Presentation is loading. Please wait.

Presentation is loading. Please wait.

Making stuff real re-feedback Bob Briscoe, BT Research Nov 2005 CRN DoS resistant Internet w-g.

Published bySpencer Douglas Modified over 8 years ago

Similar presentations

Presentation on theme: "Making stuff real re-feedback Bob Briscoe, BT Research Nov 2005 CRN DoS resistant Internet w-g."— Presentation transcript:

1 making stuff real re-feedback Bob Briscoe, BT Research Nov 2005 CRN DoS resistant Internet w-g

2 the problem: accountability for causing congestion main concern non-compliance with e2e congestion control (e.g. TCP-friendly)? how can ingress netwk detect whole path congestion? police cc? not just per-flow congestion response smaller: per-packet –single datagram ‘flows’ bigger: per-user –a congestion metric so users can be held accountable –24x7 heavy sources of congestion, DDoS from zombie hosts even bigger: per-network –a metric for holding upstream networks accountable if they allow their users to congest downstream networks context

3 ECN (recap) code- point standard designation 00not-ECT 10ECT(0) 01ECT(1) 11CE 0 …i… n 0% 100% code-point rate resource index NANA NBNB NDND R1R1 S1S1 3% ECT(0) CE ECE in TCP protocol CE ECE 0% ECN rate 3%

4 0% re-ECN rate, v i 3% v i  ECT(0) – CE re-ECN (sketch) on every Echo-CE from TCP, sender sets ECT(0), else sets ECT(1) at any point on path, diff betw rates of ECT(0) & CE is downstream congestion routers unchanged code- point standard designation 00not-ECT 10ECT(0) 01ECT(1) 11CE ECT(1) 0 …i… n 3% code-point rate resource index 3% 97% ECT(0) CE Echo-CE in TCP protocol 3% NANA NBNB NDND R1R1 S1S1 2.6% 0.4% CE

5 NANA NBNB NDND R1R1 S1S1 security aps incentive framework (user-network) packets carry view of downstream path congestion to each router so ingress can police rate response –using path congestion declared by sender won’t snd or rcv just understate congestion? no – egress drops negative balance ECT(1) 3% code-point rate 0% re-ECN 3% ECT(0) CE 3% policer dropper 2%

6 accountability for congestion other applications congestion-history-based policer (congestion cap) throttles causes of past heavy congestion (zombies, 24x7 p2p) DDoS mitigation QoS & DCCP profile flexibility ingress can unilaterally allow different rate responses to congestion load sharing, traffic engineering multipath routers can compare downstream congestion bulk metric for inter-domain SLAs or charges bulk volume of ECT(0) less bulk volume of CE upstream networks that do nothing about policing, DoS, zombies etc will break SLA or get charged more security aps £ £ 0% re-ECN, v i 3% NANA NBNB NDND R1R1 S1S1

7 £ £ inter-domain accountability for congestion metric for inter-domain SLAs or charges bulk volume of ECT(0)less bulk volume of CE measure of downstream congestion allowed by upstream nets volume charging tries to do this, but badly aggregates and deaggregates precisely to responsible networks upstream networks that do nothing about policing, DoS, zombies break SLA or get charged more 0% re-ECN, v i 3% NANA NBNB NDND R1R1 S1S1 2.6% 2.1% security aps

8 making stuff real tie to new product the occasion when companies consider making changes not just performance enhancement or cost reduction effort from inventors not invented here has a flip side hawking round every relevant forum – plan for long haul creating a fashion unilateral action in the value chain bilateral changes (e.g. vendor & operator) a second best bilateral between similar players (e.g. network operators) bilateral between neighbours overlays can turn remote networks into neighbours materials & process equip com p- onen ts equi p mak ers netwo rk owner s servic e provi ders conten t & applic s appl i- ance s en d us ers deployment

9 re-ECN incremental deployment only REQUIRED change is TCP sender behaviour precision only if receiver is re-ECN capable too optional compatibility mode for ‘legacy’ ECN rcvrs inclined to leave it out (so few Legacy-ECN hosts out there) no change from ECN behaviour for routers tunnels IPsec middleboxes etc add egress droppers and ingress policers over time policers not necessary in front of trusted senders deployment

10 re-ECN deployment transition if legacy firewalls block FE=1, sender falls back to FE=0 FE=0 on first packets anyway, so see connectivity before setting FE=1 if sender has to wrongly clear FE=0, makes dropper over-strict for all sender (and receiver): re-ECN transport (from legacy ECN) ingress policer (deliberately) thinks legacy ECN is highly congested –50% for nonce senders, 100% for legacy ECN policers should initially be configured permissively over time, making them stricter encourages upgrade from ECN to re-ECN deployment

11 re-ECN deployment incentives - networks access network operators revenue defence for their QoS products can require competing streaming services over best efforts to buy the right to be unresponsive to congestion egress access operators: dropper can hold upstream neighbour networks accountable for congestion they cause in egress access without egress dropper, border congestion could be understated ingress access operators: policer if downstream networks hold upstream accountable (above) ingress will want to police its heavy & malicious users ingress can choose to rate-limit Not-ECT backbone networks unless hold upstream accountable will be held accountable by downstream deployment

12 re-ECN deployment incentives - vendors vendors of policing equipment network operators invite to tender sender (and rcvr): re-ECN transport (from Not-ECT) network operator pressure encourages OS vendor upgrades (sweetener below) Not-ECT rate-limits (above) encourage user upgrades end device OS vendors network operators hold levers (policers) to encourage customer product upgrades deployment everyone gains from adding accountability to TCP/IP except the selfish and malicious

13 making stuff real tie to new product the occasion when companies consider making changes not just performance enhancement or cost reduction effort from inventors not invented here has a flip side hawking round every relevant forum – plan for long haul creating a fashion unilateral action in the value chain bilateral changes (e.g. vendor & operator) a second best bilateral between similar players (e.g. network operators) bilateral between neighbours overlays can turn remote networks into neighbours materials & process equip com p- onen ts equi p mak ers netwo rk owner s servic e provi ders conten t & applic s appl i- ance s en d us ers summary

Download ppt "Making stuff real re-feedback Bob Briscoe, BT Research Nov 2005 CRN DoS resistant Internet w-g."

Similar presentations

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp-03 Bob Briscoe, BT & UCL Arnaud Jacquet, Alessandro Salvatori.

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp-03 Bob Briscoe, BT & UCL Arnaud Jacquet, Alessandro Salvatori.
Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp draft-briscoe-tsvwg-re-ecn-tcp Bob Briscoe, BT & UCL Arnaud.

Re-ECN: Adding Accountability for Causing Congestion to TCP/IP draft-briscoe-tsvwg-re-ecn-tcp draft-briscoe-tsvwg-re-ecn-tcp Bob Briscoe, BT & UCL Arnaud.
The cost of freedom Bob Briscoe Chief Researcher, BT Group and UCL Dec 2006.

The cost of freedom Bob Briscoe Chief Researcher, BT Group and UCL Dec 2006.
Policing congestion response in an internetwork using re-feedback Bob Briscoe 1,2 Arnaud Jacquet 1, Carla Di Cairano- Gilfedder 1, Alessandro Salvatori.

Policing congestion response in an internetwork using re-feedback Bob Briscoe 1,2 Arnaud Jacquet 1, Carla Di Cairano- Gilfedder 1, Alessandro Salvatori.
RSVP/Diffserv Yoram Bernet - Microsoft Raj Yavatkar - Intel.

RSVP/Diffserv Yoram Bernet - Microsoft Raj Yavatkar - Intel.
ConEx Abstract Protocol What’s the Credit marking for? draft-mathis-conex-abstract-mech-00.txt draft-mathis-conex-abstract-mech-00.txt apologies from Bob.

ConEx Abstract Protocol What’s the Credit marking for? draft-mathis-conex-abstract-mech-00.txt draft-mathis-conex-abstract-mech-00.txt apologies from Bob.
Mending the Internet value chain... …in one bit Internet capacity sharing & QoS Bob Briscoe Chief Researcher, BT Oct 2009 This work is partly funded by.

Mending the Internet value chain... …in one bit Internet capacity sharing & QoS Bob Briscoe Chief Researcher, BT Oct 2009 This work is partly funded by.
© British Telecommunications plc 1 Network Performance Isolation in Data Centres using ConEx Congestion Policing draft-briscoe-conex-policing-01 draft-briscoe-conex-data-centre-02.

© British Telecommunications plc 1 Network Performance Isolation in Data Centres using ConEx Congestion Policing draft-briscoe-conex-policing-01 draft-briscoe-conex-data-centre-02.
1 Congestion Control. Transport Layer3-2 Principles of Congestion Control Congestion: r informally: “too many sources sending too much data too fast for.

1 Congestion Control. Transport Layer3-2 Principles of Congestion Control Congestion: r informally: “too many sources sending too much data too fast for.
1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168) Limited Transmit (RFC 3042)

1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168) Limited Transmit (RFC 3042)
1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168)

1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168)
DoS-resistant Internet - progress Bob Briscoe Jun 2005.

DoS-resistant Internet - progress Bob Briscoe Jun 2005.
Networking Research1 Thoughts on Networking Research Bob Kinicki PEDS Presentation October 6, 2003.

Networking Research1 Thoughts on Networking Research Bob Kinicki PEDS Presentation October 6, 2003.
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #8 Explicit Congestion Notification (RFC 3168) Limited Transmit.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #8 Explicit Congestion Notification (RFC 3168) Limited Transmit.
Internet capacity sharing: Fairer, Simpler, Faster? Bob Briscoe Chief Researcher, BT Mar 2010 This work is partly funded by Trilogy, a research project.

Internet capacity sharing: Fairer, Simpler, Faster? Bob Briscoe Chief Researcher, BT Mar 2010 This work is partly funded by Trilogy, a research project.
QoS interconnect best without effort Bob Briscoe Chief Researcher BT Sep 2009 This work is partly funded by Trilogy, a research project supported by the.

QoS interconnect best without effort Bob Briscoe Chief Researcher BT Sep 2009 This work is partly funded by Trilogy, a research project supported by the.
A broadband incentive solution re-feedback Bob Briscoe, BT Research Nov 2005 CFP broadband incentives w-g.

A broadband incentive solution re-feedback Bob Briscoe, BT Research Nov 2005 CFP broadband incentives w-g.
Whither Congestion Control? Sally Floyd E2ERG, July 2006 www.icir.org/floyd/talks.

Whither Congestion Control? Sally Floyd E2ERG, July
Sorting out Internet resource sharing Bob Briscoe Chief Researcher BT Group Apr 2008.

Sorting out Internet resource sharing Bob Briscoe Chief Researcher BT Group Apr 2008.
ConEx Concepts and Uses Toby Moncaster John Leslie (JLC) Bob Briscoe (BT) Rich Woundy (Comcast) draft-moncaster-conex-concepts-uses-01.

ConEx Concepts and Uses Toby Moncaster John Leslie (JLC) Bob Briscoe (BT) Rich Woundy (Comcast) draft-moncaster-conex-concepts-uses-01.

Similar presentations

Ads by Google