Transport Area Working Group G. White Internet-Draft CableLabs Intended status: Standards Track T. Fossati Expires: 8 September 2021 ARM 7 March 2021 A Non-Queue-Building Per-Hop Behavior (NQB PHB) for Differentiated Services draft-ietf-tsvwg-nqb-05 Abstract This document specifies properties and characteristics of a Non- Queue-Building Per-Hop Behavior (NQB PHB). The purpose of this NQB PHB is to provide a separate queue that enables low latency and, when possible, low loss for application-limited traffic flows that would ordinarily share a queue with capacity-seeking traffic. This PHB is implemented without prioritization and without rate policing, making it suitable for environments where the use of either these features may be restricted. The NQB PHB has been developed primarily for use by access network segments, where queuing delays and queuing loss caused by Queue-Building protocols are manifested, but its use is not limited to such segments. In particular, applications to cable broadband links and mobile network radio and core segments are discussed. This document defines a standard Differentiated Services Code Point (DSCP) to identify Non-Queue-Building flows. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 8 September 2021. White & Fossati Expires 8 September 2021 [Page 1] Internet-Draft Non-Queue-Building PHB March 2021 Copyright Notice Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 3. Non-Queue-Building Behavior . . . . . . . . . . . . . . . . . 4 4. The NQB PHB and its Relationship to the DiffServ Architecture . . . . . . . . . . . . . . . . . . . . . . 4 5. DSCP Marking of NQB Traffic . . . . . . . . . . . . . . . . . 5 5.1. End-to-end usage and DSCP Re-marking . . . . . . . . . . 6 5.2. Aggregation of the NQB PHB with other DiffServ PHBs . . . 8 6. Non-Queue-Building PHB Requirements . . . . . . . . . . . . . 9 7. Impact on Higher Layer Protocols . . . . . . . . . . . . . . 10 8. The NQB PHB and Tunnels . . . . . . . . . . . . . . . . . . . 10 9. Relationship to L4S . . . . . . . . . . . . . . . . . . . . . 11 10. Configuration and Management . . . . . . . . . . . . . . . . 11 11. Example Use Cases . . . . . . . . . . . . . . . . . . . . . . 11 11.1. DOCSIS Access Networks . . . . . . . . . . . . . . . . . 11 11.2. Mobile Networks . . . . . . . . . . . . . . . . . . . . 12 11.3. WiFi Networks . . . . . . . . . . . . . . . . . . . . . 12 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 14. Security Considerations . . . . . . . . . . . . . . . . . . . 14 15. Informative References . . . . . . . . . . . . . . . . . . . 15 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 1. Introduction This document defines a Differentiated Services (DS) per-hop behavior (PHB) called "Non-Queue-Building Per-Hop Behavior" (NQB PHB), which is intended to enable networks to provide low latency and low loss for traffic flows that are relatively low data rate and that do not themselves materially contribute to queueing delay and loss. Such Non-Queue-Building flows (for example: interactive voice and video, gaming, machine to machine applications) are application limited White & Fossati Expires 8 September 2021 [Page 2] Internet-Draft Non-Queue-Building PHB March 2021 flows that are distinguished from traffic flows managed by an end-to- end congestion control algorithm. The vast majority of packets that are carried by broadband access networks are, in fact, managed by an end-to-end congestion control algorithm, such as Reno, Cubic or BBR. These congestion control algorithms attempt to seek the available capacity of the end-to-end path (which can frequently be the access network link capacity), and in doing so generally overshoot the available capacity, causing a queue to build-up at the bottleneck link. This queue build up results in queuing delay (variable latency) and possibly packet loss that affects all of the applications that are sharing the bottleneck link. In contrast to traditional congestion-controlled applications, there are a variety of relatively low data rate applications that do not materially contribute to queueing delay and loss, but are nonetheless subjected to it by sharing the same bottleneck link in the access network. Many of these applications may be sensitive to latency or latency variation, as well as packet loss, and thus produce a poor quality of experience in such conditions. Active Queue Management (AQM) mechanisms (such as PIE [RFC8033], DOCSIS-PIE [RFC8034], or CoDel [RFC8289]) can improve the quality of experience for latency sensitive applications, but there are practical limits to the amount of improvement that can be achieved without impacting the throughput of capacity-seeking applications, particularly when only a few of such flows are present. The NQB PHB supports differentiating between these two classes of traffic in bottleneck links and queuing them separately in order that both classes can deliver satisfactory quality of experience for their applications. 2. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. White & Fossati Expires 8 September 2021 [Page 3] Internet-Draft Non-Queue-Building PHB March 2021 3. Non-Queue-Building Behavior There are many applications that send traffic at relatively low data rates and/or in a fairly smooth and consistent manner such that they are highly unlikely to exceed the available capacity of the network path between source and sink. These applications do not cause queues to form in network buffers, but nonetheless can be subjected to packet delay and delay variation as a result of sharing a network buffer with applications that do cause queues to form. Many of these applications are negatively affected by excessive packet delay and delay variation. Such applications are ideal candidates to be queued separately from the applications that are the cause of queue buildup, latency and loss. These Non-queue-building (NQB) flows are typically UDP flows that don't seek the capacity of the link (examples: online games, voice chat, DNS lookups, real-time IoT analytics data). Here the data rate is limited by the application itself rather than by network capacity - in many cases these applications only send a few packets per RTT. In contrast, Queue-building (QB) flows include traffic which uses TCP or QUIC, with Cubic, Reno or other TCP congestion control algorithms that probe for the link capacity and induce latency and loss as a result. 4. The NQB PHB and its Relationship to the DiffServ Architecture The IETF has defined the Differentiated Services architecture [RFC2475] with the intention that it allows traffic to be marked in manner that conveys the performance requirements of that traffic either quantitatively or in a relative sense (i.e. priority). The architecture defines the use of the DiffServ field [RFC2474] for this purpose, and numerous RFCs have been written that describe recommended interpretations of the values (DiffServ Code Points) of the field, and standardized treatments (traffic conditioning and per- hop-behaviors) that can be implemented to satisfy the performance requirements of traffic so marked. While this architecture is powerful, and can be configured to meet the performance requirements of a variety of applications and traffic categories, or to achieve differentiated service offerings, it has proven problematic to enable its use for these purposes end-to-end across the Internet. This difficulty is in part due to the fact that meeting (in an end- to-end context) the performance requirements of an application involves all of the networks in the path agreeing on what those requirements are, and sharing an interest in meeting them. In many cases this is made more difficult due to the fact that the White & Fossati Expires 8 September 2021 [Page 4] Internet-Draft Non-Queue-Building PHB March 2021 performance "requirements" are not hard ones (e.g. applications will degrade in some manner as loss/latency/jitter increase), so the importance of meeting them for any particular application involves a judgment as to the value of avoiding some amount of degradation in quality for that application in exchange for an increase in the degradation of another application. Further, in many cases the implementation of DiffServ PHBs involves prioritization of service classes with respect to one another, which results in the need to limit access to higher priority classes via mechanisms such as access control, admission control, traffic conditioning and rate policing, and/or to meter and bill for carriage of such traffic. These mechanisms can be difficult or impossible to implement in an end-to-end context. Finally, some jurisdictions impose regulations that limit the ability of networks to provide differentiation of services, in large part based on the understanding that doing so ordinarily involves prioritization or privileged access to bandwidth, and thus a benefit to one class of traffic always comes at the expense of another. In contrast, the NQB PHB has been designed with the goal that it avoids many of these issues, and thus could conceivably be deployed end-to-end across the Internet. The intent of the NQB DSCP is that it signals verifiable behavior as opposed to wants and needs. Also, the NQB traffic is to be given a separate queue with equal priority as default traffic, and given no reserved bandwidth other than the bandwidth that it shares with default traffic. As a result, the NQB PHB does not aim to meet specific application performance requirements, nor does it aim to provide a differentiated service class as defined in [RFC4594]. Instead the goal of the NQB PHB is to provide statistically better loss, latency, and jitter performance for traffic that is not itself the cause of those degradations. These attributes eliminate the inherent value judgments that underlie the handling of differentiated service classes in the DiffServ architecture as it has traditionally been defined, they also significantly simplify access control and admission control functions, reducing them to simple verification of behavior. 5. DSCP Marking of NQB Traffic Applications that align with the description of NQB behavior in the preceding section SHOULD identify themselves to the network using a DiffServ Code Point (DSCP) of 42 so that their packets can be queued separately from QB flows. The choice of the value 42 is motivated in part by the desire to achieve separate queuing in existing WiFi networks (see Section 11.3). White & Fossati Expires 8 September 2021 [Page 5] Internet-Draft Non-Queue-Building PHB March 2021 There are many application flows that fall very neatly into one or the other of these two categories: NQB and QB, but there are also application flows that may be in a gray area in between (e.g. they are NQB on higher-speed links, but QB on lower-speed links). If there is uncertainty as to whether an application's traffic aligns with the description of NQB behavior in the preceding section, the application SHOULD NOT mark its traffic with the NQB DSCP. In such a case, the application SHOULD instead implement a congestion control mechanism, for example as described in [RFC8085] or [I-D.ietf-tsvwg-ecn-l4s-id]. It is worthwhile to note again that the NQB designation and marking is intended to convey verifiable traffic behavior, not needs or wants. Also, it is important that incentives are aligned correctly, i.e. that there is a benefit to the application in marking its packets correctly, and no benefit to an application in intentionally mismarking its traffic. Thus, a useful property of nodes that support separate queues for NQB and QB flows would be that for NQB flows, the NQB queue provides better performance than the QB queue; and for QB flows, the QB queue provides better performance than the NQB queue. By adhering to these principles, there is no incentive for senders to mismark their traffic as NQB, and further, any mismarking can be identified by the network. Along these lines, nodes that do not support the NQB PHB SHOULD treat NQB marked traffic the same as traffic marked "Default", and SHOULD preserve the NQB marking. In shallow-buffered backbone and core network switches, and nodes that do not typically experience congestion, treating NQB marked traffic the same as "Default" may be sufficient to preserve latency performance for NQB traffic. 5.1. End-to-end usage and DSCP Re-marking In contrast to some existing standard PHBs, many of which are typically only meaningful within a DiffServ Domain (e.g. an AS or an enterprise network), this PHB is expected to be used end-to-end across the Internet, wherever suitable operator agreements apply. Under the [RFC2474] model, this requires that the corresponding DSCP is recognized by all operators and mapped across their boundaries accordingly. Absent an explicit agreement to the contrary, networks that support the NQB PHB SHOULD preserve a DSCP marking distinction between NQB traffic and Default traffic when forwarding via an interconnect from or to another network. To facilitate the default treatment of NQB traffic in backbones and core networks, networks SHOULD remap NQB traffic (DSCP 42) to DSCP 2 prior to interconnection, unless agreed otherwise between the interconnecting partners. The fact that this White & Fossati Expires 8 September 2021 [Page 6] Internet-Draft Non-Queue-Building PHB March 2021 PHB is intended for end-to-end usage does not preclude networks from mapping the NQB DSCP to a value other than 42 or 2 for internal usage, as long as the appropriate NQB DSCP is restored when forwarding to another network. Additionally, it is not precluded for interconnecting networks to negotiate (via an SLA or some other agreement) a different DSCP to use to signal NQB across the interconnect. In order to enable interoperability with WiFi equipment, networks SHOULD remap NQB traffic (e.g. DSCP 2) to DSCP 42 prior to a customer access link, subject to the safeguards described in Section 11.3. Thus, this document recommends two DSCPs to designate NQB, the value 42 for use by hosts and in WiFi networks, and the value 2 for use across network interconnections. Some network operators typically bleach (zero out) the DiffServ field on ingress into their network [Custura][Barik], and in some cases apply their own DSCP for internal usage. Bleaching the NQB DSCP is not expected to cause harm to default traffic, but it will severely limit the ability to provide NQB treatment end-to-end. Reports on existing deployments of DSCP manipulation [Custura][Barik] categorize the remarking behaviors into the following six policies: bleach all traffic (set DSCP to zero), set the top three bits (the former Precedence bits) on all traffic to 0b000, 0b001, or 0b010, set the low three bits on all traffic to 0b000, or remark all traffic to a particular (non-zero) DSCP value. Regarding the DSCP value of 42, there were no observations of DSCP manipulation reported in which traffic was marked 42 by any of these policies. Thus it appears that these remarking policies would be unlikely to result in QB traffic being marked as NQB (42). In terms of the fate of NQB-marked traffic that is subjected to one of these policies, the result would be that NQB marked traffic would be indistinguishable from some subset (possibly all) of other traffic. In the policies where all traffic is remarked using the same (zero or non-zero) DSCP, the ability for a subsequent network hop to differentiate NQB traffic via DSCP would clearly be lost entirely. In the policies where the top three bits are overwritten, NQB would receive the same marking as AF41, AF31, AF21, AF11 (as well as the currently unassigned DSCPs 50 and 58), with all of these code points getting mapped to DSCP=2, AF11 or AF21 (depending on the overwrite value used). Since the recommended usage of the standardized code points in that list include high throughput data for store and forward applications (and it is impossible to predict what future use would be assigned to the currently unassigned values) it would seem inadvisable for a node to attempt to treat all such traffic as if it White & Fossati Expires 8 September 2021 [Page 7] Internet-Draft Non-Queue-Building PHB March 2021 were NQB marked. For the policy in which the low three bits are set to 0b000, the NQB value would be mapped to CS5 and would be indistinguishable from CS5, VA, EF (and the unassigned DSCPs 41, 43, 45). Traffic marked using the existing standardized DSCPs in this list are likely to share the same general properties as NQB traffic (non capacity-seeking, very low data rate or relatively low and consistent data rate). Furthermore, as this remarking policy results in an overt enforcement of the IP Precedence compatibility configuration discussed in [RFC4594] Section 1.5.4, and to the extent that this compatibility is maintained in the future, any future recommended usages of the currently unassigned DSCPs in that list would be likely to similarly be somewhat compatible with NQB treatment. Here there may be an opportunity for a node to provide the NQB PHB or the CS5 PHB and retain some of the benefits of NQB marking. As a result, nodes supporting the NQB PHB MAY additionally classify CS5 marked traffic into the NQB queue. Regarding the DSCP value of 2, some of these remappings are more problematic. In particular, in policies where the top three bits are overwritten with 0b000, the DSCP values AF41, AF31, AF21, and AF11 (as well as the currently unassigned DSCPs 50 and 58) would all get mapped to the NQB value. 5.2. Aggregation of the NQB PHB with other DiffServ PHBs Networks and nodes that aggregate service classes as discussed in [RFC5127] and [RFC8100] may not be able to provide a PDB/PHB that meets the requirements of this document. In these cases it is recommended that NQB-marked traffic be aggregated with standard, elastic, best-effort traffic, although in some cases a network operator may instead choose to aggregate NQB traffic with Real-Time traffic. Either approach comes with trade-offs: aggregating with best-effort could result in a degradation of loss/latency/jitter performance, while aggregating with Real-Time may create an incentive for mismarking of non-compliant traffic. In either case, [RFC5127] requires that such aggregations preserve the notion of each end-to- end service class that is aggregated, and recommends preservation of the DSCP as a way of accomplishing this. Compliance with this recommendation would serve to limit the negative impact that such networks would have on end-to-end performance for NQB traffic. Nodes that support the NQB PHB may choose to aggregate other service classes into the NQB queue. Candidate service classes for this aggregation would include those that carry inelastic traffic that has low to very-low tolerance for loss, latency and/or jitter as discussed in [RFC4594]. These could include Telephony, Signaling, Real-Time Interactive and Broadcast Video. White & Fossati Expires 8 September 2021 [Page 8] Internet-Draft Non-Queue-Building PHB March 2021 6. Non-Queue-Building PHB Requirements A node supporting the NQB PHB makes no guarantees on latency or data rate for NQB marked flows, but instead aims to provide a bound on queuing delay for as many such marked flows as it can, and shed load when needed. A node supporting the NQB PHB MUST provide a queue for non-queue- building traffic separate from the queue used for queue-building traffic. NQB traffic, in aggregate, SHOULD NOT be rate limited or rate policed separately from queue-building traffic of equivalent importance. The NQB queue SHOULD be given equal priority compared to queue- building traffic of equivalent importance. The node SHOULD provide a scheduler that allows QB and NQB traffic of equivalent importance to share the link in a fair manner, e.g. a deficit round-robin scheduler with equal weights. Compliance with these recommendations helps to ensure that there are no incentives for QB traffic to be mismarked as NQB. A node supporting the NQB PHB SHOULD treat traffic marked as Default (DSCP=0) as QB traffic having equivalent importance to the NQB marked traffic. A node supporting the NQB DSCP MUST support the ability to configure the classification criteria that are used to identify QB and NQB traffic having equivalent importance. The NQB queue SHOULD have a buffer size that is significantly smaller than the buffer provided for QB traffic. It is expected that most QB traffic is optimized to make use of a relatively deep buffer (e.g. on the order of tens or hundreds of ms) in nodes where support for the NQB PHB is advantageous (i.e. bottleneck nodes). Providing a similarly deep buffer for the NQB queue would be at cross purposes to providing very low queueing delay, and would erode the incentives for QB traffic to be marked correctly. It is possible that due to an implementation error or misconfiguration, a QB flow would end up getting mismarked as NQB, or vice versa. In the case of an NQB flow that isn't marked as NQB and ends up in the QB queue, it would only impact its own quality of service, and so it seems to be of lesser concern. However, a QB flow that is mismarked as NQB would cause queuing delays and/or loss for all of the other flows that are sharing the NQB queue. To prevent this situation from harming the performance of the real NQB flows, network elements that support differentiating NQB traffic SHOULD support a "traffic protection" function that can identify QB White & Fossati Expires 8 September 2021 [Page 9] Internet-Draft Non-Queue-Building PHB March 2021 flows that are mismarked as NQB, and reclassify those flows/packets to the QB queue. Such a function SHOULD be implemented in an objective and verifiable manner, basing its decisions upon the behavior of the flow rather than on application-layer constructs. One example algorithm can be found in [I-D.briscoe-docsis-q-protection]. There are some situations where such function may not be necessary. For example, a network element designed for use in controlled environments (e.g. enterprise LAN) may not require a traffic protection function. Similarly, flow queueing systems obviate the need for an explicit traffic protection function. Additionally, some networks may prefer to police the application of the NQB DSCP at the ingress edge, so that in-network traffic protection is not needed. 7. Impact on Higher Layer Protocols Network elements that support the NQB PHB and that support traffic protection as discussed in the previous section introduce the possibility that flows classified into the NQB queue could experience out of order delivery. This is particularly true if the traffic protection algorithm makes decisions on a packet-by-packet basis. In this scenario, a flow that is (mis)marked as NQB and that causes a queue to form in this bottleneck link could see some of its packets forwarded by the NQB queue, and some of them redirected to the QB queue. Depending on the queueing latency and scheduling within the network element, this could result in packets being delivered out of order. As a result, the use of the NQB DSCP by a higher layer protocol carries some risk that out of order delivery will be experienced. 8. The NQB PHB and Tunnels [RFC2983] discusses tunnel models that support DiffServ. It describes a "uniform model" in which the inner DSCP is copied to the outer header at encapsulation, and the outer DSCP is copied to the inner header at decapsulation. It also describes a "pipe model" in which the outer DSCP is not copied to the inner header at decapsulation. Both models can be used in conjunction with the NQB PHB. In the case of the pipe model, any DSCP manipulation (re- marking) of the outer header by intermediate nodes would be discarded at tunnel egress, potentially improving the possibility of achieving NQB treatment in subsequent nodes. As is discussed in [RFC2983], tunnel protocols that are sensitive to reordering can result in undesirable interactions if multiple DSCP PHBs are signaled for traffic within a tunnel instance. This is true for NQB marked traffic as well. If a tunnel contains a mix of QB and NQB traffic, and this is reflected in the outer DSCP in a network White & Fossati Expires 8 September 2021 [Page 10] Internet-Draft Non-Queue-Building PHB March 2021 that supports the NQB PHB, it would be necessary to avoid a reordering-sensitive tunnel protocol in order to avoid these undesirable interactions. 9. Relationship to L4S Traffic flows marked with the NQB DSCP as described in this draft are intended to be compatible with [I-D.ietf-tsvwg-l4s-arch], with the result being that NQB traffic and L4S traffic can share the low- latency queue in an L4S dual-queue node [I-D.ietf-tsvwg-aqm-dualq-coupled]. Compliance with the DualQ coupled AQM requirements is considered sufficient to enable fair allocation of bandwidth between the QB and NQB queues. 10. Configuration and Management As required above, nodes supporting the NQB PHB provide for the configuration of classifiers that can be used to differentiate between QB and NQB traffic of equivalent importance. The default for such classifiers is recommended to be the assigned NQB DSCP (to identify NQB traffic) and the Default (0) DSCP (to identify QB traffic). 11. Example Use Cases 11.1. DOCSIS Access Networks Residential cable broadband Internet services are commonly configured with a single bottleneck link (the access network link) upon which the service definition is applied. The service definition, typically an upstream/downstream data rate tuple, is implemented as a configured pair of rate shapers that are applied to the user's traffic. In such networks, the quality of service that each application receives, and as a result, the quality of experience that it generates for the user is influenced by the characteristics of the access network link. To support the NQB PHB, cable broadband services MUST be configured to provide a separate queue for NQB marked traffic. The NQB queue MUST be configured to share the service's rate shaping bandwidth with the queue for QB traffic. White & Fossati Expires 8 September 2021 [Page 11] Internet-Draft Non-Queue-Building PHB March 2021 11.2. Mobile Networks Historically, mobile networks have been configured to bundle all flows to and from the Internet into a single "default" EPS bearer whose buffering characteristics are not compatible with low-latency traffic. The established behaviour is rooted partly in the desire to prioritise operators' voice services over competing over-the-top services and partly in the fact that the addition of bearers was prohibitive due to expense. Of late, said consideration seems to have lost momentum (e.g., with the rise in Multi-RAB (Radio Access Bearer) devices) and the incentives might now be aligned towards allowing a more suitable treatment of Internet real-time flows. To support the NQB PHB, the mobile network SHOULD be configured to give UEs a dedicated, low-latency, non-GBR, EPS bearer, e.g. one with QCI 7, in addition to the default EPS bearer; or a Data Radio Bearer with 5QI 7 in a 5G system (see Table 5.7.4-1: Standardized 5QI to QoS characteristics mapping in [SA-5G]). A packet carrying the NQB DSCP SHOULD be routed through the dedicated low-latency EPS bearer. A packet that has no associated NQB marking SHOULD be routed through the default EPS bearer. 11.3. WiFi Networks WiFi networking equipment compliant with 802.11e/n/ac generally supports either four or eight transmit queues and four sets of associated Enhanced Multimedia Distributed Control Access (EDCA) parameters (corresponding to the four WiFi Multimedia (WMM) Access Categories) that are used to enable differentiated media access characteristics. In addition to the requirements provided in other sections of this document, to support the NQB PHB, WiFi equipment SHOULD map the NQB codepoint 42 into a separate queue that shares an Access Category with default traffic (i.e. the Best Effort Access Category). While some WiFi equipment may be capable (in some cases via firmware update) of supporting the NQB PHB requirements, many currently deployed devices cannot be configured in this way. As a result the remainder of this section discusses interoperability with these existing WiFi networks, as opposed to PHB compliance. WiFi implementations typically utilize the IP DSCP field to select a transmit queue, but should be considered as Non-Differentiated Services-Compliant Nodes as described in Section 4 of [RFC2475] because in widely deployed WiFi networks, this transmit queue selection is a local implementation characteristic that is not part White & Fossati Expires 8 September 2021 [Page 12] Internet-Draft Non-Queue-Building PHB March 2021 of a consistently operated DiffServ domain or region. As discussed in [RFC8325], most existing WiFi implementations use a default DSCP to User Priority mapping that utilizes the most significant three bits of the DiffServ Field to select "User Priority" which is then mapped to the four WMM Access Categories. [RFC8325] also provides an alternative mapping that more closely aligns with the DSCP recommendations provided by the IETF. In order to increase the likelihood that NQB traffic is provided a separate queue from QB traffic in existing WiFi equipment that uses the default mapping, the 42 code point is recommended for NQB. This maps NQB to UP_5 which is in the "Video" Access Category. Similarly, systems that utilize [RFC8325], SHOULD map the recommended NQB code point 42 to UP_5 in the "Video" Access Category. While this DSCP to User Priority mapping can enable WiFi systems to support the NQB PHB requirement for segregated queuing, many currently deployed WiFi systems may not be capable of supporting the remaining NQB PHB requirements in Section 6. This is discussed further below. Existing WiFi devices are unlikely to support a traffic protection algorithm, so traffic mismarked as NQB is not likely to be detected and remedied by such devices. Furthermore, in their default configuration, existing WiFi devices utilize EDCA parameters that result in statistical prioritization of the "Video" Access Category above the "Best Effort" Access Category. If left unchanged, this would violate the NQB PHB requirement for equal prioritization, and could erode the principle of alignment of incentives. In order to preserve the incentives principle for NQB, WiFi systems SHOULD configure the EDCA parameters for the Video Access Category to match those of the Best Effort Access Category. In cases where a network operator is delivering traffic into an unmanaged WiFi network outside of their control (e.g. a residential ISP delivering traffic to a customer's home network), the network operator should presume that the existing WiFi equipment does not support the safeguards that are provided by the NQB PHB requirements, and thus should take precautions to prevent issues. When the data rate of the access network segment is less than the expected data rate of the WiFi network, this is unlikely to be an issue. However, if the access network rate exceeds the expected rate of the WiFi network, the operator SHOULD deploy a policing function on NQB marked traffic that minimizes the potential for negative impacts on traffic marked Default, for example by limiting the rate of such traffic to a set fraction of the customer's service rate. White & Fossati Expires 8 September 2021 [Page 13] Internet-Draft Non-Queue-Building PHB March 2021 As an additional safeguard, and to prevent the inadvertent introduction of problematic traffic into unmanaged WiFi networks, network equipment that is intended to deliver traffic into unmanaged WiFi networks (e.g. an access network gateway for a residential ISP) MUST by default ensure that NQB traffic is marked with a DSCP that selects the "Best Effort" Access Category. Such equipment MUST support the ability to configure the remapping, so that (when appropriate safeguards are in place) traffic can be delivered as NQB- marked. 12. Acknowledgements Thanks to Brian Carpenter, Bob Briscoe, Greg Skinner, Toke Hoeiland- Joergensen, Luca Muscariello, David Black, Sebastian Moeller, Ruediger Geib, Jerome Henry, Steven Blake, Jonathan Morton, Roland Bless, Kevin Smith, Martin Dolly, and Kyle Rose for their review comments. 13. IANA Considerations This document requests that IANA assign the Differentiated Services Field Codepoints (DSCP) 2 ('0b000010', 0x02) and 42 ('0b101010', 0x2A) from the "Differentiated Services Field Codepoints (DSCP)" registry (https://www.iana.org/assignments/dscp-registry/) ("DSCP Pool 1 Codepoints", Codepoint Space xxxxx0, Standards Action) to denote Non-Queue-Building behavior. 14. Security Considerations There is no incentive for an application to mismark its packets as NQB (or vice versa). If a queue-building flow were to mark its packets as NQB, it could experience excessive packet loss (in the case that traffic protection is not supported by a node) or it could receive no benefit (in the case that traffic protection is supported). If a non-queue-building flow were to fail to mark its packets as NQB, it could suffer the latency and loss typical of sharing a queue with capacity seeking traffic. In order to preserve low latency performance for NQB traffic, networks that support the NQB PHB will need to ensure that mechanisms are in place to prevent malicious NQB-marked traffic from causing excessive queue delays. This document recommends the implementation of a traffic protection mechanism to achieve this goal, but recognizes that other options may be more desirable in certain situations. White & Fossati Expires 8 September 2021 [Page 14] Internet-Draft Non-Queue-Building PHB March 2021 The NQB signal is not integrity protected and could be flipped by an on-path attacker. This might negatively affect the QoS of the tampered flow. 15. Informative References [Barik] Barik, R., Welzl, M., Elmokashfi, A., Dreibholz, T., and S. Gjessing, "Can WebRTC QoS Work? A DSCP Measurement Study", ITC 30, September 2018. [Custura] Custura, A., Venne, A., and G. Fairhurst, "Exploring DSCP modification pathologies in mobile edge networks", TMA , 2017. [I-D.briscoe-docsis-q-protection] Briscoe, B. and G. White, "Queue Protection to Preserve Low Latency", Work in Progress, Internet-Draft, draft- briscoe-docsis-q-protection-00, 8 July 2019, . [I-D.ietf-tsvwg-aqm-dualq-coupled] Schepper, K., Briscoe, B., and G. White, "DualQ Coupled AQMs for Low Latency, Low Loss and Scalable Throughput (L4S)", Work in Progress, Internet-Draft, draft-ietf- tsvwg-aqm-dualq-coupled-13, 15 November 2020, . [I-D.ietf-tsvwg-ecn-l4s-id] Schepper, K. and B. Briscoe, "Identifying Modified Explicit Congestion Notification (ECN) Semantics for Ultra-Low Queuing Delay (L4S)", Work in Progress, Internet-Draft, draft-ietf-tsvwg-ecn-l4s-id-12, 15 November 2020, . [I-D.ietf-tsvwg-l4s-arch] Briscoe, B., Schepper, K., Bagnulo, M., and G. White, "Low Latency, Low Loss, Scalable Throughput (L4S) Internet Service: Architecture", Work in Progress, Internet-Draft, draft-ietf-tsvwg-l4s-arch-08, 15 November 2020, . White & Fossati Expires 8 September 2021 [Page 15] Internet-Draft Non-Queue-Building PHB March 2021 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, DOI 10.17487/RFC2474, December 1998, . [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and W. Weiss, "An Architecture for Differentiated Services", RFC 2475, DOI 10.17487/RFC2475, December 1998, . [RFC2983] Black, D., "Differentiated Services and Tunnels", RFC 2983, DOI 10.17487/RFC2983, October 2000, . [RFC4594] Babiarz, J., Chan, K., and F. Baker, "Configuration Guidelines for DiffServ Service Classes", RFC 4594, DOI 10.17487/RFC4594, August 2006, . [RFC5127] Chan, K., Babiarz, J., and F. Baker, "Aggregation of Diffserv Service Classes", RFC 5127, DOI 10.17487/RFC5127, February 2008, . [RFC8033] Pan, R., Natarajan, P., Baker, F., and G. White, "Proportional Integral Controller Enhanced (PIE): A Lightweight Control Scheme to Address the Bufferbloat Problem", RFC 8033, DOI 10.17487/RFC8033, February 2017, . [RFC8034] White, G. and R. Pan, "Active Queue Management (AQM) Based on Proportional Integral Controller Enhanced PIE) for Data-Over-Cable Service Interface Specifications (DOCSIS) Cable Modems", RFC 8034, DOI 10.17487/RFC8034, February 2017, . [RFC8085] Eggert, L., Fairhurst, G., and G. Shepherd, "UDP Usage Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085, March 2017, . [RFC8100] Geib, R., Ed. and D. Black, "Diffserv-Interconnection Classes and Practice", RFC 8100, DOI 10.17487/RFC8100, March 2017, . White & Fossati Expires 8 September 2021 [Page 16] Internet-Draft Non-Queue-Building PHB March 2021 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8289] Nichols, K., Jacobson, V., McGregor, A., Ed., and J. Iyengar, Ed., "Controlled Delay Active Queue Management", RFC 8289, DOI 10.17487/RFC8289, January 2018, . [RFC8325] Szigeti, T., Henry, J., and F. Baker, "Mapping Diffserv to IEEE 802.11", RFC 8325, DOI 10.17487/RFC8325, February 2018, . [SA-5G] 3GPP, "System Architecture for 5G", TS 23.501, 2019. Authors' Addresses Greg White CableLabs Email: g.white@cablelabs.com Thomas Fossati ARM Email: Thomas.Fossati@arm.com White & Fossati Expires 8 September 2021 [Page 17]