[tsvwg] On safety
Sebastian Moeller <moeller0@gmx.de> Wed, 18 November 2020 09:23 UTC
Return-Path: <moeller0@gmx.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A5FE3A07F4 for <tsvwg@ietfa.amsl.com>; Wed, 18 Nov 2020 01:23:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4K8D9K81aQ_b for <tsvwg@ietfa.amsl.com>; Wed, 18 Nov 2020 01:23:22 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16EB93A0A47 for <tsvwg@ietf.org>; Wed, 18 Nov 2020 01:23:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1605691399; bh=0nBdTjuKVvPDfgMKWzzQwiJZF8giOlclbtppdiGeAwU=; h=X-UI-Sender-Class:From:Subject:Date:To; b=ZTLEpB0f/2f2tJnFoLeXY0tFJPG09cIFRmNHg3A/Du8tgTtaTbywIEzpd2xs5hLxS H713RPJbY2HXctsuRoSfa0g7VgkKq1DjJhy7K4lBcfY7DDpqA3HkY6vIRMmc/hdmCN Fvw35PzFlwjYhBk2Vx2n3FY1l1SjS06Xjdo5EK/U=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.250.102] ([134.76.241.253]) by mail.gmx.com (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1N8GMq-1kAIPn31fM-014DCS for <tsvwg@ietf.org>; Wed, 18 Nov 2020 10:23:19 +0100
From: Sebastian Moeller <moeller0@gmx.de>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
Message-Id: <A1EE7E78-2874-4C27-9BF1-F51D71698529@gmx.de>
Date: Wed, 18 Nov 2020 10:23:17 +0100
To: tsvwg IETF list <tsvwg@ietf.org>
X-Mailer: Apple Mail (2.3445.104.17)
X-Provags-ID: V03:K1:dzJQYdU97cTbmQq2+1drPkhbbHfwevYlFG2RKoCzQ0v0BLEFPFK gpoZzMPH5QtTO8YandtxuOBDCHtdbV70/8XkwBBXI64A5qohH6ZU3uVXgix6mJpG7/lipYh owigm3kidcU8uNDy82RVArjGqquRKUH2Fcjbvjrssnq2oW8XVrCpUbds0aWAK1720ImkbOX WedqsbgmiJsz2OSjS8zwA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:MQw5pa5WVyg=:jQve++VtSqytlDRm5uMt7/ aHSipCmN717L2jGyDD1wDpeFdnEkiraZcOyFKhc4ST8In/rCWP9U0TRzJUoa0iTVFhc0S37Mu ZGR7e41ezoxusjEyelTLGLpvj27r3nEeAkn+AxkumNWe1WTZDTMMQTBTG3YOv3ovL4pYx9MXh 9M2izcUDPyawQ2EiK5y6ayoV7MwDlT88JJcalfY99Ep6aakd6lVjaelGDGgHKo6pypL06JjjJ ohzynHjqZsOYIpYRWroY5BmWsHUkzyv9GgdjRjVFZRFS13vCo7gZ9OTnkMbHzVd+nEpBv/2el Sfs0hYoNzOQNtK+TY+7zO+J+ACpWW+xct4mplfRz2M572gLY0xnSw3K9s2vaEjWomvusxw727 cj1D4AEt+UUBzxrNFwmXttjoR4CyEeNWBd7VI4gRCpQW8MyzktMgL4Lo/qID88ZscMj1H0fZD mUdz1UClqDG4ayOubOhqds/EeW8pq6wowSFScS3hNpOyC+tW47BcuspiQR5YLtiWzDz0PX1Be HslwtdG/ZooNMqjFaNUfUaw8K9+RqefKuKOjZG0Q0rUNxSQ9dYH1A7NfuUehILt6TgT3Y5N76 Z7Zc6gAyBH/It60w0gp8BhCbZA7i3cEPEe5LBA34YUKfocb5YXmDoaUw7rRbtNKswqsdk1vyI mi/QkgCVKSs11rkwjVtbYCus/Y+Tcn3UocFFxmF2icOU3UX5CQ8p/8brcPFFtHopkiY+wQoBj MRFTlO9SnVE4H+lpG/IFOmuolAHtfh6ZL4EhnrFp5PopVbDJcx3s10/GDvGM14oMR5oYjsMAH Z9Lcxe0C9ok0ZOgIHtqs8l8MBtSIFZykVAX5ua47q8p8qH9USJebjraAnEXzsJpc7pUHW0GXN IhCvkQG3WKdjWwIZ0q+w==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/oJqDx9XGG5lH9hae-IoMF2tQ87Y>
Subject: [tsvwg] On safety
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2020 09:23:24 -0000
Dear list, In the L4S presentation in tsvwg, I claimed that L4S has not demonstrated that it is safe for deployment over the wider internet. Resulting in Mirja asking what I consider safe. Now, that is harder to answer than what I consider unsafe ans unsound, so I will answer that question instead. Currently, L4S design and/or implementation have a few systematic bias issues that I consider unsafe: A) dominance of the shallow ECT(1) queue over the non-ECT(1) queue. As recently posted by Pete heist, if e.. CUBIC competes directly with TCP Prague, L4S will give a significant bias towards Prague, not stochastically one or the other, but always Prague. That bias ranges from "acceptable" to much less so, but the biggest issue is that this is a systematic reliable and robust bias in spite of draft text that implies equitable sharing between the classes. B) Increased RTT dependence: in spite of the requirements to eliminate RTT bias, team L4S's best approach at doing so still ends up with a design, that shows significantly stronger RTT-dependence of a flows throughput under competition with flows of shorter RTT, than either a FIFO queue, an FQ aqm or an approximate fq AQM. Sure, it is possible that this can be overcome by a better CC algorithm, but again it might not be possible. In which case who in their right mind is going to use TCP Prague/L4S in the first place, if I need to first figure out the RTT before deciding which CC to use? C) odd design methods: It became clear from the discussion that Koen and Bob essentially consider the protocol/CC part of L4S somebody else's problem. In accordance with Lars I think that is the wrong approach. Essentially L4S proposes a new communication channel between AQM and end points, and communication needs to be understood as the interplay of sender (the AQM), signal (the marking) and receiver (the protocol operated by the end-points). Assuming one can design a robust, reliable, and effective communication by ignoring one of the components seems rather optimistic. This is only an abstract safety consideration, because it does not directly imply safety deficits, but it seems diagnostic to the frame of mind in which L4S has been characterized and tested by its proponents, piecewise instead of integrally. It is also clear that the current combination of existing L4S implementations (dualPI2 plus TCP Prague) will basically just built a fast priority lane for short distances, like Eye-Balls to (nearby) CDN. In itself that is IMHO not necessarily an unworthy goal, but is NOT what the L4S drafts imply L4S to be. None of these issues, require a mass deployment of network nodes or end points or even an RFC. The real experiment about safety and functionality over the existing internet IMHO needs to be performed before the "let's deploy this" and see how the components evolve an improve by active use "experiment" that seems to be planned. Best Regards Sebastian
- [tsvwg] On safety Sebastian Moeller