idnits 2.17.1 draft-ietf-tsvwg-rlc-fec-scheme-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 646 has weird spacing: '...air_key key...' -- The document date (May 6, 2018) is 2182 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 760 -- Looks like a reference, but probably isn't: '1' on line 760 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TSVWG V. Roca 3 Internet-Draft B. Teibi 4 Intended status: Standards Track INRIA 5 Expires: November 7, 2018 May 6, 2018 7 Sliding Window Random Linear Code (RLC) Forward Erasure Correction (FEC) 8 Schemes for FECFRAME 9 draft-ietf-tsvwg-rlc-fec-scheme-03 11 Abstract 13 This document describes two fully-specified Forward Erasure 14 Correction (FEC) Schemes for Sliding Window Random Linear Codes 15 (RLC), one for RLC over GF(2) (binary case), a second one for RLC 16 over GF(2^^8), both of them with the possibility of controlling the 17 code density. They can protect arbitrary media streams along the 18 lines defined by FECFRAME extended to sliding window FEC codes. 19 These sliding window FEC codes rely on an encoding window that slides 20 over the source symbols, generating new repair symbols whenever 21 needed. Compared to block FEC codes, these sliding window FEC codes 22 offer key advantages with real-time flows in terms of reduced FEC- 23 related latency while often providing improved packet erasure 24 recovery capabilities. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at https://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on November 7, 2018. 43 Copyright Notice 45 Copyright (c) 2018 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (https://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 61 1.1. Limits of Block Codes with Real-Time Flows . . . . . . . 3 62 1.2. Lower Latency and Better Protection of Real-Time Flows 63 with the Sliding Window RLC Codes . . . . . . . . . . . . 4 64 1.3. Small Transmission Overheads with the Sliding Window RLC 65 FEC Scheme . . . . . . . . . . . . . . . . . . . . . . . 5 66 1.4. Document Organization . . . . . . . . . . . . . . . . . . 6 67 2. Definitions and Abbreviations . . . . . . . . . . . . . . . . 6 68 3. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . 7 69 3.1. Possible Parameter Derivation . . . . . . . . . . . . . . 7 70 3.1.1. Detailed Parameter Derivation for CBR Real-Time Flows 8 71 3.1.2. Parameter Derivation for Other Real-Time Flows . . . 10 72 3.1.3. Parameter Derivation for Non Real-Time Flows . . . . 10 73 3.2. ADU, ADUI and Source Symbols Mappings . . . . . . . . . . 11 74 3.3. Encoding Window Management . . . . . . . . . . . . . . . 12 75 3.4. Pseudo-Random Number Generator . . . . . . . . . . . . . 13 76 3.5. Coding Coefficients Generation Function . . . . . . . . . 14 77 3.6. Linear Combination of Source Symbols Computation . . . . 16 78 4. Sliding Window RLC FEC Scheme over GF(2^^8) for Arbitrary ADU 79 Flows . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 80 4.1. Formats and Codes . . . . . . . . . . . . . . . . . . . . 17 81 4.1.1. FEC Framework Configuration Information . . . . . . . 17 82 4.1.2. Explicit Source FEC Payload ID . . . . . . . . . . . 18 83 4.1.3. Repair FEC Payload ID . . . . . . . . . . . . . . . . 19 84 4.1.4. Additional Procedures . . . . . . . . . . . . . . . . 20 85 5. Sliding Window RLC FEC Scheme over GF(2) for Arbitrary ADU 86 Flows . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 87 5.1. Formats and Codes . . . . . . . . . . . . . . . . . . . . 21 88 5.1.1. FEC Framework Configuration Information . . . . . . . 21 89 5.1.2. Explicit Source FEC Payload ID . . . . . . . . . . . 21 90 5.1.3. Repair FEC Payload ID . . . . . . . . . . . . . . . . 21 91 5.1.4. Additional Procedures . . . . . . . . . . . . . . . . 21 92 6. FEC Code Specification . . . . . . . . . . . . . . . . . . . 21 93 6.1. Encoding Side . . . . . . . . . . . . . . . . . . . . . . 21 94 6.2. Decoding Side . . . . . . . . . . . . . . . . . . . . . . 22 95 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 23 96 8. Security Considerations . . . . . . . . . . . . . . . . . . . 23 97 8.1. Attacks Against the Data Flow . . . . . . . . . . . . . . 24 98 8.1.1. Access to Confidential Content . . . . . . . . . . . 24 99 8.1.2. Content Corruption . . . . . . . . . . . . . . . . . 24 100 8.2. Attacks Against the FEC Parameters . . . . . . . . . . . 24 101 8.3. When Several Source Flows are to be Protected Together . 25 102 8.4. Baseline Secure FEC Framework Operation . . . . . . . . . 25 103 9. Operations and Management Considerations . . . . . . . . . . 25 104 9.1. Operational Recommendations: Finite Field GF(2) Versus 105 GF(2^^8) . . . . . . . . . . . . . . . . . . . . . . . . 25 106 9.2. Operational Recommendations: Coding Coefficients Density 107 Threshold . . . . . . . . . . . . . . . . . . . . . . . . 25 108 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26 109 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 26 110 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 26 111 12.1. Normative References . . . . . . . . . . . . . . . . . . 26 112 12.2. Informative References . . . . . . . . . . . . . . . . . 27 113 Appendix A. Decoding Beyond Maximum Latency Optimization . . . . 29 114 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 30 116 1. Introduction 118 Application-Level Forward Erasure Correction (AL-FEC) codes, or 119 simply FEC codes, are a key element of communication systems. They 120 are used to recover from packet losses (or erasures) during content 121 delivery sessions to a large number of receivers (multicast/broadcast 122 transmissions). This is the case with the FLUTE/ALC protocol 123 [RFC6726] when used for reliable file transfers over lossy networks, 124 and the FECFRAME protocol when used for reliable continuous media 125 transfers over lossy networks. 127 The present document only focusses on the FECFRAME protocol, used in 128 multicast/broadcast delivery mode, with contents that feature 129 stringent real-time constraints: each source packet has a maximum 130 validity period after which it will not be considered by the 131 destination application. 133 1.1. Limits of Block Codes with Real-Time Flows 135 With FECFRAME, there is a single FEC encoding point (either a end- 136 host/server (source) or a middlebox) and a single FEC decoding point 137 (either a end-host (receiver) or middlebox). In this context, 138 currently standardized AL-FEC codes for FECFRAME like Reed-Solomon 139 [RFC6865], LDPC-Staircase [RFC6816], or Raptor/RaptorQ, are all 140 linear block codes: they require the data flow to be segmented into 141 blocks of a predefined maximum size. 143 To define this block size, it is required to find an appropriate 144 balance between robustness and decoding latency: the larger the block 145 size, the higher the robustness (e.g., in front of long packet 146 erasure bursts), but also the higher the maximum decoding latency 147 (i.e., the maximum time required to recover a lost (erased) packet 148 thanks to FEC protection). Therefore, with a multicast/broadcast 149 session where different receivers experience different packet loss 150 rates, the block size should be chosen by considering the worst 151 communication conditions one wants to support, but without exceeding 152 the desired maximum decoding latency. This choice then impacts the 153 FEC-related latency of all receivers, even those experiencing a good 154 communication quality, since no FEC encoding can happen until all the 155 source data of the block is available at the sender, which directly 156 depends on the block size. 158 1.2. Lower Latency and Better Protection of Real-Time Flows with the 159 Sliding Window RLC Codes 161 This document introduces two fully-specified FEC Schemes that follow 162 a totally different approach: the Sliding Window Random Linear Codes 163 (RLC) over either Finite Field GF(2) or GF(8). These FEC Schemes are 164 used to protect arbitrary media streams along the lines defined by 165 FECFRAME extended to sliding window FEC codes [fecframe-ext]. These 166 FEC Schemes, and more generally Sliding Window FEC codes, are 167 recommended for instance with media that feature real-time 168 constraints sent within a multicast/broadcast session [Roca17]. 170 The RLC codes belong to the broad class of sliding window AL-FEC 171 codes (A.K.A. convolutional codes). The encoding process is based on 172 an encoding window that slides over the set of source packets (in 173 fact source symbols as we will see in Section 3.2), and which is 174 either of fixed or variable size (elastic window). Repair packets 175 (symbols) are generated on-the-fly, computing a random linear 176 combination of the source symbols present in the current encoding 177 window, and passed to the transport layer. 179 At the receiver, a linear system is managed from the set of received 180 source and repair packets. New variables (representing source 181 symbols) and equations (representing the linear combination of each 182 repair symbol received) are added upon receiving new packets. 183 Variables are removed when they are too old with respect to their 184 validity period (real-time constraints), as well as the associated 185 equations they are involved in (Appendix A introduces an optimization 186 that extends the time a variable is considered in the system). Lost 187 source symbols are then recovered thanks to this linear system 188 whenever its rank permits it. 190 With RLC codes (more generally with sliding window codes), the 191 protection of a multicast/broadcast session also needs to be 192 dimensioned by considering the worst communication conditions one 193 wants to support. However the receivers experiencing a good to 194 medium communication quality will observe a reduced FEC-related 195 latency compared to block codes [Roca17] since an isolated lost 196 source packet is quickly recovered with the following repair packet. 197 On the opposite, with a block code, recovering an isolated lost 198 source packet always requires waiting for the first repair packet to 199 arrive after the end of the block. Additionally, under certain 200 situations (e.g., with a limited FEC-related latency budget and with 201 constant bitrate transmissions after FECFRAME encoding), sliding 202 window codes can more efficiently achieve a target transmission 203 quality (e.g., measured by the residual loss after FEC decoding) by 204 sending fewer repair packets (i.e., higher code rate) than block 205 codes. 207 1.3. Small Transmission Overheads with the Sliding Window RLC FEC 208 Scheme 210 The Sliding Window RLC FEC Scheme is designed to limit the packet 211 header overhead. The main requirement is that each repair packet 212 header must enable a receiver to reconstruct the set of source 213 symbols plus the associated coefficients used during the encoding 214 process. In order to minimize packet overhead, the set of source 215 symbols in the encoding window as well as the set of coefficients 216 over GF(2^^m) (where m is 1 or 8, depending on the FEC Scheme) used 217 in the linear combination are not individually listed in the repair 218 packet header. Instead, each FEC Repair Packet header contains: 220 o the Encoding Symbol Identifier (ESI) of the first source symbol in 221 the encoding window as well as the number of symbols (since this 222 number may vary with a variable size, elastic window). These two 223 pieces of information enable each receiver to reconstruct the set 224 of source symbols considered during encoding, the only constraint 225 being that there cannot be any gap; 226 o the seed used by a coding coefficients generation function 227 (Section 3.5). This information enables each receiver to generate 228 the same set of coding coefficients over GF(2^^m) as the sender; 230 Therefore, no matter the number of source symbols present in the 231 encoding window, each FEC Repair Packet features a fixed 64-bit long 232 header, called Repair FEC Payload ID (Figure 7). Similarly, each FEC 233 Source Packet features a fixed 32-bit long trailer, called Explicit 234 Source FEC Payload ID (Figure 5), that contains the ESI of the first 235 source symbol (see the ADUI and source symbol mapping, Section 3.2). 237 1.4. Document Organization 239 This fully-specified FEC Scheme follows the structure required by 240 [RFC6363], section 5.6. "FEC Scheme Requirements", namely: 242 3. Procedures: This section describes procedures specific to this 243 FEC Scheme, namely: RLC parameters derivation, ADUI and source 244 symbols mapping, pseudo-random number generator, and coding 245 coefficients generation function; 246 4. Formats and Codes: This section defines the Source FEC Payload 247 ID and Repair FEC Payload ID formats, carrying the signalling 248 information associated to each source or repair symbol. It also 249 defines the FEC Framework Configuration Information (FFCI) 250 carrying signalling information for the session; 251 5. FEC Code Specification: Finally this section provides the code 252 specification. 254 2. Definitions and Abbreviations 256 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 257 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 258 document are to be interpreted as described in [RFC2119]. 260 This document uses the following definitions and abbreviations: 262 GF(q) denotes a finite field (also known as the Galois Field) with q 263 elements. We assume that q = 2^^m in this document 264 m defines the length of the elements in the finite field, in bits. 265 In this document, m is equal to 1 or 8 266 ADU: Application Data Unit 267 ADUI: Application Data Unit Information (includes the F, L and 268 padding fields in addition to the ADU) 269 E: size of an encoding symbol (i.e., source or repair symbol), 270 assumed fixed (in bytes) 271 br_in: transmission bitrate at the input of the FECFRAME sender, 272 assumed fixed (in bits/s) 273 br_out: transmission bitrate at the output of the FECFRAME sender, 274 assumed fixed (in bits/s) 275 max_lat: maximum FEC-related latency within FECFRAME (in seconds) 276 cr: RLC coding rate, ratio between the total number of source 277 symbols and the total number of source plus repair symbols 278 ew_size: encoding window current size at a sender (in symbols) 279 ew_max_size: encoding window maximum size at a sender (in symbols) 280 dw_max_size: decoding window maximum size at a receiver (in symbols) 281 ls_max_size: linear system maximum size (or width) at a receiver (in 282 symbols) 283 PRNG: pseudo-random number generator 284 pmms_rand(maxv): PRNG defined in Section 3.4 and used in this 285 specification, that returns a new random integer in [0; maxv-1] 286 DT: coding coefficients density threshold, an integer between 0 and 287 15 (inclusive) the controls the fraction of coefficients that are 288 non zero 290 3. Procedures 292 This section introduces the procedures that are used by these FEC 293 Schemes. 295 3.1. Possible Parameter Derivation 297 The Sliding Window RLC FEC Scheme relies on several parameters: 299 Maximum FEC-related latency budget, max_lat (in seconds) A source 300 ADU flow can have real-time constraints, and therefore any 301 FECFRAME related operation must take place within the validity 302 period of each ADU. When there are multiple flows with different 303 real-time constraints, we consider the most stringent constraints 304 (see [RFC6363], Section 10.2, item 6, for recommendations when 305 several flows are globally protected). The maximum FEC-related 306 latency budget, max_lat, accounts for all sources of latency added 307 by FEC encoding (at a sender) and FEC decoding (at a receiver). 308 Other sources of latency (e.g., added by network communications) 309 are out of scope and must be considered separately (said 310 differently, they have already been deducted from max_lat). 311 max_lat can be regarded as the latency budget permitted for all 312 FEC-related operations. This is an input parameter that enables 313 to derive other internal parameters as explained below; 314 Encoding window current (resp. maximum) size, ew_size (resp. 315 ew_max_size) (in symbols): 316 these parameters are used by a sender during FEC encoding. More 317 precisely, each repair symbol is a linear combination of the 318 ew_size source symbols present in the encoding window when RLC 319 encoding took place. At session start, the encoding window will 320 probably be small and then progressively increase until it reaches 321 its maximum value. At any time: 323 ew_size <= ew_max_size 324 Decoding window maximum size, dw_max_size (in symbols): at a 325 receiver, this parameter denotes the maximum number of received or 326 lost source symbols in the linear system (i.e., the variables) 327 that are still within their latency budget; 328 Linear system maximum size, ls_max_size (in symbols): The linear 329 system maximum size managed by a receiver SHOULD NOT be smaller 330 than this decoding window maximum size, since it would mean that, 331 after receiving a sufficient number of FEC Repair Packets, an ADU 332 may not be recovered just because it has been removed from the 333 linear system, and not because it has timed-out. This would be 334 counter-productive. On the opposite, the linear system MAY grow 335 beyond this value with old source symbols kept in the linear 336 system whereas their associated ADUs timed-out (Appendix A); 337 Symbol size, E (in bytes) and RLC code rate (cr): the E parameter 338 determines the source and repair symbol sizes (necessarily equal). 339 The cr parameter determines the code rate, i.e., the amount of 340 redundancy added to the flow (i.e., cr is the ratio between the 341 total number of source symbols and the total number of source plus 342 repair symbols). These two parameters are input parameters that 343 enable to derive other internal parameters as explained below. An 344 implementation at a sender SHOULD fix the E parameter and 345 communicate it as part of the FEC Scheme-Specific Information 346 (Section 4.1.1.2). However there is no need to communicate the cr 347 parameter per see (it's not required to process a repair packet at 348 a receiver). This code rate parameter can be fixed. However, in 349 specific use-cases (e.g., with unicast transmissions in presence 350 of a feedback mechanism that estimates the communication quality, 351 out-of-scope of FECFRAME), the code rate may be adjusted 352 dynamically. 354 The FEC Schemes specified in this document can be used in various 355 manners. They can protect one or more source ADU flows having real- 356 time constraints, or they can protect non-realtime source ADU flows. 357 The source ADU flows may be Constant Bitrate (CBR) flows, while other 358 may be of Variable Bitrate (VBR). The FEC Schemes can be used in 359 various environments like the Internet or over a CBR channel. It 360 follows that the FEC Scheme parameters can be derived in different 361 ways, as described in the following sections. 363 3.1.1. Detailed Parameter Derivation for CBR Real-Time Flows 365 In the following, we consider a real-time flow with max_lat latency 366 budget. The encoding symbol size (E, in bytes) is constant. The 367 code rate (cr) is also constant, in line with the expected 368 communication loss model. However the choice of this cr value is out 369 of scope for this document. 371 In a first configuration, the source ADU flow bitrate at the input of 372 the FECFRAME sender is fixed (br_in, in bits/s). It means that the 373 transmission bitrate at the output of the FECFRAME sender will be 374 higher, depending on the added repair flow overhead. In order to 375 comply with the maximum FEC-related latency budget, we have: 377 dw_max_size = (max_lat * br_in) / (8 * E) 379 In a second configuration, the FECFRAME sender generates a fixed 380 bitrate flow, equal to the CBR channel bitrate (br_out, in bits/s), 381 as in [Roca17]. The maximum source flow bitrate needs to be such 382 that, with the added repair flow overhead, the total transmission 383 bitrate remains (inferior or) equal to br_out. Here we have: 385 dw_max_size = (max_lat * br_out * cr) / (8 * E) 387 For decoding to be possible, it is required that the encoding window 388 maximum size be at most equal to the decoding window maximum size. 389 So, once the dw_max_size has been determined, the ew_max_size SHOULD 390 be computed with ([Roca17]): 392 ew_max_size = dw_max_size * 0.75 394 The ew_max_size is the main parameter, used by a FECFRAME sender. 395 Whenever the FEC protection (i.e., cr value) is sufficient in front 396 of the packet loss model, the ew_max_size guaranties that the 397 recovery of lost ADUs will happen at a FECFRAME receiver on time. 399 The dw_max_size is computed by a FECFRAME sender but not explicitly 400 communicated to a FECFRAME receiver. However a FECFRAME receiver can 401 easily evaluate the ew_max_size by observing the maximum Number of 402 Source Symbols (NSS) value contained in the Repair FEC Payload ID of 403 received FEC Repair Packets (Section 4.1.3). A receiver can then 404 easily compute dw_max_size: 406 dw_max_size = max_NSS_observed / 0.75 408 and chose an appropriate maximum linear system size. Having a 409 limited linear system size is a practical requirement that enables to 410 forget old source symbols, no longer needed. We have: 412 ls_max_size >= dw_max_size 414 Using the same maximum size is the minimum. But it is good practice 415 to use a larger value for ls_max_size as explained in Appendix A, 416 without impacting maximum latency nor interoperability. 418 The particular case of session start needs to be managed 419 appropriately. Here the ew_size progressively increases, upon 420 receiving new source ADUs at the FECFRAME sender, until it reaches 421 the ew_max_size value, A FECFRAME receiver SHOULD continuously 422 observe the received FEC Repair Packets, since the NSS value carried 423 in the Repair FEC Payload ID will increase too, and adjust the 424 ls_max_size accordingly. 426 3.1.2. Parameter Derivation for Other Real-Time Flows 428 There are situations where the real-time source ADU flow is of 429 variable bitrate (VBR). A first possibility is to consider the peak 430 bitrate of the source ADU flow, when this parameter is known, and to 431 reuse the derivation of Section 3.1.1. 433 There are also situations where the peak bitrate is not know. In 434 that case the previous parameter derivation cannot be directly 435 applied. An approach in that case consists in using ADU timing 436 information when present (e.g., using the timestamp field of an RTP 437 packet header) to manage the encoding window accordingly, in 438 particular removing old symbols whose associated ADUs timed-out. 440 No matter the choice of the FECFRAME sender, a FECFRAME receiver can 441 still easily evaluate the ew_max_size by observing the maximum Number 442 of Source Symbols (NSS) value contained in the Repair FEC Payload ID 443 of received FEC Repair Packets. A receiver can then compute 444 dw_max_size and derive an appropriate maximum linear system size, 445 ls_max_size. 447 When the observed NSS fluctuates significantly and perhaps slowly, a 448 FECFRAME receiver may want to adapt its ls_max_size accordingly in 449 order to avoid managing linear systems that would be significantly 450 too large. It is worth noticing however that it is preferable to use 451 an ls_max_size too large than the opposite. 453 Beyond these general guidelines, the details of how to manage these 454 situations at a FECFRAME sender and receiver remain out of scope of 455 this document. 457 3.1.3. Parameter Derivation for Non Real-Time Flows 459 Finally there are situations where there is no known real-time 460 constraints. FECFRAME and the FEC Schemes defined in this document 461 can still be used. The choice of appropriate parameter values can be 462 directed by practical considerations. It can be an estimation of the 463 maximum memory amount that could be dedicated to the linear system at 464 a FECFRAME receiver, or CPU computation requirements at a FECFRAME 465 receiver, both of them depending on the ls_max_size. The same 466 considerations can also apply to the FECFRAME sender, where maximum 467 memory and CPU computation requirements depend on the ew_max_size. 468 Here also, the NSS value contained in FEC Repair Packets is used to 469 inform a FECFRAME receiver of the current coding window size (and 470 ew_max_size by observing its maximum value over the time). 472 Beyond these general guidelines, the details of how to manage these 473 situations at a FECFRAME sender and receiver remain out of scope of 474 this document. 476 3.2. ADU, ADUI and Source Symbols Mappings 478 At a sender, an ADU coming from the application cannot directly be 479 mapped to source symbols. When multiple source flows (e.g., media 480 streams) are mapped onto the same FECFRAME instance, each flow is 481 assigned its own Flow ID value (see below). At a sender, this 482 identifier is prepended to each ADU before FEC encoding. This way, 483 FEC decoding at a receiver also recovers this Flow ID and a recovered 484 ADU can be assigned to the right source flow (note that transport 485 port numbers and IP addresses cannot be used to that purpose as they 486 are not recovered during FEC decoding). 488 Additionally, since ADUs are of variable size, padding is needed so 489 that each ADU (with its flow identifier) contribute to an integral 490 number of source symbols. This requires adding the original ADU 491 length to each ADU before doing FEC encoding. Because of these 492 requirements, an intermediate format, the ADUI, or ADU Information, 493 is considered [RFC6363]. 495 For each incoming ADU, an ADUI MUST created as follows. First of 496 all, 3 bytes are prepended (Figure 1): 498 Flow ID (F) (8-bit field): this unsigned byte contains the integer 499 identifier associated to the source ADU flow to which this ADU 500 belongs. It is assumed that a single byte is sufficient, which 501 implies that no more than 256 flows will be protected by a single 502 FECFRAME session instance. 503 Length (L) (16-bit field): this unsigned integer contains the length 504 of this ADU, in network byte order (i.e., big endian). This 505 length is for the ADU itself and does not include the F, L, or Pad 506 fields. 508 Then, zero padding is added to the ADU if needed: 510 Padding (Pad) (variable size field): this field contains zero 511 padding to align the F, L, ADU and padding up to a size that is 512 multiple of E bytes (i.e., the source and repair symbol length). 514 The data unit resulting from the ADU and the F, L, and Pad fields is 515 called ADUI. Since ADUs can have different sizes, this is also the 516 case for ADUIs. However an ADUI always contributes to an integral 517 number of source symbols. 519 symbol length, E E E 520 < ------------------ >< ------------------ >< ------------------ > 521 +-+--+---------------------------------------------+-------------+ 522 |F| L| ADU | Pad | 523 +-+--+---------------------------------------------+-------------+ 525 Figure 1: ADUI Creation example (here 3 source symbols are created 526 for this ADUI). 528 Note that neither the initial 3 bytes nor the optional padding are 529 sent over the network. However, they are considered during FEC 530 encoding, and a receiver who lost a certain FEC Source Packet (e.g., 531 the UDP datagram containing this FEC Source Packet when UDP is used 532 as the transport protocol) will be able to recover the ADUI if FEC 533 decoding succeeds. Thanks to the initial 3 bytes, this receiver will 534 get rid of the padding (if any) and identify the corresponding ADU 535 flow. 537 3.3. Encoding Window Management 539 Source symbols and the corresponding ADUs are removed from the 540 encoding window: 542 o when the sliding encoding window has reached its maximum size, 543 ew_max_size. In that case the oldest symbol MUST be removed 544 before adding a new symbol, so that the current encoding window 545 size always remains inferior or equal to the maximum size: ew_size 546 <= ew_max_size; 547 o when an ADU has reached its maximum validity duration in case of a 548 real-time flow. When this happens, all source symbols 549 corresponding to the ADUI that expired SHOULD be removed from the 550 encoding window; 552 Source symbols are added to the sliding encoding window each time a 553 new ADU arrives, once the ADU to source symbols mapping has been 554 performed (Section 3.2). The current size of the encoding window, 555 ew_size, is updated after adding new source symbols. This process 556 may require to remove old source symbols so that: ew_size <= 557 ew_max_size. 559 Note that a FEC codec may feature practical limits in the number of 560 source symbols in the encoding window (e.g., for computational 561 complexity reasons). This factor may further limit the ew_max_size 562 value, in addition to the maximum FEC-related latency budget 563 (Section 3.1). 565 3.4. Pseudo-Random Number Generator 567 The RLC codes rely on the following Pseudo-Random Number Generator 568 (PRNG), identical to the PRNG used with LDPC-Staircase codes 569 ([RFC5170], section 5.7). 571 The Park-Miler "minimal standard" PRNG [PM88] MUST be used. It 572 defines a simple multiplicative congruential algorithm: Ij+1 = A * Ij 573 (modulo M), with the following choices: A = 7^^5 = 16807 and M = 574 2^^31 - 1 = 2147483647. A validation criteria of such a PRNG is the 575 following: if seed = 1, then the 10,000th value returned MUST be 576 equal to 1043618065. 578 Several implementations of this PRNG are known and discussed in the 579 literature. An optimized implementation of this algorithm, using 580 only 32-bit mathematics, and which does not require any division, can 581 be found in [rand31pmc]. It uses the Park and Miller algorithm 582 [PM88] with the optimization suggested by D. Carta in [CA90]. The 583 history behind this algorithm is detailed in [WI08]. 585 This PRNG produces, natively, a 31-bit value between 1 and 0x7FFFFFFE 586 (2^^31-2) inclusive. Since it is desired to scale the pseudo-random 587 number between 0 and maxv-1 inclusive, one must keep the most 588 significant bits of the value returned by the PRNG (the least 589 significant bits are known to be less random, and modulo-based 590 solutions should be avoided [PTVF92]). The following algorithm MUST 591 be used: 593 Input: 595 raw_value: random integer generated by the inner PRNG algorithm, 596 between 1 and 0x7FFFFFFE (2^^31-2) inclusive. 597 maxv: upper bound used during the scaling operation. 599 Output: 601 scaled_value: random integer between 0 and maxv-1 inclusive. 603 Algorithm: 605 scaled_value = (unsigned long) ((double)maxv * (double)raw_value / 606 (double)0x7FFFFFFF); 607 (NB: the above C type casting to unsigned long is equivalent to 608 using floor() with positive floating point values.) 610 In this document, pmms_rand(maxv) denotes the PRNG function that 611 implements the Park-Miller "minimal standard" algorithm, defined 612 above, and that scales the raw value between 0 and maxv-1 inclusive, 613 using the above scaling algorithm. 615 Additionally, the pmms_srand(seed) function must be provided to 616 enable the initialization of the PRNG with a seed before calling 617 pmms_rand(maxv) the first time. The seed is a 31-bit integer between 618 1 and 0x7FFFFFFE inclusive. In this specification, the seed is 619 restricted to a value between 1 and 0xFFFF inclusive, as this is the 620 Repair_Key 16-bit field value of the Repair FEC Payload ID 621 (Section 4.1.3). 623 3.5. Coding Coefficients Generation Function 625 The coding coefficients, used during the encoding process, are 626 generated at the RLC encoder by the generate_coding_coefficients() 627 function each time a new repair symbol needs to be produced. The 628 fraction of coefficients that are non zero (i.e., the density) is 629 controlled by the DT (Density Threshold) parameter. When DT equals 630 15, the maximum value, the function guaranties that all coefficients 631 are non zero (i.e., maximum density). When DT is between 0 (minimum 632 value) and strictly inferior to 15, the average probability of having 633 a non zero coefficient equals (DT +1) / 16. 635 These considerations apply both the RLC over GF(2) and RLC over 636 GF(2^^8), the only difference being the value of the m parameter. 637 With the RLC over GF(2) FEC Scheme (Section 5), m MUST be equal to 1. 638 With RLC over GF(2^^8) FEC Scheme (Section 4), m MUST be equal to 8. 640 641 /* 642 * Fills in the table of coding coefficients (of the right size) 643 * provided with the appropriate number of coding coefficients to 644 * use for the repair symbol key provided. 645 * 646 * (in) repair_key key associated to this repair symbol. This 647 * parameter is ignored (useless) if m=2 and dt=15 648 * (in) cc_tab[] pointer to a table of the right size to store 649 * coding coefficients. All coefficients are 650 * stored as bytes, regardless of the m parameter, 651 * upon return of this function. 652 * (in) cc_nb number of entries in the table. This value is 653 * equal to the current encoding window size. 654 * (in) dt integer between 0 and 15 (inclusive) that 655 * controls the density. With value 15, all 656 * coefficients are guaranteed to be non zero 657 * (i.e. equal to 1 with GF(2) and equal to a 658 * value in {1,... 255} with GF(2^^8)), otherwise 659 * a fraction of them will be 0. 661 * (in) m Finite Field GF(2^^m) parameter. In this 662 * document only values 1 and 8 are considered. 663 * (out) returns an error code 664 */ 665 int generate_coding_coefficients (UINT16 repair_key, 666 UINT8 cc_tab[], 667 UINT16 cc_nb, 668 UINT8 dt, 669 UINT8 m) 670 { 671 UINT32 i; 673 if (dt > 15) { 674 return SOMETHING_WENT_WRONG; /* bad dt parameter */ 675 } 676 if (repair_key == 0 && dt != 15 && m != 2) { 677 return SOMETHING_WENT_WRONG; /* bad repair_key parameter */ 678 } 679 switch (m) { 680 case 1: 681 if (dt == 15) { 682 /* all coefficients are 1 */ 683 memset(cc_tab, 1, cc_nb); 684 } else { 685 /* here coefficients are either 0 or 1 */ 686 pmms_srand(repair_key); 687 pmms_rand(16); /* skip the first PRNG value */ 688 for (i = 0 ; i < cc_nb ; i++) { 689 if (pmms_rand(16) <= dt) { 690 cc_tab[i] = (UINT8) 1; 691 } else { 692 cc_tab[i] = (UINT8) 0; 693 } 694 } 695 } 696 break; 698 case 8: 699 pmms_srand(repair_key); 700 pmms_rand(256); /* skip the first PRNG value */ 701 if (dt == 15) { 702 /* coefficient 0 is avoided here in order to include 703 * all the source symbols */ 704 for (i = 0 ; i < cc_nb ; i++) { 705 do { 706 cc_tab[i] = (UINT8) pmms_rand(256); 707 } while (cc_tab[i] == 0); 708 } 710 } else { 711 /* here a certain fraction of coefficients should be 0 */ 712 for (i = 0 ; i < cc_nb ; i++) { 713 if (pmms_rand(16) <= dt) { 714 do { 715 cc_tab[i] = (UINT8) pmms_rand(256); 716 } while (cc_tab[i] == 0); 717 } else { 718 cc_tab[i] = 0; 719 } 720 } 721 } 722 break; 724 default: 725 /* bad parameter m */ 726 return SOMETHING_WENT_WRONG; 727 } 728 return EVERYTHING_IS_OKAY; 729 } 730 732 Figure 2: Coding Coefficients Generation Function pseudo-code 734 One can note in the above function that each call to pmms_srand() 735 (PRNG initialisation) is immediately followed by a call to 736 pmms_rand() whose return value is ignored. This extra call is 737 motivated by a possible bias in the first value generated depending 738 on the way the repair key is managed by a FECFRAME implementation. 739 Indeed, the PRNG sequences produced by two seeds in sequence have a 740 high probability of starting with the same value since I1 = A * seed 741 (modulo M) which is further scaled to a small range (either {0, ... 742 15} or {0, ... 255}). Producing several times the same first coding 743 coefficient could reduce the protection of the first source symbol if 744 multiple repair symbols are produced with the same coding window's 745 left edge. The extra call avoids such side effects. 747 3.6. Linear Combination of Source Symbols Computation 749 The two RLC FEC Schemes require the computation of a linear 750 combination of source symbols, using the coding coefficients produced 751 by the generate_coding_coefficients() function and stored in the 752 cc_tab[] array. 754 With the RLC over GF(2^^8) FEC Scheme, a linear combination of the 755 ew_size source symbol present in the encoding window, say src_0 to 756 src_ew_size_1, in order to generate a repair symbol, is computed as 757 follows. For each byte of position i in each source and the repair 758 symbol, where i belongs to {0; E-1}, compute: 760 repair[i] = cc_tab[0] * src_0[i] + cc_tab[1] * src_1[i] + ... + 761 cc_tab[ew_size - 1] * src_ew_size_1[i] 763 where * is the multiplication over GF(2^^8) and + is an XOR 764 operation. In practice various optimizations need to be used in 765 order to make this computation efficient (see in particular [PGM13]). 767 With the RLC over GF(2) FEC Scheme (binary case), a linear 768 combination is computed as follows. The repair symbol is the XOR sum 769 of all the source symbols corresponding to a coding coefficient 770 cc_tab[j] equal to 1 (i.e., the source symbols corresponding to zero 771 coding coefficients are ignored). The XOR sum of the byte of 772 position i in each source is computed and stored in the corresponding 773 byte of the repair symbol, where i belongs to {0; E-1}. In practice, 774 the XOR sums will be computed several bytes at a time (e.g., on 64 775 bit words, or on arrays of 16 or more bytes when using SIMD CPU 776 extensions). 778 With both FEC Schemes, the details of how to optimize the computation 779 of these linear combinations are of high practical importance but out 780 of scope of this document. 782 4. Sliding Window RLC FEC Scheme over GF(2^^8) for Arbitrary ADU Flows 784 This fully-specified FEC Scheme defines the Sliding Window Random 785 Linear Codes (RLC) over GF(2^^8). 787 4.1. Formats and Codes 789 4.1.1. FEC Framework Configuration Information 791 Following the guidelines of [RFC6363], section 5.6, this section 792 provides the FEC Framework Configuration Information (or FFCI). This 793 FCCI needs to be shared (e.g., using SDP) between the FECFRAME sender 794 and receiver instances in order to synchronize them. It includes a 795 FEC Encoding ID, mandatory for any FEC Scheme specification, plus 796 scheme-specific elements. 798 4.1.1.1. FEC Encoding ID 800 o FEC Encoding ID: the value assigned to this fully specified FEC 801 Scheme MUST be XXXX, as assigned by IANA (Section 10). 803 When SDP is used to communicate the FFCI, this FEC Encoding ID is 804 carried in the 'encoding-id' parameter. 806 4.1.1.2. FEC Scheme-Specific Information 808 The FEC Scheme-Specific Information (FSSI) includes elements that are 809 specific to the present FEC Scheme. More precisely: 811 Encoding symbol size (E): a non-negative integer that indicates the 812 size of each encoding symbol in bytes; 814 This element is required both by the sender (RLC encoder) and the 815 receiver(s) (RLC decoder). 817 When SDP is used to communicate the FFCI, this FEC Scheme-specific 818 information is carried in the 'fssi' parameter in textual 819 representation as specified in [RFC6364]. For instance: 821 fssi=E:1400 823 If another mechanism requires the FSSI to be carried as an opaque 824 octet string (for instance, after a Base64 encoding), the encoding 825 format consists of the following 2 octets: 827 Encoding symbol length (E): 16-bit field. 829 0 1 830 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 831 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 832 | Encoding Symbol Length (E) | 833 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 835 Figure 3: FSSI Encoding Format 837 4.1.2. Explicit Source FEC Payload ID 839 A FEC Source Packet MUST contain an Explicit Source FEC Payload ID 840 that is appended to the end of the packet as illustrated in Figure 4. 842 +--------------------------------+ 843 | IP Header | 844 +--------------------------------+ 845 | Transport Header | 846 +--------------------------------+ 847 | ADU | 848 +--------------------------------+ 849 | Explicit Source FEC Payload ID | 850 +--------------------------------+ 852 Figure 4: Structure of an FEC Source Packet with the Explicit Source 853 FEC Payload ID 855 More precisely, the Explicit Source FEC Payload ID is composed of the 856 following field (Figure 5): 858 Encoding Symbol ID (ESI) (32-bit field): this unsigned integer 859 identifies the first source symbol of the ADUI corresponding to 860 this FEC Source Packet. The ESI is incremented for each new 861 source symbol, and after reaching the maximum value (2^32-1), 862 wrapping to zero occurs. 864 0 1 2 3 865 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 866 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 867 | Encoding Symbol ID (ESI) | 868 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 870 Figure 5: Source FEC Payload ID Encoding Format 872 4.1.3. Repair FEC Payload ID 874 A FEC Repair Packet MAY contain one or more repair symbols. When 875 there are several repair symbols, all of them MUST have been 876 generated from the same encoding window, using Repair_Key values that 877 are managed as explained below. A receiver can easily deduce the 878 number of repair symbols within a FEC Repair Packet by comparing the 879 received FEC Repair Packet size (equal to the UDP payload size when 880 UDP is the underlying transport protocol) and the symbol size, E, 881 communicated in the FFCI. 883 A FEC Repair Packet MUST contain a Repair FEC Payload ID that is 884 prepended to the repair symbol as illustrated in Figure 6. 886 +--------------------------------+ 887 | IP Header | 888 +--------------------------------+ 889 | Transport Header | 890 +--------------------------------+ 891 | Repair FEC Payload ID | 892 +--------------------------------+ 893 | Repair Symbol | 894 +--------------------------------+ 896 Figure 6: Structure of an FEC Repair Packet with the Repair FEC 897 Payload ID 899 More precisely, the Repair FEC Payload ID is composed of the 900 following fields (Figure 7): 902 Repair_Key (16-bit field): this unsigned integer is used as a seed 903 by the coefficient generation function (Section 3.5) in order to 904 generate the desired number of coding coefficients. Value 0 MUST 905 NOT be used. When a FEC Repair Packet contains several repair 906 symbols, this repair key value is that of the first repair symbol. 907 The remaining repair keys can be deduced by incrementing by 1 this 908 value, up to a maximum value of 65535 after which it loops back to 909 1 (note that 0 is not a valid value). 910 Density Threshold for the coding coefficients, DT (4-bit field): 911 this unsigned integer carries the Density Threshold (DT) used by 912 the coding coefficient generation function Section 3.5. More 913 precisely, it controls the probability of having a non zero coding 914 coefficient, which equals (DT+1) / 16. When a FEC Repair Packet 915 contains several repair symbols, the DT value applies to all of 916 them; 917 Number of Source Symbols in the encoding window, NSS (12-bit field): 919 this unsigned integer indicates the number of source symbols in 920 the encoding window when this repair symbol was generated. When a 921 FEC Repair Packet contains several repair symbols, this NSS value 922 applies to all of them; 923 ESI of First Source Symbol in the encoding window, FSS_ESI (32-bit 924 field): 925 this unsigned integer indicates the ESI of the first source symbol 926 in the encoding window when this repair symbol was generated. 927 When a FEC Repair Packet contains several repair symbols, this 928 FSS_ESI value applies to all of them; 930 0 1 2 3 931 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 932 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 933 | Repair_Key | DT |NSS (# src symb in ew) | 934 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 935 | FSS_ESI | 936 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 938 Figure 7: Repair FEC Payload ID Encoding Format 940 4.1.4. Additional Procedures 942 The following procedure applies: 944 o The ESI of source symbols MUST start with value 0 for the first 945 source symbol and MUST be managed sequentially. Wrapping to zero 946 happens after reaching the maximum 32-bit value. 948 5. Sliding Window RLC FEC Scheme over GF(2) for Arbitrary ADU Flows 950 This fully-specified FEC Scheme defines the Sliding Window Random 951 Linear Codes (RLC) over GF(2) (binary case). 953 5.1. Formats and Codes 955 5.1.1. FEC Framework Configuration Information 957 5.1.1.1. FEC Encoding ID 959 o FEC Encoding ID: the value assigned to this fully specified FEC 960 Scheme MUST be YYYY, as assigned by IANA (Section 10). 962 When SDP is used to communicate the FFCI, this FEC Encoding ID is 963 carried in the 'encoding-id' parameter. 965 5.1.1.2. FEC Scheme-Specific Information 967 All the considerations of Section 4.1.1.2 apply here. 969 5.1.2. Explicit Source FEC Payload ID 971 All the considerations of Section 4.1.1.2 apply here. 973 5.1.3. Repair FEC Payload ID 975 All the considerations of Section 4.1.1.2 apply here, with the only 976 exception that the Repair_Key field is useless if DT = 15 (indeed, in 977 that case all the coefficients are necessarily equal to 1 and the 978 coefficient generation function does not use any PRNG). When DT = 15 979 it is RECOMMENDED that the sender use value 0 for the Repair_Key 980 field, but a receiver SHALL ignore this field. 982 5.1.4. Additional Procedures 984 All the considerations of Section 4.1.1.2 apply here. 986 6. FEC Code Specification 988 6.1. Encoding Side 990 This section provides a high level description of a Sliding Window 991 RLC encoder. 993 Whenever a new FEC Repair Packet is needed, the RLC encoder instance 994 first gathers the ew_size source symbols currently in the sliding 995 encoding window. Then it chooses a repair key, which can be a non 996 zero monotonically increasing integer value, incremented for each 997 repair symbol up to a maximum value of 65535 (as it is carried within 998 a 16-bit field) after which it loops back to 1 (indeed, being used as 999 a PRNG seed, value 0 is prohibited). This repair key is communicated 1000 to the coefficient generation function (Section Section 3.5) in order 1001 to generate ew_size coding coefficients. Finally, the FECFRAME 1002 sender computes the repair symbol as a linear combination of the 1003 ew_size source symbols using the ew_size coding coefficients. When E 1004 is small and when there is an incentive to pack several repair 1005 symbols within the same FEC Repair Packet, the appropriate number of 1006 repair symbols are computed. In that case the repair key for each of 1007 them MUST be incremented by 1, keeping the same ew_size source 1008 symbols, since only the first repair key will be carried in the 1009 Repair FEC Payload ID. The FEC Repair Packet can then be passed to 1010 the transport layer for transmission. The source versus repair FEC 1011 packet transmission order is out of scope of this document and 1012 several approaches exist that are implementation specific. 1014 Other solutions are possible to select a repair key value when a new 1015 FEC Repair Packet is needed, for instance by choosing a random 1016 integer between 1 and 65535. However, selecting the same repair key 1017 as before (which may happen in case of a random process) is only 1018 meaningful if the encoding window has changed, otherwise the same FEC 1019 Repair Packet will be generated. 1021 6.2. Decoding Side 1023 This section provides a high level description of a Sliding Window 1024 RLC decoder. 1026 A FECFRAME receiver needs to maintain a linear system whose variables 1027 are the received and lost source symbols. Upon receiving a FEC 1028 Repair Packet, a receiver first extracts all the repair symbols it 1029 contains (in case several repair symbols are packed together). For 1030 each repair symbol, when at least one of the corresponding source 1031 symbols it protects has been lost, the receiver adds an equation to 1032 the linear system (or no equation if this repair packet does not 1033 change the linear system rank). This equation of course re-uses the 1034 ew_size coding coefficients that are computed by the same coefficient 1035 generation function (Section Section 3.5), using the repair key and 1036 encoding window descriptions carried in the Repair FEC Payload ID. 1037 Whenever possible (i.e., when a sub-system covering one or more lost 1038 source symbols is of full rank), decoding is performed in order to 1039 recover lost source symbols. Each time an ADUI can be totally 1040 recovered, padding is removed (thanks to the Length field, L, of the 1041 ADUI) and the ADU is assigned to the corresponding application flow 1042 (thanks to the Flow ID field, F, of the ADUI). This ADU is finally 1043 passed to the corresponding upper application. Received FEC Source 1044 Packets, containing an ADU, MAY be passed to the application either 1045 immediately or after some time to guaranty an ordered delivery to the 1046 application. This document does not mandate any approach as this is 1047 an operational and management decision. 1049 With real-time flows, a lost ADU that is decoded after the maximum 1050 latency or an ADU received after this delay has no value to the 1051 application. This raises the question of deciding whether or not an 1052 ADU is late. This decision MAY be taken within the FECFRAME receiver 1053 (e.g., using the decoding window, see Section 3.1) or within the 1054 application (e.g., using RTP timestamps within the ADU). Deciding 1055 which option to follow and whether or not to pass all ADUs, including 1056 those assumed late, to the application are operational decisions that 1057 depend on the application and are therefore out of scope of this 1058 document. Additionally, Appendix A discusses a backward compatible 1059 optimization whereby late source symbols MAY still be used within the 1060 FECFRAME receiver in order to improve the global robustness. 1062 7. Implementation Status 1064 Editor's notes: RFC Editor, please remove this section motivated by 1065 RFC 6982 before publishing the RFC. Thanks. 1067 An implementation of the Sliding Window RLC FEC Scheme for FECFRAME 1068 exists: 1070 o Organisation: Inria 1071 o Description: This is an implementation of the Sliding Window RLC 1072 FEC Scheme limited to GF(2^^8). It relies on a modified version 1073 of our OpenFEC (http://openfec.org) FEC code library. It is 1074 integrated in our FECFRAME software (see [fecframe-ext]). 1075 o Maturity: prototype. 1076 o Coverage: this software complies with the Sliding Window RLC FEC 1077 Scheme. 1078 o Lincensing: proprietary. 1079 o Contact: vincent.roca@inria.fr 1081 8. Security Considerations 1083 The FEC Framework document [RFC6363] provides a comprehensive 1084 analysis of security considerations applicable to FEC Schemes. 1085 Therefore, the present section follows the security considerations 1086 section of [RFC6363] and only discusses specific topics. 1088 8.1. Attacks Against the Data Flow 1090 8.1.1. Access to Confidential Content 1092 The Sliding Window RLC FEC Scheme specified in this document does not 1093 change the recommendations of [RFC6363]. To summarize, if 1094 confidentiality is a concern, it is RECOMMENDED that one of the 1095 solutions mentioned in [RFC6363] is used with special considerations 1096 to the way this solution is applied (e.g., is encryption applied 1097 before or after FEC protection, within the end-system or in a 1098 middlebox) to the operational constraints (e.g., performing FEC 1099 decoding in a protected environment may be complicated or even 1100 impossible) and to the threat model. 1102 8.1.2. Content Corruption 1104 The Sliding Window RLC FEC Scheme specified in this document does not 1105 change the recommendations of [RFC6363]. To summarize, it is 1106 RECOMMENDED that one of the solutions mentioned in [RFC6363] is used 1107 on both the FEC Source and Repair Packets. 1109 8.2. Attacks Against the FEC Parameters 1111 The FEC Scheme specified in this document defines parameters that can 1112 be the basis of attacks. More specifically, the following parameters 1113 of the FFCI may be modified by an attacker who targets receivers 1114 (Section 4.1.1.2): 1116 o FEC Encoding ID: changing this parameter leads the receivers to 1117 consider a different FEC Scheme, which enables an attacker to 1118 create a Denial of Service (DoS); 1119 o Encoding symbol length (E): setting this E parameter to a 1120 different value will confuse the receivers and create a DoS. More 1121 precisely, the FEC Repair Packets received will probably no longer 1122 be multiple of E, leading receivers to reject them; 1124 It is therefore RECOMMENDED that security measures are taken to 1125 guarantee the FFCI integrity, as specified in [RFC6363]. How to 1126 achieve this depends on the way the FFCI is communicated from the 1127 sender to the receiver, which is not specified in this document. 1129 Similarly, attacks are possible against the Explicit Source FEC 1130 Payload ID and Repair FEC Payload ID: by modifying the Encoding 1131 Symbol ID (ESI), or the repair key, NSS or FSS_ESI. It is therefore 1132 RECOMMENDED that security measures are taken to guarantee the FEC 1133 Source and Repair Packets as stated in [RFC6363]. 1135 8.3. When Several Source Flows are to be Protected Together 1137 The Sliding Window RLC FEC Scheme specified in this document does not 1138 change the recommendations of [RFC6363]. 1140 8.4. Baseline Secure FEC Framework Operation 1142 The Sliding Window RLC FEC Scheme specified in this document does not 1143 change the recommendations of [RFC6363] concerning the use of the 1144 IPsec/ESP security protocol as a mandatory to implement (but not 1145 mandatory to use) security scheme. This is well suited to situations 1146 where the only insecure domain is the one over which the FEC 1147 Framework operates. 1149 9. Operations and Management Considerations 1151 The FEC Framework document [RFC6363] provides a comprehensive 1152 analysis of operations and management considerations applicable to 1153 FEC Schemes. Therefore, the present section only discusses specific 1154 topics. 1156 9.1. Operational Recommendations: Finite Field GF(2) Versus GF(2^^8) 1158 The present document specifies two FEC Schemes that differ on the 1159 Finite Field used for the coding coefficients. It is expected that 1160 the RLC over GF(2^^8) FEC Scheme will be mostly used since it 1161 warrants a higher packet loss protection. In case of small encoding 1162 windows, the associated processing overhead is not an issue (e.g., we 1163 measured decoding speeds between 745 Mbps and 2.8 Gbps on an ARM 1164 Cortex-A15 embedded board in [Roca17]). Of course the CPU overhead 1165 will increase with the encoding window size, because more operations 1166 in the GF(2^^8) finite field will be needed. 1168 The RLC over GF(2) FEC Scheme offers an alternative. In that case 1169 operations symbols can be directly XOR-ed together which warrants 1170 high bitrate encoding and decoding operations, and can be an 1171 advantage with large encoding windows. However packet loss 1172 protection is significantly reduced by using this FEC Scheme. 1174 9.2. Operational Recommendations: Coding Coefficients Density Threshold 1176 In addition to the choice of the Finite Field, the two FEC Schemes 1177 define a coding coefficient density threshold (DT) parameter. This 1178 parameter enables a sender to control the code density, i.e., the 1179 proportion of coefficients that are non zero on average. With RLC 1180 over GF(2^^8), it is usually appropriate that small encoding windows 1181 be associated to a density threshold equal to 15, the maximum value, 1182 in order to warrant a high loss protection. 1184 On the opposite, with larger encoding windows, it is usually 1185 appropriate that the density threshold be reduced. With large 1186 encoding windows, an alternative can be to use RLC over GF(2) and a 1187 density threshold equal to 7 (i.e., an average density equal to 1/2) 1188 or smaller. 1190 Note that using a density threshold equal to 15 with RLC over GF(2) 1191 is equivalent to using an XOR code that compute the XOR sum of all 1192 the source symbols in the encoding window. In that case: (1) a 1193 single repair symbol can be produced for any encoding window, and (2) 1194 the repair_key parameter becomes useless (the coding coefficients 1195 generation function does not rely on the PRNG). 1197 10. IANA Considerations 1199 This document registers two values in the "FEC Framework (FECFRAME) 1200 FEC Encoding IDs" registry [RFC6363] as follows: 1202 o YYYY refers to the Sliding Window Random Linear Codes (RLC) over 1203 GF(2) FEC Scheme for Arbitrary Packet Flows, as defined in 1204 Section 5 of this document. 1205 o XXXX refers to the Sliding Window Random Linear Codes (RLC) over 1206 GF(2^^8) FEC Scheme for Arbitrary Packet Flows, as defined in 1207 Section 4 of this document. 1209 11. Acknowledgments 1211 The authors would like to thank Marie-Jose Montpetit for her valuable 1212 feedbacks on this document. 1214 12. References 1216 12.1. Normative References 1218 [fecframe-ext] 1219 Roca, V. and A. Begen, "Forward Error Correction (FEC) 1220 Framework Extension to Sliding Window Codes", Transport 1221 Area Working Group (TSVWG) draft-ietf-tsvwg-fecframe-ext 1222 (Work in Progress), March 2018, 1223 . 1226 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1227 Requirement Levels", BCP 14, RFC 2119, 1228 DOI 10.17487/RFC2119, March 1997, 1229 . 1231 [RFC6363] Watson, M., Begen, A., and V. Roca, "Forward Error 1232 Correction (FEC) Framework", RFC 6363, 1233 DOI 10.17487/RFC6363, October 2011, 1234 . 1236 [RFC6364] Begen, A., "Session Description Protocol Elements for the 1237 Forward Error Correction (FEC) Framework", RFC 6364, 1238 DOI 10.17487/RFC6364, October 2011, 1239 . 1241 12.2. Informative References 1243 [CA90] Carta, D., "Two Fast Implementations of the Minimal 1244 Standard Random Number Generator", Communications of the 1245 ACM, Vol. 33, No. 1, pp.87-88, January 1990. 1247 [PGM13] Plank, J., Greenan, K., and E. Miller, "A Complete 1248 Treatment of Software Implementations of Finite Field 1249 Arithmetic for Erasure Coding Applications", University of 1250 Tennessee Technical Report UT-CS-13-717, 1251 http://web.eecs.utk.edu/~plank/plank/papers/ 1252 UT-CS-13-717.html, October 2013, 1253 . 1256 [PM88] Park, S. and K. Miller, "Random Number Generators: Good 1257 Ones are Hard to Find", Communications of the ACM, Vol. 1258 31, No. 10, pp.1192-1201, 1988. 1260 [PTVF92] Press, W., Teukolsky, S., Vetterling, W., and B. Flannery, 1261 "Numerical Recipies in C; Second Edition", Cambridge 1262 University Press, ISBN: 0-521-43108-5, 1992. 1264 [rand31pmc] 1265 Whittle, R., "31 bit pseudo-random number generator", 1266 September 2005, . 1269 [RFC5170] Roca, V., Neumann, C., and D. Furodet, "Low Density Parity 1270 Check (LDPC) Staircase and Triangle Forward Error 1271 Correction (FEC) Schemes", RFC 5170, DOI 10.17487/RFC5170, 1272 June 2008, . 1274 [RFC6726] Paila, T., Walsh, R., Luby, M., Roca, V., and R. Lehtonen, 1275 "FLUTE - File Delivery over Unidirectional Transport", 1276 RFC 6726, DOI 10.17487/RFC6726, November 2012, 1277 . 1279 [RFC6816] Roca, V., Cunche, M., and J. Lacan, "Simple Low-Density 1280 Parity Check (LDPC) Staircase Forward Error Correction 1281 (FEC) Scheme for FECFRAME", RFC 6816, 1282 DOI 10.17487/RFC6816, December 2012, 1283 . 1285 [RFC6865] Roca, V., Cunche, M., Lacan, J., Bouabdallah, A., and K. 1286 Matsuzono, "Simple Reed-Solomon Forward Error Correction 1287 (FEC) Scheme for FECFRAME", RFC 6865, 1288 DOI 10.17487/RFC6865, February 2013, 1289 . 1291 [Roca16] Roca, V., Teibi, B., Burdinat, C., Tran, T., and C. 1292 Thienot, "Block or Convolutional AL-FEC Codes? A 1293 Performance Comparison for Robust Low-Latency 1294 Communications", HAL open-archive document,hal-01395937 1295 https://hal.inria.fr/hal-01395937/en/, November 2016, 1296 . 1298 [Roca17] Roca, V., Teibi, B., Burdinat, C., Tran, T., and C. 1299 Thienot, "Less Latency and Better Protection with AL-FEC 1300 Sliding Window Codes: a Robust Multimedia CBR Broadcast 1301 Case Study", 13th IEEE International Conference on 1302 Wireless and Mobile Computing, Networking and 1303 Communications (WiMob17), October 1304 2017 https://hal.inria.fr/hal-01571609v1/en/, October 1305 2017, . 1307 [WI08] Whittle, R., "Park-Miller-Carta Pseudo-Random Number 1308 Generator", http://www.firstpr.com.au/dsp/rand31/, 1309 January 2008, . 1311 Appendix A. Decoding Beyond Maximum Latency Optimization 1313 This annex introduces non normative considerations. They are 1314 provided as suggestions, without any impact on interoperability. For 1315 more information see [Roca16]. 1317 It is possible to improve the decoding performance of sliding window 1318 codes without impacting maximum latency, at the cost of extra CPU 1319 overhead. The optimization consists, for a receiver, to extend the 1320 linear system beyond the decoding window, by keeping a certain number 1321 of old source symbols. 1323 ls_max_size > dw_max_size 1325 Usually the following choice is a good trade-off between decoding 1326 performance and extra CPU overhead: 1328 ls_max_size = 2 * dw_max_size 1330 When the dw_max_size is very small, it may be preferable to keep a 1331 minimum ls_max_size value (e.g., LS_MIN_SIZE_DEFAULT = 40 symbols). 1332 Going below this threshold will not save a significant amount of 1333 memory nor CPU cycles. Therefore: 1335 ls_max_size = max(2 * dw_max_size, LS_MIN_SIZE_DEFAULT) 1337 Finally, it is worth noting that a good receiver, i.e., a receiver 1338 that benefits from a protection that is significantly sufficient to 1339 recover from the packet losses, can choose to reduce its ls_max_size 1340 significantly. In that case lost ADUs will be recovered rapidly, 1341 without relying on this optimization. 1343 ls_max_size 1344 /---------------------------------^-------------------------------\ 1346 late source symbols 1347 (pot. decoded but not delivered) dw_max_size 1348 /--------------^-----------------\ /--------------^---------------\ 1349 src0 src1 src2 src3 src4 src5 src6 src7 src8 src9 src10 src11 src12 1351 Figure 8: Relationship between parameters to decode beyond maximum 1352 latency. 1354 It means that source symbols, and therefore ADUs, may be decoded even 1355 if the added latency exceeds the maximum value permitted by the 1356 application. It follows that the corresponding ADUs will not be 1357 useful to the application. However, decoding these "late symbols" 1358 significantly improves the global robustness in bad reception 1359 conditions and is therefore recommended for receivers experiencing 1360 bad communication conditions [Roca16]. In any case whether or not to 1361 use this optimization and what exact value to use for the ls_max_size 1362 parameter are decisions made by each receiver independently, without 1363 any impact on the other receivers nor on the source. 1365 Authors' Addresses 1367 Vincent Roca 1368 INRIA 1369 Grenoble 1370 France 1372 EMail: vincent.roca@inria.fr 1374 Belkacem Teibi 1375 INRIA 1376 Grenoble 1377 France 1379 EMail: belkacem.teibi@inria.fr