| Internet-Draft | ISP Dual Queue Networking Deployment Rec | October 2024 |
| Livingood | Expires 20 April 2025 | [Page] |
The IETF's Transport Area Working Group (TSVWG) has finalized experimental RFCs for Low Latency, Low Loss, Scalable Throughput (L4S) and new Non-Queue-Building (NQB) per hop behavior. These documents describe a new architecture and protocol for deploying low latency networking. Since deployment decisions are left to implementers, this document explores the potential implications of those decisions and makes recommendations that can help drive adoption and acceptance of L4S and NQB.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 20 April 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
The IETF's Transport Area Working Group (TSVWG) has finalized RFCs for Low Latency, Low Loss, Scalable Throughput (L4S) and Non-Queue-Building (NQB) per hop behavior [RFC9330] [RFC9331] [RFC9332] [I-D.ietf-tsvwg-l4sops] [I-D.ietf-tsvwg-nqb] [I-D.ietf-tsvwg-dscp-considerations]. These documents do a good job of describing a new architecture and protocol for deploying low latency networking. But as is normal for many such standards, especially those in experimental status, certain deployment decisions are ultimately left to implementers.¶
This document explores the potential implications of key deployment decisions and makes recommendations for those decisions that may help drive adoption. In particular, there are best practices based on prior experience as a network operator that should be considered and there are network neutrality types of considerations as well. These technologies are benign on their own, but the way they are operationally implemented can determine whether they are ultimately perceived positively and adopted by the broader Internet ecosystem. That is a key issue for low latency networking, because the more applications developers and edge platforms that adopt new packet marking for low latency traffic, then the greater the value to end users, so ensuring it is received well is key to driving strong initial adoption.¶
It is worth stating though that these decisions are not embedded in or inherent to L4S and NQB per se, but are decisions that can change depending upon differing technical, regulatory, business or other requirements. Even two network operators with the same type of access technology and in the same market area may choose to implement in different ways. Nevertheless, this document suggests that certain specific deployment decisions can help maximize the value of low latency networking to both users and network operators.¶
The IETF documents on L4S and NQB also made clear that nearly all modern application types - from video conferencing to web browsing - can benefit from low latency networking. In addition, the design of the protocols also make clear that applications developers are best positioned to understand the needs of their applications and to, by extension, express any such low latency needs via appropriate L4S or NQB packet marking. Furthermore, unlike with bandwidth priority on a highly/fully utilized link, low latency networking can better balance the needs of different types of best effort flows (with some caveats - see Section 1.2).¶
For additional background on latency and why latency matters so much to the Internet, please read [BITAG].¶
In the course of working to improve the responsiveness of network protocols, the IETF concluded with their L4S and NQB work that there were fundamentally two types of Internet traffic and that these two major traffic types could benefit from having separate network processing queues in order to improve the way the Internet works for all applications, and especially for interactive applications.¶
One of the two major traffic types is Queue Building (QB) - things like file downloads and backups that are designed utilize as much network capacity as possible but with which users are usually not interacting with in real-time. The other was Non-Queue-Building (NQB) - such as DNS lookups, voice interaction with artificial intelligence (AI) assistants, video conferencing, gaming, and so on. NQB flows tend to be ones where the end user is sensitive to any delays.¶
Thus, the IETF created specifications for how to use two different network processing queues. The performance value of dual queue networking (simply "low latency networking" hereafter) has proven out in Comcast's dual queue networking field trial [Comcast]. That field trial lasted for over a year and was regularly reported on over time at several IETF TSVWG meetings [IETF-TSVWG-117] [IETF-TSVWG-118] [IETF-TSVWG-119] [IETF-TSVWG-120] and demonstrated that L4S and NQB can work deliver excellent responsiveness for a variety of applications - from video conferencing to cloud gaming, DNS and other applications. It seems likely that this new capability will enable entirely new classes of applications to become possible, driving a wave of new Internet innovation, while also improving the applications people use today.¶
| May Benefit from L4S/NQB | Classic Queue Building |
| User interacting with screen | Unattended background process |
| Video conference, audio conference, live event video stream, cloud document editing | Cloud file backup, cloud file restoration, game platform update, operating system update |
The Introduction says that unlike with bandwidth priority on a highly/fully utilized link, low latency networking can better balance the needs of different types of best effort flows. But this bears a bit of further discussion to understand more fully.¶
L4S does *not* provide low latency in the same way as previous technologies like DiffServ Quality of Service (QoS). That prior QoS approach used packet prioritization, where it was possible to assign a higher relative priority to certain application traffic, such as Voice over IP (VoIP) telephony. This approach could provide consistent and relatively low latency by assigning high priority to a partition of the capacity of a link, and then policing the rate of packets using that partition. This traditional approach to QoS is hierarchical in nature.¶
That QoS approach is to some extent predicated on an idea that network capacity is very limited and that links are often highly utilized. But in today's Internet, it is increasingly the case that there is an abundance of capacity to end users (e.g., symmetric 1 Gbps), which makes such traditional QoS approaches ineffective in delivering ever-lower latency. This new low latency networking approach is not based on hierarchical QoS prioritization. Rather, it is built upon conditional priority scheduling between its two queues that operate at best effort QoS priority.¶
Before proceeding into deployment recommendations, it is important to first explore a few key concepts about low latency networking. This is critical because in the past many networks have thought of only bandwidth and/or priority at the sole network attributes that could be adjusted in order to improve application or network quality. The advent of low latency networking forces a re-examination of those old assumptions, as we take into account the profound impact that latency and jitter have on the quality of the end user experience.¶
Low latency traffic to is not prioritized over other (best effort priority) "classic" Internet traffic. That is the case over the ISP network and the broader internet, though it may not not necessarily be the case for a user's in-home Wi-Fi network due to the particulars of how the IEEE 802.11 wireless protocol [IEEE] functions at the current time - see [RFC8325]). In addition, some user access points may prioritize certain traffic (such as gaming) and some traffic such as NQB may use the AC_VI Wi-Fi link layer queue [I-D.ietf-tsvwg-nqb]. This best effort approach stands in contrast to prior differential quality of service (QoS) approaches or to what has been discussed for 5G network slicing [CDT-NN] [van-Schewick-1A] [van-Schewick-1B] [van-Schewick-2] [van-Schewick-3].¶
Low latency networking flows do not get access to greater throughput than "classic" flows. Thus, a user's total provisioned or permitted throughput on an ISP access network link is shared between both classic and low latency queues.¶
Ultimately, the emergence of low latency networking represents a fundamental new network capability that applications can choose to utilize as their needs dictate. It reflects a new ground truth about two fundamentally different types of application traffic and demonstrates that networks continue to evolve in exciting ways. This new network capability can be implemented in a variety of network technologies. For example in access network technologies this could be implemented in DOCSIS [LLD], 5G [Ericsson], PON [CTI], and many other types of networks. Anywhere that a network bottleneck could occur may benefit from this technology.¶
Application developers need to add L4S or NQB packet marking to their application, which will often depend upon the capabilities of a device's operation system (OS) or a software development kit (SDK) [Apple] that the OS developer makes available. In addition, the application server will also need to support the appropriate marking and, when L4S is used, to implement a responsive congestion controller.¶
Since L4S uses the Explicit Congestion Notification (ECN) field of the packet header, to ensure ECN works end-to-end, application developers need to be certain that their servers, datacenter routers, and any transit, cloud provider, or content delivery network (CDN) server involved in their application IS NOT altering or bleaching the ECN field. For an application to use the L4S queue, they must mark their packets with the ECT(1) code point to signal L4S-capability or with the Congestion Experienced (CE) code point when appropriate. Coupled with client marking, if an application client or server detects CE marks, it should respond accordingly (e.g., by reducing the send rate), which typically means that the server must be running a "responsive" congestion controller (i.e., is able to adjust rate based the presence or absence of CE marks for L4S traffic - such as DCTCP, TCP Prague, SCReAM, and BBRv2). See Section 4.3 of [RFC9330] and Section 4.3 of [RFC9331] for more information about this.¶
Since NQB uses the DSCP-45 code point in the DiffServ part of the packet header, to ensure NQB works end-to-end, application developers need to be certain that their servers, datacenter routers, and any transit, cloud provider, or content delivery network (CDN) server involved in their application IS NOT altering or bleaching a DSCP-45 mark. One relative advantage of NQB is that the server does not need to run a special responsive congestion controller. On the other hand, NQB is geared toward bandwidth-limited sparse flows rather than capacity-seeking flows, so it will depend on your application's needs. In addition, it is common for networks to bleach or modify DSCP marks on ingress, which means that networks will need to change that packet handling policy for NQB to function on an end-to-end basis. In contrast, it is far less common for the ECN field of the packet header to be modified.¶
It may seem tempting to mark all traffic for L4S or NQB handling, but this will likely harm the experience of queue-building apps like file downloads. Also, remember that the network priority for L4S and NQB is still best efforts and so there is not more bandwidth for L4S or NQB compared to classic traffic; they share the same bandwidth and best-efforts priority. It is also possible that some flows from an application can benefit, while others will not. For example, a video gaming service may benefit from using L4S or NQB for real-time controller inputs and gameplay, while major game software updates would best be left in the classic queue.¶
Determine whether your application needs "sparse" flows or "congestion-controlled" (higher capacity) flows. Sparse flows that are latency senstive should be marked as NQB (thus DSCP-45). This may be things like DNS queries or VoIP media flows, where maximizing the bandwidth of the flow is not necesary.¶
Latency-sensitive flows that need more bandwidth are congestion controlled, and identified via ECN marking. These types of applications are less limited by the application protocol itself (i.e., a small DNS query), which means the application quality can improve as more bandwidth is available - such as shifting a video stream or a video conference session from Standard Definition (SD) to 4K quality.¶
Like any network or system, a good deployment design and configuration matters and can be the difference between a well-functioning and accepted system and one that experiences problems and faces user and/or developer opposition. In the context of deploying low latency networking in an ISP network, this document describes some recommendations that should help to ensure a deployment is resilient, well-accepted, and creates the environment for generating strong network effects. Following these recommendations should help avoid barriers to adoption and help provide a strong foundation for growth.¶
The first sections below will look at the end-to-end network path from when packets come into an ISP's network (provider edge), then what happens within the ISP's network core, how packets are delivered to customner premise equiment (CPE), and finally what may happen with the Local Area Network (LAN) in a home.¶
This section will then conclude with key deployment decisions, which have both operational as well as technology policy implications.¶
As noted in [Tussle] there has always been a tension in the end-to-end model between how much intelligence and processing takes place along the end-to-end path inside of a network and how much takes place at the end of the network in servers and/or end user client devices and software. In this new approach to low latency networking, entry into a low latency queue depends upon marks in the packet header of a particular application flow. In practice, this marking is best left to the application edge of the network, rather than it being a funcyion of a so-called middlebox. As explored below, this is the most efficient, least prone to error or mis-classification, and is most acceptable from the standpoint of network neutrality regulation.¶
The best approach is for applications to mark traffic to indicate their preference for the low latency queue, not the network making such a decision on its own. This is for several reasons:¶
Any application provider should be able to mark their traffic for the low latency queue, with no restrictions other than standards compliance or other reasonable and openly documented technical guidelines. This maintains the loose cross-layer coupling that is a key tenet of the Internet's architecture by eliminating the need for application providers and networks to coordinate and creates an environment of so-called "permissionless innovation".¶
Traffic sent TO a peer network marked with ECT(1) or CE in the ECN header MUST pass to that peer without altering or removing the ECT(1) or CE marking (see exception below). Traffic FROM peers marked with ECT(1) or CE in the ECN header MUST be allowed to enter the network without altering or removing the ECT(1) or CE marking (see exception below). The only exception would be when a network element is CE-aware and able to add a CE mark to signal that it is experiencing congestion at that hop.¶
This part - allowing unmodified ECN across the network - is likely to be easier than DSCP-45 for NQB (see next section), since it appears rare that networks modify the ECN header of packet flows.¶
Traffic sent TO a peer network marked with DSCP value 45 MUST pass to that peer without altering or removing the DSCP 45 marking (see exception below). Traffic FROM peers marked with DSCP value 45 MUST be allowed to enter the network without altering or removing the DSCP 45 marking (see exception below). Peer marking exception: Some peer networks may use DSCP 45 for purposes other than NQB LL within their network. In these cases, the peer using DSCP 45 for other purposes is responsible for remarking on ingress and egress from their network. In all cases, traffic marked DSCP 45 must still be handled as best efforts - not a higher priority than other Internet traffic.¶
Within an ISP network, packets will typically traverse edge routers, backbone routers, and regional/local routers before being send into a last-mile access network to which end users are connected. In the case of ECN, there are unlikely to be any issues in these hops, as ECN appears to pass end-to-end across most networks. Nevertheless, it is important to check network policies and router configurations to confirm this and to validate it via packet captures at an end user CPE.¶
Ensuring support for NQB via DSCP-45 may be more challenging, as network operators typically have unique uses of various DSCP marks within their network, such as to differentiate residential internet traffic from commercial internet, transit, voice services, management traffic, and so on. If DSCP-45 is already used, then a network policy will need to be created and deployed that will transform ingress packets at the peer edge marked as DSCP-45 to some internal-use value, then back again to DSCP-45 when packets hit the end user CPE. Then the reverse must be done for egress packets, changing DSCP-45 marks from CPE to the internal-use value and then at the peering edge back to DSCP-45. There will also need to be a policy to transform DSCP marks from the internal-use value back to DSCP-45 at the CPE for cases when a flow is peer-to-peer, meaning directly between two end users on a given ISP network.¶
If possible, for operational simplicity, a network should try to maintain the use of DSCP 45 on an end-to-end basis without remarking in their interior network hops. This may not be possible in all networks, because some may already use DSCP 45 for some private internal reason. In such cases, packets must obviously be remarked to and from DSCP 45 at the customer edge (CPE) and network ingress/egress to other networks. But if DSCP 45 is not used internally, it is far simpler for network operations and troubleshooting to preserve that mark on an end to end basis.¶
There are two hops of interest in the last mile access network. One will be a point of user aggregation, such as a Cable Modem Termination System (CMTS) or Optical Line Terminal (OLT). The second is at the user location, such as a Cable Modem (CM) or Optical Network Unit (ONU), both of which are example of CPE.¶
The specifications in [I-D.ietf-tsvwg-nqb] describe a concept of Traffic Protection, also known as a Queue Protection Function [I-D.briscoe-docsis-q-protection] or simply Queue Protection. The document says that Traffic Protection is optional and may not be needed in certain networks. In the case of an ISP deploying low latency networking with two queues, an ISP should consider deploying such a network function to at least detect mismarking (if not necessarily to correct mismarking). This may be implemented, for example, in end user CPE, last mile network equipment, and/or elsewhere in the ISP network - or closely monitors network statistics and user feedback for any indication of widespread low latency packet mismarking by applications.¶
Queue Protection can be implemented any place that there are two queues for low latency networking. For example, for downstream traffic, this would be in the aggregation device (i.e., CMTS, OLT) and in the upstream direction in the CPE (i.e., CM or ONU).¶
In most residential internet services, there are typically two equipment modes. One is very simple CPE that hands off from the ISP's access network (i.e., DSL, 5G, DOCSIS, PON) and provides the customer with an Ethernet interface and IP address(es). The customer then connects their own router and wireless access point (often integrated into the router, typically referred to as a "wireless gateway" or "wireless router"). The other model is more typical, which is that the CPE integrates a link layer termination function (i.e., Cable Modem, 5G radio, or Optical Network Unit) as well as a wireless gateway.¶
Not all ISP networks support both of these models; sometimes only a wireless gateway is available. Even in this case, some users "double NAT" and install their own router and wireless access point(s) to get whatever functionality and control over their home network that they desire. The cases explored below are commonplace but may not apply to all networks.¶
To create the best foundation for growth, both customer-owned and ISP-administered Customer Premises Equipment (CPE) should be supported (assuming that is typical and technically feasible in a particular type of access network), when applicable. In mobile networks, where a user device connects directly to the network, this may be easier as it simply depends upon operating system software in that end user device. In fixed networks, there is usually CPE that demarcates between the ISP network and the user's home LAN. The software running on those CPE devices will also need to support low latency networking, as well as software in other ISP network devices where CPE connections are aggregated. The more CPE devices that are enabled, the greater the pool of potential users, and thus the broader adoption would be, positively driving network effects.¶
In some cases, dual queue networking and associated packet marking is supported up to the ISP's demarcation point - such as in a cable modem. It is recommended that packet markings should pass from such a demarcation point to any attached customer-administered CPE, such as a router or wireless access point. That enables a customer-administered router to implement dual queue networking, rather that it only being possible with ISP-administered CPE.¶
As noted above with the mention of an integrated wireless gateway, and is most common, the CPE and router/wireless network gear may be integrated into a single CPE device. Even though these are functionally in one piece of hardware, we can think of the wide area network interface and local area network as functionally separate for purposes of this analysis.¶
As noted above with respect to prioritization of packets in the ISP network, all packets should be handled with the same best effort priority in the ISP access network and on the internet. However, in a user's home Wi-Fi (wireless) local area network (WLAN), this is more complicated, because there is not a precise mapping between IETF packet marking and IEEE 802.11 marking, explored in [RFC8325]. In short, today's 802.11 specifications enable a Wi-Fi network to have multiple queues, using different "User Priority" and "Access Category" values. At the current time, these queues are AC_BK (Background), AC_BE (Best Effort), AC_VI (Video), and AC_VO (Voice).¶
As explored in [I-D.ietf-tsvwg-nqb], packets in the low latency queue may be expected to be marked for the best effort (AC_BE) or video (AC_VI) wireless queue. For additional context, please refer to Section 8.1 of [I-D.ietf-tsvwg-nqb]. In some situations, such as a user-owned wireless access point or CPE, it may not be possible for the user to select which wireless queue is used. In cases where the CPE is ISP-administered, selecting a specific wireless queue may be possible - though it is not yet clear what the best practice may be for this selection until ISPs and application developers have more experience with low latency networking. As of the writing of this document, it appears that the AC_VI queue may be used for the low latency queue in some networks - and that many latency-sensitive applications are already marking their WLAN traffic for AC_VI and AC_VO.¶
Since the IETF's NQB specification is only recently completed, many applications that have been using other DSCP marks for their latency-sensitive flows have not yet shifted to adopt DSCP-45. One example is the Microsoft Xbox platform [Microsoft], which is using DSCP-46. So in the relatively short-term, ISPs may find it beneficial to their customers to use a more permissive upstream NQB admission policy, allowing DSCP-40, 45, 46, and 56 admission into the low latency queue. It may take a year or more after the NQB DSCP assignment is made by IANA for developers to shift to DSCP-45, given other items in their development backlog and their software release schedule.¶
Thanks to Bob Briscoe, Mat Ford, Vidhi Goel, Eliot Lear, Sebastian Moeller, Sebnem Ozer, Jim Rampley, Dan Rice, Greg Skinner, Greg White, and Yiannis Yiakoumis for their review and feedback on this document.¶
RFC Editor: Please remove this section before publication.¶
This memo includes no requests to or actions for IANA.¶
The key security consideration pertains to Queue Protection. As the current time, it is recommended that implementers utilize Queue Protection, to ensure that any traffic that is incorrectly marked for low latency can be detected and remarked for the classic queue. The necessity of Queue Protection remains something of a debate, with some firmly believing it is necessary but others believing that it is not needed. The latter view is that application developers have a natural incentive to correctly mark their traffic, because to do otherwise would worsen the quality of experience (QoE) for their users. In that line of thinking, if a developer mismarks, they and/or their users will notice and they will fix that error. However, it is also conceivable that malicious software could be operating on a user's device or home network and that malicious software could try to send some much traffic to the low latency queue that the queue or both queues become unusable. This is quite similar to other "traditional" denial of servce (DoS) attacks, so it does not necessarily seems unique to low latency networking. But due to the possibility of this occuring, and low latency networking being such a new approach, it seems prudent to implement Queue Protection.¶
Network Neutrality (a.k.a. Net Neutrality) can mean a variety of things within a country, as well as between different countries, based on different opinions, market structures, business practices, laws, and regulations. Generally speaking, In the context of the United States' market, it has come to mean that Internet Service Providers (ISPs) should not block, throttle, or deprioritize lawful application traffic, and should not engage in paid prioritization, among other things. Net Neutrality concerns can sometimes affect the deployment of new technologies by ISPs, so they should carefully consider regulatory issues when making deployment decisions.¶
As it is envisioned in the design of the IETF's new low latency networking protocols, the addition of a low latency packet processing queue at a network link is merely a second packet queue and does not mean that this queue is hierarchically prioritized or that it has more capacity. As a result, low latency networking appears to pose no new Net Neutrality issues. However, it is important for ISPs to keep these risks in mind as they make deployment design decisions.¶
One key aspect of low latencty networking is that it operates, from the perspective of an ISP's deployment, is application-agnostic. The ISP creates a second network queue on key network links, but does not decide on their own what applications can use this queue. Rather, they add the queue and packet flows are sent to that queue based on packet marking set by application developers. This approach is far superior to older approaches, which caused significant Net Neutrality risks [Lotus], that used middleboxes to attempt to infer applications based on observing packet flows on ISP network links.¶
RFC Editor: Please remove this section before publication.¶
v00: First draft¶
v01: Incorporate comments from 1st version after IETF-115¶
v02: Incorporate feedback from the TSVWG mailing list¶
v03: Final feedback from TSVWG and prep for sending to ISE¶
v04: Refresh expiration before major revision¶
v05: Changes from Greg Skinner and Eliot Lear¶
v06: More changes from Eliot Lear¶
v07: More changes from Eliot Lear¶
RFC Editor: Please remove this section before publication.¶
- Open issues are being tracked in a GitHub repository for this document at https://github.com/jlivingood/IETF-L4S-Deployment/issues¶