Network Working Group H. Chen INTERNET-DRAFT Y. Yin Intended Status: Informational Huawei Technologies Expires: September 21, 2016 G.Chen China Telecom March 20, 2016 Cross-layer Cooperation for Encrypted Traffic draft-chen-tsvwg-crosslayer-cooperation-00 Abstract This memo mainly considers the requirement and feasibility of cross- layer design in the encrypted traffic scenario. By permitting the interaction between the encrypted application layer and non-encrypted transport/network layer, the network layer may schedule service flow more properly and the application layer may know the network status information well, which actually optimize the network bandwidth. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on September 21, 2016. Copyright and License Notice Chen & Yin, et al Expires September 21, 2016 [Page 1] Internet-Draft Cross-layer Cooperation March 2016 Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Cross-layer Cooperation for Encrypted Traffic . . . . . . . . . 3 2.1 Up to down information sharing . . . . . . . . . . . . . . . 4 2.2 Down to up information sharing . . . . . . . . . . . . . . . 4 3 Extended Discussion . . . . . . . . . . . . . . . . . . . . . . 5 3.1 Mobile Video Scenario . . . . . . . . . . . . . . . . . . . 5 3.2 Future Discussion . . . . . . . . . . . . . . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.1 Normative References . . . . . . . . . . . . . . . . . . . 6 7.2 Informative References . . . . . . . . . . . . . . . . . . 7 1. Introduction Implemented by OTT, the encrypted traffic is increasing on the Internet over the past few years and will continue to increase. This brings up the problem for the network operator to effectively manage the flows. The reason lies in that network devices(e.g router, firewall, DPI) controlled by Operator could not parse the flow contents sending by server/client controlled by OTT. Traffic encryption in fact hinders most existing bandwidth optimization methods. Seeing from the layering perspective, as shown in Figure.1, traffic encryption results in the application layer disconnection between OTT Chen & Yin, et al Expires September 21, 2016 [Page 2] Internet-Draft Cross-layer Cooperation March 2016 controlled devices and Operator controlled devices. Cross-layer cooperation is one possible way to resolve the problem. It removes the strict boundaries between each layer to allow communication between them. For example, by permitting transport layer to access the data of application layer to exchange information and enable interaction, network devices is able to learn OTT information contents to implement bandwidth optimization. OTT +-------------- Controlled -------------+ | | | | | Operator | | Controlled | | | | .........|....... ........|........ .......|......... . . . . . . . +-----------+ . . +-----------+ . . +-----------+ . . |Application|<---X--->|Application|<---X--->|Application| . . +-----------+ . . +-----------+ . . +-----------+ . . . . . . . . +-----------+ . . +-----------+ . . +-----------+ . . | Transport |<------->| Transport |<-------> Transport | . . +-----------+ . . +-----------+ . . +-----------+ . . . . . . . . +-----------+ . . +-----------+ . . +-----------+ . . | Network |<------->| Network |<------->| Network | . . +-----------+ . . +-----------+ . . +-----------+ . ................. ................. ................. Client L4-L7 Server Network Device Figure.1 Problem with traffic encryption 2. Cross-layer Cooperation for Encrypted Traffic The problem with the encrypted traffic is the inaccessible of some useful information which required by operator to manage their networks. For example, without flow types and flow control information, network operator can not predict the traffic evolution in real time[Dadas]. Information sharing between the encrypted part and non-encrypted part is vital to make the bandwidth optimization possible. As shown in Figure.2, it can be generalized to bidirectional interactive: (a)up Chen & Yin, et al Expires September 21, 2016 [Page 3] Internet-Draft Cross-layer Cooperation March 2016 to down information sharing and (b)down to up information sharing. ......................... . +-------------------+ . . | Application Layer | . Encrypted . +-+---------------^-+ . ....|...............|.... | | (a)| |(b) | | | | | | ....v...............+.... . +-------------------+ . . | Transport Layer | . . +-------------------+ . Non-encrypted . . . +-----------------+-+ . . | Network Layer | . . +-------------------+ . ......................... Figure.2 Cross-layer cooperation for traffic encryption 2.1 Up to down information sharing Through the interfaces the application layer opened up, it may send data down to network layer for network management benefits. The data can be one bit to indicate the encryption state or several bits to indicate the flow types and flow control information. The network device needs these information to determine in which way to deal with the flow. 2.2 Down to up information sharing Through the interfaces the network layer opened up, it may send data up to the application layer for network management/optimization benefits. These data include some more detailed flow information required by the network devices. Then the application layer may share the required information with the transport layer or network layer to enable the fine-grained flow management. For example, the network device may inform the server/client to share URL information included in flow content, in case that the flow be blocked by middle box as malicious traffic due to encryption. Chen & Yin, et al Expires September 21, 2016 [Page 4] Internet-Draft Cross-layer Cooperation March 2016 3 Extended Discussion Cross-layer cooperation is useful in some other scenario in addition to traffic encryption scenario. Mobile video service is a good example with the emerging AR/VR technique. A more powerful network is demand to provide sufficient bandwidth and the wide dynamic range. 3.1 Mobile Video Scenario Existing TCP-based video streaming transmission is hard to meet the requirement, especially when experiencing a long RTT scenario or in the wireless scenario with high packet loss ratio. All these will result in an inefficient use of network bandwidth and thus seriously impact the user's experience. Cross-layer cooperation may help to solve this problem and Figure.3 shows some example of interactive among protocol layers: +-------------------+ | Application Layer +---+ +-------------------+ | | | +-------------------+ | | Transport Layer | | +-^---------------+-+ | | | | | | | (a)| (b)| |(c) | | | | | | | | | +-+---------------v-+ | | Network Layer <---+ +-------------------+ Figure.3 Cross-layer cooperation for mobile video service Arrow(a) indicates that the network layer may share information with transport layer. Examples include ECN[ECN] and CQIC[CQIC]. By permitting transport layer to obtain the network layer information such as congestion state or bottleneck bandwidth information, bandwidth optimization can be achieved. Arrow(b) indicates that the transport layer may share some Chen & Yin, et al Expires September 21, 2016 [Page 5] Internet-Draft Cross-layer Cooperation March 2016 information with the network layer. Example could be accurate congestion notification. The transport layer will inform the network layer the type of information of interest. Then the network layer may provide these information to the transport layer according to certain in-band approach and thus enable the accurate congestion notification. Arrow(c) indicates that the application layer may share information with network layer. Typical example include Path Element Computing(PCE). For PCE, the application layer will compute the desired routing path and share this information with the network layer to enable the routing path optimization. 3.2 Future Discussion In the original OSI networking model, strict boundaries between layers are enforced, where data are kept strictly within a given layer. Cross-layer cooperation removes such strict boundaries to allow communication between layers. It permits one layer to access the data of another layer in certain way to exchange information and enable interaction. With the fast-growing demand of high-bandwidth value-added services, network model itself need to evolve. Interactive network model which employs cross-layer cooperation should be take into consideration. 4. Security Considerations Security considerations are not addressed in this document. 5. Acknowledgements The authors would like to thank Feng Li and Jin Li for their comments and contributions. 6. IANA Considerations No IANA action is needed for this document. 7. References 7.1 Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Chen & Yin, et al Expires September 21, 2016 [Page 6] Internet-Draft Cross-layer Cooperation March 2016 7.2 Informative References [Dadas] Dadas, M., Stephan, E., Cayla, M., Oprescu, I., "Managing Radio Networks in an Encrypted World (MaRNEW) Workshop", September 2015. [ECN] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001. [CQIC] Lu, F., Du, H., Jain, A., Voelker, G. M., Snoeren, A. C., Terzis, A., "CQIC: Revisiting Cross-Layer Congestion Control for Cellular Networks ", Proceedings of The 16th International Workshop on Mobile Computing Systems and Applications (HotMobile), ACM (2015), pp. 45-50. Authors' Addresses Hao Chen Huawei Technologies 12, E. Mozhou Rd., Jiangning Dist., Nanjing, Jiangsu 211111 China Phone: +86-25-56629007 EMail: philips.chenhao@huawei.com Yue Yin Huawei Technologies 12, E. Mozhou Rd., Jiangning Dist., Nanjing, Jiangsu 211111 China Phone: +86-25-56629013 EMail: yinyue@huawei.com Ge Chen China Telecom 109, E. Zhongshan Ave., Tianhe Dist., Guangzhou, Guangdong 510630 China Phone: +86-020-38639392 EMail: cheng@gsta.com Chen & Yin, et al Expires September 21, 2016 [Page 7]