| Internet-Draft | Anomalous Packets Handling for DetNet | February 2025 |
| Han, et al. | Expires 23 August 2025 | [Page] |
In deterministic networking (DetNet), there may be resource conflicts at the flow aggregation nodes, resulting in network anomalies. The existing mechanisms for handling anomalous packets in the data plane are crude, such as discarding or processing them as BE flows, so the network performance may be worse than applying traditional QoS. Therefore, in order to handle the anomalous traffic, the data plane should implement an enhanced handling mechanism.¶
This document proposes an anomalous packet handling solution for anomalous traffic in DetNet. This solution includes two policies: the packet squeezing policy and the packet degrading policy, which can be applied flexibly to a variety of queuing mechanisms, thereby ensuring that network traffic for deterministic services is preferentially scheduled in anomalous situations.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 23 August 2025.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
DetNet is capable of providing real-time application services with deterministic guarantees such as bounded latency, low jitter, and low packet loss rate, as per [RFC8655]. One of the major technologies of DetNet is resource allocation, as per [RFC8938]. Resource allocation reduces the packet loss and jitter caused by network congestion by allocating available resources to specified DetNet flows. The control plane orchestrates the paths of DetNet flows to avoid resource conflicts, while the data plane transmits DetNet flows based on the orchestration result from the control plane, with traffic shaping, flow admission control, and encapsulation of forwarding information, etc., to maintain QoS.¶
Each node in the end-to-end path may serve as an aggregation node. Aggregated flows that belong to the same traffic class will share the reserved resources at the outgoing port. Ideally, the transmission of each flow within the same traffic class strictly conforms to the scheduling of the control plane, thus being able to meet the strict requirements of a narrowly deterministic network. However, due to the diversity of deterministic flows—such as occasional microbursts and packet size fluctuations—this ideal case is often difficult to fulfill. Allocating resources based on the maximum packet size may lead to waste, whereas basing them on the average size may cause resource conflicts. Furthermore, software and hardware limitations can introduce additional discrepancies. For instance, algorithmic flaws in the control plane may lead to resource conflicts in extreme cases, and high-priority protocol messages (e.g., ARP packets under abnormal conditions) in the data plane may preempt service packets, causing delays for lower-priority flows.¶
To address these network anomalies, the control plane should properly schedule resources to avoid resource conflict at the aggregation nodes. As defined in [RFC8655], it proposes a service protection solution such as PREOF based on multi-path transmission. Although PREOF can prevent performance reduction by reserving a large amount of redundant resources for the specified service flows, it may cause a serious waste of resources or even a light load in the network, which further diminishes the advantage of deterministic technologies. In the data plane, the existing mechanisms are relatively simple and crude. For example, the data plane may choose to discard packets directly or buffer them until the resources allocated to its traffic class become available. Both of the solutions will result in even worse QoS than that of BE flows.¶
Therefore, the processing of anomalous packets from deterministic services should be automatically optimized in the data plane. The processing of anomalous packets is an indispensable part of the future implementation and application of the entire deterministic network technology.¶
This document proposes an anomalous packet handling policy and solution for DetNet, supporting two anomalous packet handling policies, packet squeezing and packet degrading, which can be enabled individually or together. The control plane and users can configure the policies’ activation and associated parameters. Detailed procedures for implementing these policies across various queuing mechanisms are also provided.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
The real-time detection in the data plane aims to identify anomalous forwarding behaviors. Upon detection, enhanced processing policies, such as packet squeezing and degrading, are applied to ensure that deterministic flows are scheduled preferentially, even under abnormal conditions.¶
The detection process is closely associated with the queuing mechanisms employed. Typically, for TQF[I-D.peng-detnet-packet-timeslot-mechanism], the target output timeslot of a packet at the current node can be determined based on the upstream timeslot label carried by the packet and the basic timeslot mapping.¶
For EDF[I-D.peng-detnet-deadline-based-forwarding], the target output timeslot at the current node is calculated based on the budget and delay target carried in the packet. Each output timeslot is associated with a queue. When a packet arrives, it is enqueued in the corresponding queue. For CQF, if the current scheduling timeslot is 1 and the target timeslot is 5, the packet for target output timeslot 5 will be preemptively placed into the corresponding queue. Before the packet enters the output queue, the queue depth is checked. If it does not exceed the allowable packet capacity of the queue, the packet is enqueued normally. If it exceeds the allowable capacity, it indicates an anomaly.¶
The proposed solution supports two enhanced anomalous packet handling policies in the data plane:¶
These policies provide flexibility in terms of activation; they can be enabled concurrently, selectively, or not at all. If neither policy is enabled, the default mechanism, such as discarding the packets or treating them as a BE flow will be utilized.¶
The data plane can support the squeezing policy by allowing the configuration of the squeezing threshold. When anomalous traffic causes the queue occupancy to exceed its permitted capacity—but remains below the squeezing threshold—the system applies the squeezing policy. Specifically, the system will enqueue the packets and record the number of squeezed bits. According to the squeezing policy, packets that can not be sent within the allocated time should be squeezed into the next timeslot until the queue gets empty. It should be noted that the squeezing policy is compatible with various queuing mechanisms, although it may not be available in all. Regarding different queuing mechanisms, the implementation of the squeezing policy varies.¶
Assume that each timeslot permits 4000 bits, and the squeezing threshold is set to 2000 bits. Consider a service flow where the size of each packet is fixed at 1000 bits. Packets 1 to 4 are assigned to timeslot 1, while packets numbered 5 to 7 are assigned to timeslot 2. Due to the presence of aggregated traffic, assume that the current depth of queue 1 is 2000 bits.¶
|<----timeslot1---->|<----timeslot2---->|<----timeslot3---->|
+---------+---------+-------------------+-------------------+
|/////////| | | |
+---------+---------+-------------------+-------------------+
packet sequence of the flow
+----+----+----+----+----+----+----+
| P7 | P6 | P5 | P4 | P3 | P2 | P1 | --->
+----+----+----+----+----+----+----+
P1 P2 P3 P4 -> target timeslot : 1
P5 P6 P7 -> target timeslot : 2
|
\/
+---------+----+----+----+----+
queue 1 |/////////| P1 | P2 | P3 | P4 |
+---------+----+----+----+----+
+----+----+----+
queue 2 | P5 | P6 | P7 |
+----+----+----+
|-----timeslot1-----|-----timeslot2-----|-----timeslot3-----|
+---------+----+----+----+----+----+----+----+--------------+
|/////////| P1 | P2 | P3 | P4 | P5 | P6 | P7 | |
+---------+----+----+----+----+----+----+----+--------------+
|<------->|
squeezing threshold
Figure 1 illustrates the processing of packets in the service flow with serial numbers 1 through 7. Packets 1 and 2 are put into queue 1 sequentially. Therefore, queue 1 has reached the permitted carrying threshold of 4000 bits. When packets 3 and 4 arrive, they are determined to be anomalous packets.¶
Since the squeezing policy is enabled with a threshold of 2000 bits, packets 3 and 4 are enqueued in queue 2, while retaining their timeslot label of 1. Based on the squeezing policy, packets 3 and 4 are squeezed into timeslot 2 for transmission. At this point, the buffer depth of the queue increases to 2000 bits. Subsequently, packets 5, 6, and 7 which are targeted for timeslot 2, are allowed to enter queue 2. However, when queue 2 reaches its upper limit of 4000 bits, packet 7 is marked as an anomalous packet. It is enqueued in queue 2 and postponed for transmission in timeslot 3.¶
At the aggregation node, continuous bursts may lead to successive squeezing, which in turn may trigger a chain reaction. Without safeguards, packets squeezed from one timeslot into the next may accumulate indefinitely, undermining deterministic transmission guarantees. To prevent unbounded accumulation caused by consecutive squeezing, the following two safeguard mechanisms are introduced:¶
|----timeslot1----|----timeslot2----|----timeslot3----|----timeslot4----|
|---------queue1---------|-----queue2------|----queue3-----|---queue4---|
|<--------------------------------------------------------------------->|
synchronization threshold
The data plane supports the degrading policy and allows for the configuration of degrading parameters, and can be used either in combination or independently. When the degrading policy is used in conjunction with the squeezing policy, it processes anomalous traffic that exceeds the squeezing threshold. The degrading policy can also be deployed on its own. For anomalous packets that go beyond the allowed buffer capacity, the degrading policy can be directly applied.¶
For EDF, packets are delayed based on the target sending time. The delayed period can be flexibly configured due to the level of busyness at the current outgoing port. For TAS/CQF and their variations, packets are redirected to a queue with a lower priority.¶
When both squeezing and degrading policies are enabled, the node shall perform the following steps:¶
The following anomaly handling policies are involved in this document:¶
If the data plane does not enable either the squeezing or degrading policy, or if neither policy is applicable, anomalous packets will be processed by the existing default methods, such as discarding. When the data plane supports multiple anomalous packets handling policies, the enabled policies and related parameters can be configured by the control plane.¶
Once the data plane automatically handles anomalies using either the squeezing policy or the degrading policy, it should promptly report these anomalies to the controller. This enables the controller to perceive detailed insights into the network anomalies and take appropriate actions, such as re-orchestration, flow entry re-configuration, resource expansion, etc. In addition to reporting to the controller, the data plane should also transmit the anomaly information to the downstream nodes. This allows downstream nodes adjust their forwarding behavior or restore the original parameters of the packets according to the received anomaly information. The anomaly information reported by the data plane includes, but is not limited to:¶
Anomalous packet handling policy information:¶
When a node in the data plane receives a DetNet packet, it first checks for anomalies. If an anomaly is detected, the node initiates the procedure for anomalous packets.¶
Policy-based Packet Processing.¶
After processing the anomalous packets, the node sends the anomaly information to the controller and/or the downstream node.¶
This illustrates the anomaly detection and handling policy in the forwarding plane when the TQF is employed.¶
It is assumed that TQF mechanism supports three cycles (A, B, and C) at the egress ports. In these cycles, the timeslot size increases in powers of 2 while the number of timeslots decreases in powers of 2. Cycle A supports eight queues, and in addition, a low-priority BE queue is provided. For Cycle A, the timeslot mapping is defined as 0 -> 5; for the Cycle B, the mapping is 0 -> 3. It is assumed that each TQF timeslot in Cycle A allows a maximum capacity of 10,000 bits, Cycle B 20,000 bits, and Cycle C 40,000 bits. When the queue depth of Cycle A exceeds 10,000 bits, it indicates that an abnormal condition has occurred.¶
Furthermore, the control plane is configured to enable the squeezing policy on the forwarding plane with a squeezing threshold set to 15,000 bits and to enable the degrading policy, which is configured in a stepwise degrading mode.¶
Consider a certain service flow where each packet is 1,000 bits in size. Packets 1 to 10 use cycle cycle A and carry a timeslot value of 0; packets with sequence numbers 11 to 15 also use cycle cycle A, but carry a timeslot value of 2. When packet 1 arrives at the node, the current queue depth of timeslot 5 is 8,000 bits, and that of timeslot 7 is 0 bits.¶
Processing Procedure:¶
packet sequence (from right to left)
+---+---+---+---+---+---+--+--+--+--+--+--+--+--+--+
|P15|P14|P13|P12|P11|P10|P9|P8|P7|P6|P5|P4|P3|P2|P1| --->
+---+---+---+---+---+---+--+--+--+--+--+--+--+--+--+
P1 P2 P3 P4 P5 P6 P7 P8 P9 P10 : Cycle A timeslot 0->5
P11 P12 P13 P14 P15 :Cycle A timeslot 2->7
|
\/
Cycle A
+-----------+--+--+--+--+--+--+--+
queue 5 |///////////|P1|P2|P3|P4|P5|P6|P7|
+-----------+--+--+--+--+--+--+--+
+---+---+---+---+---+
queue 7 |P11|P12|P13|P14|P15|
+---+---+---+---+---+
Cycle B
+--+--+---+
queue 3 |P8|P9|P10|
+--+--+---+
Cycle A
|------timeslot5------|------timeslot6------|------timeslot7------|
+---------------+--+--+--+--+--+--+--+------+---+---+---+---+---+-|
|///////////////|P1|P2|P3|P4|P5|P6|P7| |P11|P12|P13|P14|P15| |
+---------------+--+--+--+--+--+--+--+------+---+---+---+---+---+-|
Cycle B
---timeslot2----------|-----------------timeslot3-----------------|
+---------------------+--+--+---+---------------------------------+
| |P8|P9|P10| |
+---------------------+--+--+---+---------------------------------+
When packets 1 and 2 are enqueued into queue 5 according to the Cycle A timeslot mapping 0 -> 5, the depth of queue 5 reaches 10,000 bits.Upon the arrival of packet 3, if it were to be enqueued using the same mapping (0 -> 5), the queue depth would exceed the 10,000-bit threshold, thereby indicating the presence of abnormaly. Since the squeezing policy is enabled with a threshold of 15,000 bits, packets 3 to 7 are processed in squeezing mode and are enqueued into queue 5, retaining the output timeslot label 5.¶
When packet 8 arrives, enqueuing it in queue 5 would cause the cumulative bits to exceed the 15,000-bit squeezing threshold. Consequently, the degrading policy is triggered. Packets 8 to 10 are degraded from Cycle A to Cycle B. Based on the Cycle A transmission timeslot value(0) carried in the packet, which is converted to Cycle B transmission timeslot 0, the Cycle B mapping (0 → 3) is applied so that packets 8–10 are enqueued into Cycle B’s Queue 3. Packets 11 to 15 mapped using timeslot 2 -> 7, are enqueued normally as the queue depth remains within the 10,000-bit capacity.¶
TBA¶
TBA¶
TBA¶