aleksandar kuzmanovic northwestern university -...
TRANSCRIPT
The Power ofExplicit Congestion Notification
Aleksandar Kuzmanovic
Northwestern University
http://www.cs.northwestern.edu/~akuzma/
2A. Kuzmanovic The Power of ECN
Motivation
Recent measurements [PF01,MPF04]:– 2000: 1.1% Web servers support ECN
– 2004: the percent increased to 2.1%
– Not a single packet was marked in the network
2100 2200 2300 2400 year2000
50%
100%ECN deployment
year 2396(Sigcomm # 411)
3A. Kuzmanovic The Power of ECN
Background
ServerClient Marker/Dropper
FCFS schedulerAQM Router
Active Queue Management (AQM):– Simultaneously achieves high throughput and low average delay
– AQM algorithms can mark (instead of drop) packets
– The router and both endpoints have to be ECN-enabled
4A. Kuzmanovic The Power of ECN
Negotiating ECN Capabilities (I)
Client initiates ECN-capable communication
by setting appropriate bits in the TCP SYN
packet’s TCP header
ServerClient
TCP SYN
5A. Kuzmanovic The Power of ECN
Negotiating ECN Capabilities (II)
An ECN-capable server replies by setting appropriate
bits in the SYN ACK packet’s TCP header
ServerClient
TCP SYN
SYN ACK
Once the SYN ACK packet arrives,
ECN negotiation is completed
6A. Kuzmanovic The Power of ECN
Barriers to Adoption of ECN
ServerClient
TCP SYN
reset
router
"Broken"firewall
“Broken” firewalls and load balancers incorrectly reset TCP flows attempting to negotiate ECN – The problem addressed in RFC 3360
Consequences are devastating
New incentives?
7A. Kuzmanovic The Power of ECN
ECN and TCP’s Control Packets
ServerClient
TCP SYN
SYN ACK
HTTP REQ
TCP SYN and SYN ACK packets are dropped during congestion
Can significantly reduce end-to-end performance– RTO = 3 sec (+6 sec, +12 sec, etc.)
Marking SYN packets?
8A. Kuzmanovic The Power of ECN
Marking TCP SYN Packets?
ServerClient
TCP SYN
TCP SYN packets:– Security problems
SYN ACK packets:– No security obstacles
– More relevant• Congestion likely to happen
from servers to clients
9A. Kuzmanovic The Power of ECN
Marking SYN ACK Packets?
ServerClient
TCP SYN
SYN ACK
TCP SYN packets:– Security problems
SYN ACK packets (ECN+):– No security obstacles
– More relevant• Congestion likely to happen
from servers to clients
10A. Kuzmanovic The Power of ECN
Deployment Requirements
Security– No novel security holes
Performance improvements– Necessary to provide incentives to all involved parties
Incremental deployability– What level of deployment is needed to achieve the
above improvements?
– What happens to those who do not apply the change?
11A. Kuzmanovic The Power of ECN
Simulation Scenario
Client pool Server pool
1 Gbps 1 Gbps
100/622/1,000Mbps
Server
Server
Server
Client
Client
Client
requests
responsesAQM
90% objectsdownloaded inless than 0.5 sec
Light and persistent congestion from servers to clients
Web and general traffic mixes
AQM algorithms: Random Early Detection (RED)
(others in the paper)
12A. Kuzmanovic The Power of ECN
Outdated Implementation
min_th max_th AverageQueueLength
max_p
100%
Drop/mark rate
RED (1993)– “This notification can consist of dropping or marking a packet.”
RFC 3168 (2001)– Guidelines for setting ECN with RED
Older RED versions still present (e.g., Linux)
RED’s dropping/marking rate as a function of the queue length
13A. Kuzmanovic The Power of ECN
Dropping RED
min_th max_th AverageQueueLength
max_p
100%
Drop/mark rate
operating point
Reduced performance due to congestion
14A. Kuzmanovic The Power of ECN
Add ECN
min_th max_th AverageQueueLength
max_p
100%
Drop/mark rate
operating point
All SYN packets
are dropped
Outdated implementation can cause drastic
performance degradations
15A. Kuzmanovic The Power of ECN
Add ECN+
min_th max_th AverageQueueLength
max_p
100%
Drop/mark rate
operating point
ECN+ systematically improves throughput and response
times of all investigated AQM schemes
SYN ACK packets
are NOT dropped
16A. Kuzmanovic The Power of ECN
Incremental Deployability
Scenario
Client pool Server poolServer
Server
Server
Client
Client
Client
ECN+at servers
ECNat routers
x% clients: ECN(100-x)%: no ECN
17A. Kuzmanovic The Power of ECN
5% Deployment
Instant gains forECN-enabledclients
95% no ECN
5% ECN
18A. Kuzmanovic The Power of ECN
50% Deployment
50% ECN
50% no ECN
Gradual degradationfor clients notapplying ECN
19A. Kuzmanovic The Power of ECN
95% Deployment
95% ECN
5% no ECN
Performancenecessarilydegraded
20A. Kuzmanovic The Power of ECN
Testbed Experiments
Server pool
100 Mbps
10 Mbps
Server
Server
Server
Client
requests
responses (15 Mbps)
router
ECN no ECNECNECN+
21A. Kuzmanovic The Power of ECN
ECN and Flash Crowds
RED, no ECN
RED, ECN
RED, ECN+
Average Response Time
Throughput(% of capacity)
26 sec
4.5 sec
0.5 sec
44%
56%
99%
Reasonable performance
despite huge congestion
22A. Kuzmanovic The Power of ECN
Conclusions
Security– No novel security holes
Incremental deployability– Instant benefits for clients applying the change
– Gradual degradation for those not applying the change
Incentives– Providers, clients, and servers
Implementation– Wrong or outdated implementation can significantly reduce
deployment and performance