Re: [tsvwg] Genart last call review of draft-ietf-tsvwg-ecn-encap-guidelines-20
Bob Briscoe <in@bobbriscoe.net> Wed, 08 November 2023 09:54 UTC
Return-Path: <in@bobbriscoe.net>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD47FC1C02D1; Wed, 8 Nov 2023 01:54:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bobbriscoe.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nz6pQ1aaKQkN; Wed, 8 Nov 2023 01:54:48 -0800 (PST)
Received: from mail-ssdrsserver2.hostinginterface.eu (mail-ssdrsserver2.hostinginterface.eu [185.185.85.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D081C1B0328; Wed, 8 Nov 2023 01:54:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bobbriscoe.net; s=default; h=In-Reply-To:From:References:Cc:To:Subject: MIME-Version:Date:Message-ID:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Z2ni7R2PO4xgWzOoDLxOQABWNV54D3/HrhFkdQJs8S0=; b=C2E3d3ct24d5qde/9FoTSixEja khIFnWEU1fB/2sliiOulMPlw0ieYQBSY+FfPhre68iP6VHMaMz8YNUrSi5BDtjbJYhLS1cAOrXow4 gs5Qgbp/gKYXtxZF3EPpkmhqcv/qf+7FzIu4rNwJjSsrWRukH0VeujDS3V1s4R74UidmajMp8OBJ6 X0qbUOsr6UMNZnBVrVrxHnjFqRbPPmkN64BHJWvqFxzpBt++whbtxl493aw85JxEtnWDSGrSJvnaj YRAQUov7RTtcVuwMBDdx6Kr0QeuQ0OBqbZB1++Nny4oJ2bNRpbrNKC3+PZm/syJ7phu52KHIX/a+V /IJPGTSw==;
Received: from dhcp-8a47.meeting.ietf.org ([31.133.138.71]:56008) by ssdrsserver2.hostinginterface.eu with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96.2) (envelope-from <in@bobbriscoe.net>) id 1r0fGq-0002TH-2F; Wed, 08 Nov 2023 09:54:43 +0000
Content-Type: multipart/alternative; boundary="------------Kbs99LiKb8D6s6ANuyx6KzVl"
Message-ID: <ace8a926-eb85-441b-b6c8-472dcbd90d70@bobbriscoe.net>
Date: Wed, 08 Nov 2023 09:54:41 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
To: Susan Hares <shares@ndzh.com>, gen-art@ietf.org
Cc: draft-ietf-tsvwg-ecn-encap-guidelines.all@ietf.org, last-call@ietf.org, tsvwg@ietf.org
References: <169853147405.56049.1540851343012580745@ietfa.amsl.com>
From: Bob Briscoe <in@bobbriscoe.net>
In-Reply-To: <169853147405.56049.1540851343012580745@ietfa.amsl.com>
X-MagicSpam-TUUID: 50bfba13-42f8-4641-bca2-b592d28a53dd
X-MagicSpam-SUUID: 6437cf39-51be-492b-9747-08bfa0867daf
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ssdrsserver2.hostinginterface.eu
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bobbriscoe.net
X-Get-Message-Sender-Via: ssdrsserver2.hostinginterface.eu: authenticated_id: in@bobbriscoe.net
X-Authenticated-Sender: ssdrsserver2.hostinginterface.eu: in@bobbriscoe.net
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/y2NE5LRAS-Zp9_FJ0-qWzZuAdoc>
Subject: Re: [tsvwg] Genart last call review of draft-ietf-tsvwg-ecn-encap-guidelines-20
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Nov 2023 09:54:52 -0000
Susan,
Thank you for your review. See [BB]
On 28/10/2023 23:17, Susan Hares via Datatracker wrote:
> Reviewer: Susan Hares
> Review result: Ready with Issues
>
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair. Please treat these comments just
> like any other last-call comments.
>
> For more information, please see the FAQ at
>
> <https://wiki.ietf.org/en/group/gen/GenArtFAQ>.
>
> Document: draft-ietf-tsvwg-ecn-encap-guidelines-??
> Reviewer: Susan Hares
> Review Date: 2023-10-28
> IETF LC End Date: 2023-11-02
> IESG Telechat date: Not scheduled for a telechat
>
> Summary: The document summarizes decades of work on congestion work in IEEE
> 802.1 and IETF. It provides a set of good guidelines/recommendations for
> designers of Layer-2 (L2) or L2/L3 shim layer.
>
> The authors (John Kaippallimalil and Bob Briscoe) and the original author/
> now-contributor (Pat Thaler) should be commended for their work.
>
> The text is generally readable with relatively few English and editorial
> issues. However, the authors would be wise to fix the editorial issues prior
> to sending it to the RFC editor since phrasing needs to be precise.
>
> Major issues: none.
>
> Minor issues:
>
> 1. Have the authors considered the SR-routing pathways with tunnels in this
> draft?
> If so, the authors might add a side note in the document.
[BB] Not specifically. The idea is to provide guidelines for any
protocol designers who aim to add ECN. Might there be something specific
in SR that would make this generic guidance inapplicable? Other than not
having protocol space, which is obviously not something that guidelines
can solve (similarly for all IEEE802 protocols).
> 2. Has this document been circulated by the IETF liaisons to IEEE 802.1, MEF,
> and 3GPP? 3.
[BB]
* IEEE802.1: no current relevant work (Pat Thaler was a deliberate
choice of co-author at the time, given she was the IEEE802 liaison,
and worked on 802.1Q congestion signalling - separate control plane
messages)
o Here's the liaison request:
https://datatracker.ietf.org/liaison/1364/ (I can't find the
response)
* 3GPP: responded with 6 relevant WGs and 20 relevant TRs, which were
subsequently analysed and a formal response returned.
o Formal liaison response: https://datatracker.ietf.org/liaison/1499/
o Or, for summary, see slides 3-8 from the time:
https://www.ietf.org/proceedings/95/slides/slides-95-tsvwg-11.pdf
* MEF: No liaison. The rationale was to focus on SDOs that might
define ECN-like extensions to their lower layer protocols. I think
the MEF is unlikely to define protocols at that level; it is more
about using protocols defined in other bodies like IEEE802. IYO, was
this a bad judgement call?
> Are you really sure your security and manageability sections are
> complete?
[BB]
* Security:
o yes definitely complete
* Manageability:
o We didn't write a separate manageability section, but I believe
we covered the various aspects well within the text, but I'll
let you decide by quickly listing them:
o Config:
+ ECN has been designed to have zero to one alternatives
# decap has no choices
# encap is fairly minimal wrt config, the main aspect
being config of encaps where it doesn't know whether the
egress supports ECN decap because it doesn't negotiate
with it (which is heavily covered in the draft).
+ in numerous places, the draft distinguishes approaches that
will work in managed environments from those that are more
appropriate in non-managed plug-and-play scenarios.
o Monitoring:
+ The guidelines on encap justify themselves based on being
able to monitor congestion over the whole path from the
origin load source, but also allow the congestion introduced
over the scope of the tunnel, link or subnet to be measured.
o Anomaly detection:
+ propagating ECN over encaps doesn't change the usefulness or
otherwise of ECN in detecting anomalies, so there's no
mention of this.
o Deployment & Coexistence:
+ A large part of the draft is about addressing the problem of
incrementally deploying ECN support, in particular where the
egress of a subnet or tunnel does not support ECN decap.
o Scaling:
+ The good scaling properties of ECN itself are not changed by
encaps, other than whether the propagation process can be
implemented as line rate scales. The design of the ECN
protocol determines that, so there's nothing more this draft
can say about that than, you will have to work out how to
implement efficiently (which goes without saying).
> RFC7713 predates large deployment of SR routing.
[BB] I was rather surprised to see these two mentioned in the same
sentence under security considerations, as if they might offer similar
functions.
However, all I knew about segment routing was what Rob Shakir had
described to me many years ago, so I've been reading up. I still don't
see anything in SR that could help with assurance of e2e integrity of
congestion signals. The problem addressed by RFC7713 is how to ensure
that everything around the whole end-to-end congestion control loop is
reporting congestion to the next device honestly. Just as each network
node in isolation can lie about how congested it is, so can a segment,
or an SR domain. So I can't see how SR could make any contribution to a
solution to this problem.
But if I'm missing some key insight here, pls enlighten me.
BTW, altho RFC7713 is cited here, it's only to say that an integrity
solution exists if its needed. It's not been deployed widely, not least
because the problem hasn't arisen. Hence the draft describes these
bullets as "experimental or proposed".
>
> Nits/editorial comments:
>
> Formatting in the pdf seems to be problematic. I am not commenting on this
> point since html form does not have hte same problem.
[BB] I've just looked through the PDF - what problem should I look for?
I can't see anything wrong.
>
> Nits in Editing:
> Section 2
> Old/Not-ECN-PDU:
> A PDU at the IP layer or below that is part of a congestion control
> feedback-loop within which at least one node necessary to propagate any
> explicit congestion notification signals back to the Load Regulator is not
> capable of doing that propagation./
> New:/Not-ECN-PDU: A PDU at the IP layer or
> below that is part of a congestion control feedback-loop within which at least
> one node necessary to propagate any explicit congestion notification signals
> back to the Load Regulator this PDU is not capable of doing that propagation./
[BB] This isn't what it meant, which implies that the sentence might be
on the edge of parseability.
Whether it's an ECN-PDU or a Not-ECN-PDU is defined as a property of the
control loop that the PDU is bound to (by its addressing or labelling),
not necessariiy a direct property of the PDU itself. This was meant to
be a way of getting round the problem of a packet adopting multiple L2
headers of multiple different L2 protocols as it traverses the path.
Then each PDU has to have some way of indicating whether it is an
ECN-PDU or not. In some protocols that will be self-described. But in
others, it might be described indirectly in the control plane. I think
I'm going to need to explicitly say all this in the terminology explanation.
Normally, I'd give proposed new text, but I'm just heading for my
flight, so I'll press sent now.
[BTW, I've also noticed there are places where it says a congested
buffer marks or drops packets without making it clear that it only marks
or drops a proportion, not all packets. Apparently this caused problems
with the whole attempt to use ECN for Voice over LTE (VoLTE) in 3GPP,
where they defined ECN as either 100% on or 100% off, because it didn't
say otherwise anywhere in RFC3168 (!). So I'd better fix this.]
>
> Section 3
> Text:/
> The router forwards the marked L3 header into subnet 2, and when it adds a new
> L2 header it copies the L3 marking into the L2 header as well, as shown by the
> 'C's in both layers (assuming the technology of subnet 2 also supports explicit
> congestion marking)./
>
> Question - did you mean subnet b instead of subnet 2 (per figure 1)
[BB] Yes. Also caught by another reviewer - strange no-one in the WG
noticed this.
> Section 4.3
> Text:/
> This ensures that bulk congestion monitoring of outer headers (e.g. by a
> network management node monitoring ECN in passing frames) will measure
> congestion accumulated along the whole upstream path — since the Load Regulator
> not just since the ingress of the subnet. /
>
> The portion of this sentence that has me confused is "since the Load Regulator
> not just since the ingress of the subnet.". I'm not really sure what you are
> trying to say - so I have no suggested new text.
[BB]
will measure
congestion accumulated along the whole upstream path —*starting from* the Load Regulator
not just*starting from* the ingress of the subnet.
Would that make it comprehensible?
Bob
>
>
>
--
________________________________________________________________
Bob Briscoehttp://bobbriscoe.net/
- [tsvwg] Genart last call review of draft-ietf-tsv… Susan Hares via Datatracker
- Re: [tsvwg] Genart last call review of draft-ietf… Bob Briscoe
- Re: [tsvwg] Genart last call review of draft-ietf… Bob Briscoe
- Re: [tsvwg] [Last-Call] Genart last call review o… Lars Eggert