Re: [tsvwg] L4S/3168 Coexistence
Jonathan Morton <chromatix99@gmail.com> Tue, 11 May 2021 10:00 UTC
Return-Path: <chromatix99@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79F7F3A0C9A for <tsvwg@ietfa.amsl.com>; Tue, 11 May 2021 03:00:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9LFHQ4aXv0bj for <tsvwg@ietfa.amsl.com>; Tue, 11 May 2021 03:00:06 -0700 (PDT)
Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9206A3A0C9D for <tsvwg@ietf.org>; Tue, 11 May 2021 03:00:06 -0700 (PDT)
Received: by mail-lj1-x22b.google.com with SMTP id f12so11798121ljp.2 for <tsvwg@ietf.org>; Tue, 11 May 2021 03:00:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PHKITaAA6yj13kQURZlYKknTJuyjS8E+KcZx/E9pszI=; b=s7QTpiRJY8+/1Z6WIVPDJ5xhLmHbMrSjm/YbrQwwjv6GPsSsjEKbz2KIAaow+UKBeC wz+lksSmfAmHcZyCrRgptucd43aOacCsFTKtEn5vWe9MjZgwV81eYKQjkiSumZaLFvom jygoZ7nkdqKyZYS55n3nuCza61ooycAerXgrb9Hx+ddLmsQPsZhGSThqtPjgxabdXfeX XwuHHSdW9OM8/LeHG0biH1j/jRhjxVi1F1wUj24gEULpWBOYr0g9K0pqn0CFkvc2ST6r uIL/h67MJong8REK77APZZXZyU/5If+ZgZCeVZ4mQh097BRrcHztNRnoir8lyL/bkcQF tNqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PHKITaAA6yj13kQURZlYKknTJuyjS8E+KcZx/E9pszI=; b=asCBhbwoSRN+uh/MlnIcb8Ljki8YaQvs454Y3jMgTqSg6GpQ+aujIw0cSb5ry7cr9b gLbC8RTmSbtDah3HT5sy0ovbZeWfsl9xUh99b+qt/RwCuqoahoXcGOaGx45ZUHFT7D/R bK8SgaUAyI1wmG2DeBuhN6LE8CbJtfde5Sn7QJx3p0clNxCNBVbQcJcMEB831umBVm6f K9tUr0k2TtDbjTnqsTkCPl90AtWvwIA2tvZPc2yMJjP6IQG4hs1u+clrJMgT4NJ0+fDi 6ZNlAuyLpFwUfEYGokzGGdiLoubrDS/fcbU3cpcib24oE8soLkPKhIZjwDJwXYUDKTcQ VkaA==
X-Gm-Message-State: AOAM532eBd5nQew/RhSe5pz5xBhzNIxseXSsrFZ0QEzpU8cGnAbxn3yD ZhCJJY9Y52EcgQJGTqvinQE=
X-Google-Smtp-Source: ABdhPJwAwKJz02onAoTQeM8SapeE9dQ7sN+AW8qypVDmMM8wt8lT+LUJPmMK4S30LhVPAN2miyjPeA==
X-Received: by 2002:a2e:9892:: with SMTP id b18mr23715668ljj.490.1620727203851; Tue, 11 May 2021 03:00:03 -0700 (PDT)
Received: from jonathartonsmbp.lan (188-67-22-208.bb.dnainternet.fi. [188.67.22.208]) by smtp.gmail.com with ESMTPSA id 17sm2917660ljz.87.2021.05.11.03.00.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 May 2021 03:00:03 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.7\))
From: Jonathan Morton <chromatix99@gmail.com>
In-Reply-To: <CAM4esxTOzAihAvHm1EtB5PX_1yjP4j2SYTygqnLtU3BvCtaoQQ@mail.gmail.com>
Date: Tue, 11 May 2021 13:00:02 +0300
Cc: tsvwg <tsvwg@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <A60B344E-82E9-41B7-A40B-64A6DA814113@gmail.com>
References: <CAM4esxTOzAihAvHm1EtB5PX_1yjP4j2SYTygqnLtU3BvCtaoQQ@mail.gmail.com>
To: Martin Duke <martin.h.duke@gmail.com>
X-Mailer: Apple Mail (2.3445.9.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/mOJCNWP6KHIAT-0Czi9lkOI-Fes>
Subject: Re: [tsvwg] L4S/3168 Coexistence
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 May 2021 10:00:11 -0000
> On 10 May, 2021, at 7:49 pm, Martin Duke <martin.h.duke@gmail.com> wrote: > > (As an individual) > > I have not been able to follow these threads as well as I'd like. Assuming I'm not the only one, I would like to confirm that the current state of the coexistence discussion is that L4S will create problems for "classic flows" under the following conditions: > > (1) There are 3168 routers in the path (order of 1%) Our data suggests it's more like 10% from an Eastern Europe perspective. If you happen to be Norwegian or French or Mexican, the deployment prevalence in those places is even higher, due to active adoption by major consumer ISPs in those regions. There is also evidence that deployment is increasing significantly over time, and I think Stuart Cheshire mentioned that he was aware of some impending major deployments. Some brands of CPE routinely include RFC-3168 AQM as part of their wifi stack and/or "bufferbloat mitigation" features, which are advertised on the packaging. > (2) These 3168 routers implement shared queues (no known examples, but it might happen), AND As you note, single-queue RFC-3168 AQMs are RFC-compliant and should therefore be an expected occurrence on the Internet. There are also various ways that the "flow aware" mechanisms in most of the actually-deployed AQMs can fail to distinguish flows. I will leave most of that discussion to Jake for now. > (3) The heuristics result in a false negative (<<1%?) Said heuristics were disabled by default in the reference implementation after we published data showing they were nowhere near that level of reliability, and have not yet been replaced by a more reliable algorithm. I refuse to rely on the reliability of something that I can successfully predict and provoke failure modes for. These algorithms also have not been specified in an IETF document, only in an external white paper - so from a procedural perspective, it could be argued that they are not even part of the specification. > On the face of it (1% * 1%? * <<1%?) seems to be a small price to pay in the aggregate. I hope we'd agree on that! So the argument against, ISTM, would rest on two things: > > (A) These failures are not uniformly distributed, and there is some non-negligible use case that will suffer grievously. It would be very helpful to me if someone could concisely state what this use case is and where it exists. Nothing in the congestion control space is provably optimal across all parameters and generalized fear that bad parameters might exist somewhere is IMO not constructive. > > (B) Because you can't have a vague MUST, we aren't REQUIRING any particular limit to false negatives. If experiment participants are going to agree to do something, I wonder if we can't converge on some words here that prevent really dumb stuff? The above combination is also *not* the only scenario in which great harm may occur to conventional traffic. Within the past week, we were introduced to the Replay Protection Window that is a feature of many VPN tunnels, and quickly realised that this interacted badly with DualQ to the point where an attacker could conduct a full DoS attack on it, even if the target did not use L4S traffic themselves. See the other thread for details. In my risk analysis chart, the RFC-3168 interaction is a potential Major category occurrence, while the VPN Replay Window attack is a Serious category occurrence. Serious is only one step below Catastrophic, and would require correspondingly rigorous measures to ensure that it basically cannot happen. Such measures are designed into VPNs to guard against a similar attack involving Diffserv (which has existed for a long time by now), but L4S is a new thing and no such protections yet exist. Additionally, one of the main techniques for dealing with Diffserv (simply not copying the DSCP to the outer header) is not applicable to L4S, which REQUIRES the special ECN codepoint to avoid triggering the other pathology. > Maybe I have this wrong! The debate is quite hard to follow. I think some participants in the discussion deliberately try to make it hard to follow, so that misconceptions easily arise in their favour. Please be on guard against that. - Jonathan Morton
- [tsvwg] L4S/3168 Coexistence Martin Duke
- Re: [tsvwg] L4S/3168 Coexistence Greg White
- Re: [tsvwg] L4S/3168 Coexistence Holland, Jake
- Re: [tsvwg] L4S/3168 Coexistence Jonathan Morton
- Re: [tsvwg] L4S/3168 Coexistence Martin Duke