re ecn adding accountability for causing congestion to
play

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP Bob - PowerPoint PPT Presentation

Sep 29, 2022 •48 likes •298 views

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP Bob Briscoe , BT & UCL Arnaud Jacquet, BT Alessandro Salvatori, BT IETF-64 tsvwg Nov 2005 context context context context initial draft protocol protocol protocol

  1. Re-ECN: Adding Accountability for Causing Congestion to TCP/IP Bob Briscoe , BT & UCL Arnaud Jacquet, BT Alessandro Salvatori, BT IETF-64 tsvwg Nov 2005

  2. context context context context initial draft protocol protocol protocol • IETF-63 Paris July 05 • new research results (SIGCOMM’05) using ECN nonce codepoints • TSVWG chair asked for our proposal by IETF-64 security apps security apps security apps • hold ECN nonce (RFC3540) at experimental status • re-ECN: adding accountability for causing congestion to TCP/IP initial draft: • draft-briscoe-tsvwg-re-ecn-tcp-00.txt * other formats: • www.cs.ucl.ac.uk/staff/B.Briscoe/pubs.html#retcp deployment deployment deployment ultimate intent: • standards track (hope for working group draft soon) intent today: • get you excited enough to read it, and break it status: • haven’t simulated this 2-bit IPv4/v6 proposal yet – our simulations based on a multibit ECN IPv6 extension header evaluation evaluation evaluation * changed 2 field names since draft-00 – new terminology in this presentation 2

  3. context context context context the problem: accountability for causing congestion protocol protocol protocol • main concern • non-compliance with e2e congestion control (e.g. TCP-friendly)? • how can ingress netwk detect whole path congestion? police cc? security apps security apps security apps • not just per-flow congestion response smaller: per-packet • – single datagram ‘flows’ bigger: per-user deployment • deployment deployment – a congestion metric so users can be held accountable – 24x7 heavy sources of congestion, DDoS from zombie hosts even bigger: per-network • evaluation evaluation evaluation – a metric for holding upstream networks accountable if they allow their users to congest downstream networks 3

  4. context context context context rate previous work cumulative inverse flows prop’nal protocol protocol protocol path response congestion e.g. TCP • detect high absolute rate [commercial boxes] security apps security apps security apps • but nothing wrong with high rate at low congestion • sampled rate response to local congestion [RED + sin bin] • but congestion typical at both ends (access networks) deployment • transport control embedded in networks [ATM] deployment deployment • but limits behaviours to those standardised by network operators • honest senders police feedback from rcvrs [ECN nonce] evaluation evaluation evaluation • but not all senders are community spirited (VoIP, video, p2p?, DoS) • per-packet, per-user & per-network congestion policing • minimal previous work 4

  5. context context context basic idea (IP layer) • sender re-inserts congestion feedback into protocol protocol protocol protocol code- standard forward data: “re-feedback” point designation on every Echo-CE from transport (e.g. TCP) 00 not-ECT sender sets ECT(0) 10 ECT(0) security apps security apps security apps sets ECT(1) 01 ECT(1) else 11 CE deployment deployment deployment • and new Feedback-Established (FE) flag evaluation evaluation evaluation 5

  6. context context context ECE in TCP code-point ECN rate 100% (recap) ECT(0) protocol protocol protocol protocol code- standard CE point designation 00 not-ECT 3% 0% 10 ECT(0) security apps security apps security apps resource 0 …i… n 01 ECT(1) index 11 CE N B R 1 S 1 N A N D deployment deployment deployment ECN rate 3% ECE CE evaluation evaluation evaluation 0% 6

  7. context context context Echo-CE in TCP code-point re-ECN rate 3% 3% (sketch) ECT(0) protocol protocol protocol protocol 97% ECT(1) code- standard CE point designation 0.4% CE 00 not-ECT 3% 10 ECT(0) security apps security apps security apps resource 0 …i… n 01 ECT(1) index 11 CE N B R 1 S 1 N A N D on every Echo-CE from TCP, • deployment deployment sender sets ECT(0) , deployment else sets ECT(1) re-ECN rate, v i • at any point on path, 3% diff betw rates of ECT(0) & CE 2.6% is downstream congestion v i ≈ ≈ ECT(0) – CE ≈ ≈ • routers unchanged evaluation evaluation evaluation 0% 7

  8. context context context code-point incentive rate 3% 3% framework ECT(0) protocol protocol protocol ECT(1) (user-network) CE • packets carry view of 3% downstream path security apps security aps security apps security apps congestion to each router • so ingress can police rate response N B R 1 – using path congestion S 1 N A N D declared by sender deployment deployment deployment policer • won’t snd or rcv just understate congestion? dropper re-ECN 3% • no – egress drops negative balance 2% evaluation evaluation evaluation 0% 8

  9. context context context R 1 N B S 1 N A N D policer egress dropper (sketch) dropper cheating sender or receiver understates ECT(0) protocol protocol protocol egress code-point dropper rate = 2% 2% security apps security aps security apps security apps ECT(0) 98% ECT(1) 95% = CE 3% 0 …i… n deployment deployment deployment • drop enough traffic to make • simple per pkt algorithm rate of CE = ECT(0) – max 5 cmp’s, 5 adds, 1 shift • goodput best if rcv & snd • dropper treats traffic in bulk honest about feedback & re- • can spawn focused droppers evaluation evaluation evaluation feedback – misbehaving aggregates/flows prevalent in drop history 9

  10. context context context R 1 N B S 1 N A N D policer ingress policer (sketch) dropper • packets arrive carrying view of downstream path congestion protocol protocol protocol • can police to any desired rate equation, eg TCP • token bucket implementation: drop whenever empties • bounded flow-state using sampling security apps security aps security apps security apps k √ ( 3 / 2 ) compliant rate s packet size ks x TCP ≈ T RTT T p p marking rate ∆ t inter-arrival time deployment deployment deployment actual rate x = s/ ∆ t • above equations are conceptual, in practice can re-arrange you get 1/p by counting bytes between ECT(0) marks • evaluation evaluation evaluation high perf. root extraction per ECT(0) mark challenging (like pulling teeth) • • for RTT need sister proposal for ‘ re-TTL ’ (tba) 10

  11. context context context accountability for congestion other applications • congestion-history-based policer (congestion cap) protocol protocol protocol • throttles causes of past heavy congestion (zombies, 24x7 p2p) • DDoS mitigation security apps security aps security apps security apps • QoS & DCCP profile flexibility • ingress can unilaterally allow different rate responses to congestion • load sharing, traffic engineering deployment deployment deployment • multipath routers can compare downstream congestion R 1 N B S 1 N A N D • bulk metric for inter-domain SLAs or charges bulk volume of ECT(0) less bulk volume of CE • re-ECN, v i 3% evaluation evaluation evaluation • upstream networks that do £ £ nothing about policing, DoS, zombies etc 0% will break SLA or 11 get charged more

  12. context context context flow start protocol protocol protocol protocol • re-ECN TCP capability handshake in draft • feedback established (FE) flag in IPv4 header or IPv6 extension • future-proofing if short flows or single datagrams dominate traffic mix security apps security apps security apps • FE flag only set by sender, only read by re-ECN security apps • leave FE=0 at flow start • if packet has FE=0, don ’ t include its ECN marking in bulk averages • sender incentive to be truthful about FE flag deployment deployment deployment • bit 48 (Currently Unused) flag in IPv4 header? • TCP flow start specifics in draft • guidelines for adding re-ECN to other transports in draft evaluation evaluation evaluation 12

  13. context context context re-ECN incremental deployment protocol protocol protocol • only REQUIRED change is TCP sender behaviour • precision only if receiver is re-ECN capable too security apps security apps security apps • optional compatibility mode for ‘legacy’ ECN rcvrs • inclined to leave it out (so few Legacy-ECN hosts out there) • no change from ECN behaviour for • routers deployment deployment deployment deployment • tunnels • IPsec • middleboxes etc • add egress droppers and ingress policers over time evaluation evaluation evaluation • policers not necessary in front of trusted senders 13

  14. context context context re-ECN deployment transition protocol protocol protocol • if legacy firewalls block FE=1, sender falls back to FE=0 • FE=0 on first packets anyway, so see connectivity before setting FE=1 • if sender has to wrongly clear FE=0, makes dropper over-strict for all security apps security apps security apps • sender (and receiver): re-ECN transport (from legacy ECN) • ingress policer (deliberately) thinks legacy ECN is highly congested – 50% for nonce senders, 100% for legacy ECN • policers should initially be configured permissively deployment deployment deployment deployment • over time, making them stricter encourages upgrade from ECN to re-ECN evaluation evaluation evaluation 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp Bob Briscoe , BT & UCL Arnaud Jacquet, Alessandro Salvatori & Martin Koyabe, BT IETF-66 tsvwg Jul 2006 updated draft 02 Re-ECN: Adding

484 views • 31 slides
More Connectivity Status Quo: Congestion Riders are abandoning mass transit, due to the

More Connectivity Status Quo: Congestion Riders are abandoning mass transit, due to the

More Connectivity Status Quo: Congestion Riders are abandoning mass transit, due to the experience. Those who can a f ord are moving to the road, causing congestion. We need a better value solution. More people onto transit /

163 views • 13 slides
What do you mean, Congestion? some history Congestion Collapse

What do you mean, Congestion? some history Congestion Collapse

What do you mean, Congestion? some history Congestion Collapse Congestion Avoidance Congestion Control Explicit Congestion Notification Datagram Congestion Control Protocol this

425 views • 15 slides
Congestion Control Outline Queuing Discipline Reacting to Congestion Avoiding Congestion 1

Congestion Control Outline Queuing Discipline Reacting to Congestion Avoiding Congestion 1

Congestion Control Outline Queuing Discipline Reacting to Congestion Avoiding Congestion 1 Issues Two sides of the same coin pre-allocate resources to avoid congestion (e.g. telephone networks) control congestion if (and when)

493 views • 14 slides
Congestion? What Congestion? Mark Handley Is there a problem to be solved? TCP has done a

Congestion? What Congestion? Mark Handley Is there a problem to be solved? TCP has done a

Congestion? What Congestion? Mark Handley Is there a problem to be solved? TCP has done a pretty good job since 1988 of matching offered load to available capacity and avoiding congestion collapse. Doesnt need any support from the

194 views • 17 slides
End-to-End Previously on CS5229 , Not everyone uses TCP Congestion Control TCP Congestion

End-to-End Previously on CS5229 , Not everyone uses TCP Congestion Control TCP Congestion

End-to-End Previously on CS5229 , Not everyone uses TCP Congestion Control TCP Congestion Control UDP: Why not congestion controlled? Media streaming 1. UDP has low delay, no Gaming need full reliability VoIP

280 views • 12 slides
Traffic Congestion Continues to Increase Across the US, congestion during commuting hours

Traffic Congestion Continues to Increase Across the US, congestion during commuting hours

Traffic Congestion Continues to Increase Across the US, congestion during commuting hours have been increasing since the great recession Connecticut ranks high in congestion among 297 US cities examined* Cities Congestion Wasted

403 views • 13 slides
Internet congestion control: TCP Internet congestion control: TCP 1988: "Congestion

Internet congestion control: TCP Internet congestion control: TCP 1988: "Congestion

Internet congestion control: TCP Internet congestion control: TCP 1988: "Congestion Avoidance and Control" (Jacobson/Karels) Combined congestion/flow control for TCP Goal: stability - in equilibrum, no packet is sent into the

482 views • 24 slides
1 TCP AIMD TCP Congestion Control additive increase: multiplicative decrease: increase CongWin

1 TCP AIMD TCP Congestion Control additive increase: multiplicative decrease: increase CongWin

Principles of Congestion Control Congestion: informally: too many sources sending too much Congestion Control data too fast for network to handle different from flow control! manifestations: lost packets (buffer overflow at

242 views • 3 slides
The Present and Future of Congestion Control Mark Handley Outline Purpose of congestion

The Present and Future of Congestion Control Mark Handley Outline Purpose of congestion

The Present and Future of Congestion Control Mark Handley Outline Purpose of congestion control The Present: TCPs congestion control algorithm (AIMD) TCP-friendly congestion control for multimedia Datagram Congestion

984 views • 54 slides
TCP TCP Congestion Control Congestion Control Essential strategy :: The TCP host sends

TCP TCP Congestion Control Congestion Control Essential strategy :: The TCP host sends

11/19/2009 TCP Congestion Control TCP Congestion Control TCP TCP Congestion Control Congestion Control Essential strategy :: The TCP host sends packets into the network without a reservation and then the host reacts to observable

823 views • 6 slides
CS 557 Congestion and Complexity Observations on the Dynamics of a Congestion Control Algorithm:

CS 557 Congestion and Complexity Observations on the Dynamics of a Congestion Control Algorithm:

CS 557 Congestion and Complexity Observations on the Dynamics of a Congestion Control Algorithm: The Effects of Two-Way Traffic Zhang, Shenker, and Clark, 1991 Spring 2013 The Story So Far . Some Essential Apps: DNS (naming) and NTP

333 views • 20 slides
CS 457 Lecture 22 Congestion Fall 2011 Extended Project 3 Discussion Topics Principles

CS 457 Lecture 22 Congestion Fall 2011 Extended Project 3 Discussion Topics Principles

CS 457 Lecture 22 Congestion Fall 2011 Extended Project 3 Discussion Topics Principles of congestion control How to detect congestion? How to adapt and alleviate congestion? TCP congestion control Additive-increase,

272 views • 14 slides
Convex Optimization and Congestion Control - Part I (aka The Kelly Approach to Congestion

Convex Optimization and Congestion Control - Part I (aka The Kelly Approach to Congestion

Convex Optimization and Congestion Control - Part I (aka The Kelly Approach to Congestion Control) Laila Daniel and Krishnan Narayanan 11th March 2013 Motivation The Kelly approach exposes THE PROBLEM underlying any congestion control

250 views • 24 slides
1 ACK clocking ACK clocking ACK clocking spreads out bursts ACK clocking spreads out bursts

1 ACK clocking ACK clocking ACK clocking spreads out bursts ACK clocking spreads out bursts

TCP Congestion Control Review Congestion Control (contd) Congestion control consists of 3 tasks Detect congestion Adjust sending rate Determine available bandwidth How does TCP do each of these? Packets vs. Bytes TCP Start

491 views • 8 slides
Adding a Programming Language Adding a Language Francois Ouellet , Director of Development

Adding a Programming Language Adding a Language Francois Ouellet , Director of Development

Adding a Programming Language Adding a Language Francois Ouellet , Director of Development Practice, Manulife George Williams , Director of Data Science and Chief Evangelist, GSI Technology Adding a Language Webinar recording and

823 views • 44 slides
STAGE 2 AREAS OF CONCENTRATION Scope Whats in scope and whats not in scope

STAGE 2 AREAS OF CONCENTRATION Scope Whats in scope and whats not in scope

STAGE 2 AREAS OF CONCENTRATION Scope Whats in scope and whats not in scope Write data What gets written to the RIB Events/Notifications What gets channeled from I2RS Agent to Controller Scale Whats needed

625 views • 13 slides
Task-Oriented Active Perception and Planning in Environments with Partially Known Semantics MAHSA

Task-Oriented Active Perception and Planning in Environments with Partially Known Semantics MAHSA

Task-Oriented Active Perception and Planning in Environments with Partially Known Semantics MAHSA GHASEMI, ERDEM ARIN BULGUR, AND UFUK TOPCU INTERNATIONAL CONFERENCE ON MACHINE LEARNING JULY 12-18, 2020 Integrating Data into Decision Making

737 views • 20 slides
Multilingual Visual Sentiment Concept Matching Nikolaos Pappas, Miriam Redi, Mercan Topkara,

Multilingual Visual Sentiment Concept Matching Nikolaos Pappas, Miriam Redi, Mercan Topkara,

Multilingual Visual Sentiment Concept Matching Nikolaos Pappas, Miriam Redi, Mercan Topkara, Brendan Jou, Hongyi Liu, Tao Chen, Shih-Fu Chang IDIAP Yahoo JWPlayer Columbia University Motivation How to analyze and retrieve multimedia

653 views • 43 slides
Conversations with my washing machine an in-the-wild study of demand shifting with self-generated

Conversations with my washing machine an in-the-wild study of demand shifting with self-generated

Conversations with my washing machine an in-the-wild study of demand shifting with self-generated energy J. Bourgeois, G. Kortuem, J. van der Linden and B. Price The Open University - April 2014 Ordinary householder as energy farmer Solar

354 views • 13 slides
Lecture I What is UC-HiPACC? AstroComputing Challenges Cosmological Visualizations Joel R.

Lecture I What is UC-HiPACC? AstroComputing Challenges Cosmological Visualizations Joel R.

University of California High-Performance AstroComputing Center (UC-HiPACC) International Summer School on AstroComputing 2012 AstroInformatics Lecture I What is UC-HiPACC? AstroComputing Challenges Cosmological Visualizations Joel R.

562 views • 19 slides
Preparing for/Responding to: Repeal/Repair/Replace Environment February 10, 2017 Chris Jennings

Preparing for/Responding to: Repeal/Repair/Replace Environment February 10, 2017 Chris Jennings

Preparing for/Responding to: Repeal/Repair/Replace Environment February 10, 2017 Chris Jennings President, Jennings Policy Strategies ccj@jenningsps.com (202) 879 9344 1 Undeniable Threat of Health Care Changes/Disruption Budget resolution for ACA

351 views • 18 slides
Institute for Complex Systems Simulation An EPSRC Doctoral Training Centre Seth Bullock

Institute for Complex Systems Simulation An EPSRC Doctoral Training Centre Seth Bullock

Institute for Complex Systems Simulation Institute for Complex Systems Simulation An EPSRC Doctoral Training Centre Seth Bullock Institute for Complex March 18 th 2009 Systems Simulation Institute for Complex Systems Simulation A Systemic

311 views • 17 slides
And the LORD spake unto Moses, saying, Speak unto the children of Israel, saying, In the seventh

And the LORD spake unto Moses, saying, Speak unto the children of Israel, saying, In the seventh

Leviticus 23:23 25 And the LORD spake unto Moses, saying, Speak unto the children of Israel, saying, In the seventh month, in the first day of the month , shall ye have a sabbath, a memorial of blowing of trumpets , an holy convocation. Ye

693 views • 66 slides

More recommend