Transport Area Working Group B. Briscoe, Ed. Internet-Draft Independent Intended status: Informational K. De Schepper Expires: April 30, 2021 Nokia Bell Labs M. Bagnulo Braun Universidad Carlos III de Madrid G. White CableLabs October 27, 2020 Low Latency, Low Loss, Scalable Throughput (L4S) Internet Service: Architecture draft-ietf-tsvwg-l4s-arch-07 Abstract This document describes the L4S architecture, which enables Internet applications to achieve Low queuing Latency, Low Loss, and Scalable throughput (L4S). The insight on which L4S is based is that the root cause of queuing delay is in the congestion controllers of senders, not in the queue itself. The L4S architecture is intended to enable _all_ Internet applications to transition away from congestion control algorithms that cause queuing delay, to a new class of congestion controls that induce very little queuing, aided by explicit congestion signaling from the network. This new class of congestion control can provide low latency for capacity-seeking flows, so applications can achieve both high bandwidth and low latency. The architecture primarily concerns incremental deployment. It defines mechanisms that allow the new class of L4S congestion controls to coexist with 'Classic' congestion controls in a shared network. These mechanisms aim to ensure that the latency and throughput performance using an L4S-compliant congestion controller is usually much better (and never worse) than the performance would have been using a 'Classic' congestion controller, and that competing flows continuing to use 'Classic' controllers are typically not impacted by the presence of L4S. These characteristics are important to encourage adoption of L4S congestion control algorithms and L4S compliant network elements. The L4S architecture consists of three components: network support to isolate L4S traffic from classic traffic; protocol features that allow network elements to identify L4S traffic; and host support for L4S congestion controls. Briscoe, et al. Expires April 30, 2021 [Page 1] Internet-Draft L4S Architecture October 2020 Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 30, 2021. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. L4S Architecture Overview . . . . . . . . . . . . . . . . . . 5 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. L4S Architecture Components . . . . . . . . . . . . . . . . . 7 5. Rationale . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.1. Why These Primary Components? . . . . . . . . . . . . . . 11 5.2. What L4S adds to Existing Approaches . . . . . . . . . . 14 6. Applicability . . . . . . . . . . . . . . . . . . . . . . . . 17 6.1. Applications . . . . . . . . . . . . . . . . . . . . . . 17 6.2. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . 18 6.3. Applicability with Specific Link Technologies . . . . . . 19 6.4. Deployment Considerations . . . . . . . . . . . . . . . . 20 6.4.1. Deployment Topology . . . . . . . . . . . . . . . . . 20 6.4.2. Deployment Sequences . . . . . . . . . . . . . . . . 22 Briscoe, et al. Expires April 30, 2021 [Page 2] Internet-Draft L4S Architecture October 2020 6.4.3. L4S Flow but Non-ECN Bottleneck . . . . . . . . . . . 24 6.4.4. L4S Flow but Classic ECN Bottleneck . . . . . . . . . 25 6.4.5. L4S AQM Deployment within Tunnels . . . . . . . . . . 25 7. IANA Considerations (to be removed by RFC Editor) . . . . . . 25 8. Security Considerations . . . . . . . . . . . . . . . . . . . 25 8.1. Traffic Rate (Non-)Policing . . . . . . . . . . . . . . . 25 8.2. 'Latency Friendliness' . . . . . . . . . . . . . . . . . 26 8.3. Interaction between Rate Policing and L4S . . . . . . . . 28 8.4. ECN Integrity . . . . . . . . . . . . . . . . . . . . . . 29 8.5. Privacy Considerations . . . . . . . . . . . . . . . . . 29 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30 10. Informative References . . . . . . . . . . . . . . . . . . . 30 Appendix A. Standardization items . . . . . . . . . . . . . . . 38 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 40 1. Introduction It is increasingly common for _all_ of a user's applications at any one time to require low delay: interactive Web, Web services, voice, conversational video, interactive video, interactive remote presence, instant messaging, online gaming, remote desktop, cloud-based applications and video-assisted remote control of machinery and industrial processes. In the last decade or so, much has been done to reduce propagation delay by placing caches or servers closer to users. However, queuing remains a major, albeit intermittent, component of latency. For instance spikes of hundreds of milliseconds are common, even with state-of-the-art active queue management (AQM). During a long-running flow, queuing is typically configured to cause overall network delay to roughly double relative to expected base (unloaded) path delay. Low loss is also important because, for interactive applications, losses translate into even longer retransmission delays. It has been demonstrated that, once access network bit rates reach levels now common in the developed world, increasing capacity offers diminishing returns if latency (delay) is not addressed. Differentiated services (Diffserv) offers Expedited Forwarding (EF [RFC3246]) for some packets at the expense of others, but this is not sufficient when all (or most) of a user's applications require low latency. Therefore, the goal is an Internet service with ultra-Low queueing Latency, ultra-Low Loss and Scalable throughput (L4S). Ultra-low queuing latency means less than 1 millisecond (ms) on average and less than about 2 ms at the 99th percentile. L4S is potentially for _all_ traffic - a service for all traffic needs none of the configuration or management baggage (traffic policing, traffic Briscoe, et al. Expires April 30, 2021 [Page 3] Internet-Draft L4S Architecture October 2020 contracts) associated with favouring some traffic over others. This document describes the L4S architecture for achieving these goals. It must be said that queuing delay only degrades performance infrequently [Hohlfeld14]. It only occurs when a large enough capacity-seeking (e.g. TCP) flow is running alongside the user's traffic in the bottleneck link, which is typically in the access network. Or when the low latency application is itself a large capacity-seeking or adaptive rate (e.g. interactive video) flow. At these times, the performance improvement from L4S must be sufficient that network operators will be motivated to deploy it. Active Queue Management (AQM) is part of the solution to queuing under load. AQM improves performance for all traffic, but there is a limit to how much queuing delay can be reduced by solely changing the network; without addressing the root of the problem. The root of the problem is the presence of standard TCP congestion control (Reno [RFC5681]) or compatible variants (e.g. TCP Cubic [RFC8312]). We shall use the term 'Classic' for these Reno- friendly congestion controls. Classic congestion controls induce relatively large saw-tooth-shaped excursions up the queue and down again, which have been growing as flow rate scales [RFC3649]. So if a network operator naively attempts to reduce queuing delay by configuring an AQM to operate at a shallower queue, a Classic congestion control will significantly underutilize the link at the bottom of every saw-tooth. It has been demonstrated that if the sending host replaces a Classic congestion control with a 'Scalable' alternative, when a suitable AQM is deployed in the network the performance under load of all the above interactive applications can be significantly improved. For instance, queuing delay under heavy load with the example DCTCP/DualQ solution cited below on a DSL or Ethernet link is roughly 1 to 2 milliseconds at the 99th percentile without losing link utilization [DualPI2Linux], [DCttH15] (for other link types, see Section 6.3). This compares with 5 to 20 ms on _average_ with a Classic congestion control and current state-of-the-art AQMs such as FQ-CoDel [RFC8290], PIE [RFC8033] or DOCSIS PIE [RFC8034] and about 20-30 ms at the 99th percentile [DualPI2Linux]. It has also been demonstrated [DCttH15], [DualPI2Linux] that it is possible to deploy such an L4S service alongside the existing best efforts service so that all of a user's applications can shift to it when their stack is updated. Access networks are typically designed with one link as the bottleneck for each site (which might be a home, small enterprise or mobile device), so deployment at each end of this link should give nearly all the benefit in each direction. The L4S Briscoe, et al. Expires April 30, 2021 [Page 4] Internet-Draft L4S Architecture October 2020 approach also requires component mechanisms at the endpoints to fulfill its goal. This document presents the L4S architecture, by describing the different components and how they interact to provide the scalable, low latency, low loss Internet service. 2. L4S Architecture Overview There are three main components to the L4S architecture: 1) Network: L4S traffic needs to be isolated from the queuing latency of Classic traffic. One queue per application flow (FQ) is one way to achieve this, e.g. FQ-CoDel [RFC8290]. However, just two queues is sufficient and does not require inspection of transport layer headers in the network, which is not always possible (see Section 5.2). With just two queues, it might seem impossible to know how much capacity to schedule for each queue without inspecting how many flows at any one time are using each. And it would be undesirable to arbitrarily divide access network capacity into two partitions. The Dual Queue Coupled AQM was developed as a minimal complexity solution to this problem. It acts like a 'semi-permeable' membrane that partitions latency but not bandwidth. As such, the two queues are for transition from Classic to L4S behaviour, not bandwidth prioritization. Section 4 gives a high level explanation of how FQ and DualQ solutions work, and [I-D.ietf-tsvwg-aqm-dualq-coupled] gives a full explanation of the DualQ Coupled AQM framework. 2) Protocol: A host needs to distinguish L4S and Classic packets with an identifier so that the network can classify them into their separate treatments. [I-D.ietf-tsvwg-ecn-l4s-id] considers various alternative identifiers for L4S, and concludes that all alternatives involve compromises, but the ECT(1) and CE codepoints of the ECN field represent a workable solution. 3) Host: Scalable congestion controls already exist. They solve the scaling problem with Reno congestion control that was explained in [RFC3649]. The one used most widely (in controlled environments) is Data Center TCP (DCTCP [RFC8257]), which has been implemented and deployed in Windows Server Editions (since 2012), in Linux and in FreeBSD. Although DCTCP as-is 'works' well over the public Internet, most implementations lack certain safety features that will be necessary once it is used outside controlled environments like data centres (see Section 6.4.3 and Appendix A). Scalable congestion control will also need to be implemented in protocols other than TCP (QUIC, SCTP, RTP/RTCP, RMCAT, etc.). Indeed, between the present document being drafted and published, the following scalable congestion controls were implemented: TCP Prague [PragueLinux], QUIC Prague, an L4S variant of the RMCAT Briscoe, et al. Expires April 30, 2021 [Page 5] Internet-Draft L4S Architecture October 2020 SCReAM controller [RFC8298] and the L4S ECN part of BBRv2 [I-D.cardwell-iccrg-bbr-congestion-control] intended for TCP and QUIC transports. 3. Terminology Classic Congestion Control: A congestion control behaviour that can co-exist with standard TCP Reno [RFC5681] without causing significantly negative impact on its flow rate [RFC5033]. With Classic congestion controls, as flow rate scales, the number of round trips between congestion signals (losses or ECN marks) rises with the flow rate. So it takes longer and longer to recover after each congestion event. Therefore control of queuing and utilization becomes very slack, and the slightest disturbance prevents a high rate from being attained [RFC3649]. For instance, with 1500 byte packets and an end-to-end round trip time (RTT) of 36 ms, over the years, as Reno flow rate scales from 2 to 100 Mb/s the number of round trips taken to recover from a congestion event rises proportionately, from 4 to 200. Cubic [RFC8312] was developed to be less unscalable, but it is approaching its scaling limit; with the same RTT of 36 ms, at 100Mb/s it takes about 106 round trips to recover, and at 800 Mb/s its recovery time triples to over 340 round trips, or still more than 12 seconds (Reno would take 57 seconds). Scalable Congestion Control: A congestion control where the average time from one congestion signal to the next (the recovery time) remains invariant as the flow rate scales, all other factors being equal. This maintains the same degree of control over queueing and utilization whatever the flow rate, as well as ensuring that high throughput is more robust to disturbances (e.g. from new flows starting). For instance, DCTCP averages 2 congestion signals per round-trip whatever the flow rate. See Section 4.3 of [I-D.ietf-tsvwg-ecn-l4s-id] for more explanation. Classic service: The Classic service is intended for all the congestion control behaviours that co-exist with Reno [RFC5681] (e.g. Reno itself, Cubic [RFC8312], Compound [I-D.sridharan-tcpm-ctcp], TFRC [RFC5348]). The term 'Classic queue' means a queue providing the Classic service. Low-Latency, Low-Loss Scalable throughput (L4S) service: The 'L4S' service is intended for traffic from scalable congestion control algorithms, such as Data Center TCP [RFC8257]. The L4S service is for more general traffic than just DCTCP--it allows the set of congestion controls with similar scaling properties to DCTCP to evolve (e.g. Relentless TCP [Mathis09], TCP Prague [PragueLinux] Briscoe, et al. Expires April 30, 2021 [Page 6] Internet-Draft L4S Architecture October 2020 and the L4S variant of SCREAM for real-time media [RFC8298]). The term 'L4S queue' means a queue providing the L4S service. The terms Classic or L4S can also qualify other nouns, such as 'queue', 'codepoint', 'identifier', 'classification', 'packet', 'flow'. For example: an L4S packet means a packet with an L4S identifier sent from an L4S congestion control. Both Classic and L4S services can cope with a proportion of unresponsive or less-responsive traffic as well, as long as it does not build a queue (e.g. DNS, VoIP, game sync datagrams, etc). Reno-friendly: The subset of Classic traffic that excludes unresponsive traffic and excludes experimental congestion controls intended to coexist with Reno but without always being strictly friendly to it (as allowed by [RFC5033]). Reno-friendly is used in place of 'TCP-friendly', given that friendliness is a property of the congestion controller (Reno), not the wire protocol (TCP), which is used with many different congestion control behaviours. Classic ECN: The original Explicit Congestion Notification (ECN) protocol [RFC3168], which requires ECN signals to be treated as equivalent to drops, both when generated in the network and when responded to by the sender. The names used for the four codepoints of the 2-bit IP-ECN field are as defined in [RFC3168]: Not ECT, ECT(0), ECT(1) and CE, where ECT stands for ECN-Capable Transport and CE stands for Congestion Experienced. Site: A home, mobile device, small enterprise or campus, where the network bottleneck is typically the access link to the site. Not all network arrangements fit this model but it is a useful, widely applicable generalization. 4. L4S Architecture Components The L4S architecture is composed of the following elements. Protocols: The L4S architecture encompasses two identifier changes (an unassignment and an assignment) and optional further identifiers: a. An essential aspect of a scalable congestion control is the use of explicit congestion signals rather than losses, because the signals need to be sent frequently and immediately. In contrast, 'Classic' ECN [RFC3168] requires an ECN signal to be treated as equivalent to drop, both when it is generated in the network and Briscoe, et al. Expires April 30, 2021 [Page 7] Internet-Draft L4S Architecture October 2020 when it is responded to by hosts. L4S needs networks and hosts to support a different meaning for ECN: * much more frequent signals--too often to require an equivalent excessive degree of drop from non-ECN flows; * immediately tracking every fluctuation of the queue--too soon to warrant dropping packets from non-ECN flows. So the standards track [RFC3168] has had to be updated to allow L4S packets to depart from the 'same as drop' constraint. [RFC8311] is a standards track update to relax specific requirements in RFC 3168 (and certain other standards track RFCs), which clears the way for the experimental changes proposed for L4S. [RFC8311] also reclassifies the original experimental assignment of the ECT(1) codepoint as an ECN nonce [RFC3540] as historic. b. [I-D.ietf-tsvwg-ecn-l4s-id] recommends ECT(1) is used as the identifier to classify L4S packets into a separate treatment from Classic packets. This satisfies the requirements for identifying an alternative ECN treatment in [RFC4774]. The CE codepoint is used to indicate Congestion Experienced by both L4S and Classic treatments. This raises the concern that a Classic AQM earlier on the path might have marked some ECT(0) packets as CE. Then these packets will be erroneously classified into the L4S queue. [I-D.ietf-tsvwg-ecn-l4s-id] explains why 5 unlikely eventualities all have to coincide for this to have any detrimental effect, which even then would only involve a vanishingly small likelihood of a spurious retransmission. c. A network operator might wish to include certain unresponsive, non-L4S traffic in the L4S queue if it is deemed to be smoothly enough paced and low enough rate not to build a queue. For instance, VoIP, low rate datagrams to sync online games, relatively low rate application-limited traffic, DNS, LDAP, etc. This traffic would need to be tagged with specific identifiers, e.g. a low latency Diffserv Codepoint such as Expedited Forwarding (EF [RFC3246]), Non-Queue-Building (NQB [I-D.white-tsvwg-nqb]), or operator-specific identifiers. Network components: The L4S architecture aims to provide low latency without the _need_ for per-flow operations in network components. Nonetheless, the architecture does not preclude per-flow solutions - it encompasses the following combinations: Briscoe, et al. Expires April 30, 2021 [Page 8] Internet-Draft L4S Architecture October 2020 a. The Dual Queue Coupled AQM (illustrated in Figure 1) achieves the 'semi-permeable' membrane property mentioned earlier as follows. The obvious part is that using two separate queues isolates the queuing delay of one from the other. The less obvious part is how the two queues act as if they are a single pool of bandwidth without the scheduler needing to decide between them. This is achieved by having the Classic AQM provide a congestion signal to both queues in a manner that ensures a consistent response from the two types of congestion control. In other words, the Classic AQM generates a drop/mark probability based on congestion in the Classic queue, uses this probability to drop/mark packets in that queue, and also uses this probability to affect the marking probability in the L4S queue. This coupling of the congestion signaling between the two queues makes the L4S flows slow down to leave the right amount of capacity for the Classic traffic (as they would if they were the same type of traffic sharing the same queue). Then the scheduler can serve the L4S queue with priority, because the L4S traffic isn't offering up enough traffic to use all the priority that it is given. Therefore, on short time-scales (sub-round-trip) the prioritization of the L4S queue protects its low latency by allowing bursts to dissipate quickly; but on longer time-scales (round-trip and longer) the Classic queue creates an equal and opposite pressure against the L4S traffic to ensure that neither has priority when it comes to bandwidth. The tension between prioritizing L4S and coupling marking from Classic results in per-flow fairness. To protect against unresponsive traffic in the L4S queue taking advantage of the prioritization and starving the Classic queue, it is advisable not to use strict priority, but instead to use a weighted scheduler (see Appendix A of [I-D.ietf-tsvwg-aqm-dualq-coupled]). When there is no Classic traffic, the L4S queue's AQM comes into play, and it sets an appropriate marking rate to maintain ultra- low queuing delay. The Dual Queue Coupled AQM has been specified as generically as possible [I-D.ietf-tsvwg-aqm-dualq-coupled] without specifying the particular AQMs to use in the two queues so that designers are free to implement diverse ideas. Informational appendices in that draft give pseudocode examples of two different specific AQM approaches: one called DualPI2 (pronounced Dual PI Squared) [DualPI2Linux] that uses the PI2 variant of PIE, and a zero-config variant of RED called Curvy RED. A DualQ Coupled AQM based on PIE has also been specified and implemented for Low Latency DOCSIS [DOCSIS3.1]. Briscoe, et al. Expires April 30, 2021 [Page 9] Internet-Draft L4S Architecture October 2020 (2) (1) .-------^------. .--------------^-------------------. ,-(3)-----. ______ ; ________ : L4S --------. | | :|Scalable| : _\ ||___\_| mark | :| sender | : __________ / / || / |______|\ _________ :|________|\; | |/ --------' ^ \1|condit'nl| `---------'\_| IP-ECN | Coupling : \|priority |_\ ________ / |Classifier| : /|scheduler| / |Classic |/ |__________|\ --------. ___:__ / |_________| | sender | \_\ || | |||___\_| mark/|/ |________| / || | ||| / | drop | Classic --------' |______| Figure 1: Components of an L4S Solution: 1) Isolation in separate network queues; 2) Packet Identification Protocol; and 3) Scalable Sending Host b. A scheduler with per-flow queues can be used for L4S. It is simple to modify an existing design such as FQ-CoDel or FQ-PIE. For instance within each queue of an FQ-CoDel system, as well as a CoDel AQM, immediate (unsmoothed) shallow threshold ECN marking has been added (see Sec.5.2.7 of [RFC8290]). Then the Classic AQM such as CoDel or PIE is applied to non-ECN or ECT(0) packets, while the shallow threshold is applied to ECT(1) packets, to give sub-millisecond average queue delay. c. It would also be possible to use dual queues for isolation, but with per-flow marking to control flow-rates (instead of the coupled per-queue marking of the Dual Queue Coupled AQM). One of the two queues would be for isolating L4S packets, which would be classified by the ECN codepoint. Flow rates could be controlled by flow-specific marking. The policy goal of the marking could be to differentiate flow rates (e.g. [Nadas20], which requires additional signalling of a per-flow 'value'), or to equalize flow-rates (perhaps in a similar way to Approx Fair CoDel [AFCD], [I-D.morton-tsvwg-codel-approx-fair], but with two queues not one). Note that whenever the term 'DualQ' is used loosely without saying whether marking is per-queue or per-flow, it means a dual queue AQM with per-queue marking. Host mechanisms: The L4S architecture includes a number of mechanisms in the end host that we enumerate next: Briscoe, et al. Expires April 30, 2021 [Page 10] Internet-Draft L4S Architecture October 2020 a. Data Center TCP is the most widely used example of a scalable congestion control. It has been documented as an informational record of the protocol currently in use [RFC8257]. It has been necessary to define a number of safety features for a variant usable on the public Internet. A draft list of these, known as the Prague L4S requirements, has been drawn up (see Appendix A of [I-D.ietf-tsvwg-ecn-l4s-id]). The list also includes some optional performance improvements. b. Transport protocols other than TCP use various congestion controls designed to be friendly with Reno. Before they can use the L4S service, it will be necessary to implement scalable variants of each of these congestion control behaviours. The following standards track RFCs currently define these protocols: ECN in TCP [RFC3168], in SCTP [RFC4960], in RTP [RFC6679], and in DCCP [RFC4340]. Not all are in widespread use, but those that are will eventually need to be updated to allow a different congestion response, which they will have to indicate by using the ECT(1) codepoint. Scalable variants are under consideration for some new transport protocols that are themselves under development, e.g. QUIC [I-D.ietf-quic-transport] and certain real-time media congestion avoidance techniques (RMCAT) protocols. c. ECN feedback is sufficient for L4S in some transport protocols (RTCP, DCCP) but not others: * For the case of TCP, the feedback protocol for ECN embeds the assumption from Classic ECN [RFC3168] that an ECN mark is equivalent to a drop, making it unusable for a scalable TCP. Therefore, the implementation of TCP receivers will have to be upgraded [RFC7560]. Work to standardize and implement more accurate ECN feedback for TCP (AccECN) is in progress [I-D.ietf-tcpm-accurate-ecn], [PragueLinux]. * ECN feedback is only roughly sketched in an appendix of the SCTP specification. A fuller specification has been proposed [I-D.stewart-tsvwg-sctpecn], which would need to be implemented and deployed before SCTCP could support L4S. 5. Rationale 5.1. Why These Primary Components? Explicit congestion signalling (protocol): Explicit congestion signalling is a key part of the L4S approach. In contrast, use of drop as a congestion signal creates a tension because drop is both Briscoe, et al. Expires April 30, 2021 [Page 11] Internet-Draft L4S Architecture October 2020 an impairment (less would be better) and a useful signal (more would be better): * Explicit congestion signals can be used many times per round trip, to keep tight control, without any impairment. Under heavy load, even more explicit signals can be applied so the queue can be kept short whatever the load. Whereas state-of- the-art AQMs have to introduce very high packet drop at high load to keep the queue short. Further, when using ECN, the congestion control's sawtooth reduction can be smaller and therefore return to the operating point more often, without worrying that this causes more signals (one at the top of each smaller sawtooth). The consequent smaller amplitude sawteeth fit between a very shallow marking threshold and an empty queue, so queue delay variation can be very low, without risk of under-utilization. * Explicit congestion signals can be sent immediately to track fluctuations of the queue. L4S shifts smoothing from the network (which doesn't know the round trip times of all the flows) to the host (which knows its own round trip time). Previously, the network had to smooth to keep a worst-case round trip stable, which delayed congestion signals by 100-200 ms. All the above makes it clear that explicit congestion signalling is only advantageous for latency if it does not have to be considered 'equivalent to' drop (as was required with Classic ECN [RFC3168]). Therefore, in an L4S AQM, the L4S queue uses a new L4S variant of ECN that is not equivalent to drop [I-D.ietf-tsvwg-ecn-l4s-id], while the Classic queue uses either classic ECN [RFC3168] or drop, which are equivalent to each other. Before Classic ECN was standardized, there were various proposals to give an ECN mark a different meaning from drop. However, there was no particular reason to agree on any one of the alternative meanings, so 'equivalent to drop' was the only compromise that could be reached. RFC 3168 contains a statement that: "An environment where all end nodes were ECN-Capable could allow new criteria to be developed for setting the CE codepoint, and new congestion control mechanisms for end-node reaction to CE packets. However, this is a research issue, and as such is not addressed in this document." Latency isolation (network): L4S congestion controls keep queue delay low whereas Classic congestion controls need a queue of the Briscoe, et al. Expires April 30, 2021 [Page 12] Internet-Draft L4S Architecture October 2020 order of the RTT to avoid under-utilization. One queue cannot have two lengths, therefore L4S traffic needs to be isolated in a separate queue (e.g. DualQ) or queues (e.g. FQ). Coupled congestion notification: Coupling the congestion notification between two queues as in the DualQ Coupled AQM is not necessarily essential, but it is a simple way to allow senders to determine their rate, packet by packet, rather than be overridden by a network scheduler. An alternative is for a network scheduler to control the rate of each application flow (see discussion in Section 5.2). L4S packet identifier (protocol): Once there are at least two treatments in the network, hosts need an identifier at the IP layer to distinguish which treatment they intend to use. Scalable congestion notification: A scalable congestion control in the host keeps the signalling frequency from the network high so that rate variations can be small when signalling is stable, and rate can track variations in available capacity as rapidly as possible otherwise. Low loss: Latency is not the only concern of L4S. The 'Low Loss" part of the name denotes that L4S generally achieves zero congestion loss due to its use of ECN. Otherwise, loss would itself cause delay, particularly for short flows, due to retransmission delay [RFC2884]. Scalable throughput: The "Scalable throughput" part of the name denotes that the per-flow throughput of scalable congestion controls should scale indefinitely, avoiding the imminent scaling problems with Reno-friendly congestion control algorithms [RFC3649]. It was known when TCP congestion avoidance was first developed that it would not scale to high bandwidth- delay products (see footnote 6 in [TCP-CA]). Today, regular broadband bit-rates over WAN distances are already beyond the scaling range of Classic Reno congestion control. So `less unscalable' Cubic [RFC8312] and Compound [I-D.sridharan-tcpm-ctcp] variants of TCP have been successfully deployed. However, these are now approaching their scaling limits. As the examples in Section 3 demonstrate, as flow rate scales Classic congestion controls like Reno or Cubic induce a congestion signal more and more infrequently (hundreds of round trips at today's flow rates and growing), which makes dynamic control very sloppy. In contrast on average a scalable congestion control like DCTCP or TCP Prague induces 2 congestion signals per round trip, which remains invariant for any flow rate, keeping dynamic control very tight. Briscoe, et al. Expires April 30, 2021 [Page 13] Internet-Draft L4S Architecture October 2020 Although work on scaling congestion controls tends to start with TCP as the transport, the above is not intended to exclude other transports (e.g. SCTP, QUIC) or less elastic algorithms (e.g. RMCAT), which all tend to adopt the same or similar developments. 5.2. What L4S adds to Existing Approaches All the following approaches address some part of the same problem space as L4S. In each case, it is shown that L4S complements them or improves on them, rather than being a mutually exclusive alternative: Diffserv: Diffserv addresses the problem of bandwidth apportionment for important traffic as well as queuing latency for delay- sensitive traffic. Of these, L4S solely addresses the problem of queuing latency. Diffserv will still be necessary where important traffic requires priority (e.g. for commercial reasons, or for protection of critical infrastructure traffic) - see [I-D.briscoe-tsvwg-l4s-diffserv]. Nonetheless, the L4S approach can provide low latency for _all_ traffic within each Diffserv class (including the case where there is only the one default Diffserv class). Also, Diffserv only works for a small subset of the traffic on a link. As already explained, it is not applicable when all the applications in use at one time at a single site (home, small business or mobile device) require low latency. In contrast, because L4S is for all traffic, it needs none of the management baggage (traffic policing, traffic contracts) associated with favouring some packets over others. This baggage has probably held Diffserv back from widespread end-to-end deployment. In particular, because networks tend not to trust end systems to identify which packets should be favoured over others, where networks assign packets to Diffserv classes they often use packet inspection of application flow identifiers or deeper inspection of application signatures. Thus, nowadays, Diffserv doesn't always sit well with encryption of the layers above IP. So users have to choose between privacy and QoS. As with Diffserv, the L4S identifier is in the IP header. But, in contrast to Diffserv, the L4S identifier does not convey a want or a need for a certain level of quality. Rather, it promises a certain behaviour (scalable congestion response), which networks can objectively verify if they need to. This is because low delay depends on collective host behaviour, whereas bandwidth priority depends on network behaviour. Briscoe, et al. Expires April 30, 2021 [Page 14] Internet-Draft L4S Architecture October 2020 State-of-the-art AQMs: AQMs such as PIE and FQ-CoDel give a significant reduction in queuing delay relative to no AQM at all. L4S is intended to complement these AQMs, and should not distract from the need to deploy them as widely as possible. Nonetheless, AQMs alone cannot reduce queuing delay too far without significantly reducing link utilization, because the root cause of the problem is on the host - where Classic congestion controls use large saw-toothing rate variations. The L4S approach resolves this tension by ensuring hosts can minimize the size of their sawteeth without appearing so aggressive to Classic flows that they starve them. Per-flow queuing or marking: Similarly, per-flow approaches such as FQ-CoDel or Approx Fair CoDel [AFCD] are not incompatible with the L4S approach. However, per-flow queuing alone is not enough - it only isolates the queuing of one flow from others; not from itself. Per-flow implementations still need to have support for scalable congestion control added, which has already been done in FQ-CoDel (see Sec.5.2.7 of [RFC8290]). Without this simple modification, per-flow AQMs like FQ-CoDel would still not be able to support applications that need both ultra-low delay and high bandwidth, e.g. video-based control of remote procedures, or interactive cloud-based video (see Note 1 below). Although per-flow techniques are not incompatible with L4S, it is important to have the DualQ alternative. This is because handling end-to-end (layer 4) flows in the network (layer 3 or 2) precludes some important end-to-end functions. For instance: A. Per-flow forms of L4S like FQ-CoDel are incompatible with full end-to-end encryption of transport layer identifiers for privacy and confidentiality (e.g. IPSec or encrypted VPN tunnels), because they require packet inspection to access the end-to-end transport flow identifiers. In contrast, the DualQ form of L4S requires no deeper inspection than the IP layer. So, as long as operators take the DualQ approach, their users can have both ultra-low queuing delay and full end-to-end encryption [RFC8404]. B. With per-flow forms of L4S, the network takes over control of the relative rates of each application flow. Some see it as an advantage that the network will prevent some flows running faster than others. Others consider it an inherent part of the Internet's appeal that applications can control their rate while taking account of the needs of others via congestion signals. They maintain that this has allowed applications with interesting rate behaviours to evolve, for instance, Briscoe, et al. Expires April 30, 2021 [Page 15] Internet-Draft L4S Architecture October 2020 variable bit-rate video that varies around an equal share rather than being forced to remain equal at every instant, or scavenger services that use less than an equal share of capacity [LEDBAT_AQM]. The L4S architecture does not require the IETF to commit to one approach over the other, because it supports both, so that the market can decide. Nonetheless, in the spirit of 'Do one thing and do it well' [McIlroy78], the DualQ option provides low delay without prejudging the issue of flow-rate control. Then, flow rate policing can be added separately if desired. This allows application control up to a point, but the network can still choose to set the point at which it intervenes to prevent one flow completely starving another. Note: 1. It might seem that self-inflicted queuing delay within a per- flow queue should not be counted, because if the delay wasn't in the network it would just shift to the sender. However, modern adaptive applications, e.g. HTTP/2 [RFC7540] or some interactive media applications (see Section 6.1), can keep low latency objects at the front of their local send queue by shuffling priorities of other objects dependent on the progress of other transfers. They cannot shuffle objects once they have released them into the network. Alternative Back-off ECN (ABE): Here again, L4S is not an alternative to ABE but a complement that introduces much lower queuing delay. ABE [RFC8511] alters the host behaviour in response to ECN marking to utilize a link better and give ECN flows faster throughput. It uses ECT(0) and assumes the network still treats ECN and drop the same. Therefore ABE exploits any lower queuing delay that AQMs can provide. But as explained above, AQMs still cannot reduce queuing delay too far without losing link utilization (to allow for other, non-ABE, flows). BBR: Bottleneck Bandwidth and Round-trip propagation time (BBR [I-D.cardwell-iccrg-bbr-congestion-control]) controls queuing delay end-to-end without needing any special logic in the network, such as an AQM. So it works pretty-much on any path (although it has not been without problems, particularly capacity sharing in BBRv1). BBR keeps queuing delay reasonably low, but perhaps not quite as low as with state-of-the-art AQMs such as PIE or FQ- CoDel, and certainly nowhere near as low as with L4S. Queuing delay is also not consistently low, due to BBR's regular bandwidth probing spikes and its aggressive flow start-up phase. Briscoe, et al. Expires April 30, 2021 [Page 16] Internet-Draft L4S Architecture October 2020 L4S complements BBR. Indeed BBRv2 uses L4S ECN and a scalable L4S congestion control behaviour in response to any ECN signalling from the path. The L4S ECN signal complements the delay based congestion control aspects of BBR with an explicit indication that hosts can use, both to converge on a fair rate and to keep below a shallow queue target set by the network. Without L4S ECN, both these aspects need to be assumed or estimated. 6. Applicability 6.1. Applications A transport layer that solves the current latency issues will provide new service, product and application opportunities. With the L4S approach, the following existing applications also experience significantly better quality of experience under load: o Gaming, including cloud based gaming; o VoIP; o Video conferencing; o Web browsing; o (Adaptive) video streaming; o Instant messaging. The significantly lower queuing latency also enables some interactive application functions to be offloaded to the cloud that would hardly even be usable today: o Cloud based interactive video; o Cloud based virtual and augmented reality. The above two applications have been successfully demonstrated with L4S, both running together over a 40 Mb/s broadband access link loaded up with the numerous other latency sensitive applications in the previous list as well as numerous downloads - all sharing the same bottleneck queue simultaneously [L4Sdemo16]. For the former, a panoramic video of a football stadium could be swiped and pinched so that, on the fly, a proxy in the cloud could generate a sub-window of the match video under the finger-gesture control of each user. For the latter, a virtual reality headset displayed a viewport taken from a 360 degree camera in a racing car. The user's head movements Briscoe, et al. Expires April 30, 2021 [Page 17] Internet-Draft L4S Architecture October 2020 controlled the viewport extracted by a cloud-based proxy. In both cases, with 7 ms end-to-end base delay, the additional queuing delay of roughly 1 ms was so low that it seemed the video was generated locally. Using a swiping finger gesture or head movement to pan a video are extremely latency-demanding actions--far more demanding than VoIP. Because human vision can detect extremely low delays of the order of single milliseconds when delay is translated into a visual lag between a video and a reference point (the finger or the orientation of the head sensed by the balance system in the inner ear --- the vestibular system). Without the low queuing delay of L4S, cloud-based applications like these would not be credible without significantly more access bandwidth (to deliver all possible video that might be viewed) and more local processing, which would increase the weight and power consumption of head-mounted displays. When all interactive processing can be done in the cloud, only the data to be rendered for the end user needs to be sent. Other low latency high bandwidth applications such as: o Interactive remote presence; o Video-assisted remote control of machinery or industrial processes. are not credible at all without very low queuing delay. No amount of extra access bandwidth or local processing can make up for lost time. 6.2. Use Cases The following use-cases for L4S are being considered by various interested parties: o Where the bottleneck is one of various types of access network: e.g. DSL, Passive Optical Networks (PON), DOCSIS cable, mobile, satellite (see Section 6.3 for some technology-specific details) o Private networks of heterogeneous data centres, where there is no single administrator that can arrange for all the simultaneous changes to senders, receivers and network needed to deploy DCTCP: * a set of private data centres interconnected over a wide area with separate administrations, but within the same company Briscoe, et al. Expires April 30, 2021 [Page 18] Internet-Draft L4S Architecture October 2020 * a set of data centres operated by separate companies interconnected by a community of interest network (e.g. for the finance sector) * multi-tenant (cloud) data centres where tenants choose their operating system stack (Infrastructure as a Service - IaaS) o Different types of transport (or application) congestion control: * elastic (TCP/SCTP); * real-time (RTP, RMCAT); * query (DNS/LDAP). o Where low delay quality of service is required, but without inspecting or intervening above the IP layer [I-D.smith-encrypted-traffic-management]: * mobile and other networks have tended to inspect higher layers in order to guess application QoS requirements. However, with growing demand for support of privacy and encryption, L4S offers an alternative. There is no need to select which traffic to favour for queuing, when L4S gives favourable queuing to all traffic. o If queuing delay is minimized, applications with a fixed delay budget can communicate over longer distances, or via a longer chain of service functions [RFC7665] or onion routers. 6.3. Applicability with Specific Link Technologies Certain link technologies aggregate data from multiple packets into bursts, and buffer incoming packets while building each burst. WiFi, PON and cable all involve such packet aggregation, whereas fixed Ethernet and DSL do not. No sender, whether L4S or not, can do anything to reduce the buffering needed for packet aggregation. So an AQM should not count this buffering as part of the queue that it controls, given no amount of congestion signals will reduce it. Certain link technologies also add buffering for other reasons, specifically: o Radio links (cellular, WiFi, satellite) that are distant from the source are particularly challenging. The radio link capacity can vary rapidly by orders of magnitude, so it is considered desirable to hold a standing queue that can utilize sudden increases of capacity; Briscoe, et al. Expires April 30, 2021 [Page 19] Internet-Draft L4S Architecture October 2020 o Cellular networks are further complicated by a perceived need to buffer in order to make hand-overs imperceptible; L4S cannot remove the need for all these different forms of buffering. However, by removing 'the longest pole in the tent' (buffering for the large sawteeth of Classic congestion controls), L4S exposes all these 'shorter poles' to greater scrutiny. Until now, the buffering needed for these additional reasons tended to be over-specified - with the excuse that none were 'the longest pole in the tent'. But having removed the 'longest pole', it becomes worthwhile to minimize them, for instance reducing packet aggregation burst sizes and MAC scheduling intervals. 6.4. Deployment Considerations L4S AQMs, whether DualQ [I-D.ietf-tsvwg-aqm-dualq-coupled] or FQ, e.g. [RFC8290] are, in themselves, an incremental deployment mechanism for L4S - so that L4S traffic can coexist with existing Classic (Reno-friendly) traffic. Section 6.4.1 explains why only deploying an L4S AQM in one node at each end of the access link will realize nearly all the benefit of L4S. L4S involves both end systems and the network, so Section 6.4.2 suggests some typical sequences to deploy each part, and why there will be an immediate and significant benefit after deploying just one part. Section 6.4.3 and Section 6.4.4 describe the converse incremental deployment case where there is no L4S AQM at the network bottleneck, so any L4S flow traversing this bottleneck has to take care in case it is competing with Classic traffic. 6.4.1. Deployment Topology L4S AQMs will not have to be deployed throughout the Internet before L4S will work for anyone. Operators of public Internet access networks typically design their networks so that the bottleneck will nearly always occur at one known (logical) link. This confines the cost of queue management technology to one place. The case of mesh networks is different and will be discussed later in this section. But the known bottleneck case is generally true for Internet access to all sorts of different 'sites', where the word 'site' includes home networks, small- to medium-sized campus or enterprise networks and even cellular devices (Figure 2). Also, this known-bottleneck case tends to be applicable whatever the access link Briscoe, et al. Expires April 30, 2021 [Page 20] Internet-Draft L4S Architecture October 2020 technology; whether xDSL, cable, PON, cellular, line of sight wireless or satellite. Therefore, the full benefit of the L4S service should be available in the downstream direction when an L4S AQM is deployed at the ingress to this bottleneck link. And similarly, the full upstream service will be available once an L4S AQM is deployed at the ingress into the upstream link. (Of course, multi-homed sites would only see the full benefit once all their access links were covered.) ______ ( ) __ __ ( ) |DQ\________/DQ|( enterprise ) ___ |__/ \__| ( /campus ) ( ) (______) ( ) ___||_ +----+ ( ) __ __ / \ | DC |-----( Core )|DQ\_______________/DQ|| home | +----+ ( ) |__/ \__||______| (_____) __ |DQ\__/\ __ ,===. |__/ \ ____/DQ||| ||mobile \/ \__|||_||device | o | `---' Figure 2: Likely location of DualQ (DQ) Deployments in common access topologies Deployment in mesh topologies depends on how over-booked the core is. If the core is non-blocking, or at least generously provisioned so that the edges are nearly always the bottlenecks, it would only be necessary to deploy an L4S AQM at the edge bottlenecks. For example, some data-centre networks are designed with the bottleneck in the hypervisor or host NICs, while others bottleneck at the top-of-rack switch (both the output ports facing hosts and those facing the core). An L4S AQM would eventually also need to be deployed at any other persistent bottlenecks such as network interconnections, e.g. some public Internet exchange points and the ingress and egress to WAN links interconnecting data-centres. Briscoe, et al. Expires April 30, 2021 [Page 21] Internet-Draft L4S Architecture October 2020 6.4.2. Deployment Sequences For any one L4S flow to work, it requires 3 parts to have been deployed. This was the same deployment problem that ECN faced [RFC8170] so we have learned from that experience. Firstly, L4S deployment exploits the fact that DCTCP already exists on many Internet hosts (Windows, FreeBSD and Linux); both servers and clients. Therefore, just deploying an L4S AQM at a network bottleneck immediately gives a working deployment of all the L4S parts. DCTCP needs some safety concerns to be fixed for general use over the public Internet (see Section 2.3 of [I-D.ietf-tsvwg-ecn-l4s-id]), but DCTCP is not on by default, so these issues can be managed within controlled deployments or controlled trials. Secondly, the performance improvement with L4S is so significant that it enables new interactive services and products that were not previously possible. It is much easier for companies to initiate new work on deployment if there is budget for a new product trial. If, in contrast, there were only an incremental performance improvement (as with Classic ECN), spending on deployment tends to be much harder to justify. Thirdly, the L4S identifier is defined so that initially network operators can enable L4S exclusively for certain customers or certain applications. But this is carefully defined so that it does not compromise future evolution towards L4S as an Internet-wide service. This is because the L4S identifier is defined not only as the end-to- end ECN field, but it can also optionally be combined with any other packet header or some status of a customer or their access link [I-D.ietf-tsvwg-ecn-l4s-id]. Operators could do this anyway, even if it were not blessed by the IETF. However, it is best for the IETF to specify that, if they use their own local identifier, it must be in combination with the IETF's identifier. Then, if an operator has opted for an exclusive local-use approach, later they only have to remove this extra rule to make the service work Internet-wide - it will already traverse middleboxes, peerings, etc. Briscoe, et al. Expires April 30, 2021 [Page 22] Internet-Draft L4S Architecture October 2020 +-+--------------------+----------------------+---------------------+ | | Servers or proxies | Access link | Clients | +-+--------------------+----------------------+---------------------+ |0| DCTCP (existing) | | DCTCP (existing) | +-+--------------------+----------------------+---------------------+ |1| |Add L4S AQM downstream| | | | WORKS DOWNSTREAM FOR CONTROLLED DEPLOYMENTS/TRIALS | +-+--------------------+----------------------+---------------------+ |2| Upgrade DCTCP to | |Replace DCTCP feedb'k| | | TCP Prague | | with AccECN | | | FULLY WORKS DOWNSTREAM | +-+--------------------+----------------------+---------------------+ | | | | Upgrade DCTCP to | |3| | Add L4S AQM upstream | TCP Prague | | | | | | | | FULLY WORKS UPSTREAM AND DOWNSTREAM | +-+--------------------+----------------------+---------------------+ Figure 3: Example L4S Deployment Sequence Figure 3 illustrates some example sequences in which the parts of L4S might be deployed. It consists of the following stages: 1. Here, the immediate benefit of a single AQM deployment can be seen, but limited to a controlled trial or controlled deployment. In this example downstream deployment is first, but in other scenarios the upstream might be deployed first. If no AQM at all was previously deployed for the downstream access, an L4S AQM greatly improves the Classic service (as well as adding the L4S service). If an AQM was already deployed, the Classic service will be unchanged (and L4S will add an improvement on top). 2. In this stage, the name 'TCP Prague' [PragueLinux] is used to represent a variant of DCTCP that is safe to use in a production Internet environment. If the application is primarily unidirectional, 'TCP Prague' at one end will provide all the benefit needed. For TCP transports, Accurate ECN feedback (AccECN) [I-D.ietf-tcpm-accurate-ecn] is needed at the other end, but it is a generic ECN feedback facility that is already planned to be deployed for other purposes, e.g. DCTCP, BBR. The two ends can be deployed in either order, because, in TCP, an L4S congestion control only enables itself if it has negotiated the use of AccECN feedback with the other end during the connection handshake. Thus, deployment of TCP Prague on a server enables L4S trials to move to a production service in one direction, wherever AccECN is deployed at the other end. This stage might be further motivated by the performance improvements of TCP Briscoe, et al. Expires April 30, 2021 [Page 23] Internet-Draft L4S Architecture October 2020 Prague relative to DCTCP (see Appendix A.2 of [I-D.ietf-tsvwg-ecn-l4s-id]). Unlike TCP, from the outset, QUIC ECN feedback [I-D.ietf-quic-transport] has supported L4S. Therefore, if the transport is QUIC, one-ended deployment of a Prague congestion control at this stage is simple and sufficient. 3. This is a two-move stage to enable L4S upstream. An L4S AQM or TCP Prague can be deployed in either order as already explained. To motivate the first of two independent moves, the deferred benefit of enabling new services after the second move has to be worth it to cover the first mover's investment risk. As explained already, the potential for new interactive services provides this motivation. An L4S AQM also improves the upstream Classic service - significantly if no other AQM has already been deployed. Note that other deployment sequences might occur. For instance: the upstream might be deployed first; a non-TCP protocol might be used end-to-end, e.g. QUIC, RTP; a body such as the 3GPP might require L4S to be implemented in 5G user equipment, or other random acts of kindness. 6.4.3. L4S Flow but Non-ECN Bottleneck If L4S is enabled between two hosts, the L4S sender is required to coexist safely with Reno in response to any drop (see Section 4.3 of [I-D.ietf-tsvwg-ecn-l4s-id]). Unfortunately, as well as protecting Classic traffic, this rule degrades the L4S service whenever there is any loss, even if the cause is not persistent congestion at a bottleneck, e.g.: o congestion loss at other transient bottlenecks, e.g. due to bursts in shallower queues; o transmission errors, e.g. due to electrical interference; o rate policing. Three complementary approaches are in progress to address this issue, but they are all currently research: o In Prague congestion control, ignore certain losses deemed unlikely to be due to congestion (using some ideas from BBR [I-D.cardwell-iccrg-bbr-congestion-control] regarding isolated Briscoe, et al. Expires April 30, 2021 [Page 24] Internet-Draft L4S Architecture October 2020 losses). This could mask any of the above types of loss while still coexisting with drop-based congestion controls. o A combination of RACK, L4S and link retransmission without resequencing could repair transmission errors without the head of line blocking delay usually associated with link-layer retransmission [UnorderedLTE], [I-D.ietf-tsvwg-ecn-l4s-id]; o Hybrid ECN/drop rate policers (see Section 8.3). L4S deployment scenarios that minimize these issues (e.g. over wireline networks) can proceed in parallel to this research, in the expectation that research success could continually widen L4S applicability. 6.4.4. L4S Flow but Classic ECN Bottleneck Classic ECN support is starting to materialize on the Internet as an increased level of CE marking. It is hard to detect whether this is all due to the addition of support for ECN in the Linux implementation of FQ-CoDel, which is not problematic, because FQ inherently forces the throughput of each flow to be equal irrespective of its aggressiveness. However, some of this Classic ECN marking might be due to single-queue ECN deployment. This case is discussed in Section 4.3 of [I-D.ietf-tsvwg-ecn-l4s-id]). 6.4.5. L4S AQM Deployment within Tunnels An L4S AQM uses the ECN field to signal congestion. So, in common with Classic ECN, if the AQM is within a tunnel or at a lower layer, correct functioning of ECN signalling requires correct propagation of the ECN field up the layers [RFC6040], [I-D.ietf-tsvwg-rfc6040update-shim], [I-D.ietf-tsvwg-ecn-encap-guidelines]. 7. IANA Considerations (to be removed by RFC Editor) This specification contains no IANA considerations. 8. Security Considerations 8.1. Traffic Rate (Non-)Policing Because the L4S service can serve all traffic that is using the capacity of a link, it should not be necessary to rate-police access to the L4S service. In contrast, Diffserv only works if some packets get less favourable treatment than others. So Diffserv has to use traffic rate policers to limit how much traffic can be favoured. In Briscoe, et al. Expires April 30, 2021 [Page 25] Internet-Draft L4S Architecture October 2020 turn, traffic policers require traffic contracts between users and networks as well as pairwise between networks. Because L4S will lack all this management complexity, it is more likely to work end-to-end. During early deployment (and perhaps always), some networks will not offer the L4S service. In general, these networks should not need to police L4S traffic - they are required not to change the L4S identifier, merely treating the traffic as best efforts traffic, as they already treat traffic with ECT(1) today. At a bottleneck, such networks will introduce some queuing and dropping. When a scalable congestion control detects a drop it will have to respond safely with respect to Classic congestion controls (as required in Section 4.3 of [I-D.ietf-tsvwg-ecn-l4s-id]). This will degrade the L4S service to be no better (but never worse) than Classic best efforts, whenever a non-ECN bottleneck is encountered on a path (see Section 6.4.3). In some cases, networks that solely support Classic ECN [RFC3168] in a single queue bottleneck might opt to police L4S traffic in order to protect competing Classic ECN traffic. Certain network operators might choose to restrict access to the L4S class, perhaps only to selected premium customers as a value-added service. Their packet classifier (item 2 in Figure 1) could identify such customers against some other field (e.g. source address range) as well as ECN. If only the ECN L4S identifier matched, but not the source address (say), the classifier could direct these packets (from non-premium customers) into the Classic queue. Explaining clearly how operators can use an additional local classifiers (see [I-D.ietf-tsvwg-ecn-l4s-id]) is intended to remove any motivation to bleach the L4S identifier. Then at least the L4S ECN identifier will be more likely to survive end-to-end even though the service may not be supported at every hop. Such local arrangements would only require simple registered/not-registered packet classification, rather than the managed, application-specific traffic policing against customer-specific traffic contracts that Diffserv uses. 8.2. 'Latency Friendliness' Like the Classic service, the L4S service relies on self-constraint - limiting rate in response to congestion. In addition, the L4S service requires self-constraint in terms of limiting latency (burstiness). It is hoped that self-interest and guidance on dynamic behaviour (especially flow start-up, which might need to be standardized) will be sufficient to prevent transports from sending excessive bursts of L4S traffic, given the application's own latency will suffer most from such behaviour. Briscoe, et al. Expires April 30, 2021 [Page 26] Internet-Draft L4S Architecture October 2020 Whether burst policing becomes necessary remains to be seen. Without it, there will be potential for attacks on the low latency of the L4S service. If needed, various arrangements could be used to address this concern: Local bottleneck queue protection: A per-flow (5-tuple) queue protection function [I-D.briscoe-docsis-q-protection] has been developed for the low latency queue in DOCSIS, which has adopted the DualQ L4S architecture. It protects the low latency service from any queue-building flows that accidentally or maliciously classify themselves into the low latency queue. It is designed to score flows based solely on their contribution to queuing (not flow rate in itself). Then, if the shared low latency queue is at risk of exceeding a threshold, the function redirects enough packets of the highest scoring flow(s) into the Classic queue to preserve low latency. Distributed traffic scrubbing: Rather than policing locally at each bottleneck, it may only be necessary to address problems reactively, e.g. punitively target any deployments of new bursty malware, in a similar way to how traffic from flooding attack sources is rerouted via scrubbing facilities. Local bottleneck per-flow scheduling: Per-flow scheduling should inherently isolate non-bursty flows from bursty (see Section 5.2 for discussion of the merits of per-flow scheduling relative to per-flow policing). Distributed access subnet queue protection: Per-flow queue protection could be arranged for a queue structure distributed across a subnet inter-communicating using lower layer control messages (see Section 2.1.4 of [QDyn]). For instance, in a radio access network user equipment already sends regular buffer status reports to a radio network controller, which could use this information to remotely police individual flows. Distributed Congestion Exposure to Ingress Policers: The Congestion Exposure (ConEx) architecture [RFC7713] which uses egress audit to motivate senders to truthfully signal path congestion in-band where it can be used by ingress policers. An edge-to-edge variant of this architecture is also possible. Distributed Domain-edge traffic conditioning: An architecture similar to Diffserv [RFC2475] may be preferred, where traffic is proactively conditioned on entry to a domain, rather than Briscoe, et al. Expires April 30, 2021 [Page 27] Internet-Draft L4S Architecture October 2020 reactively policed only if it is leads to queuing once combined with other traffic at a bottleneck. Distributed core network queue protection: The policing function could be divided between per-flow mechanisms at the network ingress that characterize the burstiness of each flow into a signal carried with the traffic, and per-class mechanisms at bottlenecks that act on these signals if queuing actually occurs once the traffic converges. This would be somewhat similar to the idea behind core stateless fair queuing, which is in turn similar to [Nadas20]. None of these possible queue protection capabilities are considered a necessary part of the L4S architecture, which works without them (in a similar way to how the Internet works without per-flow rate policing). Indeed, under normal circumstances, latency policers would not intervene, and if operators found they were not necessary they could disable them. Part of the L4S experiment will be to see whether such a function is necessary, and which arrangements are most appropriate to the size of the problem. 8.3. Interaction between Rate Policing and L4S As mentioned in Section 5.2, L4S should remove the need for low latency Diffserv classes. However, those Diffserv classes that give certain applications or users priority over capacity, would still be applicable in certain scenarios (e.g. corporate networks). Then, within such Diffserv classes, L4S would often be applicable to give traffic low latency and low loss as well. Within such a Diffserv class, the bandwidth available to a user or application is often limited by a rate policer. Similarly, in the default Diffserv class, rate policers are used to partition shared capacity. A classic rate policer drops any packets exceeding a set rate, usually also giving a burst allowance (variants exist where the policer re-marks non-compliant traffic to a discard-eligible Diffserv codepoint, so they may be dropped elsewhere during contention). Whenever L4S traffic encounters one of these rate policers, it will experience drops and the source will have to fall back to a Classic congestion control, thus losing the benefits of L4S (Section 6.4.3). So, in networks that already use rate policers and plan to deploy L4S, it will be preferable to redesign these rate policers to be more friendly to the L4S service. L4S-friendly rate policing is currently a research area (note that this is not the same as latency policing). It might be achieved by setting a threshold where ECN marking is introduced, such that it is just under the policed rate or just under the burst allowance where Briscoe, et al. Expires April 30, 2021 [Page 28] Internet-Draft L4S Architecture October 2020 drop is introduced. This could be applied to various types of rate policer, e.g. [RFC2697], [RFC2698] or the 'local' (non-ConEx) variant of the ConEx congestion policer [I-D.briscoe-conex-policing]. It might also be possible to design scalable congestion controls to respond less catastrophically to loss that has not been preceded by a period of increasing delay. The design of L4S-friendly rate policers will require a separate dedicated document. For further discussion of the interaction between L4S and Diffserv, see [I-D.briscoe-tsvwg-l4s-diffserv]. 8.4. ECN Integrity Receiving hosts can fool a sender into downloading faster by suppressing feedback of ECN marks (or of losses if retransmissions are not necessary or available otherwise). Various ways to protect transport feedback integrity have been developed. For instance: o The sender can test the integrity of the receiver's feedback by occasionally setting the IP-ECN field to the congestion experienced (CE) codepoint, which is normally only set by a congested link. Then the sender can test whether the receiver's feedback faithfully reports what it expects (see 2nd para of Section 20.2 of [RFC3168]). o A network can enforce a congestion response to its ECN markings (or packet losses) by auditing congestion exposure (ConEx) [RFC7713]. o The TCP authentication option (TCP-AO [RFC5925]) can be used to detect tampering with TCP congestion feedback. o The ECN Nonce [RFC3540] was proposed to detect tampering with congestion feedback, but it has been reclassified as historic [RFC8311]. Appendix C.1 of [I-D.ietf-tsvwg-ecn-l4s-id] gives more details of these techniques including their applicability and pros and cons. 8.5. Privacy Considerations As discussed in Section 5.2, the L4S architecture does not preclude approaches that inspect end-to-end transport layer identifiers. For instance it is simple to add L4S support to FQ-CoDel, which classifies by application flow ID in the network. However, the main innovation of L4S is the DualQ AQM framework that does not need to inspect any deeper than the outermost IP header, because the L4S identifier is in the IP-ECN field. Briscoe, et al. Expires April 30, 2021 [Page 29] Internet-Draft L4S Architecture October 2020 Thus, the L4S architecture enables ultra-low queuing delay without _requiring_ inspection of information above the IP layer. This means that users who want to encrypt application flow identifiers, e.g. in IPSec or other encrypted VPN tunnels, don't have to sacrifice low delay [RFC8404]. Because L4S can provide low delay for a broad set of applications that choose to use it, there is no need for individual applications or classes within that broad set to be distinguishable in any way while traversing networks. This removes much of the ability to correlate between the delay requirements of traffic and other identifying features [RFC6973]. There may be some types of traffic that prefer not to use L4S, but the coarse binary categorization of traffic reveals very little that could be exploited to compromise privacy. 9. Acknowledgements Thanks to Richard Scheffenegger, Wes Eddy, Karen Nielsen, David Black and Jake Holland for their useful review comments. Bob Briscoe and Koen De Schepper were part-funded by the European Community under its Seventh Framework Programme through the Reducing Internet Transport Latency (RITE) project (ICT-317700). Bob Briscoe was also part-funded by the Research Council of Norway through the TimeIn project, partly by CableLabs and partly by the Comcast Innovation Fund. The views expressed here are solely those of the authors. 10. Informative References [AFCD] Xue, L., Kumar, S., Cui, C., Kondikoppa, P., Chiu, C-H., and S-J. Park, "Towards fair and low latency next generation high speed networks: AFCD queuing", Journal of Network and Computer Applications 70:183--193, July 2016. [DCttH15] De Schepper, K., Bondarenko, O., Briscoe, B., and I. Tsang, "`Data Centre to the Home': Ultra-Low Latency for All", RITE project Technical Report , 2015, . [DOCSIS3.1] CableLabs, "MAC and Upper Layer Protocols Interface (MULPI) Specification, CM-SP-MULPIv3.1", Data-Over-Cable Service Interface Specifications DOCSIS(R) 3.1 Version i17 or later, January 2019, . Briscoe, et al. Expires April 30, 2021 [Page 30] Internet-Draft L4S Architecture October 2020 [DualPI2Linux] Albisser, O., De Schepper, K., Briscoe, B., Tilmans, O., and H. Steen, "DUALPI2 - Low Latency, Low Loss and Scalable (L4S) AQM", Proc. Linux Netdev 0x13 , March 2019, . [Hohlfeld14] Hohlfeld , O., Pujol, E., Ciucu, F., Feldmann, A., and P. Barford, "A QoE Perspective on Sizing Network Buffers", Proc. ACM Internet Measurement Conf (IMC'14) hmm, November 2014. [I-D.briscoe-conex-policing] Briscoe, B., "Network Performance Isolation using Congestion Policing", draft-briscoe-conex-policing-01 (work in progress), February 2014. [I-D.briscoe-docsis-q-protection] Briscoe, B. and G. White, "Queue Protection to Preserve Low Latency", draft-briscoe-docsis-q-protection-00 (work in progress), July 2019. [I-D.briscoe-tsvwg-l4s-diffserv] Briscoe, B., "Interactions between Low Latency, Low Loss, Scalable Throughput (L4S) and Differentiated Services", draft-briscoe-tsvwg-l4s-diffserv-02 (work in progress), November 2018. [I-D.cardwell-iccrg-bbr-congestion-control] Cardwell, N., Cheng, Y., Yeganeh, S., and V. Jacobson, "BBR Congestion Control", draft-cardwell-iccrg-bbr- congestion-control-00 (work in progress), July 2017. [I-D.ietf-quic-transport] Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed and Secure Transport", draft-ietf-quic-transport-32 (work in progress), October 2020. [I-D.ietf-tcpm-accurate-ecn] Briscoe, B., Kuehlewind, M., and R. Scheffenegger, "More Accurate ECN Feedback in TCP", draft-ietf-tcpm-accurate- ecn-11 (work in progress), March 2020. Briscoe, et al. Expires April 30, 2021 [Page 31] Internet-Draft L4S Architecture October 2020 [I-D.ietf-tcpm-generalized-ecn] Bagnulo, M. and B. Briscoe, "ECN++: Adding Explicit Congestion Notification (ECN) to TCP Control Packets", draft-ietf-tcpm-generalized-ecn-05 (work in progress), November 2019. [I-D.ietf-tsvwg-aqm-dualq-coupled] Schepper, K., Briscoe, B., and G. White, "DualQ Coupled AQMs for Low Latency, Low Loss and Scalable Throughput (L4S)", draft-ietf-tsvwg-aqm-dualq-coupled-12 (work in progress), July 2020. [I-D.ietf-tsvwg-ecn-encap-guidelines] Briscoe, B., Kaippallimalil, J., and P. Thaler, "Guidelines for Adding Congestion Notification to Protocols that Encapsulate IP", draft-ietf-tsvwg-ecn- encap-guidelines-13 (work in progress), May 2019. [I-D.ietf-tsvwg-ecn-l4s-id] Schepper, K. and B. Briscoe, "Identifying Modified Explicit Congestion Notification (ECN) Semantics for Ultra-Low Queuing Delay (L4S)", draft-ietf-tsvwg-ecn-l4s- id-10 (work in progress), March 2020. [I-D.ietf-tsvwg-rfc6040update-shim] Briscoe, B., "Propagating Explicit Congestion Notification Across IP Tunnel Headers Separated by a Shim", draft-ietf- tsvwg-rfc6040update-shim-10 (work in progress), March 2020. [I-D.morton-tsvwg-codel-approx-fair] Morton, J. and P. Heist, "Controlled Delay Approximate Fairness AQM", draft-morton-tsvwg-codel-approx-fair-01 (work in progress), March 2020. [I-D.smith-encrypted-traffic-management] Smith, K., "Network management of encrypted traffic", draft-smith-encrypted-traffic-management-05 (work in progress), May 2016. [I-D.sridharan-tcpm-ctcp] Sridharan, M., Tan, K., Bansal, D., and D. Thaler, "Compound TCP: A New TCP Congestion Control for High-Speed and Long Distance Networks", draft-sridharan-tcpm-ctcp-02 (work in progress), November 2008. Briscoe, et al. Expires April 30, 2021 [Page 32] Internet-Draft L4S Architecture October 2020 [I-D.stewart-tsvwg-sctpecn] Stewart, R., Tuexen, M., and X. Dong, "ECN for Stream Control Transmission Protocol (SCTP)", draft-stewart- tsvwg-sctpecn-05 (work in progress), January 2014. [I-D.white-tsvwg-nqb] White, G. and T. Fossati, "Identifying and Handling Non Queue Building Flows in a Bottleneck Link", draft-white- tsvwg-nqb-02 (work in progress), June 2019. [L4Sdemo16] Bondarenko, O., De Schepper, K., Tsang, I., and B. Briscoe, "orderedUltra-Low Delay for All: Live Experience, Live Analysis", Proc. MMSYS'16 pp33:1--33:4, May 2016, . [LEDBAT_AQM] Al-Saadi, R., Armitage, G., and J. But, "Characterising LEDBAT Performance Through Bottlenecks Using PIE, FQ-CoDel and FQ-PIE Active Queue Management", Proc. IEEE 42nd Conference on Local Computer Networks (LCN) 278--285, 2017, . [Mathis09] Mathis, M., "Relentless Congestion Control", PFLDNeT'09 , May 2009, . [McIlroy78] McIlroy, M., Pinson, E., and B. Tague, "UNIX Time-Sharing System: Foreword", The Bell System Technical Journal 57:6(1902--1903), July 1978, . [Nadas20] Nadas, S., Gombos, G., Fejes, F., and S. Laki, "A Congestion Control Independent L4S Scheduler", Proc. Applied Networking Research Workshop (ANRW '20) 45--51, July 2020. [NewCC_Proc] Eggert, L., "Experimental Specification of New Congestion Control Algorithms", IETF Operational Note ion-tsv-alt-cc, July 2007. Briscoe, et al. Expires April 30, 2021 [Page 33] Internet-Draft L4S Architecture October 2020 [PragueLinux] Briscoe, B., De Schepper, K., Albisser, O., Misund, J., Tilmans, O., Kuehlewind, M., and A. Ahmed, "Implementing the `TCP Prague' Requirements for Low Latency Low Loss Scalable Throughput (L4S)", Proc. Linux Netdev 0x13 , March 2019, . [QDyn] Briscoe, B., "Rapid Signalling of Queue Dynamics", bobbriscoe.net Technical Report TR-BB-2017-001; arXiv:1904.07044 [cs.NI], September 2017, . [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and W. Weiss, "An Architecture for Differentiated Services", RFC 2475, DOI 10.17487/RFC2475, December 1998, . [RFC2697] Heinanen, J. and R. Guerin, "A Single Rate Three Color Marker", RFC 2697, DOI 10.17487/RFC2697, September 1999, . [RFC2698] Heinanen, J. and R. Guerin, "A Two Rate Three Color Marker", RFC 2698, DOI 10.17487/RFC2698, September 1999, . [RFC2884] Hadi Salim, J. and U. Ahmed, "Performance Evaluation of Explicit Congestion Notification (ECN) in IP Networks", RFC 2884, DOI 10.17487/RFC2884, July 2000, . [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, DOI 10.17487/RFC3168, September 2001, . [RFC3246] Davie, B., Charny, A., Bennet, J., Benson, K., Le Boudec, J., Courtney, W., Davari, S., Firoiu, V., and D. Stiliadis, "An Expedited Forwarding PHB (Per-Hop Behavior)", RFC 3246, DOI 10.17487/RFC3246, March 2002, . [RFC3540] Spring, N., Wetherall, D., and D. Ely, "Robust Explicit Congestion Notification (ECN) Signaling with Nonces", RFC 3540, DOI 10.17487/RFC3540, June 2003, . Briscoe, et al. Expires April 30, 2021 [Page 34] Internet-Draft L4S Architecture October 2020 [RFC3649] Floyd, S., "HighSpeed TCP for Large Congestion Windows", RFC 3649, DOI 10.17487/RFC3649, December 2003, . [RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram Congestion Control Protocol (DCCP)", RFC 4340, DOI 10.17487/RFC4340, March 2006, . [RFC4774] Floyd, S., "Specifying Alternate Semantics for the Explicit Congestion Notification (ECN) Field", BCP 124, RFC 4774, DOI 10.17487/RFC4774, November 2006, . [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", RFC 4960, DOI 10.17487/RFC4960, September 2007, . [RFC5033] Floyd, S. and M. Allman, "Specifying New Congestion Control Algorithms", BCP 133, RFC 5033, DOI 10.17487/RFC5033, August 2007, . [RFC5348] Floyd, S., Handley, M., Padhye, J., and J. Widmer, "TCP Friendly Rate Control (TFRC): Protocol Specification", RFC 5348, DOI 10.17487/RFC5348, September 2008, . [RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion Control", RFC 5681, DOI 10.17487/RFC5681, September 2009, . [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP Authentication Option", RFC 5925, DOI 10.17487/RFC5925, June 2010, . [RFC6040] Briscoe, B., "Tunnelling of Explicit Congestion Notification", RFC 6040, DOI 10.17487/RFC6040, November 2010, . [RFC6679] Westerlund, M., Johansson, I., Perkins, C., O'Hanlon, P., and K. Carlberg, "Explicit Congestion Notification (ECN) for RTP over UDP", RFC 6679, DOI 10.17487/RFC6679, August 2012, . Briscoe, et al. Expires April 30, 2021 [Page 35] Internet-Draft L4S Architecture October 2020 [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M., and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, DOI 10.17487/RFC6973, July 2013, . [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext Transfer Protocol Version 2 (HTTP/2)", RFC 7540, DOI 10.17487/RFC7540, May 2015, . [RFC7560] Kuehlewind, M., Ed., Scheffenegger, R., and B. Briscoe, "Problem Statement and Requirements for Increased Accuracy in Explicit Congestion Notification (ECN) Feedback", RFC 7560, DOI 10.17487/RFC7560, August 2015, . [RFC7665] Halpern, J., Ed. and C. Pignataro, Ed., "Service Function Chaining (SFC) Architecture", RFC 7665, DOI 10.17487/RFC7665, October 2015, . [RFC7713] Mathis, M. and B. Briscoe, "Congestion Exposure (ConEx) Concepts, Abstract Mechanism, and Requirements", RFC 7713, DOI 10.17487/RFC7713, December 2015, . [RFC8033] Pan, R., Natarajan, P., Baker, F., and G. White, "Proportional Integral Controller Enhanced (PIE): A Lightweight Control Scheme to Address the Bufferbloat Problem", RFC 8033, DOI 10.17487/RFC8033, February 2017, . [RFC8034] White, G. and R. Pan, "Active Queue Management (AQM) Based on Proportional Integral Controller Enhanced PIE) for Data-Over-Cable Service Interface Specifications (DOCSIS) Cable Modems", RFC 8034, DOI 10.17487/RFC8034, February 2017, . [RFC8170] Thaler, D., Ed., "Planning for Protocol Adoption and Subsequent Transitions", RFC 8170, DOI 10.17487/RFC8170, May 2017, . [RFC8257] Bensley, S., Thaler, D., Balasubramanian, P., Eggert, L., and G. Judd, "Data Center TCP (DCTCP): TCP Congestion Control for Data Centers", RFC 8257, DOI 10.17487/RFC8257, October 2017, . Briscoe, et al. Expires April 30, 2021 [Page 36] Internet-Draft L4S Architecture October 2020 [RFC8290] Hoeiland-Joergensen, T., McKenney, P., Taht, D., Gettys, J., and E. Dumazet, "The Flow Queue CoDel Packet Scheduler and Active Queue Management Algorithm", RFC 8290, DOI 10.17487/RFC8290, January 2018, . [RFC8298] Johansson, I. and Z. Sarker, "Self-Clocked Rate Adaptation for Multimedia", RFC 8298, DOI 10.17487/RFC8298, December 2017, . [RFC8311] Black, D., "Relaxing Restrictions on Explicit Congestion Notification (ECN) Experimentation", RFC 8311, DOI 10.17487/RFC8311, January 2018, . [RFC8312] Rhee, I., Xu, L., Ha, S., Zimmermann, A., Eggert, L., and R. Scheffenegger, "CUBIC for Fast Long-Distance Networks", RFC 8312, DOI 10.17487/RFC8312, February 2018, . [RFC8404] Moriarty, K., Ed. and A. Morton, Ed., "Effects of Pervasive Encryption on Operators", RFC 8404, DOI 10.17487/RFC8404, July 2018, . [RFC8511] Khademi, N., Welzl, M., Armitage, G., and G. Fairhurst, "TCP Alternative Backoff with ECN (ABE)", RFC 8511, DOI 10.17487/RFC8511, December 2018, . [TCP-CA] Jacobson, V. and M. Karels, "Congestion Avoidance and Control", Laurence Berkeley Labs Technical Report , November 1988, . [TCP-sub-mss-w] Briscoe, B. and K. De Schepper, "Scaling TCP's Congestion Window for Small Round Trip Times", BT Technical Report TR-TUB8-2015-002, May 2015, . [UnorderedLTE] Austrheim, M., "Implementing immediate forwarding for 4G in a network simulator", Masters Thesis, Uni Oslo , June 2019. Briscoe, et al. Expires April 30, 2021 [Page 37] Internet-Draft L4S Architecture October 2020 Appendix A. Standardization items The following table includes all the items that will need to be standardized to provide a full L4S architecture. The table is too wide for the ASCII draft format, so it has been split into two, with a common column of row index numbers on the left. The columns in the second part of the table have the following meanings: WG: The IETF WG most relevant to this requirement. The "tcpm/iccrg" combination refers to the procedure typically used for congestion control changes, where tcpm owns the approval decision, but uses the iccrg for expert review [NewCC_Proc]; TCP: Applicable to all forms of TCP congestion control; DCTCP: Applicable to Data Center TCP as currently used (in controlled environments); DCTCP bis: Applicable to any future Data Center TCP congestion control intended for controlled environments; XXX Prague: Applicable to a Scalable variant of XXX (TCP/SCTP/RMCAT) congestion control. Briscoe, et al. Expires April 30, 2021 [Page 38] Internet-Draft L4S Architecture October 2020 +-----+------------------------+------------------------------------+ | Req | Requirement | Reference | | # | | | +-----+------------------------+------------------------------------+ | 0 | ARCHITECTURE | | | 1 | L4S IDENTIFIER | [I-D.ietf-tsvwg-ecn-l4s-id] | | 2 | DUAL QUEUE AQM | [I-D.ietf-tsvwg-aqm-dualq-coupled] | | 3 | Suitable ECN Feedback | [I-D.ietf-tcpm-accurate-ecn], | | | | [I-D.stewart-tsvwg-sctpecn]. | | | | | | | SCALABLE TRANSPORT - | | | | SAFETY ADDITIONS | | | 4-1 | Fall back to | [I-D.ietf-tsvwg-ecn-l4s-id] S.2.3, | | | Reno/Cubic on loss | [RFC8257] | | 4-2 | Fall back to | [I-D.ietf-tsvwg-ecn-l4s-id] S.2.3 | | | Reno/Cubic if classic | | | | ECN bottleneck | | | | detected | | | | | | | 4-3 | Reduce RTT-dependence | [I-D.ietf-tsvwg-ecn-l4s-id] S.2.3 | | | | | | 4-4 | Scaling TCP's | [I-D.ietf-tsvwg-ecn-l4s-id] S.2.3, | | | Congestion Window for | [TCP-sub-mss-w] | | | Small Round Trip Times | | | | SCALABLE TRANSPORT - | | | | PERFORMANCE | | | | ENHANCEMENTS | | | 5-1 | Setting ECT in TCP | [I-D.ietf-tcpm-generalized-ecn] | | | Control Packets and | | | | Retransmissions | | | 5-2 | Faster-than-additive | [I-D.ietf-tsvwg-ecn-l4s-id] (Appx | | | increase | A.2.2) | | 5-3 | Faster Convergence at | [I-D.ietf-tsvwg-ecn-l4s-id] (Appx | | | Flow Start | A.2.2) | +-----+------------------------+------------------------------------+ Briscoe, et al. Expires April 30, 2021 [Page 39] Internet-Draft L4S Architecture October 2020 +-----+--------+-----+-------+-----------+--------+--------+--------+ | # | WG | TCP | DCTCP | DCTCP-bis | TCP | SCTP | RMCAT | | | | | | | Prague | Prague | Prague | +-----+--------+-----+-------+-----------+--------+--------+--------+ | 0 | tsvwg | Y | Y | Y | Y | Y | Y | | 1 | tsvwg | | | Y | Y | Y | Y | | 2 | tsvwg | n/a | n/a | n/a | n/a | n/a | n/a | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3 | tcpm | Y | Y | Y | Y | n/a | n/a | | | | | | | | | | | 4-1 | tcpm | | Y | Y | Y | Y | Y | | | | | | | | | | | 4-2 | tcpm/ | | | | Y | Y | ? | | | iccrg? | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 4-3 | tcpm/ | | | Y | Y | Y | ? | | | iccrg? | | | | | | | | 4-4 | tcpm | Y | Y | Y | Y | Y | ? | | | | | | | | | | | | | | | | | | | | 5-1 | tcpm | Y | Y | Y | Y | n/a | n/a | | | | | | | | | | | 5-2 | tcpm/ | | | Y | Y | Y | ? | | | iccrg? | | | | | | | | 5-3 | tcpm/ | | | Y | Y | Y | ? | | | iccrg? | | | | | | | +-----+--------+-----+-------+-----------+--------+--------+--------+ Authors' Addresses Bob Briscoe (editor) Independent UK Email: ietf@bobbriscoe.net URI: http://bobbriscoe.net/ Briscoe, et al. Expires April 30, 2021 [Page 40] Internet-Draft L4S Architecture October 2020 Koen De Schepper Nokia Bell Labs Antwerp Belgium Email: koen.de_schepper@nokia.com URI: https://www.bell-labs.com/usr/koen.de_schepper Marcelo Bagnulo Universidad Carlos III de Madrid Av. Universidad 30 Leganes, Madrid 28911 Spain Phone: 34 91 6249500 Email: marcelo@it.uc3m.es URI: http://www.it.uc3m.es Greg White CableLabs US Email: G.White@CableLabs.com Briscoe, et al. Expires April 30, 2021 [Page 41]