Internet DRAFT - draft-liu-detnet-anomalous-packets-handling
draft-liu-detnet-anomalous-packets-handling
DetNet C. Liu
Internet-Draft China Unicom
Intended status: Standards Track J. Yan
Expires: 1 September 2024 X. ZHU
ZTE Corporation
29 February 2024
Anomalous Packets Handling for DetNet
draft-liu-detnet-anomalous-packets-handling-00
Abstract
In deterministic networking (DetNet), there may be resource conflicts
at the flow aggregation nodes, resulting in network anomalies. The
existing mechanisms for handling anomalous packets in the data plane
are crude, such as discarding or processing them as BE flows, so the
network performance may be worse than applying traditional QoS.
Therefore, in order to handle the anomalous traffic, the data plane
should implement an enhanced handling mechanism.
This document proposes an anomalous packet handling solution for
anomalous traffic in DetNet. This solution includes two policies:
the packet squeezing policy and the packet degrading policy, which
can be applied flexibly to a variety of queuing mechanisms, thereby
ensuring that network traffic for deterministic services is
preferentially scheduled in anomalous situations.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 1 September 2024.
Liu, et al. Expires 1 September 2024 [Page 1]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Anomalous Forwarding Detection . . . . . . . . . . . . . . . 4
4. Anomalous Packets Handling Policy . . . . . . . . . . . . . . 5
4.1. Squeezing Policy . . . . . . . . . . . . . . . . . . . . 5
4.2. Degrading Policy . . . . . . . . . . . . . . . . . . . . 8
4.3. Squeezing Policy and Degrading Policy . . . . . . . . . . 8
5. Anomalous Packets Handling Solution . . . . . . . . . . . . . 10
5.1. Policy Selection and Configuration . . . . . . . . . . . 10
5.2. Anomalous Information Reporting . . . . . . . . . . . . . 11
5.3. Anomalous Packets Handling Procedure . . . . . . . . . . 12
6. Security Considerations . . . . . . . . . . . . . . . . . . . 12
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 12
9.1. Normative References . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction
DetNet is able to provide real-time application services with
deterministic guarantees such as bounded latency, low jitter, and low
packet loss rate, as per [RFC8655]. One of the major technologies of
DetNet is resource allocation, as per [RFC8938]. Resource allocation
reduces the packet loss and jitter caused by network congestion by
allocating available resources to specified DetNet flows. In order
to avoid resource conflicts at the aggregation nodes in the network,
it is necessary for the control plane and the data plane to be
applied in conjunction. The control plane orchestrates the paths of
DetNet flows to avoid resource conflicts. And the data plane
transmits DetNet flows by the orchestration result from the control
Liu, et al. Expires 1 September 2024 [Page 2]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
plane, with traffic shaping, flow admission, and encapsulation of
forwarding information of the flow, etc., to avoid traffic congestion
at aggregation nodes so as to guarantee the QoS of services in the
DetNet domain.
Each node in the end-to-end path may be an aggregation node.
Aggregated flows that belong to the same traffic class will share the
reserved resources at the outgoing port. Ideally, the transmission
of each member flow of the same traffic class strictly conforms to
the scheduling of the control plane, thus being able to satisfy the
strict requirements of a narrowly deterministic network. However,
due to the diversity of deterministic flows, this ideal case is often
difficult to fulfill. For example, there are bursts under a fine-
granularity time dimension at times, and consequently, limiting the
transmission rate according to the average bandwidth is unable to
meet the demand of deterministic flows. As well, the variability of
packet length also creates obstacles for resource management. If the
control plane always allocates resources according to the maximum
packet length, it may lead to a serious waste of network resources.
However, it may lead to resource conflicts if network resources are
reserved according to the average packet length. Besides, the
performance of software and hardware in the network are both
affecting factors. In the control plane, there may be loopholes in
the algorithm, leading to inevitable resource conflicts in some
extreme scenarios. In the data plane, protocol messages with the
highest priority may be sent frequently under certain circumstances.
For example, the ARP protocol is frequently triggered under abnormal
circumstances, so the resources for sending service packets are
preempted by the ARP protocol packets; hence, the lower-priority
packets cannot be transmitted in time.
To deal with the above network anomalies, the control plane should
properly schedule resources to avoid resource conflict at the
aggregation nodes. As defined in [RFC8865], it proposes a service
protection solution such as PREOF based on multi-path transmission.
Although PREOF can avoid performance reduction by reserving a large
amount of redundant resources for the specified service flows, it may
cause a serious waste of resources or even a light load in the
network, which further reduces the advantage of deterministic
technologies. In the data plane, the existing mechanisms are
relatively simple and crude. For example, the data plane may choose
to discard packets directly or buffer packets until the resources
allocated to its traffic class become available. Both of the
solutions will result in even worse QoS than BE flows. So that, for
the data plane, the anomalies can not be handled by relying solely on
the orchestration of the control plane or being equipped to cope with
normal traffic.
Liu, et al. Expires 1 September 2024 [Page 3]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
Therefore, the processing of anomalous packets from deterministic
services should be automatically optimized in the data plane. That
is, in addition to the function of forwarding normal deterministic
flows, the data plane should also be equipped with an automatically
enhanced processing mechanism for anomalous packets. The processing
of anomalous packets is an indispensable part of the future
implementation and application of the entire deterministic network
technology.
This document proposes an anomalous packet handling policy and
solution for anomalous traffic in DetNet. It supports two anomalous
packet handling policies, including packet squeezing and packet
degrading, in the data plane and allows the control plane and users
to configure the enabling policies and relevant parameters. This
document also provides a specific squeezing and degrading procedure
for various queuing mechanisms.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2. Terminology
The terminology is defined as [RFC8655].
3. Anomalous Forwarding Detection
The real-time detection in the data plane should detect anomalous
forwarding behaviors. When anomalous packets are detected, enhanced
processing policies such as packet squeezing and degrading are
applied to the packets to ensure deterministic flows are scheduled
preferentially in abnormal situations.
Liu, et al. Expires 1 September 2024 [Page 4]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
The detection of anomalous forwarding is related to the queuing
mechanisms in the data plane. It may be identified based on the
depth of the buffer queue. When receiving a deterministic packet,
the node determines the target output queue according to the
parameter carried in the packet. As to the timeslot-based queuing
mechanism, local nodes obtain the target outgoing timeslot of the
packets according to the timeslot mapping relationship. As to the
delay-based queuing mechanism, the target timeslot at the local node
is calculated by the parameters carried in the packet, such as the
time budget and bounded latency. Before the packet enters the queue
corresponding to the target outgoing timeslot, the depth of the
buffer queue should be obtained. If the number of packets allowed to
be carried in the buffer queue does not exceed the depth, the packets
will be properly enqueued. Otherwise, if the number of packets
exceeds the threshold, an anomaly will be discovered.
4. Anomalous Packets Handling Policy
This solution supports two anomalous packets handling policies to
enhance the data plane: the squeezing policy and the degrading
policy. These policies can be enabled simultaneously, selectively,
or neither. If neither of them is enabled, the existing anomalous
packets handling solutions will be used, such as discarding or
degrading the packets to be treated as BE flow.
4.1. Squeezing Policy
The data plane supports and enables the squeezing policy, setting the
squeezing threshold. For anomalous traffic that exceeds the allowed
capability but falls short of the squeezing threshold, the system can
select the squeezing policy to process these packets. It will then
enqueue the packets and record the number of squeezed bits. Packets
that are not sent within the allotted time can be squeezed into the
next time slot until the buffer queue is empty, according to the
squeezing policy. Squeezing policy supports a variety of queuing
mechanisms but is not available in all data planes.
For the delay-based queuing mechanism, the residence time of packets
at the local node is added and recorded. At downstream nodes,
packets can be forwarded based on the remaining time budget. For the
timeslot-based queuing mechanisms, packets are sent in the next
cycle. For the rate-based queuing mechanisms, packets are assigned
to a lower service rate.
Taking the timeslot-based queuing mechanism as an example, Figure 1
illustrates how the squeezing policy is processed. Assume that the
maximum number of bits allowed to be carried in each timeslot is 4000
bits, and the squeezing threshold is set to 2000 bits. The packet
Liu, et al. Expires 1 September 2024 [Page 5]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
length of a service flow is fixed at 1000 bits; the target timeslot
of packets with serial numbers 1 to 4 is timeslot 1, and the target
timeslot of packets with serial numbers 5 to 7 is timeslot 2. Assume
that, due to the existence of aggregated traffic, the current depth
of queue 1 is 2000 bits.
|<----timeslot1---->|<----timeslot2---->|<----timeslot3---->|
+---------+---------+-------------------+-------------------+
|/////////| | | |
+---------+---------+-------------------+-------------------+
packet sequence of the flow
+----+----+----+----+----+----+----+
| P7 | P6 | P5 | P4 | P3 | P2 | P1 | --->
+----+----+----+----+----+----+----+
P1 P2 P3 P4 -> target timeslot : 1
P5 P6 P7 -> target timeslot : 2
|
\/
+---------+----+----+----+----+
queue 1 |/////////| P1 | P2 | P3 | P4 |
+---------+----+----+----+----+
+----+----+----+
queue 2 | P5 | P6 | P7 |
+----+----+----+
|-----timeslot1-----|-----timeslot2-----|-----timeslot3-----|
+---------+----+----+----+----+----+----+----+--------------+
|/////////| P1 | P2 | P3 | P4 | P5 | P6 | P7 | |
+---------+----+----+----+----+----+----+----+--------------+
|<------->|
squeezing threshold
Figure 1: Squeezing policy based on timeslot-based queuing mechanism
Figure 1 illustrates the processing of packets in the service flow
with serial numbers 1 through 7. Packets 1 and 2 are put into queue
1 sequentially. Therefore, queue 1 has reached the permitted
carrying threshold of 4000 bits. When packets 3 and 4 arrive, they
are determined to be anomalous packets.
It has been detected that the squeezing policy is currently enabled,
and the squeezing threshold is 2000 bits. The packets 3 and 4 are
processed in squeezing mode and enter queue 2, but still carry
timeslot label 1 while being sent to the next node.
Liu, et al. Expires 1 September 2024 [Page 6]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
According to the squeeze policy, packets 3 and 4 are squeezed into
timeslot 2 for transmission. The buffer depth of the queue
corresponding to timeslot 2 has reached 2000 bits, allowing packets
5, 6, and 7 whose target timeslot is timeslot 2 to enter queue 2.
Hence, queue 2 reaches the upper limit of 4000 bits, and packet 7 is
marked as an anomalous packet, put into queue 2, and postponed to
timeslot 3 for transmission.
At the aggregation node, if there are continuous bursts exceeding its
carrying capacity, due to the configuration of the squeezing policy,
packets exceeding the timeslot carrying capacity will continue to be
squeezed into subsequent timeslots and set off chain reactions. If
the range of timeslots affected by successive squeezing is not
restricted, the squeezed packets in each timeslot will accumulate
infinitely, which will seriously affect the guarantee of
deterministic transmission.
One solution to restrict successive squeezing is to introduce a
synchronization threshold—a specified number of timeslots after which
the timeslot is realigned with the buffer queue to recover
synchronization.
|----timeslot1----|----timeslot2----|----timeslot3----|----timeslot4----|
|---------queue1---------|-----queue2------|----queue3-----|---queue4---|
|<--------------------------------------------------------------------->|
synchronization threshold
Figure 2: Illustration of synchronization threshold
Another feasible solution is to set the squeezing threshold to
decrease exponentially. When burst aggregation causes multiple
timeslots to experience successive squeezing, the first timeslot's
squeezing threshold is a preset value, the second timeslot's
squeezing threshold is half of the preset value, and so on. This
process of exponential decay continues until a timeslot's squeezing
threshold is less than the packet size, at which point squeezing is
prohibited in the current timeslot, thereby limiting the impact of
the successive squeezing.
Liu, et al. Expires 1 September 2024 [Page 7]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
4.2. Degrading Policy
The data plane supports and enables the degrading policy and
configures the degrading parameters. Degrading policy and squeezing
policy can optionally be applied together. The anomalous traffic
exceeding the squeezing threshold is processed by the degrading
policy. The degrading policy can also be deployed independently.
For anomalous packets beyond the allowed buffer capacity, the
degrading policy can be applied directly.
In the case of the delay-based queuing mechanism, packets are delayed
based on the target sending time. The delayed period can be flexibly
configured due to the level of busyness at the current outgoing port.
When using the timeslot-based queuing mechanism, packets are
redirected to a queue with a lower priority. In the case of the
rate-based queuing mechanism, packets are redirected to a queue with
a lower priority.
4.3. Squeezing Policy and Degrading Policy
It is possible to combine the squeezing policy and the degrading
policy. When anomalous packets exceed the squeezing threshold, the
degrading policy will take over. Taking the timeslot-based queuing
mechanism as an example, the anomalous packet processed by the
squeezing policy still enters the buffer queue corresponding to their
target timeslot, and the timeslot information carried in the packet
remains unchanged, allowing it to be recovered at the subsequent
node. In order to prepare the abnormal packet for future scheduling
and forwarding, the degrading policy will change the internal
scheduling parameters of the anomalous packet, modify the existing
fields of the packet, or insert new fields into the packet for
subsequent scheduling and forwarding. Anomalies can be recovered at
downstream nodes by using anomalous information that is either
carried in packets or recorded by the controller.
Using the timeslot-based queuing mechanism as an example, Figure 3
illustrates how anomalous packets are processed by combining
degrading and squeezing policies. It is assumed that each timeslot
is allowed to carry up to 4000 bits. And timeslots 1 through 3 have
the following priority order, from high to low: timeslot 1 > timeslot
3 > timeslot 2. The nodes at the forwarding plane are configured by
the controller plane to enable the degrading and squeezing policies.
The squeezing threshold of the queue is 2000 bits, and the degrading
policy is set to degrade to the next lower priority.
The size of each packet of a service flow is fixed at 1000 bits. The
target timeslot of packets with serial numbers 1 to 4 is timeslot 1,
and the target timeslot of packets with serial numbers 5 to 7 is
Liu, et al. Expires 1 September 2024 [Page 8]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
timeslot 2. When the packet with sequence number 1 arrives at the
node, the current depth of queue 1 is 3000 bits, and the current
buffer depth of queues 2 and 3 is 0 bit.
The processing of packets 1 to 7 of this service flow is shown in
Figure 3. First, packet 1 is put into queue 1. Then, the buffer
depth of queue 1 reaches the allowed carrying threshold of 4000 bits.
When packets 2, 3, and 4 arrive, since queue 1 has reached the
allowed threshold, they are judged to be anomalous packets.
According to the squeezing policy, packets 2 and 3 are put into queue
1 while being squeezed into timeslot 2 for transmission. By this
time, the depth of queue 1 reaches the squeezing threshold, the
degrading policy is triggered, and packet 4 will enter queue 3. For
packets 5, 6, and 7 with target timeslot 2, the buffer depth of queue
2 does not exceed the carrying threshold, so packets 5, 6, and 7 can
be put into queue 2. Among them, packet 7 actually occupies the time
resources of timeslot 3 for transmission due to the successive
squeezing of the preceding timeslots.
Liu, et al. Expires 1 September 2024 [Page 9]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
|<----timeslot1---->|<----timeslot2---->|<----timeslot3---->|
+--------------+----+-------------------+-------------------+
|//////////////| | | |
+--------------+----+-------------------+-------------------+
packet sequence of the flow
+----+----+----+----+----+----+----+
| P7 | P6 | P5 | P4 | P3 | P2 | P1 | --->
+----+----+----+----+----+----++----
P1 P2 P3 P4 -> target timeslot : 1
P5 P6 P7 -> target timeslot : 2
|
\/
+--------------+----+----+----+
queue 1 |//////////////| P1 | P2 | P3 |
+--------------+----+----+----+
+----+----+----+
queue 2 | P5 | P6 | P7 |
+----+----+----+
+----+
queue 3 | P4 |
+----+
|<----timeslot1---->|<----timeslot2---->|<----timeslot3---->|
+--------------+----+----+----+----+----+----+----+---------+
|//////////////| P1 | P2 | P3 | P5 | P6 | P7 | P4 | |
+--------------+----+----+----+----+----+----+----+---------+
|<------->|
squeezing threshold
Figure 3: Combination of squeezing policy and degrading policy
based on timeslot-based queuing mechanism
5. Anomalous Packets Handling Solution
5.1. Policy Selection and Configuration
The following anomaly handling policies are involved in this
document:
1. Process packets according to the degrading policy.
2. Process packets according to the squeezing policy.
3. Postpone packets to the next cycle.
Liu, et al. Expires 1 September 2024 [Page 10]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
4. Redirect packets to a regular QoS queue.
5. Degrading the packets to be treated as BE flow.
6. Discard anomalous packets.
If the data plane does not enable the squeezing or degrading policy,
or neither the squeezing policy nor the degrading policy is
applicable, anomalous packets will be processed by the existing
natural processing methods, such as discarding. When the data plane
supports multiple anomalous packets handling policies, the enabled
policies and related parameters can be configured by the control
plane.
5.2. Anomalous Information Reporting
After automatically handling anomalies according to the squeezing
policy or degrading policy, the data plane should report the
anomalies to the controller immediately, so that the controller can
perceive the details of the anomalies in the network and take action
on them, for example, re-orchestration, flow entry re-configuration,
resource expansion, etc. The anomalous information should be passed
to the next node so that the downstream nodes can adjust the
forwarding behavior or restore the original parameters of the packets
according to the anomalous information. The anomalous information
reported by the data plane includes, but is not limited to:
* Basic information: node ID, port ID, etc.
* Anomalous packet information: flow ID and packet sequence number,
etc.
* Anomalous packet handling policy information: the handling policy
used: squeezing policy, degrading policy, or other natural
policies (e.g., discarding). Related parameters: for squeezing
policy, including the squeezed bits and the number of squeezed
packets, etc. As to the degrading policy, including the delay
period, the priority before and after degrading, and the number of
packets degraded. As to natural policies, including the number of
packets discarded or treated as BE flows.
Liu, et al. Expires 1 September 2024 [Page 11]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
5.3. Anomalous Packets Handling Procedure
When the node in the data plane receives a DetNet packet, it first
detects whether there is an anomaly. If the packet is anomalous, the
node will start the anomalous packets handling procedure. Then,
which anomalous packets handling policies are supported at the local
node should be acknowledged. If the enhanced anomalous packets
handling policies are not enabled, the packets will be processed by
the existing mechanisms, for example, directly discarded, treated as
BE flow, processed in a normal QoS queue, or postponed to the next
period. If only one of the squeezing policy and the degrading policy
is enabled, anomalous packets are processed according to the
specified policy. If both the squeezing policy and degrading policy
are enabled, the local node first detects whether the number of
anomalous packets exceeds the squeezing threshold. If not, anomalous
packets will be processed according to the squeezing policy.
Otherwise, the system processes packets according to the degrading
policy. And then it sends the anomalous information to the
controller or the downstream node.
6. Security Considerations
TBA
7. IANA Considerations
TBA
8. Acknowledgements
TBA
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC8655] Finn, N., Thubert, P., Varga, B., and J. Farkas,
"Deterministic Networking Architecture", RFC 8655,
DOI 10.17487/RFC8655, October 2019,
<https://www.rfc-editor.org/info/rfc8655>.
Liu, et al. Expires 1 September 2024 [Page 12]
Internet-Draft Anomalous Packets Handling for DetNet February 2024
[RFC8865] Holmberg, C. and G. Hellström, "T.140 Real-Time Text
Conversation over WebRTC Data Channels", RFC 8865,
DOI 10.17487/RFC8865, January 2021,
<https://www.rfc-editor.org/info/rfc8865>.
[RFC8938] Varga, B., Ed., Farkas, J., Berger, L., Malis, A., and S.
Bryant, "Deterministic Networking (DetNet) Data Plane
Framework", RFC 8938, DOI 10.17487/RFC8938, November 2020,
<https://www.rfc-editor.org/info/rfc8938>.
Authors' Addresses
Chang Liu
China Unicom
No.9 Shouti Nanlu
Beijing
100048
China
Phone: +86-010-68799999-7294
Email: liuc131@chinaunicom.cn
Jinjie Yan
ZTE Corporation
China
Email: yan.jinjie@zte.com.cn
Xiangyang Zhu
ZTE Corporation
China
Email: zhu.xiangyang@zte.com.cn
Liu, et al. Expires 1 September 2024 [Page 13]