Explicit Congestion Notification (ECN) RFC 3168
Download
Report
Transcript Explicit Congestion Notification (ECN) RFC 3168
Explicit Congestion
Notification (ECN)
RFC 3168
Justin Yackoski
DEGAS Networking Group
[email protected]
CISC856 – TCP/IP
Thanks to Namratha Hundigopal and Preethi Natarajan for slides
Overview
• The Problem – Congestion
• The other solution(s)
• TCP's basic congestion mechanisms
• Active Queue Management
• Description of ECN
• How ECN works
• Why ECN is better
• Performance evaluation
• Status of ECN
10/3/2005
2
Congestion
• Router must buffer packets because
input > output
• End-to-end delay increases as buffer fills
• When buffer is full, “tail drop” occurs
10/3/2005
3
TCP without ECN
• Congestion Detection
• Retransmit Timeout
• 3 duplicate ACKs
• “Congestion Avoidance”
• Happens after congestion has already occurred
(Multiplicative decrease of cwnd AFTER loss)
• Current TCP does something like congestion
‘recovery’
• Network is treated as a black box, no way to
know of impending doom
10/3/2005
4
What can sometimes happen?
• Global Synchronization – many connections
•
•
reduce sending rate at same time, channel
is under-utilized
Lock Out – queue space is monopolized by
a few connections
Full Buffers – If network is operating at
capacity, buffers stay full
• No spare room for “bursts” of traffic
• End-to-end delay is increased due to queuing
delays
5
Active Queue Management
• Detect “incipient” (early) congestion
• Try to keep average queue size in “good”
•
range
Randomly choose IP-PDUs to notify about
congestion (how?)
max
min
Average queue size lies in-between the thresholds
6
What always happens?
• Packet drops each time congestion is
•
detected, very inefficient
BAD for real-time applications
10/3/2005
7
Explicit Congestion Notification
• ECN is an AQM mechanism
• Routers notify TCP about incipient
•
•
congestion
Use TCP/IP headers to send ECN signals
TCP treats ECN signals exactly the same
as when a single dropped packet is
detected
• BUT – Packets are NOT actually dropped
10/3/2005
8
ECN Bits in IP Header
2 bits => 4 ECN Codepoints
Value
10/3/2005
Name
00
Not-ECT (Not ECN Capable
Transport)
10
ECT(0) (ECN Capable Transport (0) )
01
ECT(1) (ECN Capable Transport(1) )
11
CE (Congestion Experienced)
9
ECN Bits in TCP Header
ECE flag - ECN-Echo flag
CWR flag - Congestion Window
Reduced flag
10/3/2005
10
Negotiation between TCP transport entities
sender
•
•
•
receiver
TCP Sender – sets both ECE and CWR in SYN
TCP Receiver – sets only ECE in SYN-ACK
A host must not set ECT in SYN or SYN-ACK
Some faulty firewalls either drop an ECN-setup
SYN packet or respond with an RST TCP-PDU
10/3/2005
11
Typical sequence of events(1)
• ECT is set in IP-PDU’s carrying data
transmitted by the sender to indicate
that ECN is supported by transport
entities for this PDU
ECN Negotiated during connection establishment
ECT set
ECN enabled sender
10/3/2005
ECN enabled
receiver
ECN enabled router
12
Typical sequence of events(2)
• ECN-capable router detects incipient
•
congestion, and sees that ECT is set in the
IP-PDU
The router sets CE in the IP-PDU
ECT set
Incipient
Congestion,
set CE
CE set
thmax thmin
10/3/2005
13
Typical sequence of events(3)
• ECN enabled receiver receives the IP-PDU
with CE set.
• Receiver conveys the congestion information
to the transport sender by setting ECE in the
Congestion!!!
ACK TCP-PDU
Let me
inform the
sender
CE set
ECN enabled sender
10/3/2005
ECE set in ACK
ECN enabled
receiver
14
Typical sequence of events(4)
• TCP sender receives the TCP-PDU with ECE set
• Sender becomes aware of incipient congestion in
•
network
Sender reacts as if a TCP-PDU was dropped
(sender’s cwnd reduced).
Incipient
Congestion,
reduce cwnd
ECE
set ACK
ECN enabled sender
10/3/2005
ECN enabled
receiver
15
Typical sequence of events(5)
• TCP sender sets CWR in the next new
TCP-PDU to the receiver
• Indicates that the sender has reacted to
congestion by reducing the cwnd
Incipient
Congestion,
reduce cwnd,
Set CWR
CWR set
ECN enabled sender
10/3/2005
ECN enabled
receiver 16
Typical sequence of events(6)
• Receiver stops sending ACKs with
Sender
has
reduced
cwnd, stop
setting
ECE flag
ECE set after getting a TCP-PDU
with CWR set if there is no new
congestion in the network
ECE set ACK
CWR set
ECN enabled sender
ECN enabled router
10/3/2005
ECN enabled
receiver
17
Rules of the Game - Sender
• On receipt of ECE ACK packet, TCP sender
•
•
•
10/3/2005
SHOULD react in the same way as it would
for a congestion loss in non-ECN-capable
TCP
Sender TCP SHOULD NOT react more than
once every RTT to the ECE ACK packet
Why? – We saw that receiver keeps sending
ECE set ACKs until Receiver gets a TCP-PDU
with CWR set from the sender
For CWR set TCP-PDU to reach the receiver
and get acked takes at least 1 RTT. So any
more ECEs received in this time span is for
the same instance of congestion
18
Rules of the Game - Sender
• TCP sender should set CWR in the first
•
new TCP-PDU the sender transmits after
receiving an ECE set ACK
What if a CWR set TCP-PDU is lost?
• Sender TCP detects the loss
• The loss is treated as a new instance of
congestion in network
• Sender will have to again reduce its cwnd
and retransmits the lost TCP-PDU without
CWR set
10/3/2005
19
Rules of the Game - Receiver
• To overcome dropped ECE ACK packets,
•
•
•
10/3/2005
receiver MUST keep sending ECE ACKs until
it gets a TCP-PDU with CWR set
Any more IP-PDUs with CE set are treated as
new instances of congestion in the network
In delayed ACKs, ECE in ACK is set if CE is
set for any of the IP-PDUs being
acknowledged
What does the receipt of CWR guarantee?
• The sender received the ECE message ?
• The sender reduced its congestion window ?
NO
YES
20
Advantages of ECN
• Prevents unnecessary packet drops at
•
•
routers less retransmissions
improvement in the “GOODPUT”
Avoids timeouts by getting faster notification
to end hosts
Less retransmissions also means less traffic
on the network
10/3/2005
21
ECN Performance Improvements
• ECN+ - allow SYN ACKs to be marked
• Internet draft currently
• RED* - mark packets using ECN, don’t drop
10/3/2005
22
Is ECN Secure?
• Does ECN add any insecurities to TCP
•
and/or IP or make any problems worse?
Can a malicious router:
• Interfere with handshake?
• Falsely report congestion?
• Fail to report congestion?
• Disable ECN?
10/3/2005
23
Is ECN used?
• Implemented in linux 2.4+, Solaris 9+, and
Cisco routers since 12.2(8)T
10/3/2005
24
References
•
•
•
•
•
•
•
•
RFC 3168 – ECN
RFC 2309 – AQM
A. Kuzmanovic. The Power of Explicit Congestion
Notification. SIGCOMM ’05
A. Medina, M. Allman, and S. Floyd. Measuring the
Evolution of Transport Protocols in the Internet. ACM CCR.
2005
http://www.cs.ucla.edu/NRL/hpi/tcpw/tcpw_sample/sample.
html
http://www.icir.org/floyd/ecn.html
http://www.icir.org/floyd/ecn/ecn_security.txt
Slides from Namratha Hundigopal and Preethi Natarajan
10/3/2005
25