From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 2F2123B29D for ; Sat, 1 Feb 2025 08:35:29 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1738416927; x=1739021727; i=moeller0@gmx.de; bh=FOHDndQE5S4XYaNBaK25HJP1UOkatwmKWyjrSbjGwiU=; h=X-UI-Sender-Class:Content-Type:Mime-Version:Subject:From: In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id: References:To:cc:content-transfer-encoding:content-type:date:from: message-id:mime-version:reply-to:subject:to; b=XYGhPd+PdXmcCHF3DKZ+2vEK0YelJJngbl61jfljxW5b18eF2jmL1/r6RQiLxLhA MHkPbYiaRUdeX3+Bs7XRQf/qlRZFE/7ZRrBLFvoEsWaBWfyksGhmJY1BAKn/xd5Q0 6imBMCP2VvcwaIdPINlH7/3t6RIu/AsbGSsjyrWcVCqOc2QRoYyY7bnBIi/pXnJp6 4fi2X8+dpeMMmw/Oe6RBUWqjrE2pKZ9nlEIPTUmzRZDEaKBJZUK0jGO9WJaGzveod FRrljYZIVU024DK1dJW+GOz4je5sWAOaejH5oDD0OfpnMsINZm2EXpbgYROzuDUvm c3JsPo2qGRsSS40hMw== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from smtpclient.apple ([95.112.41.68]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MJE6F-1ttPxE1Irr-00Xyzn; Sat, 01 Feb 2025 14:35:27 +0100 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51.11.1\)) From: Sebastian Moeller In-Reply-To: Date: Sat, 1 Feb 2025 14:35:16 +0100 Cc: Rich Brown via Bloat Content-Transfer-Encoding: quoted-printable Message-Id: <18273AA0-E87C-41C1-AF39-B8DA8B2E5C15@gmx.de> References: <48F77C27-0E57-4F96-9BD8-238CC93342F8@gmail.com> To: =?utf-8?Q?Dave_T=C3=A4ht?= X-Mailer: Apple Mail (2.3776.700.51.11.1) X-Provags-ID: V03:K1:5CC39twL6lij9qh5hw8UUNwCt0QMkT+UEy0jS+EX4jodvgcKmjU tPLYVutAYOB2vhLc4+4DSTRy+Yi0s2ETSfHNW6oLfVGCjJ9a4lPzK74RAZIHtnYp+jHWfT9 QKU0pjnDkWtWdTt1en25bdrul8SneeHiutjDsMBzwwvZEFc9rzth9ugqztd0N1xUoD73Ef7 b0hj/ANwJB+cCK3Gj5+dQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:NHg6p3h1XsA=;zWr6qkKvhaFhl47/sIXzNP1Kcfg xelBgMdnnCkCCSGMzWZZEiMsKwdXH6yUHA+6WLrgb4p5jQBngEkQQhIM6cOLvz6ed4+I619S5 XIafIxfqS5ymxh8gw42VZmbRkXotzTZnXq9ITEu7TECC955YhNoTEjP0bs4PHIGTZx5Ka+OeI gWu85U9xAbO9BXW9PxTAK7/nIYE1kOC5XDyMfoXmX3PorJZ3rw+JwEfrXNjdGjTqOD1hSG4ai Y4Ho6Nc0bk9IhaPCGLkN5WHr2EeVqdp+w1W3qpkBT7yWohDSg4ZzPULyFMxs4+JaHz2x4IrGE Gta5dZjeql8vKH5Ztg3jwJkoEXEvifdG8yvuV5YgWrfhy29nbM61DdDT13i0xnkfJU4yhhCui pjkLaXpDsIDFsjzeEweHL4IwDeuh6cXcgJy8rEuQYFipu9yzUeZeiHyUK5KhYehGXGdDUCrDG DYP9F6qPUsP9wYAfxXsAtxTHOOPjtfIRMEuYu6Enx6mcvcRdxOX0o0ZYy7N4hoi5Ccko4+4es F3Vzu1zYBDyBxs/TAmjbR9RlGDMAGjMOMJnxQD2F+RXZiYKeoCY2e1L1QOwDzsTelsMJQ3grL /pVmLdUOlgDBRp4vA+UCbxPDY3nfy00s/uar8KDjkeByIuu9N7e7uBaBzVAx3Vupe2Q3X/vHa 0BSvVvLquStNYWTGuL4wr/6Dh6LFe628Bq9TAsif7rFPLyj4Km7KNYxKAGsPz8Yt3VBWxZxz6 XWfGlUgVdY976Qcv/tS5N7wdEpuVdJuhjqKGHGVjsmV1d3XadwJVeonT/KRQWP7bdeoatVnON uvQeSnwIf+KPM3fsBRiX40IldNTZRYLaePhOst5C2XLyyZjfmCpz1KSBGW2g4zknlEBOsk6UD pjyBFywHspzL8w+0npZfyG6gZ7khZWzfe0TNUv+yJ/X+iqcN9n6CwvUb4hb95KjuHSn4fsTh1 zBosOJExUHEfjE4ZHn5qFaG/SZyyyOIWEFtN+7aV9F8qB7c2ys6wzPQzJOJPxpMubacvMeQrA 7tCu2/59aukUWW1Af31sy+78mH0ny31+gJn7wlkrWhIsWqiTYpGuMp8m5HY6GKwSjBQ40m7ii fW6YJ2MWtKy8P8dvYChKkkRGCFb4B/i6PfXAiJhd2icpFEgG68mlsyLPlU8r5CGeKBDHv5NC+ h+DhDn1lor5QaMlIpkgCRIzJ16vC/Ks5/0y5G0HTKHj+uWdAUJ+aOXI0o4xIN6AS0RzKFRCAL DlbHBU5ZESAtCXsdv/FrfCLUYOueE+C+eXvRjbFZw1ksEhTZuWz7OjR6APSOfXLpjY26ohStF 0+/EKSre68equ+dvj7PRqW6MmcVCExS/4UUAmJtMJLBOl0= Subject: Re: [Bloat] Comcast & L4S X-BeenThere: bloat@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: General list for discussing Bufferbloat List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Feb 2025 13:35:29 -0000 Hi Dave, > On 1. Feb 2025, at 00:57, Dave Taht wrote: >=20 > Here are the positives: >=20 > For the first time, a major ISP has deployed the PIE AQM on all > traffic. Before now Comcast was only doing that on the upstream. > That=C2=B4s 99.99% of all current comcast traffic getting an AQM on = it. WIN. Yes, that might be the lasting positive of the L4$ experiment, but boy = do I wish they had used a better AQM than their gimped version of PIE... = (I seem to recall they ripped out the part of pie that introduced some = burst tolerance)... >=20 > The L4S side being enabled will also result in some applications > actually trying to use it for cloud gaming. I own no stock of cloud gaming companies nor use their services so not = sure whether that is something the whole internet has been waiting for. > There is a partnership > with valve, > meta, and apple, that implies that we will perhaps see some VR and AR > applications trying to use it. I look forward to a killer app. I would not hold my breath though... AR/VR has a hard enough time with = local applications to gain meaningful marketshare (partly due to being = priicy and cumbersome I would guess) so I am not confident adding the = whole remote latency sensitive computations challenge on top is going to = help. > Negatives include explicit marking and potential DOS vectors as often > discussed. =20 Even more subtle, the way the L-queue is sensitive to bursts, I bet I = can construct attack traffic that disrupts the low latency/low jitter = promises of L4S for well-bahaving traffic without sticking out like a = sore thumb on any traffic monitoring... this thing is engineered based = on the principle of hopes and prayers, and an absurd notion of = "incentives" team L4S always fudged the way convenient for a given = argument. > I do feel that in order to keep up with the jonesies, Mmmh, do we really need to do this before the #L4S experiment has run = its course? After all my expectation is it will peter out with a fizzle. > we will have to add optional l4s marking to CAKE, which should > outperform pie (mark-head), I just wish I knew what the right > level was - at 100Mbit it seemed at 2ms was best. This needs to be configurable.... I would assume just like it already is = in fq_codel. > We also need to > remove classic RFC3168 style marking and drop instead when the L4S bit > is present - across the entire linux and BSD ecosystem. IFF then like in fq_codel, where this is immensely configurable, let's = not hardcode any special behaviour for ECT(1) at least not before we = have solid evidence that this new ECT(1) response has staying power, no? >=20 > There was an abortive attempt last year to get dualpi, accecn, and > prague into mainstream linux, but it stumbled over GSO handing, and > has not been resubmitted. I bet nobody really cares, all the shakers and movers of L4S development = will shop their own SDKs anyway. But could you elaborate how they = stumbled over GSO? I thought cake gives a decent blueprint of how to do = this (make it configurable).=20 > ACCECN seems to be making some progress. I doubt that... my gut feeling is the reappropriate the ACE flags as ACK = counter might have some legs, but the AccECN options I really see these = as paper-ware mostly. > This makes it really hard to fool with this stuff. What kind of fooling do you have in mind? By virtue of L4S defaultiung = to a single L-queue to disturb it, all an attacker needs to be able to = is get traffic into that queue (or even just the coupled c-queue, the = joy of coupling) to cause mischief. =20 Regards Sebastian P.S.: I really wish the laudable effort in deploying L4S with the right = things like organised plug-fests, staged monitoreds introduction and = even the accompanying PR-efforts would have been coupled with a better = engineered solution then it would feel less of a "making pigs fly" = exercise... >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 > On Fri, Jan 31, 2025 at 5:27=E2=80=AFAM Sebastian Moeller via Bloat > wrote: >>=20 >> Hi Rich, >>=20 >>=20 >>> On 31. Jan 2025, at 14:20, Rich Brown via Bloat = wrote: >>>=20 >>> Google Alerts sent me this: = https://www.webpronews.com/comcasts-latency-leap-a-game-changer-in-network= -performance/ >>>=20 >>> Key quote: "Compatibility and Ecosystem: For L4S to have a = significant impact, it requires an ecosystem where both the network = infrastructure and the end-user devices support the standard..." >>>=20 >>> Can anyone spell "boil the ocean"? :-) >>>=20 >>> Or am I missing someting? >>=20 >> Well, the whole safety mechanisms in L4$ are laughably inadequate... = this "design" essentially exposes a priority scheduler* without = meaningful admission control to the open internet. This is so = optimistically naive that it almost is funny again. I wish all the = effort and hard work to make L4$ happen, would have been put in a = reasonable design... but at least I learned one of the IETF's failure = modes, and that is at least something valuable ;) >>=20 >>=20 >> *) Just because something is not a strict preempting priority = scheduler does not make it a good idea to expose it blindly... a = conditional priority scheduler with e.g. L4$' weight share of 10:1 = already can do a lot of harm. >>=20 >>=20 >>>=20 >>>=20 >>> _______________________________________________ >>> Bloat mailing list >>> Bloat@lists.bufferbloat.net >>> https://lists.bufferbloat.net/listinfo/bloat >>=20 >> _______________________________________________ >> Bloat mailing list >> Bloat@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/bloat >=20 >=20 >=20 > --=20 > Dave T=C3=A4ht CSO, LibreQos