idnits 2.17.1 draft-ietf-tsvwg-diffserv-class-aggr-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 17. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 821. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 832. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 839. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 845. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([5]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 3, 2007) is 6109 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: '1' is defined on line 701, but no explicit reference was found in the text == Unused Reference: '2' is defined on line 704, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2309 (ref. '9') (Obsoleted by RFC 7567) Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TSVWG K. Chan 3 Internet-Draft J. Babiarz 4 Intended status: Informational Nortel 5 Expires: February 4, 2008 F. Baker 6 Cisco Systems 7 August 3, 2007 9 Aggregation of DiffServ Service Classes 10 draft-ietf-tsvwg-diffserv-class-aggr-04 12 Status of this Memo 14 By submitting this Internet-Draft, each author represents that any 15 applicable patent or other IPR claims of which he or she is aware 16 have been or will be disclosed, and any of which he or she becomes 17 aware will be disclosed, in accordance with Section 6 of BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF), its areas, and its working groups. Note that 21 other groups may also distribute working documents as Internet- 22 Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt. 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html. 35 This Internet-Draft will expire on February 4, 2008. 37 Copyright Notice 39 Copyright (C) The IETF Trust (2007). 41 Abstract 43 In the core of a high capacity network, service differentiation may 44 still be needed to support applications' utilization of the network. 45 Applications with similar traffic characteristics and performance 46 requirements are mapped into diffserv service classes based on end- 47 to-end behavior requirements of the applications as indicated by 48 Diffserv Service Classes [5]. However, some network segments may be 49 configured in such a way that a single forwarding treatment may 50 satisfy the traffic characteristics and performance requirements of 51 two or more service classes. In these cases, it may be desirable to 52 aggregate two or more Diffserv Service Classes [5] into a single 53 forwarding treatment. This document provides guidelines for the 54 aggregation of Diffserv Service Classes [5] into forwarding 55 treatments. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 1.1. Requirements Notation . . . . . . . . . . . . . . . . . . 4 61 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 3. Overview of Service Class Aggregation . . . . . . . . . . . . 5 63 4. Service Classes to Treatment Aggregate Mapping . . . . . . . . 6 64 4.1. Mapping Service Classes into Four Treatment Aggregates . . 7 65 4.1.1. Network Control Treatment Aggregate . . . . . . . . . 9 66 4.1.2. Real Time Treatment Aggregate . . . . . . . . . . . . 10 67 4.1.3. Assured Elastic Treatment Aggregate . . . . . . . . . 10 68 4.1.4. Elastic Treatment Aggregate . . . . . . . . . . . . . 11 69 5. Treatment Aggregates and Inter-Provider Relationships . . . . 12 70 6. Security Considerations . . . . . . . . . . . . . . . . . . . 12 71 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 72 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 73 Appendix A. Using MPLS for Treatment Aggregates . . . . . . . . 13 74 Appendix A.1. Network Control Treatment Aggregate with E-LSP . . . 15 75 Appendix A.2. Real Time Treatment Aggregate with E-LSP . . . . . . 15 76 Appendix A.3. Assured Elastic Treatment Aggregate with E-LSP . . . 15 77 Appendix A.4. Elastic Treatment Aggregate with E-LSP . . . . . . . 15 78 Appendix A.5. Treatment Aggregates and L-LSP . . . . . . . . . . . 16 79 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 80 9.1. Normative References . . . . . . . . . . . . . . . . . . . 16 81 9.2. Informative References . . . . . . . . . . . . . . . . . . 17 82 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17 83 Intellectual Property and Copyright Statements . . . . . . . . . . 19 85 1. Introduction 87 In the core of a high capacity network, it is common for the network 88 to be engineered in such a way that a major link, switch, or router 89 can fail and the result will be a routed network that still meets 90 ambient SLAs. The implication of this is that there is sufficient 91 capacity on any given link such that all SLAs sold can be 92 simultaneously supported at their respective maximum rates, and that 93 this remains true after re-routing (either IP re-routing or MPLS 94 protection-mode switching) has occurred. 96 Over-provisioning is generally considered to meet the requirements of 97 all traffic without further QoS treatment, and in the general case 98 that is true in high capacity backbones. However, as the process of 99 network convergence continues, and with the increasing speed of the 100 access networks, certain services may still have issues. Delay, 101 jitter, and occasional loss are perfectly acceptable for elastic 102 applications. However, sub-second surges that occur in the best- 103 designed of networks [14] affect real-time applications. Moreover, 104 DOS loads, worms, and network disruptions such as that of 11 105 September 2001 affect routing [15]. Our objective is to prevent 106 disruption to routing (which in turn affects all services), protect 107 real-time jitter-sensitive services, while minimizing loss and delay 108 of sensitive elastic traffic. 110 The document "Diffserv Service Classes" [5] defines a set of basic 111 diffserv classes from the points of view of the application requiring 112 specific end-to-end behaviors from the network. The service classes 113 are differentiated based on the application payload's tolerance to 114 packet loss, delay, and delay variation (jitter). Different degrees 115 of these criteria form the foundation for supporting the needs of 116 real-time and elastic traffic. The "Diffserv Service Classes" [5] 117 document also provides recommendations for the treatment method of 118 these service classes. But, at some network segments of the end-to- 119 end path, the number of levels of network treatment differentiation 120 may be less than the number of service classes that the network 121 segment needs to support. In such a situation, that network segment 122 may use the same treatment to support more than one service class. 123 In this document we provide guidelines on how multiple service 124 classes may be aggregated into a forwarding treatment aggregate. 125 Having the IP traffic belonging to service classes, expressed using 126 the DSCP, as described by "Diffserv Service Classes" [5]. Note that 127 in a given domain, we may recommend that the supported service 128 classes be aggregated into forwarding treatment aggregates; however, 129 this does not mean all service classes need to be supported and hence 130 not all forwarding treatment aggregates need to be supported. A 131 domain may support fewer or greater number of forwarding treatment 132 aggregates. Which service classes and which forwarding treatment 133 aggregates are supported by a domain is up to the domain 134 administration and may be influenced by business reasons or other 135 reasons (e.g. operational considerations). 137 In this document, we've provided: 139 o definitions for terminology we use in this document, 141 o requirements for performing this aggregation, 143 o an example of performing the aggregation when four treatment 144 aggregates are used, 146 o an example (in the appendix) of performing this aggregation over 147 MPLS using E-LSP. 149 The treatment aggregate recommendations are designed to aggregate the 150 service classes [5] in such a manner as to protect real-time traffic 151 and routing, on the assumption that real-time sessions are protected 152 from each other by admission at the edge. The recommendation given 153 is one possible way of performing the aggregation, there may be other 154 way of aggregation, for example into fewer treatment aggregates or 155 more treatment aggregates. 157 In the appendix, an example of aggregation over MPLS networks using 158 E-LSP, EXP Inferred PHB Scheduling Class (PSC) Label Switched Path 159 (LSP), to realize the treatment aggregates is provided. Note that 160 the MPLS E-LSP is just an example; this document does not exclude the 161 use of other methods. This example only considers aggregation of IP 162 traffic into E-LSP. The use of E-LSP by none-IP traffic is not 163 discussed. 165 1.1. Requirements Notation 167 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 168 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 169 document are to be interpreted as described in RFC 2119 [3]. 171 2. Terminology 173 This document assumes the reader is familiar with the terms used in 174 differentiated services. This document provides the definitions for 175 new terms introduced by this document and referencing information for 176 existing none differentiated services terms defined in existing RFCs. 178 For new terms introduced by this document, we provide the definition 179 here: 181 o Treatment Aggregate. This term is defined as the aggregate of 182 DiffServ service classes [5]. A Treatment Aggregate is concerned 183 only with the forwarding treatment of the aggregated traffic, 184 which may be marked with multiple DSCPs. A Treatment Aggregate 185 differs from Behavior Aggregate [4] and Traffic Aggregate [16], 186 each of which indicate the aggregated traffic having a single 187 diffserv codepoint and utilizing a single PHB. 189 For terms from existing RFCs, we provide the reference to the 190 appropriate section of the relevant RFC that contain the definition: 192 o Real-Time and Elastic Applications and their traffic. Section 3.1 193 of RFC 1633 [6]. 195 o Diffserv Service Class. Section 1.3 of RFC 4594 [5]. 197 o MPLS E-LSP, EXP Inferred PHB Scheduling Class (PSC) Label Switched 198 Path (LSP). Section 1.2 of RFC 3270 [8]. 200 o MPLS L-LSP, Label Only Inferred PHB Scheduling Class (PSC) Label 201 Switched Path (LSP). Section 1.3 of RFC 3270 [8]. 203 3. Overview of Service Class Aggregation 205 In diffserv domains where less fine-grained traffic treatment 206 differentiation is provided, aggregation of the different service 207 classes [5] may be required. 209 These aggregations have the following requirements: 211 1. The end-to-end network performance characteristic required by the 212 application must be supported. This performance characteristic 213 is represented by the use of Diffserv Service Classes [5]. 215 2. The treatment aggregate must meet the strictest requirements of 216 its member service classes. 218 3. The treatment aggregate should only contain member service 219 classes with similar traffic characteristic and performance 220 requirements. 222 4. The notion of the individual end-to-end service classes must not 223 be destroyed when aggregation is performed. Each domain along 224 the end-to-end path may perform aggregation differently, based on 225 the original end-to-end service classes. We recommend an easy 226 way to accomplish this by not altering the DSCP used to indicate 227 the end-to-end service class. But some administrative domains 228 may require the use of their own marking; when this is needed, 229 the original end-to-end service class indication must be restored 230 upon exiting such administrative domains. One possible way of 231 achieving this is with the use of tunnels to encapsulate the end- 232 to-end traffic. 234 5. Each treatment aggregate has limited resources, hence traffic 235 conditioning and/or admission control should be performed for 236 each service class aggregated into the treatment aggregate. 237 Additional admission control and policing may be used on the sum 238 of all traffic aggregated into the treatment aggregate. 240 In addition to the above requirements, we have the following 241 suggestions: 243 1. The treatment aggregate and assigned resources may consider 244 historical traffic patterns and the variability of these 245 patterns. For example, a point-point service (e.g., pseudowire) 246 may have a very predictable pattern, while a multipoint service 247 (e.g., VPLS) may have a much less predictable pattern. 249 2. In addition to Diffserv, other controls are available to 250 influence the traffic level offered to a particular traffic 251 aggregate. These include adjustment of routing metrics, usage of 252 MPLS-based traffic engineering techniques. 254 This document only describes the aggregation of IP traffic based on 255 the use of Diffserv Service Classes [5]. 257 4. Service Classes to Treatment Aggregate Mapping 259 The service class and DSCP selection in "Diffserv Service Classes" 260 [5] has been defined to allow, in many instances, mapping of two or 261 possibly more service classes into a single forwarding treatment 262 aggregate. Notice that there is a relationship/trade-off between 263 link speed, queue depth, delay, and jitter. The degree of 264 aggregation and hence the number of treatment aggregates will depend 265 on whether the speed of the links and scheduler behavior, being used 266 to implement the aggregation, can minimize the effects of mixing 267 traffic with different packet sizes and transmit rates on queue 268 depth, and their impacts on loss, delay, and jitter. A general rule- 269 of-thumb is that higher link speeds allow for more aggregation/ 270 smaller number of treatment aggregates, assuming link utilization is 271 within the engineered level. 273 4.1. Mapping Service Classes into Four Treatment Aggregates 275 This section provides an example of mapping all the service classes 276 defined in RFC 4594 [5] into four treatment aggregates. The use of 277 four treatment aggregates assumes that the resources allocated to 278 each treatment aggregate are sufficient to honor the required 279 behavior of each service class [5] in each of the four treatment 280 aggregates. We use the performance requirement (tolerance to loss, 281 delay, and jitter) from the application/end-user as a guide on how to 282 map the service classes into treatment aggregates. We have also used 283 Section 3.1 of RFC 1633 [6] to provide us with guidance on the 284 definition of Real-Time and Elastic applications. An overview of the 285 mapping between service classes and the four treatment aggregates is 286 provided by Figure 1, with the mapping being based on performance 287 requirements. In Figure 1, the right side columns of "Service 288 Class", "Tolerance to Loss/Delay/Jitter" are from Figure 2 of 289 Diffserv Service Classes [5]. 291 It is recommended that certain service classes be mapped into 292 specific treatment aggregates. But this does not mean that all the 293 service classes recommended for that treatment aggregate need to be 294 supported. Hence, for a given domain, a treatment aggregate may 295 contain only a subset of the service classes recommended in this 296 document, they being the service classes supported by that domain. A 297 domain's treatment of non-supported service classes should be based 298 on the domain's local policy. This local policy may be influenced by 299 its agreement with its customers. Such treatment may use the Elastic 300 Treatment Aggregate, dropping the packets, or some other 301 arrangements. 303 Our example of four treatment aggregates is based on the basic 304 differences in performance requirement from the application/end-user 305 perspective. A domain may choose to support more or fewer treatment 306 aggregates. For example, only supporting three treatment aggregates, 307 and with mapping any network control traffic into the Assured Elastic 308 treatment aggregate. This is a choice the administrative domain has. 309 Hence this example of four treatment aggregates does not represent a 310 minimum required set of treatment aggregates one must implement; nor 311 does it represent the maximum set of treatment aggregates one can 312 implement. 314 --------------------------------------------------------------------- 315 |Treatment | Tolerance to ||Service Class | Tolerance to | 316 |Aggregate | Loss |Delay |Jitter|| | Loss |Delay |Jitter| 317 |==========+======+======+======++===============+======+======+======| 318 | Network | Low | Low | Yes || Network | Low | Low | Yes | 319 | Control | | | || Control | | | | 320 |==========+======+======+======++===============+======+======+======| 321 | Real | Very | Very | Very || Telephony | VLow | VLow | VLow | 322 | Time | Low | Low | Low ||---------------+------+------+------| 323 | | | | || Signaling | Low | Low | Yes | 324 | | | | ||---------------+------+------+------| 325 | | | | || Multimedia |Low - | Very | Low | 326 | | | | || Conferencing |Medium| Low | | 327 | | | | ||---------------+------+------+------| 328 | | | | || Real-time | Low | Very | Low | 329 | | | | || Interactive | | Low | | 330 | | | | ||---------------+------+------+------| 331 | | | | || Broadcast | Very |Medium| Low | 332 | | | | || Video | Low | | | 333 |==========+======+======+======++===============+======+======+======| 334 | Assured | Low |Low - | Yes || Multimedia |Low - |Medium| Yes | 335 | Elastic | |Medium| || Streaming |Medium| | | 336 | | | | ||---------------+------+------+------| 337 | | | | || Low Latency | Low |Low - | Yes | 338 | | | | || Data | |Medium| | 339 | | | | ||---------------+------+------+------| 340 | | | | || OAM | Low |Medium| Yes | 341 | | | | ||---------------+------+------+------| 342 | | | | ||High Throughput| Low |Medium| Yes | 343 | | | | || Data | |- High| | 344 |==========+======+======+======++===============+======+======+======| 345 | Elastic | Not Specified || Standard | Not Specified | 346 | | | | ||---------------+------+------+------| 347 | | | | || Low Priority | High | High | Yes | 348 | | | | || Data | | | | 349 --------------------------------------------------------------------- 351 Figure 1: Treatment Aggregate and Service Class Performance 352 Requirements 354 As we are recommending to preserve the notion of the individual end- 355 to-end service classes, we also recommend that the original DSCP 356 field marking not be changed when treatment aggregates are used. 357 Instead, classifiers that select packets based on the contents of the 358 DSCP field should be used to direct packets from the member DiffServ 359 Service Classes into the queue that handles each of the treatment 360 aggregates, without remarking the DSCP field of the packets. This is 361 summarized in Figure 2, which shows the behavior each Treatment 362 Aggregate should have, and the DSCP field marking of the packets that 363 should be classified into each of the treatment aggregates. 365 ------------------------------------------------------------ 366 |Treatment |Treatment || DSCP | 367 |Aggregate |Aggregate || | 368 | |Behavior || | 369 |==========+==========++=====================================| 370 | Network | CS || CS6 | 371 | Control |(RFC 2474)|| | 372 |==========+==========++=====================================| 373 | Real | EF || EF, CS5, AF41, AF42, AF43, CS4, CS3 | 374 | Time |(RFC 3246)|| | 375 |==========+==========++=====================================| 376 | Assured | AF || CS2, AF31, AF21, AF11 | 377 | Elastic |(RFC 2597)||-------------------------------------| 378 | | || AF32, AF22, AF12 | 379 | | ||-------------------------------------| 380 | | || AF33, AF23, AF13 | 381 |==========+==========++=====================================| 382 | Elastic | Default || Default, (CS0) | 383 | |(RFC 2474)||-------------------------------------| 384 | | || CS1 | 385 ------------------------------------------------------------ 387 Figure 2: Treatment Aggregate Behavior 389 4.1.1. Network Control Treatment Aggregate 391 The Network Control Treatment Aggregate aggregates all service 392 classes that are functionally necessary for the survival of a network 393 during a DOS attack or other high traffic load interval. The theory 394 is that whatever else is true, the network must protect itself. This 395 includes the traffic that "Diffserv Service Classes" [5] 396 characterizes as being included in the Network Control Service Class. 398 Traffic in the Network Control treatment aggregate should be carried 399 in a common queue or class with a PHB as described in RFC 2474 [4] 400 section 4.2.2.2. This treatment aggregate should have a lower 401 probability of packet loss, bearing a relatively deep target mean 402 queue depth (min-threshold if RED is being used). 404 Please notice this Network Control Treatment Aggregate is meant to be 405 used for the customer's network control traffic. The provider may 406 choose to treat its own network control traffic differently, perhaps 407 in its own service class that is not aggregated with the customer's 408 network control traffic. 410 4.1.2. Real Time Treatment Aggregate 412 The Real Time Treatment Aggregate aggregates all real-time 413 (inelastic) service classes. The theory is that real-time traffic is 414 admitted under some model and controlled by a SLA managed at the edge 415 of the network prior to aggregation. As such, there is a predictable 416 and enforceable upper bound on the traffic that can enter such a 417 queue, and to provide predictable variation in delay it must be 418 protected from bursts of elastic traffic. The predictability of 419 traffic level may be based upon admission control for a well known 420 community of interest (e.g., a point-point service) and/or based upon 421 historical measurements. 423 This treatment aggregate may include the following service classes 424 from the Diffserv Service Classes [5], in addition to other locally 425 defined classes: Telephony, Signaling, Multimedia Conferencing, Real- 426 time Interactive, Broadcast Video. 428 Traffic in each service class that is going to be aggregated into the 429 treatment aggregate should be conditioned prior to aggregation. It 430 is recommended that per service class admission control procedures be 431 used followed by per service class policing so that any individual 432 service class does not generate more than what it is allowed. 433 Furthermore, additional admission control and policing may be used on 434 the sum of all traffic aggregated into this treatment aggregate. 436 Traffic in the Real Time treatment aggregate should be carried in a 437 common queue or class with a PHB as described in RFC 3246 [11] and 438 RFC 3247 [12]. 440 4.1.3. Assured Elastic Treatment Aggregate 442 The Assured Elastic Treatment Aggregate aggregates all elastic 443 traffic that uses the Assured Forwarding model as described in RFC 444 2597 [10]. The premise of such a service is that a SLA is negotiated 445 which includes a "committed rate" and the ability to exceed that rate 446 (and perhaps a second "excess rate") in exchange for a higher 447 probability of loss using AQM [9] or ECN marking [13] for the portion 448 of traffic deemed to be in excess. 450 This treatment aggregate may include the following service classes 451 from the Diffserv Service Classes [5], in addition to other locally 452 defined classes: Multimedia Streaming, Low Latency Data, OAM, High 453 Throughput Data. 455 The DSCP values belonging to the AF PHB group and class selector of 456 the original service classes remain an important consideration and 457 should be preserved during aggregation. This treatment aggregate 458 should maintain the AF PHB group marking of the original packet. For 459 example, AF3x marked packets should remain AF3x marked within this 460 treatment aggregate. In addition, the class selector DSCP value 461 should not be changed. Traffic bearing these DSCPs is carried in a 462 common queue or class with a PHB as described in RFC 2597 [10]. In 463 effect, appropriate target rate thresholds have been applied at the 464 edge, dividing traffic into AFn1 (committed, for any value of n), 465 AFn2, and AFn3 (excess). The service should be engineered so that 466 AFn1 and CS2 marked packet flows have sufficient bandwidth in the 467 network to provide high assurance of delivery. Since the traffic is 468 elastic and responds dynamically to packet loss, Active Queue 469 Management [9] should be used primarily to reduce the forwarding rate 470 to the minimum assured rate at congestion points. The probability of 471 loss of AFn1 and CS2 traffic must not exceed the probability of loss 472 of AFn2 traffic, which in turn must not exceed the probability of 473 loss of AFn3 traffic. 475 If RED [9] is used as an AQM algorithm, the min-threshold specifies a 476 target queue depth for each of AFn1+CS2, AFn2, AFn3, and the max- 477 threshold specifies the queue depth above which all traffic with such 478 a DSCP is dropped or ECN marked. Thus, in this Treatment Aggregate, 479 the following inequalities should hold in queue configurations: 481 o min-threshold AFn3 < max-threshold AFn3 483 o max-threshold AFn3 <= min-threshold AFn2 485 o min-threshold AFn2 < max-threshold AFn2 487 o max-threshold AFn2 <= min-threshold AFn1+CS2 489 o min-threshold AFn1+CS2 < max-threshold AFn1+CS2 491 o max-threshold AFn1+CS2 <= memory assigned to the queue 493 Note: This configuration tends to drop AFn3 traffic before AFn2 and 494 AFn2 before AFn1 and CS2. Many other AQM algorithms exist and are 495 used; they should be configured to achieve a similar result. 497 4.1.4. Elastic Treatment Aggregate 499 The Elastic Treatment Aggregate aggregates all remaining elastic 500 traffic. The premise of such a service is that there is no intrinsic 501 SLA differentiation of traffic, but that AQM [9] or ECN flagging [13] 502 is appropriate for such traffic. 504 This treatment aggregate may include the following service classes 505 from the Diffserv Service Classes [5], in addition to other locally 506 defined classes: Standard, Low Priority Data. 508 Treatment aggregates should be well specified, each indicating the 509 service classes it will handle. But in cases where unspecified or 510 unknown service classes are encountered, they may be dropped or be 511 treated using the Elastic Treatment Aggregate. The choice of how to 512 treat unspecified service classes should be well defined, based on 513 some agreements. 515 Traffic in the Elastic treatment aggregate should be carried in a 516 common queue or class with a PHB as described in RFC 2474 [4] section 517 4.1: A Default PHB. The AQM thresholds for Elastic traffic MAY be 518 separately set, so that Low Priority Data traffic is dropped before 519 Standard traffic, but this is not a requirement. 521 5. Treatment Aggregates and Inter-Provider Relationships 523 When Treatment Aggregates are used at provider boundaries, we 524 recommend that the Inter-Provider Relationship be based on Diffserv 525 Service Classes [5]. This allows the admission control into each 526 Treatment Aggregate of a provider domain to be based on the admission 527 control of traffic into the supported Service Classes, as indicated 528 by the discussion in section 4 of this document. 530 If the Inter-Provider Relationship needs to be based on Treatment 531 Aggregates specified by this document, then the exact Treatment 532 Aggregate content and representation must be agreed to by the peering 533 providers. 535 Some additional work on Inter-Provider Relationships is provided by 536 Inter-provider QoS [17], where details on supporting realtime 537 services between service providers are discussed. Some related work 538 in ITU-T provided by Appendix VI of Y.1541 [18] may also help with 539 inter-provider relationships, especially with international 540 providers. 542 6. Security Considerations 544 This document discusses the policy of using Differentiated Services 545 and its service classes. If implemented as described, it should 546 require that the network do nothing that the network has not already 547 allowed. If that is the case, no new security issues should arise 548 from the use of such a policy. 550 It is possible for the policy to be applied incorrectly, or for a 551 wrong policy to be applied in the network for the defined 552 aggregation. In that case, a policy issue exists that the network 553 must detect, assess, and deal with. This is a known security issue 554 in any network dependent on policy-directed behavior. 556 A well known flaw appears when bandwidth is reserved or enabled for a 557 service (for example, voice transport) and another service or an 558 attacking traffic stream uses it. This possibility is inherent in 559 DiffServ technology, which depends on appropriate packet markings. 560 When bandwidth reservation or a priority queuing system is used in a 561 vulnerable network, the use of authentication and flow admission is 562 recommended. To the best of the authors' knowledge, there is no 563 known technical way to respond to or act upon a data stream that has 564 been admitted for service but that it is not intended for 565 authenticated use. 567 7. IANA Considerations 569 This document does not request any IANA considerations. 571 8. Acknowledgements 573 This document has benefited from discussions with numerous people, 574 especially Shane Amante, Brian Carpenter, and Dave McDysan. It has 575 also benefited from detailed reviews by David Black, Marvin Krym, 576 Bruce Davie, Fil Dickinson, and Julie Ann Connary. 578 Appendix A. Using MPLS for Treatment Aggregates 580 RFC 2983 on DiffServ and Tunnels [7] and RFC 3270 on MPLS Support of 581 DiffServ [8] provide a very good background on this topic. This 582 document provides an example of using the E-LSP, EXP Inferred PHB 583 Scheduled Class (PSC) Label Switched Path (LSP), defined by MPLS 584 Support of DiffServ [8] for realizing the Treatment Aggregates. 586 When Treatment Aggregates are represented in MPLS using EXP Inferred 587 PSC LSP, we recommend the following usage of the MPLS EXP field for 588 Treatment Aggregates. 590 ------------------------------------------- 591 |Treatment || MPLS || DSCP | DSCP | 592 |Aggregate || EXP || name | value | 593 |==========++======++=========|=============| 594 | Network || 110 || CS6 | 110000 | 595 | Control || || | | 596 |==========++======++=========|=============| 597 | Real || 100 || EF | 101110 | 598 | Time || ||---------|-------------| 599 | || || CS5 | 101000 | 600 | || ||---------|-------------| 601 | || ||AF41,AF42|100010,100100| 602 | || || AF43 | 100110 | 603 | || ||---------|-------------| 604 | || || CS4 | 100000 | 605 | || ||---------|-------------| 606 | || || CS3 | 011000 | 607 |==========++======++=========|=============| 608 | Assured || 010* || CS2 | 010000 | 609 | Elastic || || AF31 | 011010 | 610 | || || AF21 | 010010 | 611 | || || AF11 | 001010 | 612 | ||------||---------|-------------| 613 | || 011* || AF32 | 011100 | 614 | || || AF22 | 010100 | 615 | || || AF12 | 001100 | 616 | || || AF33 | 011110 | 617 | || || AF23 | 010110 | 618 | || || AF13 | 001110 | 619 |==========++======++=========|=============| 620 | Elastic || 000* || Default | 000000 | 621 | || || (CS0) | | 622 | ||------||---------|-------------| 623 | || 001* || CS1 | 001000 | 624 ------------------------------------------- 626 Figure 3: Treatment Aggregate and MPLS EXP Field Usage 628 Notes *: For Assured Elastic (and Elastic) Treatment Aggregate, the 629 usage of 010 or 011 (000 or 001) as EXP field value depends on the 630 drop probability. Packets in the LSP with EXP field of 011 (001) 631 have a higher probability of being dropped than packets with an EXP 632 field of 010 (000). 634 The above table indicates the recommended usage of EXP fields for 635 Treatment Aggregates. Because many deployments of MPLS are on a per 636 domain basis, each domain has total control of its EXP usage and each 637 domain may use a different EXP field allocation for the domain's 638 supported Treatment Aggregates. 640 Appendix A.1. Network Control Treatment Aggregate with E-LSP 642 The usage of E-LSP for Network Control Treatment Aggregate needs to 643 adhere to the recommendations indicated in section 4.1.1 of this 644 document and section 3.2 of "Diffserv Service Classes" [5]. 645 Reinforcing these recommendations, there should be no drop precedence 646 associated with the MPLS PSC used for Network Control Treatment 647 Aggregate because dropping of Network Control Treatment Aggregate 648 traffic should be prevented. 650 Appendix A.2. Real Time Treatment Aggregate with E-LSP 652 In addition to the recommendations provided in section 4.1.2 of this 653 document and in member service classes' sections of "Diffserv Service 654 Classes" [5], we want to indicate that Real Time Treatment Aggregate 655 traffic should not be dropped, as some of the applications whose 656 traffic is carried in the Real Time Treatment Aggregate do not react 657 well to dropped packets. As indicated in section 4.1.2 of this 658 document, admission control should be performed on each Service Class 659 contributing to the Real Time Treatment Aggregate to prevent packet 660 loss due to insufficient resources allocated to Real Time Treatment 661 Aggregate. Further, admission control and policing may also be 662 applied on the sum of all traffic aggregated into this treatment 663 aggregate. 665 Appendix A.3. Assured Elastic Treatment Aggregate with E-LSP 667 EXP field markings of 010 and 011 are used for the Assured Elastic 668 Treatment Aggregate. The two encodings are used to provide two 669 levels of drop precedence indications, with 010 encoded traffic 670 having a lower probability of being dropped than 011 encoded traffic. 671 This provides for the mapping of CS2, AF31, AF21, and AF11 into EXP 672 010; and AF32, AF22, AF12 and AF33, AF23, AF13 into EXP 011. If the 673 domain chooses to support only one drop precedence for this treatment 674 aggregate, we recommend the use of 010 for EXP field marking. 676 Appendix A.4. Elastic Treatment Aggregate with E-LSP 678 EXP field markings of 000 and 001 are used for the Elastic Treatment 679 Aggregate. The two encodings are used to provide two levels of drop 680 precedence indications, with 000 encoded traffic having a lower 681 probability of being dropped than 001 encoded traffic. This provides 682 for the mapping of Default/CS0 into 000; and CS1 into 001. Notice 683 that with this mapping, during congestion, CS1 marked traffic may be 684 starved. If the domain chooses to support only one drop precedence 685 for this treatment aggregate, we recommend the use of 000 for EXP 686 field marking. 688 Appendix A.5. Treatment Aggregates and L-LSP 690 Because L-LSP (Label Only Inferred PSC LSP) supports a single PSC per 691 LSP, the support of each Treatment Aggregate is on a per LSP basis. 692 This document does not further specify any additional recommendation 693 (beyond what has been indicated in section 4 of this document) for 694 Treatment Aggregate to L-LSP mapping, leaving this to each individual 695 MPLS domain administrations. 697 9. References 699 9.1. Normative References 701 [1] Postel, J., "Internet Protocol", STD 5, RFC 791, 702 September 1981. 704 [2] Bradner, S., "The Internet Standards Process -- Revision 3", 705 BCP 9, RFC 2026, October 1996. 707 [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement 708 Levels", BCP 14, RFC 2119, March 1997. 710 [4] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of 711 the Differentiated Services Field (DS Field) in the IPv4 and 712 IPv6 Headers", RFC 2474, December 1998. 714 [5] Babiarz, J., Chan, K., and F. Baker, "Configuration Guidelines 715 for DiffServ Service Classes", RFC 4594, August 2006. 717 [6] Braden, B., Clark, D., and S. Shenker, "Integrated Services in 718 the Internet Architecture: an Overview", RFC 1633, June 1994. 720 [7] Black, D., "Differentiated Services and Tunnels", RFC 2983, 721 October 2000. 723 [8] Le Faucheur, F., Wu, L., Davie, B., Davari, S., Vaananen, P., 724 Krishnan, R., Cheval, P., and J. Heinanen, "Multi-Protocol 725 Label Switching (MPLS) Support of Differentiated Services", 726 RFC 3270, May 2002. 728 [9] Braden, B., Clark, D., Crowcroft, J., Davie, B., Deering, S., 729 Estrin, D., Floyd, S., Jacobson, V., Minshall, G., Partridge, 730 C., Peterson, L., Ramakrishnan, K., Shenker, S., Wroclawski, 731 J., and L. Zhang, "Recommendations on Queue Management and 732 Congestion Avoidance in the Internet", RFC 2309, April 1998. 734 [10] Heinanen, J., Baker, F., Weiss, W., and J. Wroclawski, "Assured 735 Forwarding PHB Group", RFC 2597, June 1999. 737 [11] Davie, B., Charny, A., Bennet, J., Benson, K., Le Boudec, J., 738 Courtney, W., Davari, S., Firoiu, V., and D. Stiliadis, "An 739 Expedited Forwarding PHB (Per-Hop Behavior)", RFC 3246, 740 March 2002. 742 [12] Charny, A., Bennet, J., Benson, K., Boudec, J., Chiu, A., 743 Courtney, W., Davari, S., Firoiu, V., Kalmanek, C., and K. 744 Ramakrishnan, "Supplemental Information for the New Definition 745 of the EF PHB (Expedited Forwarding Per-Hop Behavior)", 746 RFC 3247, March 2002. 748 [13] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of 749 Explicit Congestion Notification (ECN) to IP", RFC 3168, 750 September 2001. 752 9.2. Informative References 754 [14] Choi, B., Moon, S., Zhang, Z., Papagiannaki, K., and C. Diot, 755 "Analysis of Point-To-Point Packet Delay in an Operational 756 Network", INFOCOMM 2004, March 2004, 757 . 759 [15] Ogielski, A. and J. Cowie, "Internet Routing Behavior on 9/11", 760 March 2002, . 763 [16] Nichols, K. and B. Carpenter, "Definition of Differentiated 764 Services Per Domain Behaviors and Rules for their 765 Specification", RFC 3086, April 2001. 767 [17] MIT Communications Futures Program, "Inter-provider Quality of 768 Service", November 2006, < 769 http://cfp.mit.edu/resources/papers/Interprovider QoS 770 MIT_CFP_WP_9_14_06.pdf>. 772 [18] International Telecommunications Union, "Network performance 773 objectives for IP-based services", February 2006. 775 Authors' Addresses 777 Kwok Ho Chan 778 Nortel 779 600 Technology Park Drive 780 Billerica, MA 01821 781 US 783 Phone: +1-978-288-8175 784 Fax: +1-978-288-8700 785 Email: khchan@nortel.com 787 Jozef Z. Babiarz 788 Nortel 789 3500 Carling Avenue 790 Ottawa, Ont. K2H 8E9 791 Canada 793 Phone: +1-613-763-6098 794 Fax: +1-613-768-2231 795 Email: babiarz@nortel.com 797 Fred Baker 798 Cisco Systems 799 1121 Via Del Rey 800 Santa Barbara, CA 93117 801 US 803 Phone: +1-408-526-4257 804 Fax: +1-413-473-2403 805 Email: fred@cisco.com 807 Full Copyright Statement 809 Copyright (C) The IETF Trust (2007). 811 This document is subject to the rights, licenses and restrictions 812 contained in BCP 78, and except as set forth therein, the authors 813 retain all their rights. 815 This document and the information contained herein are provided on an 816 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 817 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 818 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 819 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 820 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 821 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 823 Intellectual Property 825 The IETF takes no position regarding the validity or scope of any 826 Intellectual Property Rights or other rights that might be claimed to 827 pertain to the implementation or use of the technology described in 828 this document or the extent to which any license under such rights 829 might or might not be available; nor does it represent that it has 830 made any independent effort to identify any such rights. Information 831 on the procedures with respect to rights in RFC documents can be 832 found in BCP 78 and BCP 79. 834 Copies of IPR disclosures made to the IETF Secretariat and any 835 assurances of licenses to be made available, or the result of an 836 attempt made to obtain a general license or permission for the use of 837 such proprietary rights by implementers or users of this 838 specification can be obtained from the IETF on-line IPR repository at 839 http://www.ietf.org/ipr. 841 The IETF invites any interested party to bring to its attention any 842 copyrights, patents or patent applications, or other proprietary 843 rights that may cover technology that may be required to implement 844 this standard. Please address the information to the IETF at 845 ietf-ipr@ietf.org. 847 Acknowledgment 849 Funding for the RFC Editor function is provided by the IETF 850 Administrative Support Activity (IASA).