draft-ietf-pcn-baseline-encoding-01.txt   draft-ietf-pcn-baseline-encoding-02.txt 
Congestion and Pre Congestion T. Moncaster Congestion and Pre Congestion T. Moncaster
Internet-Draft BT Internet-Draft BT
Intended status: Standards Track B. Briscoe Intended status: Standards Track B. Briscoe
Expires: April 17, 2009 BT & UCL Expires: August 14, 2009 BT & UCL
M. Menth M. Menth
University of Wuerzburg University of Wuerzburg
October 14, 2008 February 10, 2009
Baseline Encoding and Transport of Pre-Congestion Information Baseline Encoding and Transport of Pre-Congestion Information
draft-ietf-pcn-baseline-encoding-01 draft-ietf-pcn-baseline-encoding-02
Status of This Memo Status of This Memo
By submitting this Internet-Draft, each author represents that any This Internet-Draft is submitted to IETF in full conformance with the
applicable patent or other IPR claims of which he or she is aware provisions of BCP 78 and BCP 79.
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 17, 2009. This Internet-Draft will expire on August 14, 2009.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
Abstract Abstract
Pre-congestion notification (PCN) provides information to support Pre-congestion notification (PCN) provides information to support
admission control and flow termination in order to protect the admission control and flow termination in order to protect the
Quality of Service of inelastic flows. It does this by marking Quality of Service of inelastic flows. It does this by marking
packets when traffic load on a link is approaching or has exceeded a packets when traffic load on a link is approaching or has exceeded a
threshold below the physical link rate. This document specifies how threshold below the physical link rate. This document specifies how
such marks are to be encoded into the IP header. The baseline such marks are to be encoded into the IP header. The baseline
encoding described here provides for only two PCN encoding states. encoding described here provides for only two PCN encoding states.
It is designed to be easily extended to provide more encoding states It is designed to be easily extended to provide more encoding states
but such schemes will be described in other documents. but such schemes will be described in other documents.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Requirements notation . . . . . . . . . . . . . . . . . . . . 4 2. Requirements notation . . . . . . . . . . . . . . . . . . . . 4
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Encoding two PCN States in IP . . . . . . . . . . . . . . . . 5 4. Encoding two PCN States in IP . . . . . . . . . . . . . . . . 5
4.1. Rationale for Encoding . . . . . . . . . . . . . . . . . . 5 4.1. Rationale for Encoding . . . . . . . . . . . . . . . . . . 6
4.2. PCN-Compatible DiffServ Codepoints . . . . . . . . . . . . 6 4.2. PCN-Compatible DiffServ Codepoints . . . . . . . . . . . . 7
5. Rules for Experimental Encoding Schemes . . . . . . . . . . . 6 5. Rules for Experimental Encoding Schemes . . . . . . . . . . . 7
6. Backwards Compatibility . . . . . . . . . . . . . . . . . . . 6 6. Backwards Compatibility . . . . . . . . . . . . . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8
9. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 7 9. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 8
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9
11. Comments Solicited . . . . . . . . . . . . . . . . . . . . . . 8 11. Comments Solicited . . . . . . . . . . . . . . . . . . . . . . 9
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9
12.1. Normative References . . . . . . . . . . . . . . . . . . . 8 12.1. Normative References . . . . . . . . . . . . . . . . . . . 9
12.2. Informative References . . . . . . . . . . . . . . . . . . 8 12.2. Informative References . . . . . . . . . . . . . . . . . . 9
Appendix A. Tunnelling Constraints . . . . . . . . . . . . . . . 9 Appendix A. PCN Deployment Considerations . . . . . . . . . . . . 10
Appendix B. PCN Node Behaviours . . . . . . . . . . . . . . . . . 10 A.1. Choice of Suitable DSCPs . . . . . . . . . . . . . . . . . 10
Appendix C. Deployment Scenarios for PCN Using Baseline A.2. Rationale for Using ECT(0) for Not Marked . . . . . . . . 10
Encoding . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
Pre-congestion notification (PCN) provides information to support Pre-congestion notification (PCN) provides information to support
admission control and flow termination in order to protect the admission control and flow termination in order to protect the
quality of service (QoS) of inelastic flows. This is achieved by quality of service (QoS) of inelastic flows. This is achieved by
marking packets according to the level of pre-congestion at nodes marking packets according to the level of pre-congestion at nodes
within a PCN-domain. These markings are evaluated by the egress within a PCN-domain. These markings are evaluated by the egress
nodes of the PCN-domain. [pcn-arch] describes how PCN packet markings nodes of the PCN-domain. [pcn-arch] describes how PCN packet markings
can be used to assure the QoS of inelastic flows within a single can be used to assure the QoS of inelastic flows within a single
skipping to change at page 3, line 29 skipping to change at page 3, line 29
others require more. The baseline encoding described here only others require more. The baseline encoding described here only
provides for two PCN encoding states. An extension of the baseline provides for two PCN encoding states. An extension of the baseline
encoding described in [PCN-3-enc-state] provides for three PCN encoding described in [PCN-3-enc-state] provides for three PCN
encoding states. Other extensions have also been suggested all of encoding states. Other extensions have also been suggested all of
which can build on the baseline encoding. In order to ensure which can build on the baseline encoding. In order to ensure
backward compatibility any alternative encoding schemes that claim backward compatibility any alternative encoding schemes that claim
compliance with PCN standards MUST extend this baseline scheme. compliance with PCN standards MUST extend this baseline scheme.
Changes from previous drafts (to be removed by the RFC Editor): Changes from previous drafts (to be removed by the RFC Editor):
From -01 to -02:
Removed Appendix A and replaced with reference to [ecn-tunneling]
Moved Appendix B into main body of text.
Changed Appendix C to give deployment advice.
Minor changes throughout including checking consistency of
capitalisation of defined terms.
Clarified that LU was deliberately excluded from encoding.
From -00 to -01: From -00 to -01:
Added section on restrictions for extension encoding schemes. Added section on restrictions for extension encoding schemes.
Included table in Appendix showing encoding transitions at Included table in Appendix showing encoding transitions at
different PCN nodes. different PCN nodes.
Checked for consistency of terminology. Checked for consistency of terminology.
Minor language changes for clarity. Minor language changes for clarity.
skipping to change at page 4, line 40 skipping to change at page 5, line 6
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Terminology 3. Terminology
The following terms are used in this document: The following terms are used in this document:
o Not-PCN - packets that are not PCN-enabled. o Not-PCN - packets that are not PCN-enabled.
o PCN-marked - codepoint indicating packets that have been marked at o PCN-marked - codepoint indicating packets that have been marked at
a PCN-interior-node using some PCN marking behaviour. Also PM. a PCN-interior-node using some PCN marking behaviour
[pcn-marking-behaviour]. Also PM.
o Not-marked - codepoint indicating packets that are PCN-capable but o Not-marked - codepoint indicating packets that are PCN-capable but
are not PCN-marked. Also NM. are not PCN-marked. Also NM.
o PCN-enabled codepoints - collective term for all the NM and PM o PCN-enabled codepoints - collective term for all the NM and PM
codepoints. codepoints. By definition packets carrying such codepoints are
PCN-packets.
o PCN-compatible Diffserv codepoint - a Diffserv codepoint for which o PCN-compatible Diffserv codepoint - a Diffserv codepoint for which
the ECN field is used to carry PCN markings rather than [RFC3168] the ECN field is used to carry PCN markings rather than [RFC3168]
markings. markings.
In addition the document uses the terminology defined in [pcn-arch]. In addition the document uses the terminology defined in [pcn-arch].
4. Encoding two PCN States in IP 4. Encoding two PCN States in IP
The PCN encoding states are defined using a combination of the DSCP The PCN encoding states are defined using a combination of the DSCP
and ECN fields within the IP header. The baseline PCN encoding and ECN fields within the IP header. The baseline PCN encoding
closely follows the semantics of ECN [RFC3168]. It allows the closely follows the semantics of ECN [RFC3168]. It allows the
encoding of two PCN states: Not-Marked and PCN-Marked. It also encoding of two PCN states: Not-Marked and PCN-Marked. It also
allows for traffic that is not PCN capable to be marked as such (not- allows for traffic that is not PCN capable to be marked as such (Not-
PCN). Given the scarcity of codepoints within the IP header the PCN). Given the scarcity of codepoints within the IP header the
baseline encoding leaves one codepoint free for experimental use. baseline encoding leaves one codepoint free for experimental use.
The following table defines how to encode these states in IP: The following table defines how to encode these states in IP:
+---------------+-------------+-------------+-------------+---------+ +---------------+-------------+-------------+-------------+---------+
| ECN codepoint | not-ECT | ECT(0) (10) | ECT(1) (01) | CE (11) | | ECN codepoint | Not-ECT | ECT(0) (10) | ECT(1) (01) | CE (11) |
| | (00) | | | | | | (00) | | | |
+---------------+-------------+-------------+-------------+---------+ +---------------+-------------+-------------+-------------+---------+
| DSCP n | not-PCN | NM | EXP | PM | | DSCP n | Not-PCN | NM | EXP | PM |
+---------------+-------------+-------------+-------------+---------+ +---------------+-------------+-------------+-------------+---------+
Where DSCP n is a PCN-compatible DiffServ codepoint (see Section 4.2) Where DSCP n is a PCN-compatible DiffServ codepoint (see Section 4.2)
and EXP means available for Experimental use. and EXP means available for Experimental use. N.B. we deliberately
reserve this codepoint for experimental use only (and not local use)
to prevent any possible future compatability issues.
Table 1: Encoding PCN in IP Table 1: Encoding PCN in IP
The following rules apply to all PCN traffic: The following rules apply to all PCN traffic:
o PCN-traffic MUST be marked with a PCN-compatible DiffServ o PCN-traffic MUST be marked with a PCN-compatible DiffServ
Codepoint. To conserve DSCPs, DiffServ Codepoints SHOULD be Codepoint. To conserve DSCPs, DiffServ Codepoints SHOULD be
chosen that are already defined for use with admission controlled chosen that are already defined for use with admission controlled
traffic, such as the Voice-Admit codepoint defined in traffic, such as the Voice-Admit codepoint defined in
[voice-admit]. Guidelines for mixing traffic-types within a PCN- [voice-admit]. Guidelines for mixing traffic-types within a PCN-
domain are given in [pcn-marking-behaviour]. domain are given in [pcn-marking-behaviour].
o Any packet that is not PCN-enabled (not-PCN) but which shares the o Any packet that is not PCN-enabled (Not-PCN) but which shares the
same DiffServ codepoint as PCN-enabled traffic MUST have the ECN same DiffServ codepoint as PCN-enabled traffic MUST have the ECN
field equal to 00. field equal to 00.
The following table sets out the valid and invalid codepoint
transitions at PCN-nodes for this baseline encoding. Extension
encodings may have different rules regarding the validity of the
transitions. Note that this table assumes there is a functional
separation between a PCN-boundary-node and a PCN-interior-node such
that PCN-boundary-nodes do not perform packet metering or marking
functions. PCN-nodes MUST follow the encoding transition rules set
out in this table (e.g. they MUST NOT set invalid codepoints on
packets they forward). This table only applies to PCN-packets.
+-----------+-------------+-----------------+-----------------------+
| PCN node | Codepoint | Valid codepoint | Invalid codepoint out |
| type | in | out | |
+-----------+-------------+-----------------+-----------------------+
| ingress | Any | NM (or Not-PCN) | PM |
| interior | NM | NM or PM | Not-PCN or EXP |
| interior | EXP + | EXP or PM | Not-PCN |
| interior | Not-PCN | Not-PCN | Any other codepoint |
| interior | PM | PM | Any other codepoint |
| egress | Any | 00 | Any other codepoint * |
+-----------+-------------+-----------------+-----------------------+
+ This SHOULD cause an alarm to be raised at a higher layer. The
packet MUST be treated as if it were NM.
* Except where the egress node knows that other marks may be safely
exposed outside the PCN-domain (e.g. [PCN-3-enc-state]).
Table 2: Valid and Invalid Codepoint Transitions for
PCN-packets at PCN-nodes
If a pcn-interior-node compliant with this baseline encoding receives
a
4.1. Rationale for Encoding 4.1. Rationale for Encoding
The exact choice of encoding was dictated by the constraints imposed The exact choice of encoding was dictated by the constraints imposed
by existing IETF RFCs, in particular [RFC3168] and [RFC4774]. One of by existing IETF RFCs, in particular [RFC3168], [RFC4301] and
the tightest constraints was the need for any PCN encoding to survive [RFC4774]. One of the tightest constraints was the need for any PCN
being tunnelled through either an IP in IP tunnel or an IPSec Tunnel. encoding to survive being tunnelled through either an IP in IP tunnel
Appendix A explains this in detail. The main effect of this or an IPSec Tunnel. [ecn-tunneling] explains this in more detail.
constraint is that any PCN marking has to carry the 11 codepoint in The main effect of this constraint is that any PCN marking has to
the ECN field. If the packet is being tunneled then only the 11 carry the 11 codepoint in the ECN field. If the packet is being
codepoint gets copied into the inner header upon decapsulation. An tunneled then only the 11 codepoint gets copied into the inner header
additional constraint is the need to minimise the use of DiffServ upon decapsulation. An additional constraint is the need to minimise
codepoints as there is a limited supply of standards track codepoints the use of DiffServ codepoints as there is a limited supply of
remaining. Section 4.2 explains how we have minimised this still standards track codepoints remaining. Section 4.2 explains how we
further by reusing pre-existing Diffserv codepoint(s) such that non- have minimised this still further by reusing pre-existing Diffserv
PCN traffic can still be distinguished from PCN traffic. There are a codepoint(s) such that non-PCN traffic can still be distinguished
number of factors that were considered before deciding to set 10 as from PCN traffic. There are a number of factors that were considered
the NM state. These included similarity to ECN, presence of tunnels before deciding to set 10 as the NM state. These included similarity
within the domain, leakage into and out of PCN-domain and incremental to ECN, presence of tunnels within the domain, leakage into and out
deployment. of PCN-domain and incremental deployment.
The encoding scheme above seems to meet all these constraints and The encoding scheme above seems to meet all these constraints and
ends up looking very similar to ECN. This is perhaps not surprising ends up looking very similar to ECN. This is perhaps not surprising
given the similarity in architectural intent between PCN and ECN. given the similarity in architectural intent between PCN and ECN.
4.2. PCN-Compatible DiffServ Codepoints 4.2. PCN-Compatible DiffServ Codepoints
Equipment complying with the baseline PCN encoding MUST allow PCN to Equipment complying with the baseline PCN encoding MUST allow PCN to
be enabled for certain Diffserv codepoints. This document defines be enabled for certain Diffserv codepoints. This document defines
the term "PCN-compatible Diffserv codepoint" for such a DSCP. the term "PCN-compatible Diffserv codepoint" for such a DSCP.
Enabling PCN for a DSCP switches on PCN marking behaviour for packets Enabling PCN for a DSCP switches on PCN marking behaviour for packets
with that DSCP, but only if those packets also have their ECN field with that DSCP, but only if those packets also have their ECN field
set to indicate a codepoint other than not-PCN. set to indicate a codepoint other than Not-PCN.
Enabling PCN marking behaviour disables any other marking behaviour Enabling PCN marking behaviour disables any other marking behaviour
(e.g. enabling PCN disables the default ECN marking behaviour (e.g. enabling PCN disables the default ECN marking behaviour
introduced in [RFC3168]). All traffic scheduling and conditioning introduced in [RFC3168]). All traffic scheduling and conditioning
behaviours are discussed in [pcn-marking-behaviour]. behaviours are discussed in [pcn-marking-behaviour]. This ensures
compliance with the BCP guidance set out in [RFC4774].
5. Rules for Experimental Encoding Schemes 5. Rules for Experimental Encoding Schemes
Any experimental encoding scheme MUST follow these rules to ensure Any experimental encoding scheme MUST follow these rules to ensure
backward compatibility with this baseline scheme: backward compatibility with this baseline scheme:
o The 00 codepoint in the ECN field MUST mean not-PCN. o The 00 codepoint in the ECN field MUST mean Not-PCN.
o The 11 codepoint in the ECN field MUST mean PCN-marked (though o The 11 codepoint in the ECN field MUST mean PCN-marked (though
this doesn't exclude other codepoints from carrying the same this doesn't exclude other codepoints from carrying the same
meaning). meaning).
o Once set the 11 codepoint in the ECN field MUST NOT be changed to o Once set the 11 codepoint in the ECN field MUST NOT be changed to
any other codepoint. any other codepoint.
o Any experimental scheme MUST include details of all valid and
invalid codepoint transitions at any PCN nodes.
6. Backwards Compatibility 6. Backwards Compatibility
BCP 124 [RFC4774] gives guidelines for specifying alternative BCP 124 [RFC4774] gives guidelines for specifying alternative
semantics for the ECN field. It sets out a number of factors to be semantics for the ECN field. It sets out a number of factors to be
taken into consideration. It also suggests various techniques to taken into consideration. It also suggests various techniques to
allow the co-existence of default ECN and alternative ECN semantics. allow the co-existence of default ECN and alternative ECN semantics.
The baseline encoding specified in this document defines PCN- The baseline encoding specified in this document defines PCN-
compatible DiffServ codepoints as no longer supporting the default compatible DiffServ codepoints as no longer supporting the default
ECN semantics. As such this document is compatible with BCP 124. It ECN semantics. As such this document is compatible with BCP 124. It
should be noted that this baseline encoding blocks end-to-end ECN should be noted that this baseline encoding effectively disables end-
except where mechanisms are put in place to tunnel such traffic to-end ECN except where mechanisms are put in place to tunnel such
across the PCN-domain. traffic across the PCN-domain.
7. IANA Considerations 7. IANA Considerations
This document makes no request to IANA. This document makes no request to IANA.
8. Security Considerations 8. Security Considerations
Packets claim entitlement to be PCN marked by carrying a PCN- Packets claim entitlement to be PCN marked by carrying a PCN-
Compatible DSCP and a PCN-Enabled ECN codepoint. This encoding Compatible DSCP and a PCN-Enabled ECN codepoint. This encoding
document is intended to stand independently of the architecture used document is intended to stand independently of the architecture used
to determine whether specific packets are authorised to be PCN to determine whether specific packets are authorised to be PCN
marked, which will be described in a future separate document on PCN marked, which will be described in a future separate document on PCN
edge-node behaviour (see Appendix B). edge-node behaviour.
The PCN working group has initially been chartered to only consider a The PCN working group has initially been chartered to only consider a
PCN-domain to be entirely under the control of one operator, or a set PCN-domain to be entirely under the control of one operator, or a set
of operators who trust each other [PCN-charter]. However there is a of operators who trust each other [PCN-charter]. However there is a
requirement to keep inter-domain scenarios in mind when defining the requirement to keep inter-domain scenarios in mind when defining the
PCN encoding. One way to extend to multiple domains would be to PCN encoding. One way to extend to multiple domains would be to
concatenate PCN-domains and use PCN-boundary-nodes back to back at concatenate PCN-domains and use PCN-boundary-nodes back to back at
borders. Then any one domain's security against its neighbours would borders. Then any one domain's security against its neighbours would
be described as part of the proposed edge-node behaviour document. be described as part of the proposed edge-node behaviour document.
skipping to change at page 8, line 24 skipping to change at page 9, line 32
[RFC2119] Bradner, S., "Key words for use in RFCs to [RFC2119] Bradner, S., "Key words for use in RFCs to
Indicate Requirement Levels", BCP 14, Indicate Requirement Levels", BCP 14,
RFC 2119, March 1997. RFC 2119, March 1997.
[RFC4774] Floyd, S., "Specifying Alternate Semantics [RFC4774] Floyd, S., "Specifying Alternate Semantics
for the Explicit Congestion Notification for the Explicit Congestion Notification
(ECN) Field", BCP 124, RFC 4774, (ECN) Field", BCP 124, RFC 4774,
November 2006. November 2006.
[pcn-arch] Eardley, P., "Pre-Congestion Notification
(PCN) Architecture",
draft-ietf-pcn-architecture-07 (work in
progress), September 2008.
12.2. Informative References 12.2. Informative References
[PCN-3-enc-state] Moncaster, T., Briscoe, B., and M. Menth, "A [PCN-3-enc-state] Moncaster, T., Briscoe, B., and M. Menth, "A
three state extended PCN encoding scheme", three state extended PCN encoding scheme",
draft-moncaster-pcn-3-state-encoding-00 draft-moncaster-pcn-3-state-encoding-00
(work in progress), June 2008. (work in progress), June 2008.
[PCN-charter] IETF, "IETF Charter for Congestion and Pre- [PCN-charter] IETF, "IETF Charter for Congestion and Pre-
Congestion Notification Working Group". Congestion Notification Working Group".
[RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black,
"The Addition of Explicit Congestion "The Addition of Explicit Congestion
Notification (ECN) to IP", RFC 3168, Notification (ECN) to IP", RFC 3168,
September 2001. September 2001.
[RFC4301] Kent, S. and K. Seo, "Security Architecture [RFC4301] Kent, S. and K. Seo, "Security Architecture
for the Internet Protocol", RFC 4301, for the Internet Protocol", RFC 4301,
December 2005. December 2005.
[ecn-tunnelling] Briscoe, B., "Layered Encapsulation of [RFC5127] Chan, K., Babiarz, J., and F. Baker,
"Aggregation of DiffServ Service Classes",
RFC 5127, February 2008.
[ecn-tunneling] Briscoe, B., "Layered Encapsulation of
Congestion Notification", Congestion Notification",
draft-briscoe-tsvwg-ecn-tunnel-01 (work in draft-ietf-tsvwg-ecn-tunnel-01 (work in
progress), July 2008. progress), October 2008.
[pcn-arch] Eardley, P., "Pre-Congestion Notification
(PCN) Architecture",
draft-ietf-pcn-architecture-07 (work in
progress), September 2008.
[pcn-marking-behaviour] Eardley, P., "Marking behaviour of PCN- [pcn-marking-behaviour] Eardley, P., "Marking behaviour of PCN-
nodes", draft-ietf-pcn-marking-behaviour-00 nodes", draft-ietf-pcn-marking-behaviour-01
(work in progress), October 2008. (work in progress), October 2008.
[re-PCN] Briscoe, B., "Emulating Border Flow Policing [re-PCN] Briscoe, B., "Emulating Border Flow Policing
using Re-ECN on Bulk Data", using Re-ECN on Bulk Data",
draft-briscoe-re-pcn-border-cheat-00 (work draft-briscoe-re-pcn-border-cheat-00 (work
in progress), July 2007. in progress), July 2007.
[voice-admit] Baker, F., Polk, J., and M. Dolly, "DSCPs [voice-admit] Baker, F., Polk, J., and M. Dolly, "DSCP for
for Capacity-Admitted Traffic", Capacity-Admitted Traffic",
draft-ietf-tsvwg-admitted-realtime-dscp-04 draft-ietf-tsvwg-admitted-realtime-dscp-05
(work in progress), February 2008. (work in progress), November 2008.
Appendix A. Tunnelling Constraints
The rules that govern the behaviour of the ECN field for IP-in-IP
tunnels were defined in [RFC3168]. This allowed for two tunnel
modes. The limited functionality mode sets the outer header to not-
ECT, regardless of the value of the inner header, in other words
disabling ECN within the tunnel. The full functionality mode copies
the inner ECN field into the outer header if the inner header is not-
ECT or either of the 2 ECT codepoints. If the inner header is CE
then the outer header is set to ECT(0). On decapsulation, if the CE
codepoint is set on the outer header then this is copied into the
inner header. Otherwise the inner header is left unchanged. The
stated reason for blocking CE from being copied to the outer header
was to prevent this from being used as a covert channel through IPSec
tunnels.
The IPSec protocol [RFC4301] changed the ECN tunnelling rule to allow
IPSec tunnels to simply copy the inner header into the outer header.
On decapsulation the outer header is discarded and the ECN field is
only copied down if it is set to CE.
Because of the possible existence of tunnels, only CE (11) can be
used as a PCN marking as it is the only mark that will always survive
decapsulation. However there is a need for caution with all
tunneling within the PCN-domain. RFC3168 full functionality IP in IP
tunnels are expected to set the ECN field to ECT(0) if the inner ECN
field is set to CE. This leads to the possibility that some packets
within the PCN-domain that have already been marked may have that
mark concealed further into the domain. This is undesirable for many
PCN schemes and thus the PCN working group needs to decide whether to
advise against the use of full functionality RFC3168 IP in IP tunnels
within a PCN-domain to support the ongoing work within the Transport
Area to rationalise the behaviour of IP in IP tunnels in respect to
the ECN field and bring them in line with the behaviour of IPSec
tunnels [ecn-tunnelling].
Appendix B. PCN Node Behaviours
The following table of valid and invalid transitions, while necessary Appendix A. PCN Deployment Considerations
for the correct functioning of PCN they is not strictly part of the
encoding scheme. The PCN working group needs to decide whether to
include this in this baseline encoding or whether to transfer it to
an alternative document.
+-----------+-------------+-----------------+-----------------------+ A.1. Choice of Suitable DSCPs
| PCN node | Codepoint | Valid codepoint | Invalid codepoint out |
| type | in | out | |
+-----------+-------------+-----------------+-----------------------+
| ingress | Any | NM (or Not-PCN) | PM |
| interior | NM | NM or PM | not-PCN |
| interior | Not-PCN | Not-PCN | Any other codepoint |
| egress | Any | 00 | Any other codepoint * |
+-----------+-------------+-----------------+-----------------------+
* Except where the egress node knows that other marks may be safely
exposed outside the PCN-domain (e.g. [PCN-3-enc-state]).
Table 2: Valid and Invalid Transitions at PCN nodes The choice of which DSCP is most suitable for the PCN-domain is
dependant on the nature of the traffic entering that domain and the
link rates of all the links making up that domain. In PCN-domains
with uniformly high link rates, the appropriate DSCPs would currently
be those for the Real Time Traffic Class [RFC5127]. If the PCN
domain includes lower speed links it would also be appropriate to use
the DSCPs of the other traffic classes that [voice-admit] defines for
use with admission control, such as the three video classes CS4, CS3
and AF4 and the Admitted Telephony Class.
It is also necessary to define a safe behaviour for baseline- A.2. Rationale for Using ECT(0) for Not Marked
compliant nodes to follow should they unexpectedly encounter a packet
carrying the EXP (01) codepoint. The obvious safe behaviour would be
to treat this as if it were a NM packet but to raise an alarm at a
higher layer to check why the packet was there. An alternative safe
approach is to treat it as a not-PCN packet but this might jeopardise
partial deployment of any future experimental encoding scheme.
Appendix C. Deployment Scenarios for PCN Using Baseline Encoding The choice of which ECT codepoint to use for the Not Marked state was
based on the following considerations:
This appendix illustrates possible PCN deployment scenarios where the o [RFC3168] full functionality tunnel within PCN-domain: Either ECT
baseline encoding can be used and also explain a case for which is safe.
baseline encoding is not sufficient. {Note this appendix is provided
for information only}.
1. an operator requires only admission control. Then admission o Leakage of traffic into PCN-domain: ECT(1) is less often correct.
control is triggered from PCN-packets that are threshold-marked
and this baseline encdoding scheme suffices.
2. an operator requires only flow termination. Then flow o Leakage of traffic out of PCN-domainL Either ECT is equally unsafe
termination is triggered from PCN-packets that are excess- (since this would incorrectly indicate the traffic was ECN capable
traffic-marked and this baseline encdoding scheme suffices. outside the controlled PCN-domain).
3. an operator requires both admission control and flow termination. o Incremental deployment: Either ECT is suitable as long as they are
If both admission control and flow termination are triggered from used consistently.
PCN-packets that are excess-traffic-marked then this baseline
encoding scheme suffices.
4. an operator requires both admission control triggered by packets o Conceptual consistency with other schemes: ECT(0) is conceptually
that are threshold-marked and flow termination triggered by consistent with [RFC3168].
packets that are excess-traffic-marked. In this case the
baseline encoding provides insufficient encoding states to
achieve this.
Authors' Addresses Authors' Addresses
Toby Moncaster Toby Moncaster
BT BT
B54/70, Adastral Park B54/70, Adastral Park
Martlesham Heath Martlesham Heath
Ipswich IP5 3RE Ipswich IP5 3RE
UK UK
skipping to change at page 12, line 4 skipping to change at line 506
Michael Menth Michael Menth
University of Wuerzburg University of Wuerzburg
room B206, Institute of Computer Science room B206, Institute of Computer Science
Am Hubland Am Hubland
Wuerzburg D-97074 Wuerzburg D-97074
Germany Germany
Phone: +49 931 888 6644 Phone: +49 931 888 6644
EMail: menth@informatik.uni-wuerzburg.de EMail: menth@informatik.uni-wuerzburg.de
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgement
This document was produced using xml2rfc v1.33 (of
http://xml.resource.org/) from a source in RFC-2629 XML format.
 End of changes. 38 change blocks. 
149 lines changed or deleted 157 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/