explicit congestion notification (ecn) rfc 3168 justin yackoski degas networking group...
TRANSCRIPT
Explicit Congestion Notification (ECN)RFC 3168
Justin YackoskiDEGAS Networking Group
[email protected] – TCP/IP
Thanks to Namratha Hundigopal and Preethi Natarajan for slides
10/3/2005 2
Overview•The Problem – Congestion
•The other solution(s)•TCP's basic congestion mechanisms
•Active Queue Management
•Description of ECN•How ECN works
•Why ECN is better
•Performance evaluation
•Status of ECN
10/3/2005 3
Congestion•Router must buffer packets because
input > output•End-to-end delay increases as buffer fills
•When buffer is full, “tail drop” occurs
10/3/2005 4
TCP without ECN•Congestion Detection
•Retransmit Timeout
•3 duplicate ACKs
•“Congestion Avoidance”•Happens after congestion has already
occurred (Multiplicative decrease of cwnd AFTER loss)
•Current TCP does something like congestion ‘recovery’
•Network is treated as a black box, no way to know of impending doom
5
What can sometimes happen?•Global Synchronization – many
connections reduce sending rate at same time, channel is under-utilized
•Lock Out – queue space is monopolized by a few connections
•Full Buffers – If network is operating at capacity, buffers stay full•No spare room for “bursts” of traffic
•End-to-end delay is increased due to queuing delays
6
Active Queue Management•Detect “incipient” (early) congestion
•Try to keep average queue size in “good” range
•Randomly choose IP-PDUs to notify about congestion (how?)
Average queue size lies in-between the thresholds
minmax
10/3/2005 7
What always happens?•Packet drops each time congestion is
detected, very inefficient
•BAD for real-time applications
10/3/2005 8
Explicit Congestion Notification•ECN is an AQM mechanism
•Routers notify TCP about incipient congestion
•Use TCP/IP headers to send ECN signals
•TCP treats ECN signals exactly the same as when a single dropped packet is detected•BUT – Packets are NOT actually
dropped
10/3/2005 9
2 bits => 4 ECN Codepoints
ECT(0) (ECN Capable Transport (0) )
10
CE (Congestion Experienced)11
ECT(1) (ECN Capable Transport(1) )
01
Not-ECT (Not ECN Capable Transport)
00
NameValue
ECN Bits in IP Header
10/3/2005 10
CWR flag - Congestion Window Reduced flag
ECE flag - ECN-Echo flag
ECN Bits in TCP Header
10/3/2005 11
Negotiation between TCP transport entities
sender receiver
ECN-setup SYN
ECN-setup SYN-ACK
ACK
• TCP Sender – sets both ECE and CWR in SYN
• TCP Receiver – sets only ECE in SYN-ACK
• A host must not set ECT in SYN or SYN-ACKSome faulty firewalls either drop an ECN-setup
SYN packet or respond with an RST TCP-PDU
10/3/2005 12
Typical sequence of events(1)•ECT is set in IP-PDU’s carrying
data transmitted by the sender to indicate that ECN is supported by transport entities for this PDU
ECN enabled sender ECN enabled
receiver
ECN enabled router
ECT set
ECN Negotiated during connection establishment
10/3/2005 13
•ECN-capable router detects incipient congestion, and sees that ECT is set in the IP-PDU
•The router sets CE in the IP-PDU
ECT set
Incipient Congestion, set CE
thmax thmin
CE set
Typical sequence of events(2)
10/3/2005 14
•ECN enabled receiver receives the IP-PDU with CE set.
•Receiver conveys the congestion information to the transport sender by setting ECE in the ACK TCP-PDU
ECN enabled sender
ECN enabled receiver
CE set
ECE set in ACK
Congestion
!!!Let me
inform the sender
Typical sequence of events(3)
10/3/2005 15
•TCP sender receives the TCP-PDU with ECE set
•Sender becomes aware of incipient congestion in network
•Sender reacts as if a TCP-PDU was dropped (sender’s cwnd reduced).
ECE set ACK
ECN enabled sender ECN enabled
receiver
Incipient Congestion, reduce cwnd
Typical sequence of events(4)
10/3/2005 16
•TCP sender sets CWR in the next new TCP-PDU to the receiver
•Indicates that the sender has reacted to congestion by reducing the cwnd
ECN enabled sender ECN enabled receiver
Incipient Congestion, reduce cwnd,
Set CWR
CWR set
Typical sequence of events(5)
10/3/2005 17
•Receiver stops sending ACKs with ECE set after getting a TCP-PDU with CWR set if there is no new congestion in the network
Sender has
reduced cwnd, stop
setting ECE flag
ECN enabled sender
ECN enabled receiver ECN enabled router
CWR set
ECE set ACK
Typical sequence of events(6)
10/3/2005 18
Rules of the Game - Sender•On receipt of ECE ACK packet, TCP sender
SHOULD react in the same way as it would for a congestion loss in non-ECN-capable TCP
•Sender TCP SHOULD NOT react more than once every RTT to the ECE ACK packet
•Why? – We saw that receiver keeps sending ECE set ACKs until Receiver gets a TCP-PDU with CWR set from the sender
•For CWR set TCP-PDU to reach the receiver and get acked takes at least 1 RTT. So any more ECEs received in this time span is for the same instance of congestion
10/3/2005 19
Rules of the Game - Sender•TCP sender should set CWR in the
first new TCP-PDU the sender transmits after receiving an ECE set ACK
•What if a CWR set TCP-PDU is lost? •Sender TCP detects the loss•The loss is treated as a new instance of
congestion in network•Sender will have to again reduce its
cwnd and retransmits the lost TCP-PDU without CWR set
10/3/2005 20
Rules of the Game - Receiver•To overcome dropped ECE ACK packets,
receiver MUST keep sending ECE ACKs until it gets a TCP-PDU with CWR set
•Any more IP-PDUs with CE set are treated as new instances of congestion in the network
•In delayed ACKs, ECE in ACK is set if CE is set for any of the IP-PDUs being acknowledged
•What does the receipt of CWR guarantee?•The sender received the ECE message ?
•The sender reduced its congestion window ?
NO
YES
10/3/2005 21
Advantages of ECN•Prevents unnecessary packet drops at
routers less retransmissions improvement in the “GOODPUT”
•Avoids timeouts by getting faster notification to end hosts
•Less retransmissions also means less traffic on the network
10/3/2005 22
ECN Performance Improvements•ECN+ - allow SYN ACKs to be marked
•Internet draft currently
•RED* - mark packets using ECN, don’t drop
10/3/2005 23
Is ECN Secure?•Does ECN add any insecurities to
TCP and/or IP or make any problems worse?
•Can a malicious router:•Interfere with handshake?
•Falsely report congestion?
•Fail to report congestion?
•Disable ECN?
10/3/2005 24
Is ECN used?•Implemented in linux 2.4+, Solaris 9+,
and Cisco routers since 12.2(8)T
10/3/2005 25
References• RFC 3168 – ECN
• RFC 2309 – AQM
• A. Kuzmanovic. The Power of Explicit Congestion Notification. SIGCOMM ’05
• A. Medina, M. Allman, and S. Floyd. Measuring the Evolution of Transport Protocols in the Internet. ACM CCR. 2005
• http://www.cs.ucla.edu/NRL/hpi/tcpw/tcpw_sample/sample.html
• http://www.icir.org/floyd/ecn.html
• http://www.icir.org/floyd/ecn/ecn_security.txt
• Slides from Namratha Hundigopal and Preethi Natarajan