[tsvwg] Disable ECN on VPNs, really?
Sebastian Moeller <moeller0@gmx.de> Wed, 18 November 2020 09:38 UTC
Return-Path: <moeller0@gmx.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8185F3A0C61 for <tsvwg@ietfa.amsl.com>; Wed, 18 Nov 2020 01:38:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P1U4TKL9JYoT for <tsvwg@ietfa.amsl.com>; Wed, 18 Nov 2020 01:37:59 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3FE63A0A3B for <tsvwg@ietf.org>; Wed, 18 Nov 2020 01:37:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1605692275; bh=Sq9jGKIJJpVZhT3RzkQ4tulYTxNhDyZwVnrD/szAjj4=; h=X-UI-Sender-Class:From:Subject:Date:To; b=NTgJACZw8z+kXILjZhzBfmi0PgLvDTIvS5cillAQ80qycJV8Ug1tmdcd8bcUlPLxR 066HA5a/pmYZ6jHHzFW+2wzx1IWyKQ90OiQ2fTYrqFADwzLbYzeei8CVw3FKrPyzHJ s4j3Eb+TIEvTnVAutlUiGJ05cFY+aInsonzRni+0=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.250.102] ([134.76.241.253]) by mail.gmx.com (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MK3Rs-1kyUeq3phm-00LYLI for <tsvwg@ietf.org>; Wed, 18 Nov 2020 10:37:54 +0100
From: Sebastian Moeller <moeller0@gmx.de>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
Message-Id: <B5C557FF-4631-4C2D-9A86-C498B357ED8D@gmx.de>
Date: Wed, 18 Nov 2020 10:37:54 +0100
To: tsvwg IETF list <tsvwg@ietf.org>
X-Mailer: Apple Mail (2.3445.104.17)
X-Provags-ID: V03:K1:9QNL3tyKMtsrO8AwdfZHvFBAEdc0yW9BVqFv3YmOB7nXow36jUg IL1KAihnU5PJICAkrzp6bk6kT3H5mFuhx/CAxwc/XcesaO2fc/DZTFVjPal1AZ6NzVVhMz4 OYSbf5tO4yh7Nc1sDhjKMb4pU8znHhFJzZIdWMJR8HAyznUnESMhpfR82fKLc9KbXZDGBSA ptvjcm65C6856W06tz1JQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:aTerxC19BEw=:f1dwAw0+8fEm9jk54FYnu9 SM7ia5SXIovWb/h/IAnjnG+7qogvIi3PICX4mbz9EwrFtiw3xOmE/pmH4h0RDvZASB6e4t9SW b0JXyy6igihdPX9cxjeq+odeoK17COl7KmVrk6cBgk+UM8qXKZi+5+r/8C7mBlmaoPOoByITI Fg5SKRjOt2KE2PWzJYZxiLWzjUVIw8NegYdcsxhtMBcjy59v/M7co0Sk5s14EKLXdH7P65s6D 9EImGiYTK4Lc+yOvIyoa3a3I0uTkmYcdAEhNkqd8ZTTJVQpZdsbxgPcKNRdkBb/mM7D7d8pVc HT/gA+l0PuXq+cvcdJtnIug62IhT4TWWSZquxTtdt2dkH7izDwE2d1yZ6WcTg1brIS+bqUi9r ZCerXA9G5bl2sTETLITG9R9Ef+6nhfDBpYY3VpvLw28galUwxZBY0LCycDV6UGLtOYZS/O+T3 /516l9PunP0tj9/hA8h4cPuYcUXV45pRAFv6MqmGBWMLSqKc5bK2oy1Oh8Sms54oIgWecD19U yM4+E8/DlqcXk27PJZ/WWChTXgrgX402/WeayqiFk1/GffLvo3V3Q2UdW9T/Q6Gsd8c3nG3rI AcF7fy3EZDJm0z//6S6C1F2HRH2dlX7FRb2zk29yUV4u60vaT5E4IZRYlKyJpjxYdTrE/KZ7v 9Wao+7qDXeePtan0dkiw6te/s5BoRnnN3Ln41/8n9V7pWoXGdxsdxU6KFRl3qKKRhsGrZpPWW cH6biOUDlupPhL9Sv0sibq13YRFSWT6Owk4TTvXgFhLRUxrVbK/n4j0krRR4Rkcl+jOfAmdfI alxMLrlBhQMGw53I3/zmweH6LMywm2rE7KWS4/Tr76sd1L7+RTsfvbZzcffTMQo7ZuHcwVfJE q+M8HRpc6bjAEumOMdRA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/gAolHcmrEMwHSTOCvqVcBpDSY4U>
Subject: [tsvwg] Disable ECN on VPNs, really?
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2020 09:38:00 -0000
Dear list, in today's tsvwg session chat, Mirja proposed that home-users could simply disable ECN negotiation for VPN tunnels to accommodate rfc3168 AQMs on the path and L4s flows in the tunnel. That is certainly an option, as would be to try to disable L4S for all home nodes or trying tp bleach ECT(1) on egress and ingress). Currently e.g. SQM (distributed as an OpenWrt installable package) employs an ECN fq_AQM at the ingress of home links to great success. The rationale to use ECN here is, that all packets entering the ingress AQM have already traversed the true bottleneck, so dropping them would simply just waste the "transmit slot" on the bottleneck that they already used-up and it would even delay the initiation of the please-slow-down signaling, as we need a few dupACKs to detect congestion from drop, while CE is more immediate (this is a simplification, sure). In short even classic ECN on a home link's ingress has immense value, and that is true for all packets, including packets in a tunnel, as these also consumed transmit slots when the AQM needs to decide whether to drop/mark. And more, that is an already deployed solution out in the field that works pretty well, you might want to try it ;) before declaring it obsolete and exchange it with the yet unproven promises of L4S. Best Regards Sebastian
- [tsvwg] Disable ECN on VPNs, really? Sebastian Moeller
- Re: [tsvwg] Disable ECN on VPNs, really? De Schepper, Koen (Nokia - BE/Antwerp)
- Re: [tsvwg] Disable ECN on VPNs, really? Jonathan Morton
- Re: [tsvwg] Disable ECN on VPNs, really? Sebastian Moeller