Internet DRAFT - draft-iab-qos


Internet Architecture Board                                    G.Huston
Internet Draft                                                  Telstra
Document: draft-iab-qos-02.txt                              August 2000
Category: Informational 
                 Next Steps for the IP QoS Architecture 
Status of this Memo 
   This document is an Internet-Draft and is in full conformance with 
   all provisions of Section 10 of RFC2026 [1].  
   Internet-Drafts are working documents of the Internet Engineering 
   Task Force (IETF), its areas, and its working groups. Note that 
   other groups may also distribute working documents as Internet-
   Drafts. Internet-Drafts are draft documents valid for a maximum of 
   six months and may be updated, replaced, or obsoleted by other 
   documents at any time. It is inappropriate to use Internet- Drafts 
   as reference material or to cite them other than as "work in 
   The list of current Internet-Drafts can be accessed at  
   The list of Internet-Draft Shadow Directories can be accessed at 
1. Abstract 
   While there has been significant progress in the definition of QoS 
   architectures for internet networks, there are a number of aspects 
   of QoS that appear to need further elaboration as they relate to 
   translating a set of tools into a coherent platform for end-to-end 
   service delivery. This document highlights the outstanding 
   architectural issues relating to the deployment and use of QoS 
   mechanisms within internet networks, noting those areas where 
   further standards work may assist with the deployment of QoS 
   This document is the outcome of a collaborative exercise on the part 
   of the Internet Architecture Board. 
2. Introduction 
   The default service offering associated with the Internet is 
   characterized as a best-effort variable service response. Within 
   this service profile the network makes no attempt to actively 
   differentiate its service response between the traffic streams 
   generated by concurrent users of the network. As the load generated 
   by the active traffic flows within the network varies, the network's 
   best effort service response will also vary.  
Huston          Informational - Expires December 2000                 1
                 Next Steps for the QoS Architecture       August 2000 
   The objective of various Internet Quality of Service (QoS) efforts 
   is to augment this base service with a number of selectable service 
   responses. These service responses may be distinguished from the 
   best-effort service by some form of superior service level, or they 
   may be distinguished by providing a predictable service response 
   which is unaffected by external conditions such as the number of 
   concurrent traffic flows, or their generated traffic load. 
   Any network service response is an outcome of the resources 
   available to service a load, and the level of the load itself. To 
   offer such distinguished services there is not only a requirement to 
   provide a differentiated service response within the network, there 
   is also a requirement to control the service-qualified load admitted 
   into the network, so that the resources allocated by the network to 
   support a particular service response are capable of providing that 
   response for the imposed load. This combination of admission control 
   agents and service management elements can be summarized as "rules 
   plus behaviors". To use the terminology of the Differentiated 
   Service architecture [4,] this admission control function is 
   undertaken by a traffic conditioner (an entity which performs 
   traffic conditioning functions and which may contain meters, 
   markers, droppers, and shapers), where the actions of the 
   conditioner are governed by explicit or implicit admission control 
   As a general observation of QoS architectures, the service load 
   control aspect of QoS is perhaps the most troubling component of the 
   architecture. While there are a wide array of well understood 
   service response mechanisms that are available to IP networks, 
   matching a set of such mechanisms within a controlled environment to 
   respond to a set of service loads to achieve a completely consistent 
   service response remains an area of weakness within existing IP QoS 
   architectures. The control elements span a number of generic 
   requirements, including end-to-end application signaling, end-to-
   network service signaling and resource management signaling to allow 
   policy-based control of network resources. This control may also 
   span a particular scope, and use 'edge to edge' signaling, intended 
   to support particular service responses within a defined network 
   One way of implementing this control of imposed load to match the 
   level of available resources is through an application-driven 
   process of service level negotiation (also known as application 
   signaled QoS). Here, the application first signals its service 
   requirements to the network, and the network responds to this 
   request. The application will proceed if the network has indicated 
   that it is able to carry the additional load at the requested 
   service level. If the network indicates that it cannot accommodate 
   the service requirements the application may proceed in any case, on 
   the basis that the network will service the application's data on a 
   best effort basis. This negotiation between the application and the 
Huston          Informational - Expires December 2000                 2
                 Next Steps for the QoS Architecture       August 2000 
   network can take the form of explicit negotiation and commitment, 
   where there is a single negotiation phase, followed by a commitment 
   to the service level on the part of the network. This application-
   signaled approach can be used within the Integrated Services 
   architecture, where the application frames its service request 
   within the resource reservation protocol (RSVP), and then passes 
   this request into the network. The network can either respond 
   positively in terms of its agreement to commit to this service 
   profile, or it can reject the request. If the network commits to the 
   request with a resource reservation, the application can then pass 
   traffic into the network with the expectation that as long as the 
   traffic remains within the traffic load profile that was originally 
   associated with the request, the network will meet the requested 
   service levels. There is no requirement for the application to 
   periodically reconfirm the service reservation itself, as the 
   interaction between RSVP and the network constantly refreshes the 
   reservation while it remains active. The reservation remains in 
   force until the application explicitly requests termination of the 
   reservation, or the network signals to the application that it is 
   unable to continue with a service commitment to the reservation [3]. 
   There are variations to this model, including an aggregation model 
   where a proxy agent can fold a number of application-signaled 
   reservations into a common aggregate reservation along a common sub-
   path, and a matching deaggregator can reestablish the collection of 
   individual resource reservations upon leaving the aggregate region 
   [5]. The essential feature of this Integrated Services model is the 
   "all or nothing" nature of the model. Either the network commits to 
   the reservation, in which case the requestor does not have to 
   subsequently monitor the network's level of response to the service, 
   or the network indicates that it cannot meet the resource 
   An alternative approach to load control is to decouple the network 
   load control function from the application. This is the basis of the 
   Differentiated Services architecture. Here, a network implements a 
   load control function as part of the function of admission of 
   traffic into the network, admitting no more traffic within each 
   service category as there are assumed to be resources in the network 
   to deliver the intended service response. Necessarily there is some 
   element of imprecision in this function given that traffic may take 
   an arbitrary path through the network. In terms of the interaction 
   between the network and the application, this takes the form of a 
   service request without prior negotiation, where the application 
   requests a particular service response by simply marking each packet 
   with a code to indicate the desired service. Architecturally, this 
   approach decouples the end systems and the network, allowing a 
   network to implement an active admission function in order to 
   moderate the workload that is placed upon the network's resources 
   without specific reference to individual resource requests from end 
   systems. While this decoupling of control allows a network's 
   operator greater ability to manage its resources and a greater 
   ability to ensure the integrity of its services, there is a greater 
   potential level of imprecision in attempting to match applications' 
   service requirements to the network's service capabilities.  
Huston          Informational - Expires December 2000                 3
                 Next Steps for the QoS Architecture       August 2000 

3. State and Stateless QoS 
   These two approaches to load control can be characterized as state-
   based and stateless approaches respectively.  
   The architecture of the Integrated Services model equates the 
   cumulative sum of honored service requests to the current reserved 
   resource levels of the network. In order for a resource reservation 
   to be honored by the network, the network must maintain some form of 
   remembered state to describe the resources that have been reserved, 
   and the network path over which the reserved service will operate. 
   This is to ensure integrity of the reservation. In addition, each 
   active network element within the network path must maintain a local 
   state that allows incoming IP packets to be correctly classified 
   into a reservation class. This classification allows the packet to 
   be placed into a packet flow context that is associated with an 
   appropriate service response consistent with the original end-to-end 
   service reservation. This local state also extends to the function 
   of metering packets for conformance on a flow-by-flow basis, and the 
   additional overheads associated with maintenance of the state of 
   each of these meters. 
   In the second approach, that of a Differentiated Services model, the 
   packet is marked with a code to trigger the appropriate service 
   response from the network elements that handles the packet, so that 
   there is no strict requirement to install a per-reservation state on 
   these network elements. Also, the end application or the service 
   requestor is not required to provide the network with advance notice 
   relating to the destination of the traffic, nor any indication of 
   the intended traffic profile or the associated service profile. In 
   the absence of such information any form of per-application or per-
   path resource reservation is not feasible. In this model there is no 
   maintained per-flow state within the network. 
   The state-based Integrated Services architectural model admits the 
   potential to support greater level of accuracy, and a finer level of 
   granularity on the part of the network to respond to service 
   requests. Each individual application's service request can be used 
   to generate a reservation state within the network that is intended 
   to prevent the resources associated with the reservation to be 
   reassigned or otherwise preempted to service other reservations or 
   to service best effort traffic loads. The state-based model is 
   intended to be exclusionary, where other traffic is displaced in 
   order to meet the reservation's service targets. 
   As noted in RFC2208 [2], there are several areas of concern about 
   the deployment of this form of service architecture. With regard to 
   concerns of per-flow service scalability, the resource requirements 
   (computational processing and memory consumption) for running per-
   flow resource reservations on routers increase in direct proportion 
   to the number of separate reservations that need to be accommodated. 
   By the same token, router forwarding performance may be impacted 
Huston          Informational - Expires December 2000                 4
                 Next Steps for the QoS Architecture       August 2000 

   adversely by the packet-classification and scheduling mechanisms 
   intended to provide differentiated services for these resource-
   reserved flows. This service architecture also poses some challenges 
   to the queuing mechanisms, where there is the requirement to 
   allocate absolute levels of egress bandwidth to individual flows, 
   while still supporting an unmanaged low priority best effort traffic 
   The stateless approach to service management is more approximate in 
   the nature of its outcomes. Here there is no explicit negotiation 
   between the application's signaling of the service request and the 
   network's capability to deliver a particular service response. If 
   the network is incapable of meeting the service request, then the 
   request simply will not be honored. In such a situation there is no 
   requirement for the network to inform the application that the 
   request cannot be honored, and it is left to the application to 
   determine if the service has not been delivered. The major attribute 
   of this approach is that it can possess excellent scaling properties 
   from the perspective of the network. If the network is capable of 
   supporting a limited number of discrete service responses, and the 
   routers uses per-packet marking to trigger the service response, 
   then the processor and memory requirements in each router do not 
   increase in proportion to the level of traffic passed through the 
   router. Of course this approach does introduce some degree of 
   compromise in that the service response is more approximate as seen 
   by the end client, and scaling the number of clients and 
   applications in such an environment may not necessarily result in a 
   highly accurate service response to every client's application. 
   It is not intended to describe these service architectures in 
   further detail within this document. The reader is referred to 
   RFC1633 [3] for an overview of the Integrated Services Architecture 
   (IntServ) and RFC2475 [4] for an overview of the Differentiated 
   Services architecture (DiffServ).  
   These two approaches are the endpoints of what can be seen as a 
   continuum of control models, where the fine-grained precision of the 
   per application invocation reservation model can be aggregated into 
   larger, more general and potentially more approximate aggregate 
   reservation states, and the end-to-end element-by-element 
   reservation control can be progressively approximated by treating a 
   collection of subnetworks or an entire transit network as an 
   aggregate service element. There are a number of work in progress 
   efforts which are directed towards these aggregated control models, 
   including aggregation of RSVP [5], the RSVP DCLASS Object [6] to 
   allow Differentiated Services Code Points (DSCPs) to be carried in 
   RSVP message objects, and operation of Integrated Services over 
   Differentiated Services networks [7]. 
4. Next Steps for QoS Architectures 
   Both the Integrated Services architecture and the Differentiated 
   Services architecture have some critical elements in terms of their 
   current definition which appear to be acting as deterrents to 
Huston          Informational - Expires December 2000                 5
                 Next Steps for the QoS Architecture       August 2000 

   widespread deployment. Some of these issues will probably be 
   addressed within the efforts to introduce aggregated control and 
   response models into these QoS architectures, while others may 
   require further refinement through standards-related activities. 
4.1 QoS-Enabled Applications 
   One of the basic areas of uncertainty with QoS architectures is 
   whether QoS is a per-application service, whether QoS is a 
   transport-layer option, or both. Per-application services have 
   obvious implications of extending the QoS architecture into some 
   form of Application Protocol Interface (API), so that applications 
   could negotiate a QoS response from the network and alter their 
   behavior according to the outcome of the response. Examples of this 
   approach include GQOS [8], and RAPI [9]. As a transport layer 
   option, it could be envisaged that any application could have its 
   traffic carried by some form of QoS-enabled network services by 
   changing the host configuration, or by changing the configuration at 
   some other network control point, without making any explicit 
   changes to the application itself. The strength of the transport 
   layer approach is that there is no requirement to substantially 
   alter application behavior, as the application is itself unaware of 
   the administratively assigned QoS. The weakness of this approach is 
   that the application is unable to communicate what may be useful 
   information to the network or to the policy systems that are 
   managing the network's service responses. In the absence of such 
   information the network may provide a service response that is far 
   superior than the application's true requirements, or far inferior 
   than what is required for the application to function correctly. An 
   additional weakness of a transport level approach refers to those 
   class of applications that can adapt their traffic profile to meet 
   the available resources within the network. As a transport level 
   mechanism, such network availability information as may be available 
   to the transport level is not passed back to the application. 
   In the case of the Integrated Services architecture, this transport 
   layer approach does not appear to be an available option, as the 
   application does require some alteration to function correctly in 
   this environment. The application must be able to provide to the 
   service reservation module a profile of its anticipated traffic, or 
   in other words the application must be able to predict its traffic 
   load. In addition, the application must be able to share the 
   reservation state with the network, so that if the network state 
   fails, the application can be informed of the failure. The more 
   general observation is that a network can only formulate an accurate 
   response to an application's requirements if the application is 
   willing to offer precise statement of its traffic profile, and is 
   willing to be policed in order to have its traffic fit within this 
   In the case of the Differentiated Services architecture there is no 
   explicit provision for the application to communicate with the 
   network regarding service levels. This does allow the use of a 
Huston          Informational - Expires December 2000                 6
                 Next Steps for the QoS Architecture       August 2000 

   transport level option within the end system that does not require 
   explicit alteration of the application to mark its generated traffic 
   with one of the available Differentiated Services service profiles. 
   However, whether the application is aware of such service profiles 
   or not, there is no level of service assurance to the application in 
   such a model. If the Differentiated Services boundary traffic 
   conditioners enter a load shedding state, the application is not 
   signaled of this condition, and is not explicitly aware that the 
   requested service response is not being provided by the network. If 
   the network itself changes state and is unable to meet the 
   cumulative traffic loads admitted by the ingress traffic 
   conditioners, neither the ingress traffic conditioners, nor the 
   client applications, are informed of this failure to maintain the 
   associated service quality. While there is no explicit need to alter 
   application behavior in this architecture, as the basic DiffServ 
   mechanism is one that is managed within the network itself, the 
   consequence is that an application may not be aware whether a 
   particular service state is being delivered to the application. 
   There is potential in using an explicit signaling model, such as 
   used by IntServ, but carrying a signal which allows the network to 
   manage the application's traffic within an aggregated service class 
   [6]. Here the application does not pass a complete picture of its 
   intended service profile to the network, but instead is providing 
   some level of additional information to the network to assist in 
   managing its resources, both in terms of the generic service class 
   that the network can associate with the application's traffic, and 
   the intended path of the traffic through the network. 
   An additional factor for QoS enabled applications is that of 
   receiver capability negotiation. There is no value in the sender 
   establishing a QoS-enabled path across a network to the receiver if 
   the receiver is incapable of absorbing the consequent data flow. 
   This implies that QoS enabled applications also require some form of 
   end-to-end capability negotiation, possibly through a generic 
   protocol to allow the sender to match its QoS requirements to the 
   minimum of the flow resources that can be provided by the network 
   and the flow resources that can be processed by the receiver. In the 
   case of the Integrated services architecture the application end-to-
   end interaction can be integrated into the RSVP negotiation. In the 
   case of the Differentiated Services architecture there is no clear 
   path of integrating such receiver control into the signaling model 
   of the architecture as it stands. 
   If high quality services are to be provided, where `high quality' is 
   implied as being `high precision with a fine level of granularity', 
   then the implication is that all parts of the network that may be 
   involved with servicing the request either have to be over-
   provisioned such that no load state can compromise the service 
   quality, or the network element must undertake explicit allocation 
   of resources to each flow that is associated with each service 
   For end-to-end service delivery it does appear that QoS 
Huston          Informational - Expires December 2000                 7
                 Next Steps for the QoS Architecture       August 2000 

   architectures will need to extend to the level of the application 
   requesting the service profile. It appears that further refinement 
   of the QoS architecture is required to integrate DiffServ network 
   services into an end-to-end service delivery model, as noted in [7]. 
4.2 The Service Environment 
   The outcome of the considerations of these two approaches to QoS 
   architecture within the network is that there appears to be no 
   single comprehensive service environment that possesses both service 
   accuracy and scaling properties. 
   The maintained reservation state of the Integrated Services 
   architecture and the end-to-end signaling function of RSVP are part 
   of a service management architecture, but it is not cost effective, 
   or even feasible, to operate a per-application reservation and 
   classification state across the high speed core of a network [2]. 
   While the aggregated behavior state of the Differentiated Services 
   architecture does offer excellent scaling properties, the lack of 
   end-to-end signaling facilities makes such an approach one that 
   cannot operate in isolation within any environment. The 
   Differentiated Services architecture can be characterized as a 
   boundary-centric operational model. With this boundary-centric 
   architecture, the signaling of resource availability from the 
   interior of the network to the boundary traffic conditioners is not 
   defined, nor is the signaling from the traffic conditioners to the 
   application that is resident on the end system. This has been noted 
   as an additional work item in the IntServ operations over DiffServ 
   work, concerning `definition of mechanisms to efficiently and 
   dynamically provision resources in a DiffServ network region. This 
   might include protocols by which an _oracle_ (_) conveys information 
   about resource availability within a DiffServ region to border 
   routers._ [7] 
   What appears to be required within the Differentiated Services 
   service model is both resource availability signaling from the core 
   of the network to the DiffServ boundary and some form of signaling 
   from the boundary to the client application. 
4.3 QoS Discovery 
   There is no robust mechanism for network path discovery with 
   specific service performance attributes. The assumption within both 
   IntServ and DiffServ architectures is that the best effort routing 
   path is used, where the path is either capable of sustaining the 
   service load, or not.   
   Assuming that the deployment of service differentiating 
   infrastructure will be piecemeal, even if only in the initial stages 
   of a QoS rollout, such an assumption may be unwarranted.  If this is 
   the case, then how can a host application determine if there is a 
   distinguished service path to the destination? No existing 

Huston          Informational - Expires December 2000                 8
                 Next Steps for the QoS Architecture       August 2000 

   mechanisms exist within either of these architectures to query the 
   network for the potential to support a specific service profile. 
   Such a query would need to examine a number of candidate paths, 
   rather than simply examining the lowest metric routing path, so that 
   this discovery function is likely to be associated with some form of 
   QoS routing functionality.  
   From this perspective, there is still further refinement that may be 
   required in the model of service discovery and the associated task 
   of resource reservation. 
4.4 QoS Routing and Resource Management 
   To date QoS routing has been developed at some distance from the 
   task of development of QoS architectures. The implicit assumption 
   within the current QoS architectural models is that the routing best 
   effort path will be used for both best effort traffic and 
   distinguished service traffic. 
   There is no explicit architectural option to allow the network 
   service path to be aligned along other than the single best routing 
   metric path, so that available network resources can be efficiently 
   applied to meet service requests. Considerations of maximizing 
   network efficiency would imply that some form of path selection is 
   necessary within a QoS architecture, allowing the set of service 
   requirements to be optimally supported within the network's 
   aggregate resource capability. 
   In addition to path selection, SPF-based interior routing protocols 
   allow for the flooding of link metric information across all network 
   elements. This mechanism appears to be a productive direction to 
   provide the control-level signaling between the interior of the 
   network and the network admission elements, allowing the admission 
   systems to admit traffic based on current resource availability 
   rather than on necessarily conservative statically defined admission 
   There is a more fundamental issue here concerning resource 
   management and traffic engineering. The approach of single path 
   selection with static load characteristics does not match a 
   networked environment which contains a richer mesh of connectivity 
   and dynamic load characteristics. In order to make efficient use of 
   a rich connectivity mesh, it is necessary to be able to direct 
   traffic with a common ingress and egress point across a set of 
   available network paths, spreading the load across a broader 
   collection of network links. At its basic form this is essentially a 
   traffic engineering problem. To support this function it is 
   necessary to calculate per-path dynamic load metrics, and allow the 
   network's ingress system the ability to distribute incoming traffic 
   across these paths in accordance with some model of desired traffic 
   balance. To apply this approach to a QoS architecture would imply 
   that each path has some form of vector of quality attributes, and 
   incoming traffic is balanced across a subset of available paths 
   where the quality attribute of the traffic is matched with the 

Huston          Informational - Expires December 2000                 9
                 Next Steps for the QoS Architecture       August 2000 

   quality vector of each available path. This augmentation to the 
   semantics of the traffic engineering is matched by a corresponding 
   shift in the calculation and interpretation of the path's quality 
   vector. In this approach what needs to be measured is not the path's 
   resource availability level (or idle proportion), but the path's 
   potential to carry additional traffic at a certain level of quality. 
   This potential metric is one that allows existing lower priority 
   traffic to be displaced to alternative paths. The path's quality 
   metric can be interpreted as a metric describing the displacement 
   capability of the path, rather than a resource availability metric. 
   This area of active network resource management, coupled with 
   dynamic network resource discovery, and the associated control level 
   signaling to network admission systems appears to be a topic for 
   further research at this point in time. 
4.5 TCP and QoS 
   A congestion-managed rate-adaptive traffic flow (such as used by 
   TCP) uses the feedback from the ACK packet stream to time subsequent 
   data transmissions. The resultant traffic flow rate is an outcome of 
   the service quality provided to both the forward data packets and 
   the reverse ACK packets. If the ACK stream is treated by the network 
   with a different service profile to the outgoing data packets, it 
   remains an open question as to what extent will the data forwarding 
   service be compromised in terms of achievable throughput. High rates 
   of jitter on the ACK stream can cause ACK compression, that in turn 
   will cause high burst rates on the subsequent data send. Such bursts 
   will stress the service capacity of the network and will compromise 
   TCP throughput rates.  
   One way to address this is to use some form of symmetric service, 
   where the ACK packets are handled using the same service class as 
   the forward data packets. If symmetric service profiles are 
   important for TCP sessions, how can this be structured in a fashion 
   that does not incorrectly account for service usage? In other words, 
   how can both directions of a TCP flow be accurately accounted to one 
   Additionally, there is the interaction between the routing system 
   and the two TCP data flows. The Internet routing architecture does 
   not intrinsically preserve TCP flow symmetry, and the network path 
   taken by the forward packets of a TCP session may not exactly 
   correspond to the path used by the reverse packet flow. 
   TCP also exposes an additional performance constraint in the manner 
   of the traffic conditioning elements in a QoS-enabled network. 
   Traffic conditioners within QoS architectures are typically 
   specified using a rate enforcement mechanism of token buckets. Token 
   bucket traffic conditioners behave in a manner that is analogous to 
   a First In First Out queue. Such traffic conditioning systems impose 
   tail drop behavior on TCP streams. This tail drop behavior can 
   produce TCP timeout retransmission, unduly penalizing the average 

Huston          Informational - Expires December 2000                10
                 Next Steps for the QoS Architecture       August 2000 

   TCP goodput rate to a level that may be well below the level 
   specified by the token bucket traffic conditioner. Token buckets can 
   be considered as TCP-hostile network elements. 
   The larger issue exposed in this consideration is that provision of 
   some form of assured service to congestion-managed traffic flows 
   requires traffic conditioning elements that operate using weighted 
   RED-like control behaviors within the network, with less 
   deterministic traffic patterns as an outcome. A requirement to 
   manage TCP burst behavior through token bucket control mechanisms is 
   most appropriately managed in the sender's TCP stack. 
   There are a number of open areas in this topic that would benefit 
   from further research. The nature of the interaction between the 
   end-to-end TCP control system and a collection of service 
   differentiation mechanisms with a network is has a large number of 
   variables. The issues concern the time constants of the control 
   systems, the amplitude of feedback loops, and the extent to which 
   each control system assumes an operating model of other active 
   control systems that are applied to the same traffic flow, and the 
   mode of convergence to a stable operational state for each control 
4.6 Per-Flow States and Per-Packet classifiers 
   Both the IntServ and DiffServ architectures use packet classifiers 
   as an intrinsic part of their architecture. These classifiers can be 
   considered as coarse or fine level classifiers. Fine-grained 
   classifiers can be considered as classifiers that attempt to isolate 
   elements of traffic from an invocation of an application (a `micro-
   flow') and use a number of fields in the IP packet header to assist 
   in this, typically including the source and destination IP addresses 
   and source and source and destination port addresses. Coarse-grained 
   classifiers attempt to isolate traffic that belongs to an aggregated 
   service state, and typically use the DiffServ code field  as the 
   classifying field. In the case of DiffServ there is the potential to 
   use fine-grained classifiers as part of the network ingress element, 
   and coarse-gained classifiers within the interior of the network. 

   Within flow-sensitive IntServ deployments, every active network 
   element that undertakes active service discrimination is requirement 
   to operate fine-grained packet classifiers. The granularity of the 
   classifiers can be relaxed with the specification of aggregate 
   classifiers [5], but at the expense of the precision and accuracy of 
   the service response. 
   Within the IntServ architecture the fine-grained classifiers are 
   defined to the level of granularity of an individual traffic flow, 
   using the packet's 5-tuple of (source address, destination address, 
   source port, destination port, protocol) as the means to identify an 
   individual traffic flow. The DiffServ Multi-Field (MF) classifiers 
   are also able to use this 5-tuple to map individual traffic flows 
   into supported behavior aggregates. 

Huston          Informational - Expires December 2000                11
                 Next Steps for the QoS Architecture       August 2000 

   The use of IPSEC, NAT and various forms of IP tunnels result in a 
   occlusion of the flow identification within the IP packet header, 
   combining individual flows into a larger aggregate state that may be 
   too coarse for the network's service policies. The issue with such 
   mechanisms is that they may occur within the network path in a 
   fashion that is not visible to the end application, compromising the 
   ability for the application to determine whether the requested 
   service profile is being delivered by the network. In the case of 
   IPSEC there is a proposal to carry the IPSEC Security Parameter 
   Index (SPI) in the RSVP object [10], as a surrogate for the port 
   addresses. In the case of NAT and various forms of IP tunnels, there 
   appears to be no coherent way to preserve fine-grained 
   classification characteristics across NAT devices, or across tunnel 
   IP packet fragmentation also affects the ability of the network to 
   identify individual flows, as the trailing fragments of the IP 
   packet will not include the TCP or UDP port address information. 
   This admits the possibility of trailing fragments of a packet within 
   a distinguished service class being classified into the base best 
   effort service category, and delaying the ultimate delivery of the 
   IP packet to the destination until the trailing best effort 
   delivered fragments have arrived. 
   The observation made here is that QoS services do have a number of 
   caveats that should be placed on both the application and the 
   network. Applications should perform path MTU discovery in order to 
   avoid packet fragmentation. Deployment of various forms of payload 
   encryption, header address translation and header encapsulation 
   should be undertaken with due attention to their potential impacts 
   on service delivery packet classifiers. 
4.7 The Service Set 
   The underlying question posed here is how many distinguished service 
   responses are adequate to provide a functionally adequate range of 
   service responses? 
   The Differentiated Services architecture does not make any limiting 
   restrictions on the number of potential services that a network 
   operator can offer. The network operator may be limited to a choice 
   of up to 64 discrete services in terms of the 6 bit service code 
   point in the IP header but as the mapping from service to code point 
   can be defined by each network operator, there can be any number of 
   potential services.  
   As always, there is such a thing as too much of a good thing, and a 
   large number of potential services leads to a set of issues around 
   end-to-end service coherency when spanning multiple network domains. 
   A small set of distinguished services can be supported across a 
   large set of service providers by equipment vendors and by 
   application designers alike. An ill-defined large set of potential 
   services often serves little productive purpose. This does point to 
   a potential refinement of the QoS architecture to define a small 

Huston          Informational - Expires December 2000                12
                 Next Steps for the QoS Architecture       August 2000 

   core set of service profiles as _well-known_ service profiles, and 
   place all other profiles within a _private use_ category. 
4.8 Measuring Service Delivery 
   There is a strong requirement within any QoS architecture for 
   network management approaches that provide a coherent view of the 
   operating state of the network. This differs from a conventional 
   element-by-element management view of the network in that the desire 
   here is to be able to provide a view of the available resources 
   along a particular path within a network, and map this view to an 
   admission control function which can determine whether to admit a 
   service differentiated flow along the nominated network path. 
   As well as managing the admission systems through resource 
   availability measurement, there is a requirement to be able to 
   measure the operating parameters of the delivered service. Such 
   measurement methodologies are required in order to answer the 
   question of how the network operator provides objective measurements 
   to substantiate the claim that the delivered service quality 
   conformed to the service specifications. Equally, there is a 
   requirement for a measurement methodology to allow the client to 
   measure the delivered service quality so that any additional expense 
   that may be associated with the use of premium services can be 
   justified in terms of superior application performance. 
   Such measurement methodologies appear to fall within the realm of 
   additional refinement to the QoS architecture. 
4.9 QoS Accounting 
   It is reasonable to anticipate that such forms of premium service 
   and customized service will attract an increment on the service 
   tariff. The provision of a distinguished service is undertaken with 
   some level of additional network resources to support the service, 
   and the tariff premium should reflect this altered resource 
   allocation. Not only does such an incremental tariff shift the added 
   cost burden to those clients who are requesting a disproportionate 
   level of resources, but it provides a means to control the level of 
   demand for premium service levels. 
   If there are to be incremental tariffs on the use of premium 
   services, then some accounting of the use of the premium service 
   would appear to be necessary relating use of the service to a 
   particular client. So far there is no definition of such an 
   accounting model nor a definition as to how to gather the data to 
   support the resource accounting function. 
   The impact of this QoS service model may be quite profound to the 
   models of Internet service provision. The commonly adopted model in 
   both the public internet and within enterprise networks is that of a 
   model of access, where the clients service tariff is based on the 
   characteristics of access to the services, rather than that of the 
   actual use of the service. The introduction of QoS services creates 

Huston          Informational - Expires December 2000                13
                 Next Steps for the QoS Architecture       August 2000 

   a strong impetus to move to usage-based tariffs, where the tariff is 
   based on the level of use of the network's resources. This, in turn, 
   generates a requirement to meter resource use, which is a form of 
   usage accounting. This topic was been previously studied within the 
   IETF under the topic of _Internet Accounting_ [11], and further 
   refinement of the concepts used in this model, as they apply to QoS 
   accounting may prove to be a productive initial step in formulating 
   a standards-based model for QoS accounting. 
4.10 QoS Deployment Diversity 
   It is extremely improbable that any single form of service 
   differentiation technology will be rolled out across the Internet 
   and across all enterprise networks.  
   Some networks will deploy some form of service differentiation 
   technology while others will not. Some of these service platforms 
   will interoperate seamlessly and other less so. To expect all 
   applications, host systems, network routers, network policies, and 
   inter-provider arrangements to coalesce into a single homogenous 
   service environment that can support a broad range of service 
   responses is an somewhat unlikely outcome given the diverse nature 
   of the available technologies and industry business models. It is 
   more likely that we will see a number of small scale deployment of 
   service differentiation mechanisms and some efforts to bridge these 
   environments together in some way.  
   In this heterogeneous service environment the task of service 
   capability discovery is as critical as being able to invoke service 
   responses and measure the service outcomes. QoS architectures will 
   need to include protocol capabilities in supporting service 
   discovery mechanisms.  
   In addition, such a heterogeneous deployment environment will create 
   further scaling pressure on the operational network as now there is 
   an additional dimension to the size of the network. Each potential 
   path to each host is potentially qualified by the service 
   capabilities of the path. While one path may be considered as a 
   candidate best effort path, another path may offer a more precise 
   match between the desired service attributes and the capabilities of 
   the path to sustain the service. Inter-domain policy also impacts 
   upon this path choice, where inter-domain transit agreements may 
   specifically limit the types and total level of quality requests 
   than may be supported between the domains. Much of the brunt of such 
   scaling pressures will be seen in the inter-domain and intra-domain 
   routing domain where there are pressures to increase the number of 
   attributes of a routing entry, and also to use the routing protocol 
   in some form of service signaling role. 
4.11 QoS Inter-Domain signaling 
   QoS Path selection is both an intra-domain (interior) and an inter-
   domain (exterior) issue. Within the inter-domain space, the current 

Huston          Informational - Expires December 2000                14
                 Next Steps for the QoS Architecture       August 2000 

   routing technologies allow each domain to connect to a number of 
   other domains, and to express its policies with respect to received 
   traffic in terms of inter-domain route object attributes. 
   Additionally, each domain may express its policies with respect to 
   sending traffic through the use of boundary route object filters, 
   allowing a domain to express its preference for selecting one 
   domain's advertised routes over another. The inter-domain routing 
   space is a state of dynamic equilibrium between these various route 
   The introduction of differentiated services adds a further dimension 
   to this policy space. For example, while a providers may execute an 
   interconnection agreement with one party to exchange best effort 
   traffic, it may execute another agreement with a second party to 
   exchange service qualified traffic. The outcome of this form of 
   interconnection is that the service provider will require external 
   route advertisements to be qualified by the accepted service 
   profiles. Generalizing from this scenario, it is reasonable to 
   suggest that we will require the qualification of routing 
   advertisements with some form of service quality attributes. This 
   implies that we will require some form of quality vector-based 
   forwarding function, at least in the inter-domain space, and some 
   associated routing protocol can pass a quality of service vector in 
   an operationally stable fashion. 
   The implication of this requirement is that the number of objects 
   being managed by routing systems must expand dramatically, as the 
   size and number of objects managed within the routing domain 
   increases, and the calculation of a dynamic equilibrium of import 
   and export policies between interconnected providers will also be 
   subject to the same level of scaling pressure. 
   This has implications within the inter-domain forwarding space as 
   well, as the forwarding decision in such a services differentiated 
   environment is then qualified by some form of service quality 
   vector. This is required in order to pass exterior traffic to the 
   appropriate exterior interconnection gateway. 
4.12 QoS Deployment Logistics 
   How does the widespread deployment of service-aware networks 
   commence? Which gets built first - host applications or network 
   No network operator will make the significant investment in 
   deployment and support of distinguished service infrastructure 
   unless there is a set of clients and applications available to make 
   immediate use of such facilities. Clients will not make the 
   investment in enhanced services unless they see performance gains in 
   applications that are designed to take advantage of such enhanced 
   services. No application designer will attempt to integrate service 
   quality features into the application unless there is a model of 
   operation supported by widespread deployment that makes the 
   additional investment in application complexity worthwhile and 

Huston          Informational - Expires December 2000                15
                 Next Steps for the QoS Architecture       August 2000 

   clients who are willing to purchase such applications. With all 
   parts of the deployment scenario waiting for the others to move, 
   widespread deployment of distinguished services may require some 
   other external impetus. 
   Further aspects of this deployment picture lie in the issues of 
   network provisioning and the associated task of traffic engineering. 
   Engineering a network to meet the demands of best effort flows 
   follows a well understood pattern of matching network points of user 
   concentrations to content delivery network points with best effort 
   paths. Integrating QoS-mediated traffic engineering into the 
   provisioning model suggests a provisioning requirement that also 
   requires input from a QoS demand model. 
5. The objective of the QoS architecture 
   What is the precise nature of the problem that QoS is attempting to 
   solve? Perhaps this is one of the more fundamental questions 
   underlying the QoS effort, and the diversity of potential responses 
   is a pointer to the breadth of scope of the QoS effort. 
   All of the following responses form a part of the QoS intention: 
    -  To control the network service response such that the response 
       to a specific service element is consistent and predictable. 
    -  To control the network service response such that a service 
       element is provided with a level of response equal to or above a 
       guaranteed minimum. 
    -  To allow a service element to establish in advance the service 
       response that can or will be obtained from the network. 
    -  To control the contention for network resources such that a 
       service element is provided with a superior level of network 
    -  To control the contention for network resources such that a 
       service element does not obtain an unfair allocation of 
       resources (to some definition of 'fairness'). 
    -  To allow for efficient total utilization of network resources 
       while servicing a spectrum of directed network service outcomes. 
   Broadly speaking, the first three responses can be regarded as 
   'application-centric', and the latter as 'network-centric'. It is 
   critical to bear in mind that none of these responses can be  
   addressed in isolation within any effective QoS architecture. Within 
   the end-to-end architectural model of the Internet, applications 
   make minimal demands on the underlying IP network. In the case of 
   TCP, the protocol uses an end-to-end control signal approach to 
   dynamically adjust to the prevailing network state. QoS 
   architectures add a somewhat different constraint, in that the 

Huston          Informational - Expires December 2000                16
                 Next Steps for the QoS Architecture       August 2000 

   network is placed in an active role within the task of resource 
   allocation and service delivery, rather than being a passive object 
   that requires end systems to adapt. 
6. Towards an end-to-end QoS architecture 
   The challenge facing the QoS architecture lies in addressing the 
   weaknesses noted above, and in integrating the various elements of 
   the architecture into a cohesive whole that is capable of sustaining 
   end-to-end service models across a wide diversity of internet 
   platforms. It should be noted that such an effort may not 
   necessarily result in a single resultant architecture, and that it 
   is possible to see a number of end-to-end approaches based on 
   different combinations of the existing components. 
   One approach is to attempt to combine both architectures into an 
   end-to-end model, using IntServ as the architecture which allows 
   applications to interact with the network, and DiffServ as the 
   architecture to manage admission the network's resources [7]. In 
   this approach, the basic tension that needs to be resolved lies in 
   difference between the per-application view of the IntServ 
   architecture and the network boundary-centric view of the DiffServ 
   One building block for such an end-to-end service architecture is a 
   service signaling protocol. The RSVP signaling protocol can address 
   the needs of applications that require a per-service end-to-end 
   service signaling environment. The abstracted model of RSVP is that 
   of a discovery signaling protocol that allows an application to use 
   a single transaction to communicate its service requirements to both 
   the network and the remote party, and through the response 
   mechanism, to allow these network elements to commit to the service 
   requirements. The barriers to deployment for this model lie in an 
   element-by element approach to service commitment, implying that 
   each network element must undertake some level of signaling and 
   processing as dictated by this imposed state. For high precision 
   services this implies per-flow signaling and per-flow processing to 
   support this service model. This fine-grained high precision 
   approach to service management is seen as imposing an unacceptable 
   level of overhead on the central core elements of large carrier 
   The DiffServ approach uses a model of abstraction which attempts to 
   create an external view of a compound network as a single 
   subnetwork. From this external perspective the network can be 
   perceived as two boundary service points, ingress and egress. The 
   advantage of this approach is that there exists the potential to 
   eliminate the requirement for per-flow state and per-flow processing 
   on the interior elements of such a network, and instead provide 
   aggregate service responses. 
   One approach is for applications to use RSVP to request that their 
   flows be admitted into the network. If a request is accepted, it 

Huston          Informational - Expires December 2000                17
                 Next Steps for the QoS Architecture       August 2000 

   would imply that there is a committed resource reservation within 
   the IntServ-capable components of the network, and that the service 
   requirements have been mapped into a compatible aggregate service 
   class within the DiffServ-capable network [7]. The DiffServ core 
   must be capable of carrying the RSVP messages across the DiffServ 
   network, so that further resource reservation is possible within the 
   IntServ network upon egress from the DiffServ environment. The 
   approach calls for the DiffServ network to use per-flow multi-field 
   (MF) classifier, where the MF classification is based on the RSVP-
   signaled flow specification. The service specification of the RSVP-
   signaled resource reservation is mapped into a compatible aggregate 
   DiffServ behavior aggregate and the MF classifier marks packets 
   according to the selected behavior. Alternatively the boundary of 
   the IntServ and DiffServ networks can use the IntServ egress to mark 
   the flow packets with the appropriate DSCP, allowing the DiffServ 
   ingress element to use the BA classifier, and dispense with the per-
   flow MF classifier. 
   A high precision end-to-end QoS model requires that any admission 
   failure within the DiffServ network be communicated to the end 
   application, presumably via RSVP. This allows the application to 
   take some form of corrective action, either by modifying it's 
   service requirements or terminating the application. If the service 
   agreement between the DiffServ network is statically provisioned, 
   then this static information can be loaded into the IntServ boundary 
   systems, and IntServ can manage the allocation of available DiffServ 
   behavior aggregate resources. If the service agreement is 
   dynamically variable, some form of signaling is required between the 
   two networks to pass this resource availability information back 
   into the RSVP signaling environment. 
7. Conclusions 
   None of these observations are intended to be any reason to condemn 
   the QoS architectures as completely impractical, nor are they 
   intended to provide any reason to believe that the efforts of 
   deploying QoS architectures will not come to fruition.  
   What this document is intended to illustrate is that there are still 
   a number of activities that are essential precursors to widespread 
   deployment and use of such QoS networks, and that there is a need to 
   fill in the missing sections with something substantial in terms of 
   adoption of additional refinements to the existing QoS model. 
   The architectural direction that appears to offer the most promising 
   outcome for QoS is not one of universal adoption of a single 
   architecture, but instead use a tailored approach where aggregated 
   service elements are used in the core of a network where scalability 
   is a major design objective and use per-flow service elements at the 
   edge of the network where accuracy of the service response is a 
   sustainable outcome.  
   Architecturally, this points to no single QoS architecture, but 
   rather to a set of QoS mechanisms and a number of ways these 

Huston          Informational - Expires December 2000                18
                 Next Steps for the QoS Architecture       August 2000 

   mechanisms can be configured to interoperate in a stable and 
   consistent fashion. 
8. Security Considerations 
   The Internet is not an architecture that includes a strict 
   implementation of fairness of access to the common transmission and 
   switching resource. The introduction of any form of fairness, and, 
   in the case of QoS, weighted fairness, implies a requirement for 
   transparency in the implementation of the fairness contract between 
   the network provider and the network's users. This requires some 
   form of resource accounting and auditing, which, in turn, requires 
   the use of authentication and access control. The balancing factor 
   is that a shared resource should not overtly expose the level of 
   resource usage of any one user to any other, so that some level of 
   secrecy is required in this environment 
   The QoS environment also exposes the potential of theft of resources 
   through the unauthorized admission of traffic with an associated 
   service profile. QoS signaling protocols which are intended to 
   undertake resource management and admission control require the use 
   of identity authentication and integrity protection in order to 
   mitigate this potential for theft of resources. 
   Both forms of QoS architecture require the internal elements of the 
   network to be able to undertake classification of traffic based on 
   some form of identification that is carried in the packet header in 
   the clear. Classifications systems that use multi-field specifiers, 
   or per-flow specifiers rely on the carriage of end-to-end packet 
   header fields being carried in the clear. This has conflicting 
   requirements for security architectures that attempt to mask such 
   end-to-end identifiers within an encrypted payload. 
   QoS architectures can be considered as a means of exerting control 
   over network resource allocation. In the event of a rapid change in 
   resource availability (e.g. disaster) it is an undesirable outcome 
   if the remaining resources are completely allocated to a single 
   class of service to the exclusion of all other classes. Such an 
   outcome constitutes a denial of service, where the traffic control 
   system (routing) selects paths that are incapable of carrying any 
   traffic of a particular service class. 
9. References 
   [1]  Bradner, S., "The Internet Standards Process- Revision 3", 
   BCP9, RFC2026, October 1996. 
   [2]  Mankin, A., Baker, F., Braden, R., O'Dell, M., Romanow, A., 
   Weinrib, A., Zhang, L., "Resource ReSerVation Protocol (RSVP) 
   Version 1 Applicability Statement", RFC2208, September 1997. 
   [3]  Braden. R., Clark, D., Shenker, S., "Integrated Services in the 
   Internet Architecture: an Overview", RFC1633, June 1994. 

Huston          Informational - Expires December 2000                19
                 Next Steps for the QoS Architecture       August 2000 
   [4]  Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., Weiss, 
   W., "An Architecture for Differentiated Services", RFC2475, December 
   [5]  Baker, F., Iturralde, C., Le Faucher, F., Davie, B., 
   "Aggregation of RSVP for IPv4 and IPv6 Reservations", work in 
   progress, March 2000. 
   [6]  Bernet, Y., "Format of the RSVP DCLASS Object", work in 
   progress, October 1999. 
   [7]  Bernet, Y., Yavatkar, R., Ford, P., Baker, F., Zhang, L., 
   Speer, M., Baden, R., Davie, B., Wroclawski, J., Felstaine, E., "A 
   Framework for Integrated Services Operation Over DiffServ Networks", 
   work in progress, May 2000. 
   [8]  "Quality of Service Technical Overview", Microsoft Technical 
   Library, Microsoft Corporation, September 1999. 
   [9]  "Resource Reservation Protocol API (RAPI)", Open Group 
   Technical Standard, C809 ISBN 1-85912-226-4, The Open Group, 
   December 1998. 
   [10] Berger, L., O'Malley, T., "RSVP Extensions for IPSEC Data 
   Flows", RFC 2007, September 1997. 
   [11] Mills, C., Hirsh, D, Ruth, G., "Internet Accounting: 
   Background", RFC1272, November 1991. 
10.  Acknowledgments 
   Valuable contributions to this draft came from Yoram Bernet, Brian 
   Carpenter, Jon Crowcroft, Tony Hain and Henning Schulzrinne. 
11. Author's Addresses 
   Geoff Huston 
   5/490 Northbourne Ave 
   Dickson ACT 2602