a golden fraction. o It would be more justifiable to say that: + the scheduler weight for NQB traffic ought to be at least proportionate to the fraction of capacity that NQB is likely to use, and ideally a little higher than the highest likely fraction (to ensure low worst-case queuing delay). + But then the text should admit that the fraction of capacity for NQB flows is likely to be hard to ascertain in a lo-stat-mux environment, so it is instead suggested that a fraction like 20% - 50% would be a reasonable maximum scheduler weight for NQB; + Then it needs to say "The exact value is unimportant as long as it's high enough," because NQB is app-limited, so if its weight is too high, the unused capacity can be borrowed by capacity-seeking traffic. + But it shouldn't be excessive, otherwise it gives more leeway for greedy abuse by NQB traffic. * Taking Low Latency DOCSIS as another example, it uses the DualQ [RFC9332] and doesn't comply with "The node SHOULD provide a scheduler ... that treats the two classes equally", because it gives 90% to the L queue. o Admittedly: + the 90% has to serve L4S as well as NQB traffic. + the coupling between the DualQ AQMs ensures that L4S traffic nearly always uses less than its 90% scheduler weight, so RFC9332 recommends any high fraction, saying "its exact value is unimportant", because it merely ensures low delay for the L queue, not bandwidth shares o However, when there is no L4S traffic, the full 90% is available to NQB. o My point is that 90% is a good figure in this case, and 15% might be a good figure in another case (e.g. with only NQB and no L4S). o But the take-home message is that 50% is not a golden number. Wouldn't it be less distracting to use an example scheduler that doesn't share capacity explicitly, but instead acts on time? For instance: * two Wireless Multimedia (WMM) Access Categories (ACs) with the same EDCA parameters. §5.2.Traffic Protection CURRENT: "It is possible that due to an implementation error or misconfiguration, a QB microflow" PROPOSED: "It is possible that, due to an implementation error or misconfiguration, a QB microflow" (added comma) CURRENT: "This specification does not mandate a particular algorithm for traffic protection. This is intentional, since the specifics of traffic protection could need to be different..." PROPOSED: "This specification does not mandate a particular algorithm for traffic protection. This is intentional, since this will probably be an area where implementers innovate, and the specifics of traffic protection could need to be different..." §5.3. Impact on Higher Layer Protocols I understand that the exitence of this section is a requirement from the PHB specification guidelines in RFC2475 (§3; guideline G.14). However, there are a number of problems with where this section sits in the document. * It is within §5 'NQB PHB Requirements', but it contains no requirements. * It is actually about the Impact of Traffic Protection on Higher Layer Protocols, but doesn't say so. * It overlaps with the two paras in the previous section on Traffic Protection, starting 'In the case of', and it repeats much of the first of those two. Suggested remedies: * To generalize it from just the impact of traffic protection, it ought to open by saying: o "The NQB PHB itself has no impact on higher layer protocols, because it only isolates NQB traffic from non-NQB. However, traffic protection of the PHB can have unintended side-effects on higher layer protocols." * Perhaps it could be shifted to an Appendix (as suggested in RFC2475) * I suggest that the two paras starting 'in the case of' in §5.2 "Traffic Protection" are given their own subsection of §5.2, perhaps titled "Potential Traffic Protection Penalties" and split into 3 paras for: o reclassify o re-mark o discard * then perhaps they could refer to the appendix about impact on higher layer protocols §5.3. Impact on Higher Layer Protocols CURRENT: "The traffic protection function described here" Not clear which function this is referring to. Two were described (and they are separated from here by a couple of long paras). §6. Configuration and Management CURRENT: "The default for such classifiers is recommended to be the assigned NQB DSCP (to identify NQB traffic) and the Default (0) DSCP (to identify QB traffic)." SUGGESTED: "The default classifier to distinguish NQB traffic from traffic classified as Default (DSCP 0) is recommended to be the assigned NQB DSCP (45 decimal). REASON: This text as it stood recommended that the Default DSCP now only identifies QB traffic. Whereas it ought to still be quite acceptable to identify traffic that doesn't build queues using DSCP 0. §6.1. Guidance for Lower Rate Links CURRENT: "it is RECOMMENDED that the NQB PHB be disabled and for traffic marked with the NQB DSCP to thus be carried using the Default PHB." PROPOSED: Add: "However, the NQB DSCP SHOULD NOT {MUST NOT?} be re-marked to the Default DSCP (0)." REASON: To repeat and reinforce the similar requirement earlier, but for this context. §7.1. DOCSIS Access Networks Add reference the white paper on Low Latency DOCSIS at the end? §7.2 Mobile Networks Perhaps add a remark at the end of the 2nd para about how this relates (or not) to the primary requirements in §5.1. (non-rate limiting and equal preference)? §7.3.1. Interoperability with Existing Wi-Fi Networks CURRENT: "...the Wi-Fi link is commonly a bottleneck link.." PROPOSED: "...the Wi-Fi link can become a bottleneck link.." REASON: As it stands, this semi-contradicts the first sentence of the DOCSIS section, which says DOCSIS operators commonly configure the access to be the bottleneck. Saying 'can become' hints that it depends how good the Wi-Fi signal path is. CURRENT: "Wi-Fi equipment ... will support either the NQB PHB requirement for separate queuing of NQB traffic, or..." PROPOSED: "Wi-Fi equipment ... will support either the NQB PHB requirement for separating queuing of NQB traffic from Default, or..." REASON: If for instance, the 45 DSCP of NQB puts it into the VIdeo access category, it won't be separate from Video, only from Default. CURRENT: "Wi-Fi gear typically has hardware support (albeit generally not exposed for user control) for adjusting the EDCA parameters in order to meet the equal priority recommendation. This is discussed further below." PROPOSED: "The arrangement of queues in Wi-Fi gear is typically fixed, whereas most Wi-Fi gear supports adjustment of the EDCA parameters (albeit generally not exposed for user control) as recommended further below in order to meet the equal priority recommendation." REASON: When I read the text as it stood, it wasn't clear that it was motivating the choice of separate queuing. My sentence is still rather complex - perhaps it can be improved on. CURRENT: "A residential ISP that re-marks the Diffserv field to zero, bleaches all DSCPs and hence would not be impacted by" PROPOSED: "A residential ISP that re-marks the Diffserv field to zero would not be impacted by" REASON: Tautology. CURRENT: "* For application traffic that originates outside of the Wi-Fi network, and thus is transmitted by the Access Point, opportunities exist in the network components upstream of the Wi-Fi Access Point to police the usage of the NQB DSCP and potentially re-mark traffic that is considered non-compliant, as is recommended in Section 4.4.1 <https://datatracker.ietf.org/doc/html/draft-ietf-tsvwg-nqb-21#unmanaged>. A residential ISP that re-marks the Diffserv field to zero, bleaches all DSCPs and hence would not be impacted by the introduction of traffic marked as NQB. Furthermore, any change to this practice ought to be done alongside the implementation of those recommendations in the current document. " This bullet is too complex for me to understand. Maybe I need a break from reading this, but I don't understand how the last two sentences relate to the previous sentence in this bullet, or how they 'motivate the choice of separated queuing', which is what all the bullets are meant to be doing. I also don't know which of the two earlier practices 'this practice' is referring to, re-marking or bleaching? CURRENT: "...ought to be done alongside the implementation of those recommendations in the current document." PROPOSED: "...would be efficient to implement at the same time as the recommendations in the current document." (if this wording survives my previous comment) §8. Acknowledgements The RFC style guide recommends acknowledgements should appear at the end, before Contributors & Authors: https://www.rfc-editor.org/rfc/rfc7322.html#section-4 §11. Security Considerations The first para is about incentive-compatibility might be better covered fully in one place (at the head of §5) by using the material from here that explains exactly what causes the degradations. Then just explain in the Security Considerations that NQB is based on incentive alignment (§5) which makes it robust to self-interested actors, but traffic protection against malicious actors is also recommended (§5.2). CURRENT: "The recommendations on traffic protection mechanisms in this document presume that some type of "flow" state be maintained" If you've adopted my suggestion to make 'SHOULD base its decisions upon the behavior of each microflow' in §5.2 non-normative, then this sentence no longer needs to say that flow-state is presumed. CURRENT: "While the NQB DSCP value could be abused to gain priority on such links," Before making the point that the NQB DSCP would be the least likely to be abused, the blindingly obvious should be pointed out - that existing WMM WiFi APs already allow DSCP 45 and all the other DSCPs in half the space to gain priority today, whether or not 45 is assigned to NQB. This is more relevant for upstream, then the point about least worst is more relevant for downstream. s/than any of the other 31 DSCP values that are provided priority/ /than any of the other 31 DSCP values that are given priority/ REASON: my parser tripped over this. CURRENT: "The details of any security considerations that relate to deployment and operation of NQB in these network technologies are not discussed here." PROPOSED: "Any security considerations that relate to deployment and operation of NQB solely in specific network technologies are not discussed here." REASON: I think that's what you meant, and it justifies itself better. CURRENT: "While re-marking DSCPs is permitted for various reasons..., if done maliciously, this might negatively affect the QoS of the tampered microflow." PROPOSED: Add: "Nonetheless, an on-path attacker can also alter other mutable fields in the IP header (e.g. the TTL), which can wreak much more havoc than just altering QoS treatment. Appendix A. DSCP Re-marking Policies s/the result would be that traffic marked with the NQB DSCP would/ /it would/ CURRENT: "This could be another motivation to (as discussed in Section 4.3) classify CS5-marked traffic into NQB queue." PROPOSED: "This could be another motivation to classify CS5-marked traffic into the NQB queue (as discussed in Section 4.3)." (note omission of 'the' as well as shift of parenthetical). Appendix B. Comparison to Expedited Forwarding s/Comparison to/Comparison with/ Subtle, but my ear for English felt this sounded wrong. I didn't find the language guides on the web very useful, so I'll leave you to pick the one you feel is right. CURRENT: "While EF relies on rate policing and dropping of excess traffic, this is only one option for NQB. NQB alternatively recommends that the implementation re-mark and forward excess traffic using the Default PHB, rather than dropping it." PROPOSED: "While EF relies on rate policing and dropping of excess traffic at the domain border, this is only one option for NQB. NQB alternatively recommends traffic protection located at each potential bottleneck, where actual queuing can be detected and excess traffic can be reclassified into the Default PHB, rather than dropping it. Local traffic protection is more feasible for NQB, given the focus is on access networks, where one node is typically designed to be the known bottleneck where traffic control functions all reside. In contrast, EF is presumed to follow the Diffserv architecture [RFC2475] for core networks, where traffic conditioning is delegated to border nodes, in order to simplify high capacity interior nodes." REASON: The comparison seems to have omitted discussion of traffic conditioning topology (see earlier point about placement). Also see my attempt to summarize how NQB compares with EF {Note 2} Appendix C. Alternate Diffserv Code Points CURRENT: "In networks where another ... DSCP is designated for NQB traffic, or ... it could be preferred to use another DSCP." Tautology. I think a paragraph break is appropriate after this, and before 'In end systems...' Or is there meant to be somehow a logical flow between them? Reason: One part is about 'In networks'. The other is about 'In end systems'. BTW, to make the section heading an easy read for all English speakers s/alternate/alternative/, because in British English, the adjective 'alternate' solely means 'interchanging', whereas 'alternative' means what you intended in all English variants. Nonetheless, most Brits would work out what you meant. ------------------------------------------------------------------------ Notes {Note 1}: _The Problem with Conditioning Traffic Remotely for Low Stat-Mux Bottlenecks _ The following explanation fis fairly long, because I have had to spell out assumptions behind different ways of thinking. So apologies if some of it seems patronising... When there is low statistical multiplexing (stat-mux) at a bottleneck it becomes very inefficient (verging on impossible) to locate traffic conditioning (aka. traffic protection) at multiple ingress points remote from the PHB (the potential bottleneck). For instance, let's start with a simple toy case in the downstream only, where all NQB flows (e.g. online game sync streams) have the same regular packet bunching, so we can know that (say) 12 of these flows in one buffer would cause too much queuing. Then if NQB traffic is being conditioned remotely at 3 ingress points, how many flows at each ingress would be too much? Not 12. Maybe 5? Or probably 4 to be certain not to cause excessive queuing at the bottneck. But it would not be so unusual if the set of clients in a home happen to call for most of their NQB traffic via just one of the ingress points at peak time on one day, and most via another on the next day (it's not unusual for the interests of people living together to shift around together, because some families still even talk to each other sometimes ;). But remote traffic conditioning has to prevent them exceeding 4 flows via any single ingress, even if they aren't pulling any traffic from the other ingress points. If 5 flows are passed through an aggregate traffic conditioning limit of 4 flows, usually it will ruin them all. So, to ensure that more than 12 flows don't ruin this family's service, their service is often ruined whenever they call for more than 4 flows. Ironic but a consequence of remote traffic conditioning at 3 ingresses for a low stat-mux bottleneck. With traffic protection based on /actual/ queuing (located at the PHB itself), traffic would only be limited when 12 flows coincided, and then only when their bursts coincided. Real traffic is not as regular as these toy example flows, so remote traffic conditioning is even less efficient. Short NQB flows would be mixed with medium and long ones, each with different regularity and different smoothness. So each traffic conditioner has to err on the side of caution in case bunches of packets from the other conditioners coincide at the bottleneck. So, 3 conditioners have to limit their /burst/ allowances to 1/3 of the available capacity for NQB at the PHB. And in low stat-mux, even for NQB, average rate will be many times less than the allowance needed for bursts. In contrast, the RFC2475 Diffserv architecture (with traffic conditioning around a domain border protecting the PHBs on interior routers) is applicable to hi-stat-mux networks, e.g. enterpirse networks attached to large core networks. Then, although the amount and balance of traffic from different ingress points (the traffic matrix) varies, the variation is of the same order as the average, not many multiples of the average. For instance, let's multiply up the above toy example by 1,000. if 12,000 flows at a link come from 3 ingress points, with on average 4,000 each, it is highly unlikely that at peak time on one day 11,000 will all come from one ingress, and the next day 11,000 will all come from another. Instead, the range of variation at each of the 3 ingresses might be 3,000 to 5,000 flows. Also as stat-mux increases, bursts and troughs tend to cancel out more than they reinforce. So, with hi-stat-mux, remote traffic conditioning can be sufficiently efficient to be worthwhile. Also, the aim of the RFC2475 architecture is to avoid traffic conditioning on high capacity interior nodes, in part due to the complexity at high speed, and in part because shedding traffic from such a high capacity node would impact a large proportion of the customer base. The opposite is true with a low stat-mux bottleneck. Adding complexity to detect and handle actual queuing is feasible at lower scale, and shedding traffic by definition only affects a few flows (as few as one - with per-flow mechanisms). {Note 2} The following is my attempt at a comparison of NQB with EF (written as a note-to-self originally, but feel free to lift parts for this draft if you want): The main distinction between NQB and EF is that an NQB bottleneck is not guaranteed to stay below a certain queue delay, so (in the 'actual queuing' alternative) NQB relies on traffic protection at each potential bottleneck to shed traffic that is causing actual queuing. In contrast, EF can guarantee a maximum queue at interior nodes by using traffic conditioning at border nodes to shed any traffic in excess of the contracted aggregate EF rate - even though accepting the excess traffic might not have caused any actual queuing (see Appendix B for details). The 'actual queuing' approach of NQB is more appropriate where statistical multiplexing is low, e.g. in access networks. With low stat-mux, there is high variation in the total load of the class, so it can be highly inefficient to limit traffic at each border in case correlated bursts cause queuing, compared to only dealing with queuing that actually occurs. Bob -- ________________________________________________________________ Bob Briscoehttp://bobbriscoe.net/
- [tsvwg] Review of draft-ietf-tsvwg-nqb-21 Bob Briscoe
- Re: [tsvwg] Review of draft-ietf-tsvwg-nqb-21 Greg White