IETF Logo Mail Archive

Re: [tsvwg] Draft diffuser to QCI v04 posted

"Holland, Jake" <jholland@akamai.com> Thu, 23 April 2020 20:31 UTC

Return-Path: <jholland@akamai.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A1513A1378 for <tsvwg@ietfa.amsl.com>; Thu, 23 Apr 2020 13:31:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lllsS-WEgW09 for <tsvwg@ietfa.amsl.com>; Thu, 23 Apr 2020 13:31:38 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 261E33A1374 for <tsvwg@ietf.org>; Thu, 23 Apr 2020 13:31:38 -0700 (PDT)
Received: from pps.filterd (m0122331.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 03NKIe2v030208; Thu, 23 Apr 2020 21:31:34 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=kVTXkOjzMr7B2XNwrlpDoLjNRgshAZBtp1CvfqXYvV4=; b=Ok6bWAeyTLDdxju3V56msKeuW3TaP+YBoRQfbqutbuSz9Rewnv6Phchk4q0YXe7F4Leh KD4JvHXOtT0bnFAm2qEn/T/qjQRaFFX9/mhzosoCvcCFvgcPKLyvF0pzE80cLucylszZ U5sFKkczlrDe/1lLb24aMhpSZADe61ytHHIBI71yA44aipbVnXM8ZNGy2Hp9PahX2lCw PyJfDd0774TQKXrvjcIhtaORwzOHG44wrGiMFqWBNQNfpI/oltI2ITNbH3r+XvzAtq5R zJ88aSumrck3RjV5tWkT38s3drkvXSIlEjtO7FLDShgm/u1TRFVj6FBLNbDSt2NAKJc9 tQ==
Received: from prod-mail-ppoint6 (prod-mail-ppoint6.akamai.com [184.51.33.61] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 30fpduwv17-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 23 Apr 2020 21:31:34 +0100
Received: from pps.filterd (prod-mail-ppoint6.akamai.com [127.0.0.1]) by prod-mail-ppoint6.akamai.com (8.16.0.27/8.16.0.27) with SMTP id 03NKHspt016349; Thu, 23 Apr 2020 16:31:33 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.30]) by prod-mail-ppoint6.akamai.com with ESMTP id 30fvvukupf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 23 Apr 2020 16:31:33 -0400
Received: from usma1ex-dag1mb6.msg.corp.akamai.com (172.27.123.65) by usma1ex-dag1mb2.msg.corp.akamai.com (172.27.123.102) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 23 Apr 2020 16:31:28 -0400
Received: from usma1ex-dag1mb6.msg.corp.akamai.com ([172.27.123.65]) by usma1ex-dag1mb6.msg.corp.akamai.com ([172.27.123.65]) with mapi id 15.00.1497.006; Thu, 23 Apr 2020 16:31:29 -0400
From: "Holland, Jake" <jholland@akamai.com>
To: "Jerome Henry (jerhenry)" <jerhenry=40cisco.com@dmarc.ietf.org>
CC: "jerhenry=40cisco.com@dmarc.ietf.org" <jerhenry@cisco.com>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Thread-Topic: [tsvwg] Draft diffuser to QCI v04 posted
Thread-Index: AQHWEoNqe/kEXabRhEaw+W3E1C0XrKiBxJDwgABXAICABOl2gA==
Date: Thu, 23 Apr 2020 20:31:29 +0000
Message-ID: <BB29B8CD-959B-4EC6-9261-C0D4AD57761A@akamai.com>
References: <A3DECAE1-8FB1-4F56-BF72-C92E5024D620@akamai.com> <FRAPR01MB0130EC4555CDE92C9DC28C1B9CD40@FRAPR01MB0130.DEUPRD01.PROD.OUTLOOK.DE> <0E0BB1F2-C22F-43B9-9579-9FE025AD7A6F@cisco.com>
In-Reply-To: <0E0BB1F2-C22F-43B9-9579-9FE025AD7A6F@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.36.20041300
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.80.233]
Content-Type: multipart/alternative; boundary="_000_BB29B8CD959B4EC69261C0D4AD57761Aakamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-23_15:2020-04-23, 2020-04-23 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2002250000 definitions=main-2004230150
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-23_15:2020-04-23, 2020-04-23 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 priorityscore=1501 impostorscore=0 spamscore=0 suspectscore=0 mlxscore=0 adultscore=0 clxscore=1011 lowpriorityscore=0 malwarescore=0 mlxlogscore=999 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2004230150
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/ZMC51YCdABB8ozcca4qP_uvGDzg>
Subject: Re: [tsvwg] Draft diffuser to QCI v04 posted
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2020 20:31:41 -0000

Hi Jerome,

I’m glad it’s possibly helpful.  I’ll try to answer your questions and expand a bit on the vision I had in mind, responses are inline with <JH></JH>


From: "Jerome Henry (jerhenry)" <jerhenry=40cisco.com@dmarc.ietf.org>
Date: Monday, April 20, 2020 at 11:31 AM
To: "Holland, Jake" <jholland@akamai.com>
Cc: "jerhenry=40cisco.com@dmarc.ietf.org" <jerhenry@cisco.com>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Subject: Re: [tsvwg] Draft diffuser to QCI v04 posted

Hi Jake,

This is very useful feedback. In this effort, it seems that we want to arbitrate between different needs. In the scenario we envision, an enterprise has a series of assets of various types, and they leverage a dual connection (MPTCP, QUIC etc) between cellular and unlicensed (let’s call it Wi-FI, although it can be something else). As traffic reaches the other side (application server with at least a Diffserv path to the asset), the hope is that both sides would have treated the packets in an approximatively comparable fashion.

Would you mind exploring your idea a bit further? In all cases, the actor is likely an enterprise IT. They can negotiate an SLA with the carrier(s) they work with. This could result in a series of QCIs attached to the various traffic they would send. Now, their goal is to attempt to get the same intent on both legs. They may not be LTE experts.

<JH>
The “(s)” in “carrier(s)” is the trickiest part here, I think, and a major driver for proposing a dynamic approach.

I assume here that the different carriers might have different markings for similar PHBs that might be hard for them to change. (For instance, the choices might be from hardware-driven constraints from their vendors, or perhaps due to things like legacy internal use cases within the carrier that drove an assignment some time ago, which now can’t be easily changed.)

The proposal is intended as a way that the carrier has the ability, with a relatively simple deployment of a simple service, to advertise the right markings that should be used for that network, and that these can be different from network-to-network, yet still usable by hosts, with apps that have a use for specific, named PHBs for their traffic.
</JH>

In your proposal, how would the choreography work? Would the enterprise create their own mapping between the LCIs their carrier suggested and some DSCP, chosen from unaffected values?
(Would they need any guidance on what these QCIs represent? Do we assume that they are comfortable or familiar with the various IETF QoS RFCs?) Would they then use the service.domain logic below to ask the carrier to mark the matching traffic at the interconnect? Or would the host/asset mark the DIffserv side, based on putting in a library somewhere, that the host can access, a service/socket to DSCP table?

<JH>
I think the answer to these depends on exactly how the mobile devices are connected, and how the enterprise network is structured, and whether the enterprise itself has any constraints on the DSCP values.

I imagine the most typical (or at least simplest) case being a transparent pass-through, where the lookup service is operated by the carrier, and it provides carrier-chosen values, and all the enterprise does is propagate the search domain from the carrier and the appropriate DNS entries for service discovery, and then passes through the DSCP markings.

I imagine that for enterprises with more complex networks, it could get more complex.  One can certainly imagine enterprises with expertise who would choose to run their own mapping and their own classes of service, especially for internal connections.  These may or may not come with enterprise constraints on the markings that may or may not match the carrier’s constraints, so there would perhaps be a marking translation config at the interconnect (where inside markings are translated back and forth to outside markings for the same class of service), and this would either be manually configured based on reviewing the SLAs, or might be automatable using the same sort of discovery logic (or the bgp interconnect, if preferred).  In this kind of scenario, the enterprise would operate its own search domain and provide its own mapping service for the mobile devices to use, and it would take more expertise, but it would only be required if the enterprise has its own uses for the codepoints.  (I imagine in practice there’d be vendors providing some kind of integration here, but some shops employing experts and doing it themselves.)

Whether the host connects to an enterprise-owned service (by discovering the service in an enterprise-owned search domain), or the carrier-owned service (by the enterprise passing through the carrier’s search domain to the end hosts), if the service messaging for the traffic_class_name->codepoint lookup is defined with the same messaging between host and service (for instance, it could perhaps be done as a RESTCONF server using a YANG model defined in the spec, or if there’s some reason could instead define a specific set of messages and version detection, etc.).

But the point of the service would be that the host would be able to look up the codepoint to use in order to get a named PHB for the packets it’s sending.  If the traffic class names come from a registry that map them to PHBs (probably a “specification required” registry, I would think), then collisions can be avoided in the traffic class names, and the hosts will know what name to use to attempt to get a certain kind of PHB from the network, and whether they can in fact meaningfully use that class of service within the network they’re connected to (The ability to provide a null result will be important in this service.)

So with this approach, the host would always mark the DSCP according to what it learned from the service.

The simple deployment would just pass it through transparently (both the markings and the mapping service discovery), whereas a complex deployment could if necessary provide a translation layer (by providing their own mapping service, and configuring an interconnect that remaps codepoints where necessary).  So the place the host learns the mapping from would be the control point, and setting up the right search domain so that the host discovers the right service would need to be configured in the host’s dhcp server to match the intended operation for that network.

I hope that makes some sense and helps clarify the suggestion.  It’s of course not a fully specified proposal, so of course there are many unspecified details.

For instance, just like with the bgp carrier interconnect proposal, maybe there could be different available classes of service based on the intended destination, and maybe these need to be handled as part of the mapping service (so maybe the lookup needs to use a destination, as well, and maybe maintaining the service is not trivial in all cases).  As another complicating factor, maybe there’s different permissions on different hosts’ access to the classes of service for different individuals, which might need to be handled in some enterprises with some sort of 802.x-based enforcement on the allowed markings from that host, and/or with client identity via client certs for the mapping service connection.

Describing these details and how to make them satisfy the needed use cases are left as an exercise for the prospective authors of this proposal, but to my mind (without having tried to write it all out) there seem like reasonable and tractable approaches that can be defined in the same way as for other services, or listed as out-of-scope details that may or may not be required for implementations to support.

All that said, I should give a disclaimer and clarify that it’s possible some of these underspecified details might make the whole approach non-viable for some reason I haven’t thought of yet.  This is really just a brainstorming idea at this stage, not a fully realized proposal, so caveat emptor.  I don’t vouch for it entirely, I only claim that it sounds easier to me and more likely to succeed than making a static mapping actually work.

Best,
Jake
</JH>

v2.23.0 | Report a Bug | By Email