IEN-182 Issues in Buffer Management Bolt Beranek and Newman Inc. Eric C. Rosen May 1980
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen Table of Contents 1 Introduction.......................................... 1 2 Overview.............................................. 2 3 General Considerations of Buffer Management........... 3 4 Buffer Management with an Ample Supply of Buffers............................................... 9 4.1 Buffering for Output............................... 16 4.2 Buffering for Input................................ 18 4.3 Buffering for Generating Control Messages.......... 28 4.4 Buffering Data at the Source Node.................. 29 5 Buffer Management with a Shortage of Buffers (ARPANET).............................................. 32 -i-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
1 Introduction
This note is an abridged extract from BBN Report No.
4473, "ARPANET Routing Algorithm Improvements, Volume 1", by
Rosen et al. It discusses the issues of buffer management in the
switches which implement a network and is based on experiences
gained during the evolution of the ARPANET.
Since the Internet is itself a network, and hosts or
gateways implementing TCP, IP, and other protocols have similar
buffer management design decisions, this IEN is intended to
distill some of the ARPANET issues and present them to a wider
audience currently grappling with some of the same problems.
The original report is quite large (500 pages). This is
the first of several such extracts we plan to produce to serve as
background for the internet project work. The report was first
published in August 1980.
Some of the terminology used may cause confusion if
associated with internet work, for example "reassembly". This
note discusses mechanisms purely internal to the ARPANET, which
itself has many similarities to internet and TCP mechanisms in
internet hosts. The ARPANET IMPs use retransmission, ACKS, flow
control/windowing, fragmentation and reassembly, out-of-order
sequencing, and other mechanisms which create a serial byte-
-1-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen stream service based on a datagram network, much as TCP does. The issues to be discussed in these notes are at least partially applicable to the internet mechanisms, including TCP in hosts, as well as IP in gateways, since those mechanisms are functionally similar in the services they are intended to implement. We propose no solutions here, such as buffer mechanisms for TCP implementations, but rather intend to explore the issues which motivated the IMP implementation in the ARPANET, to help TCP and internet implementors in their similar tasks of creating an Internet. Anyone interested in seeing how the issues raised in this discussion can be applied to the ARPANET will want to see Chapter 7 of BBN Report No. 4088, as well as Chapter 1.5 of BBN Report No. 4473, which are not included in this excerpt. Copies of those reports are available from the author. 2 Overview We will begin by considering, in general, the function of a buffer management scheme in a packet-switching network. We will discuss the way in which such a procedure might be designed in an "ideal" network, where there is an ample supply of buffers. We will see that, no matter how many buffers there are, careful -2-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
buffer management is essential to good performance. We will then
discuss the way in which procedures designed for an ideal network
need to be modified for a network (like the ARPANET and most
other networks) in which buffer space is a scarce resource.
Finally, we will compare the current ARPANET buffer management
procedures to the procedures we develop, and will recommend
changes to the former.
3 General Considerations of Buffer Management
A network node must execute many different functions for
which it requires buffers. Among these functions are:
1) Transmitting packets on the various output devices
(inter-node trunks or host access lines). Packets must
be buffered while queuing for these devices, while in
transmission on these devices, and (sometimes) while
awaiting acknowledgment from the node or host on the
other side of the device.
2) Receiving packets from the various input devices.
3) Reassembling messages so they can be transmitted to the
destination host.
4) Processing packets. Packets must be buffered while the
-3-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen CPU is processing them, and they may have to occupy buffers while queuing for a busy processor. 5) Creating protocol or control messages. The IMPs often need to create control messages in order to run the many protocols necessary for proper network operation. It should be clear that, no matter how many buffers exist in a node, a "laissez-faire" approach to buffer management cannot possibly succeed. In a laissez-faire approach, buffers are allocated to the various processes that need them on a first- come, first-serve basis. Any process, at any time, can obtain any number of buffers that are available at that time. No import is given to considerations of fairness or of overall network performance. Therefore, a laissez-faire scheme will be prone to lock-up. Suppose, for example, that the output processes in some node have taken all the buffers. Then no input can be done. If, as is often the case, the output processes cannot free their buffers until an acknowledgment is received from some other node, and if acknowledgments cannot be received because no buffers are available for input, then there is a deadlock, and the buffers will never be freed. It is important to understand that this sort of deadlock is not caused by a SHORTAGE of buffer space. No matter how much buffer space is available, it is always possible, for example, that the network will try to utilize some output -4-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen device at a higher capacity than it is capable of handling. With a laissez-faire approach to buffer management, there is no bound on the number of buffers which may end up holding packets for the overloaded device. The possibility of deadlock cannot be eliminated by adding more buffers. This particular sort of deadlock is just one example of a more general situation. For the network to perform well, all the processes in the nodes must be able to run at an adequate rate. This cannot be guaranteed unless each process is guaranteed the resources that it needs. Unless each process is explicitly prevented from "hogging" resources, other processes may be unable to run, and the network will not, in general, be able to give adequate performance. It must be understood, of course, that the buffer supply is not the only resource which must be managed in order to prevent hogging. Similar sorts of deadlocks can occur if some processes are allowed unrestricted access to CPU cycles, thereby preventing others from ever running at all. Although this chapter is primarily concerned only with management of the buffer space resource, management of the CPU resource is equally important. Furthermore, it must not be imagined that deadlocks are the only sort of performance degradation against which a buffer management scheme must protect. Freedom from deadlocks is only a necessary, not a sufficient, condition of adequate network -5-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen performance. A scheme which dedicates some small number of buffers to each process, while taking a laissez-faire approach to the large majority of the buffers, may prevent deadlocks, since it will permit each process to run at some slow but non-zero rate. However, such an approach may not allow all the processes to run at "adequate" speeds; if some processes are running "too slowly," then ordinary users of the network may not be able to distinguish that situation from the situation where there is a deadlock. The problem is the general one of "fairness." The purpose of a buffer management scheme is to ensure that no process gets either more or less than its fair share of the buffer resource. (It is worth noting that simply specifying a protocol in some formal language, i.e., in a way which is not implementation-specific, and proving it to be deadlock-free, does not guarantee that the protocol will perform fairly. Such formal specifications almost never address such important issues as buffer management or fairness. In fact, by abstracting the protocol specification from implementation considerations, such issues are only obscured and made easier to overlook.) Of course, such notions as "adequate performance," "too slow," and "fair share" are hopelessly qualitative. Implementing a buffer management scheme in an actual network would require giving some quantitative interpretation to these notions. The precise way in which these notions are quantified would depend on the design -6-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen objectives of the particular network, as well as its performance characteristics, and it would probably require a large degree of arbitrariness. This does not mean, though, that the qualitative considerations cannot guide the development of a buffer management procedure, but only that any such procedure should be sufficiently parameterized so that it can be tuned to meet the PARTICULAR requirements of a PARTICULAR network. The considerations raised above do not mean that there should be no sharing of buffers among processes, but only that the sharing should be controlled so that considerations of fairness and overall network performance can play a role. There is, of course, a disadvantage to restricting the amount of sharing of buffers among processes. If a buffer is available for process A, but not for process B, then there will be situations in which a buffer must lie idle, because process A does not need it, even though process B really has a use for it. In these particular situations, the performance of process B (and possibly of the whole node) may be degraded. The justification for keeping the buffer idle though is that it is possible that process A will have a need for the buffer before process B would finish with it, and that if such a situation were to arise, overall performance would be improved by keeping the buffer idle until needed by process A. The validity of the justification -7-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen depends on the probability that process A really will need the buffer before process B would finish with it. This sort of probability is very difficult to evaluate A PRIORI. Furthermore, the probability may change as network conditions change. This suggests that we might want to vary the number of buffers reserved for particular processes as a function of the utilization of resources by the various processes. That is, the buffer management scheme may need feedback from a more general congestion control scheme which can measure the pattern of resource utilization and determine whether it is satisfactory. This is only natural. The purpose of a congestion control scheme is to ensure that the demands placed on resources in the network do not exceed the capacity of the resources, AND that the resources are allocated to the demands in the way that yields best overall network service. In order to achieve these goals, the algorithm (or at least the parameters of the algorithm) used to assign resources to demands may need to change as the pattern of demands changes. A buffer management scheme is an algorithm for assigning one particular kind of resource (buffers) to the demands made on that resource. Hence it is just a part of a congestion control scheme, and may need to interact with the other parts of the scheme for best overall performance. -8-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
4 Buffer Management with an Ample Supply of Buffers
If we were designing a new network, with an ample amount
of buffer space, one of the important desiderata of the buffer
management scheme would be to enable all output devices (i.e.,
hosts and inter-node trunks) to run at their rated capacity.
Transmission of packets over an output device is usually
controlled by means of a protocol which requires the packet to
remain buffered until a positive acknowledgment is received. The
number of buffers needed to run such a device at full capacity is
a function both of the transmission speed of the device and of
the time it takes (on the average) for acknowledgments to return,
which itself is a function of the physical length of the
transmission line (speed-of-light propagation delay) and the
processing latencies of the device which is receiving the output.
For each output device it is relatively straightforward to
compute this number of buffers, at least approximately. To
ensure that each output device can always run at its rated
capacity, the buffer management scheme must "dedicate" that
number of buffers to the particular output device in question.
It is important to understand just what it means to
"dedicate N buffers" to a particular device or process. It does
NOT means that certain physical buffers (i.e., physical areas of
memory) are set aside for use only by that process. It means
-9-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen only that the process should always be able to obtain N buffers whenever it has a need for N buffers. There is no reason at all why the same N physical buffers should be used each time. To see exactly what this means in practice, we must consider the mechanism whereby a buffer is (logically) moved from a source process to a destination process. At any given time, a buffer which is not free is considered to be under the control of some process. When that process has completed its processing of the buffer, it must somehow release control of it. In some cases (e.g., a packet has been transmitted on an inter-node trunk and an acknowledgment for it received) the packet which is in the buffer is no longer needed at that node, and the buffer can be freed. In other cases, however, control of the buffer must be turned over to some other process. An example is a packet which is under control of the forwarding process of the routing algorithm. Once the routing algorithm decides where to forward the packet, the buffer in which it resides must be turned over to some output process which will ensure its transmission over the appropriate output device. Before turning the buffer over to the next process, it must be determined whether doing so would prevent any other process from obtaining the number of buffers that have been "dedicated" to it. If so, the buffer cannot be turned over to that destination process. If the packet residing in the buffer is under control of some sort of reliable -10-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen transmission procedure (e.g., the ARPANET's IMP-IMP protocol), the buffer can simply be freed. This will not result in loss of the packet, since the reliable transmission procedure will ensure that the packet is seen again, and again, until it is finally accepted. This is usually the case in the ARPANET with a packet that has been received from a neighboring node. If the receiving node discards the packet without sending an acknowledgment to the transmitting node, the latter node can usually be relied upon to send the packet again. (Note that this implies that, in the ARPANET, the receiving node cannot send an inter-node acknowledgment for a packet until that packet has been turned over to its final output process.) On the other hand, some packets may not be under the control of a reliable transmission procedure. This may be the case with control packets that are created in the node itself and which must be transmitted to some other node for reasons determined by some end-end protocol. Freeing the buffer occupied by such a packet may result in loss of the packet. Since this is undesirable, if the buffer cannot be given to its destination process, it must be returned to the source process, where it must sit on some queue until some future time when it can be accepted by the destination process. In general, when making the determination as to whether a buffer can be turned over to a particular process, it is not -11-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen sufficient merely to consider the number of buffers already in control of the destination process. One must also take into consideration the source process of the buffer. After all, there may be cases in which the source process and the destination process share a common pool of buffers. In such cases, buffer management considerations can never cause the destination process to refuse the buffer, no matter how many buffers are already under its control. It follows that the correct decision as to whether a buffer ought to be refused cannot be made without knowledge of its source process. Also, only by considering the buffer's source process can it be determined whether or not the buffer, if refused, will be freed. This is important to know, since ONCE IT HAS BEEN DECIDED THAT A PARTICULAR PACKET CANNOT BE DISCARDED AT WILL, NO PROCESS SHOULD EVER REJECT THE PACKET AS A RESULT OF BUFFER MANAGEMENT CONSIDERATIONS. Any process that will not be able to obtain an adequate number of buffers if the packet is accepted will also be unable to obtain an adequate number of buffers if the packet is rejected. After all, rejection of the packet will merely cause its buffer to be held in a queue somewhere else in the node until it can be accepted. Since the buffer cannot be freed, it will not become available for use by any other process, so there is no point in refusing it. Rejecting the packet will serve only to increase its delay, without any countervailing advantage. This may mean that the -12-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen number of buffers under the control of a given process exceeds the nominal maximum which we have decided to allow to that process. The point of the buffer management scheme, however, is not so much to prevent a process from obtaining more than some maximum number of buffers as to ensure that a process can always obtain some minimum number of buffers. In the situation just described, holding one process to a certain maximum number of buffers does not help any other process to obtain its minimum. And while moving the buffer from the source process to the destination process in this situation may cause the source process to have less than its minimum number of buffers, it cannot hurt the performance of the source process, which, after all, has already finished with its use of the buffer. There is certainly no point in forcing a process to keep control of a buffer with which it is finished; that could serve only to degrade overall performance. To put the point another way, once the node has committed itself not to discard the packet, all buffer management considerations are otiose. Of course, this is not to say that a packet to which the node is committed ought never to be refused by any process in the node, but only that considerations of buffer management can play no role in the refusal. There are many resources other than buffer space which may be in short -13-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen supply; management of these resources may well dictate the rejection of a packet to which the node is committed. However, the same considerations apply. A packet should never be rejected due to resource management considerations unless rejecting it will free resources which would not be free were the packet accepted. Of course, this principle may have unfortunate side- effects that must be controlled. If two packets are competing for buffer space, and one of the packets is discardable while the other is not, the non-discardable packet has an advantage, since it cannot be refused. For example, in the ARPANET, packets which an IMP receives from a neighboring IMP are discardable, since they are controlled by a reliable transmission procedure (the IMP-IMP protocol) and will be retransmitted if dropped. Packets received from a host, however, are controlled by the 1822 protocol, which does not provide for retransmissions, and which in fact assumes that the IMP will not drop a packet once it has fully received it. This fact gives packets received from hosts an unfair advantage over packets received from neighboring IMPs in the competition for buffer space. This is a particularly unhappy situation, since it can lead to the violation of one of the basic principles of congestion control, namely that packets already in the network should be favored over packets just -14-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen entering the network. The correct solution to this problem, of course, is to refrain from using protocols which force a node to treat a packet as non-discardable before all the resources needed to process that packet have been obtained. We will return to this issue when we discuss the particular case of buffer management in the ARPANET. It should also be noted that moving a buffer from a source process to a destination process typically requires the mediation of a third process which serves as the Dispatcher. In the ARPANET, this is the function of the TASK process. While a buffer is queued for or being processed by the Dispatcher, it is still considered to be under the control of the source process, for purposes of buffer management. The reason, of course, is that the decision as to whether a particular destination process must refuse the buffer is independent of whether the buffer is being passed to it directly by the source process, or whether it is being passed to it by the Dispatcher. Therefore, it makes no sense to treat the Dispatcher itself as a source process. Similarly, since the Dispatcher itself can never refuse a buffer, it makes no sense to treat it as a destination process either. The use of a dispatching process should be transparent to the buffer management scheme. Sometimes a buffer may need to be under the simultaneous -15-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
control of two distinct processes in order for its packet to be
processed. If this is ever the case, the buffer management
scheme must ensure that whenever the buffer can be assigned to
one process, it can also be assigned to the other. If the buffer
cannot be processed unless controlled by both processes, then a
situation where it can be controlled by one process but not the
other makes no sense at all. Such a situation would simply
result in a waste of space, by allowing a buffer to be occupied
by a packet which cannot be processed. This illustrates a most
important point in the design of a buffer management scheme. The
purpose of buffer management is to ensure good overall network
performance. Therefore, ONE CANNOT DETERMINE HOW MANY BUFFERS
NEED TO BE DEDICATED TO A PROCESS BY CONSIDERING THAT PROCESS IN
ISOLATION. RATHER, ONE MUST CONSIDER THE ROLE THAT THAT
PARTICULAR PROCESS PLAYS IN DETERMINING OVERALL NETWORK
PERFORMANCE.
4.1 Buffering for Output
We now consider, in general, which sorts of processes in
the network nodes need to have buffers dedicated to them.
Whenever a particular device is running at close to its maximum
capacity and the demands on the device vary stochastically, the
device will sometimes be overloaded. That is, although the
-16-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen device is fully utilized during some interval by the presence of n packets, a larger number of packets destined for that device will arrive during that interval. If the device is overloaded in the steady state, then some sort of congestion control procedure must be brought into effect to reduce the demand for that particular device. We are presently assuming, though, that the device is not overloaded in the steady state, and that any intervals of overload are caused by the variance in the demand. In such a situation, it is desirable to smooth the effects of the temporary overload by buffering the excess packets. So the buffer management system should allow more buffers to be assigned to an output device at a given time than are strictly needed to run that device at full capacity. The question is whether a certain number of excess buffers should be "dedicated" to each device (in the sense described above), or whether the excess buffers should be in a common pool, sharable among all the output devices on a first-come, first-served basis. In this case, it seems that the buffers ought to be sharable. If all these buffers end up queued to a single output device, no other device is thereby prevented from running at full speed, since each device still has its own supply of dedicated buffers. Therefore there is no reason to strictly partition this additional buffer space. -17-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
One might argue that the number of buffers dedicated to a
particular device should only be enough to run the device at its
AVERAGE rate, not at its maximum or peak rate. After all, the
purpose of having a sharable pool of excess buffers is to smooth
the effects of stochastic peaks. But stochastic peaks occur
whenever the average utilization of a device is exceeded, not
necessarily when its maximum utilization is exceeded. This
argument, however, ignores the fact that several devices may
exceed their average utilization at the same time. If this
happens, and if there are not enough buffers dedicated to each
device to run it at full speed, then some devices may be under-
utilized while others will be over-utilized, which is what the
buffer management scheme ought to try avoid as far as possible
(at least, if the supply of buffers is ample).
4.2 Buffering for Input
We have yet to discuss the issue of whether it is
necessary to dedicate buffers to the input devices, as well as to
the output devices. Packets may arrive at a node either from a
neighboring node, or from a locally-attached host. Receiving and
processing a packet requires a buffer. Even if all output
devices are running at full speed and have their full complement
-18-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen of buffers, it is still necessary to dedicate a certain number of additional buffers to the input devices. Failure to do so can result in the stopping of all input whenever all the output devices are fully utilized. At first glance, this might seem like a desirable effect. After all, there is no point in accepting input when the output devices are already overloaded; to do so only leads to congestion. However, there are two problems with this argument: 1) Not all packets which arrive at a node as input will necessarily leave the node as output. Some packets are control packets which may cause the processor to take some action other than simply forwarding the packet somewhere else. The node should always be able to process these packets, no matter what the utilization of its output devices. 2) Packets cannot be processed instantaneously; there is always some latency. It may be the case that although no output buffers are available at the time a packet arrives, there will be buffers available by the time the packet is processed (e.g., by the time the processor determines which output device to route the packet to). If no buffers are available at the time the packet is received, it has to be discarded and re-transmitted, -19-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen thus introducing a potentially large amount of additional delay. This additional delay can be eliminated by having a supply of buffers for input. These arguments show that there should be some buffers available for input over and above those which can be used for output. We have not yet dealt with the issues of how many buffers there should be, and whether they should be sharable among all the input devices. It is sometimes suggested that there should be two buffers dedicated to each input device, to allow "double buffering." However, this is something of a confusion. The point of double buffering is to allow an input to be received while the previous input is being processed. This makes sense if the time it takes to process the previous input is less than the time it takes to receive the current input. Then by the time the input is received, processing of the previous one has been completed, and the buffer which held the previous input can be re-used to receive the next input, while the current input is being processed. The purpose of such a scheme is to ensure that reception of an input is not delayed by the time it takes to process the previous input. It is easy to see though that this scheme is not directly applicable to a packet-switching node. There is no way to guarantee that the time needed to process one packet is less than the time needed to receive the next packet. -20-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen If the processor is busy, so that many packets are queued for it, and the inter-node trunks run at a high speed, so that packets are received very rapidly, merely dedicating two buffers to an input device will not ensure that a buffer is always available to receive the next packet. One might think that this means that a larger number of buffers must be dedicated to each input line. By making the number large enough, we can make the probability of missing an input due to lack of buffers as small as we like. But it would be a mistake to do so. In general (though not invariably), after a packet is input and processed, it will be routed to some output device. There cannot be a shortage of buffers for input unless either all the output devices are heavily loaded (i.e., all the output-dedicated buffers are in use), or the processor itself is overloaded (so that many buffers are queued for the processor). A certain number of input-dedicated buffers are needed to permit input to flow smoothly under such situations, as well as to ensure that control packets can be processed. However, if the node is really congested (i.e., either the output devices or the CPU are overutilized in the steady state), having a large number of input buffers will not smooth the flow; it will result only in larger queues. The number of input-dedicated buffers need only be large enough to enable the processor to run at its full -21-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen capacity while the output devices are also running at full capacity. In order for an output device to run at full capacity, it should always be able to get enough buffers so that it can buffer all in-flight packets for the required period of time while still having a small queue of packets waiting to be sent. Running the processor at full speed requires only enough buffers so that a small number of packets can always be on the queue for the processor. This does not require a large number of buffers to be dedicated to input; even less does it require a large number of buffers to be dedicated to a particular input device. However, as we have pointed out, it does require SOME dedicated buffers. We have now determined that there need not be a very large number of buffers dedicated to input. We have not yet resolved the question of whether these buffers should be sharable among all the input devices, or whether a certain number of buffers should be dedicated to each input device. To answer this question we must determine whether, if the buffers are sharable, some one input device can monopolize the buffer pool, preventing input from any of the other devices. This might well be the case, for three reasons. First, one input device might run at a higher speed than the others. Second, one input device might be more heavily utilized than the others, or might receive shorter -22-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen packets than the others. Third, some artifact of the interrupt structure of the node might tend to favor certain devices over others. (Thus in the ARPANET, each inter-IMP trunk is serviced at a different priority level; naturally, the one that is serviced with the highest priority is favored. This is due to the interrupt structure of the 316, rather than the software.) If any of these conditions hold, some input devices may be able to utilize so many buffers that the others are slowed down. Therefore a small number of buffers should be dedicated to each input device. Another reason for dedicating a few buffers to each input device is the following. Certain inputs are processed at a very high priority level, without any queuing for the processor. These inputs are always control packets, which are not going to be routed to any output device. Furthermore, they are only those few types of control packets which must be processed very quickly. An example is the line up/down protocol packet of the ARPANET. When one IMP sends one of these packets to another, it expects a reply back within a few hundred milliseconds, no matter how congested the processor of the receiving IMP is. The receiving IMP must always be able to receive such packets and to process them immediately, without having to queue them. If this is not done, the line may be brought down spuriously, resulting -23-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen in a significant and needless degradation of network service. In order to ensure rapid processing, at least one buffer must be dedicated to each input device from which control packets of this sort may be received. Furthermore, the use of these buffers is even more restricted than that of other buffers which are input- dedicated. Ordinarily, to say that N buffers are dedicated to input is to say that there must always be N buffers which cannot be given to any process which is not input related. These buffers can, however, be queued to the processor (i.e., to the Dispatcher) after being filled with an input. After all, the main point of having input-dedicated buffers is to enable the processor to continue to look at inputs even if all output devices are running at full capacity. This goal cannot be achieved unless the input buffers can be queued for the processor. The point of this paragraph, on the other hand, is that there be certain sorts of control packets which require IMMEDIATE processing. In order to ensure that a buffer is always available to each input device to process such packets, each input device should have one buffer dedicated to it which is not queueable to ANY other process, including the Dispatcher. Is a single such buffer enough? The feasibility of having protocols which require immediate processing of control packets is clearly dependent on the constraint that such packets be few and far- between. Otherwise, there may just be too many of them to -24-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen process them all "immediately," and the protocol will not work. As long as this constraint is met, a single buffer should be enough. It must be pointed out that the proper use of the non- queueable buffer is often a matter of some subtlety. Suppose a packet is received from some inter-node trunk, and that packet contains node-node acknowledgments (possibly piggybacked on an ordinary data packet) for packets that were transmitted (in the opposite direction) over the same trunk. Suppose further that after the packet is received, there are no more free buffers in the nodes. Clearly, any data in the packet cannot be processed; doing so would require queuing the packet for the processor, thereby violating the rule that each input device have a non- queueable buffer dedicated to it. But what of the acknowledgments -- should they be processed? In the ARPANET, received node-node acknowledgments are processed at the highest priority level, with no queuing. So they CAN be processed without violating the buffer management rules that we have advanced. Furthermore, one might argue that it is really important to process the acknowledgments as soon as possible. After all, processing received acknowledgments can result in freeing buffers. Since, ex hypothesi, there are very few free buffers in the machine, processing the acknowledgments is of -25-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen great importance, and should be done immediately. This argument, however, does not hold under all conditions. When there are very few free buffers in the node, it may be that a large number of buffers are holding packets which have already been transmitted on inter-node trunks, and which are awaiting acknowledgment. In this case, processing the acknowledgments as quickly as possible has a salutary effect on the node's performance. However, there are other conditions which may result in a short supply of free buffers. Suppose, for example, that the node is CPU-bound, i.e., that the processor is overloaded. Then one would expect to find the majority of buffers queued for the processor. (This situation is very common in certain of the more heavily loaded ARPANET nodes.) Since these buffers contain packets which have not yet been transmitted out any inter-node trunk, the buffers cannot possibly be freed as a result of processing acknowledgments. The only way to expedite the freeing of these buffers is to reduce the demand on the processor, especially the demand at the higher priority levels. Thus the best strategy here may be to NOT process the acknowledgments, thereby reducing the processing load. Deciding whether a certain packet should be processed immediately may depend not only on the function of the packet, but on the conditions in the node at that time. This shows again that a buffer management scheme is only part of a more general congestion control strategy, and cannot be expected -26-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen to do the whole job by itself. It must be understood, of course, that although the number of buffers DEDICATED to input may be small, the number of buffers controlled by the input processes (i.e. the number of buffers containing input packets which have not yet been dispatched) may be much larger. In fact, all the buffers that are dedicated to output processes may be under the control of input processes at some time. This may seem paradoxical, but it is easy to see why it is the case. In general, a packet cannot be output unless it has first been input. It makes no sense to refuse to use a buffer for input because one wants to save it for output -- it will never be used for output unless it is used for input first. Therefore, all buffers must be available for input, regardless of the number which are "dedicated" to other processes. (There is one exception to this rule. It may be desirable to save a few buffers for creating control messages, which, being created in the node, are never actually input. These buffers would then be unavailable for input. This is discussed below in greater detail.) To restate the point -- while only a small number of buffers need to be DEDICATED to input, a large number of buffers need to be AVAILABLE to input. -27-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
4.3 Buffering for Generating Control Messages
There are other functions besides input and output for
which buffers are required. One such function is the creation of
the control messages needed to run the various protocols used by
the node. Every so often, the node will have to respond to a
certain event by creating a control packet and transmitting it to
some destination. Often one node will contain buffers which
cannot be freed until a control packet from some other node is
received. If a node cannot create the necessary control packets
because it cannot get buffers for them, then deadlocks are
possible. Even if deadlocks are avoided, good network
performance can depend on the timely creation and transmission of
control packets. Nodes which have high buffer utilization
because they are handling many data packets ought not to be at a
disadvantage when it comes to obtaining buffers in which to
create control packets. Indeed, it is just such nodes which are
most likely to have the largest number of protocol-imposed
responsibilities, and hence to have the greatest need for buffers
in which to create control messages. In order to ensure that the
flow of control messages is not slowed by the flow of data
packets, each node should have a supply of buffers dedicated
solely to the function of creating control messages.
-28-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
4.4 Buffering Data at the Source Node
In many packet-switching networks, packets received from
a host are buffered at the source node until an end-end
acknowledgment is received. (This is true of single-packet
messages in the ARPANET.) An insufficient supply of buffers for
this purpose will hold the throughput of the locally attached
hosts to an artificially low level. Furthermore, the holding
time of a buffer which must await an end-end acknowledgment is
very long, relative to the holding time of other buffers. This
implies that the number of buffers needed to serve the function
might be quite large, if an adequate level of throughput is to be
maintained. A basic principle of congestion control in packet
switching networks is that packets which are already in the
network should not be unduly interfered with by packets which are
entering the network. The buffer management scheme we have been
outlining applies this principle by dedicating pools of buffers
to each output device and to the various protocol functions.
That is, the scheme ensures that local inputs cannot hog the
buffer space at a node, which would result in degrading the flow
of traffic through the node. There is a question, however, as to
whether there should be a pool of buffers DEDICATED to buffering
input packets at the source node, or whether this function should
compete with other functions for a sharable buffer pool. Since
-29-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen we have already assigned dedicated buffer pools to those other functions that need them, the only possible bad result of not dedicating a pool of buffers for source buffering of local inputs would be that these other functions would be able to hold down the throughput due to local hosts, by taking most of the buffering for themselves. It is sometimes thought that this is actually a good feature. That is, if the node is so heavily loaded with transit traffic and with traffic destined for output to local hosts, perhaps it is good to reduce the amount of buffer space available for source buffering. After all, when the network is heavily loaded, one does want to reduce the input rate, and reducing the buffer space available for source buffering of input will have this effect. This argument, however, ignores fairness considerations. In the ARPANET, for example, there are a few nodes which, because they are on the major cross-country paths, have a much greater load of transit traffic than does the vast majority of nodes. However, these nodes which are heavily loaded with transit traffic also have local hosts and TIPs. The users of these local hosts and TIPs have a right to the same service as is given to users whose local IMPs do not have a heavy load of transit traffic. If the heavy load of transit traffic at these nodes is allowed to get so much buffer space that the throughput obtainable by the local users is degraded, then users at these nodes are at a disadvantage with -30-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen respect to users at other nodes. This is hardly fair. If the transit load at some node is "too heavy," then ALL users which are sending traffic through that node should be forced to reduce their input rate, not just the users who happen to be locally attached to that node. Of course, this effect cannot be achieved merely by buffer management. It requires a more general congestion control scheme. Our present point though is that since a heavy transit load should not be permitted by itself (in the absence of instructions from a congestion control scheme) to degrade the throughput of local users, a non-sharable pool of buffers should be dedicated to the function of buffering local input while awaiting end-end acknowledgments. Of course, as long as the transit traffic at some node must compete with the input traffic at that node for some resource (even if only the processor), there will always be a certain amount of "unfair" interference. A good buffer management scheme can limit, but not eliminate, the effect. It is important to note that this point can be obscured by certain assumptions of homogeneity which it is often convenient to make when analyzing or simulating a buffer management system. When trying to perform such analysis, it is often convenient to create a network model in which the ratio of transit traffic to input traffic is the same at all nodes. Once -31-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
one has made that assumption, it is clear that the question of
fairness will not arise, since all nodes will be equally loaded,
and input at all nodes will be equally constrained. Therefore,
if one has made that assumption, it may seem reasonable to design
a buffer management scheme which allows transit traffic to lock
out locally input traffic entirely. Assumptions of homogeneity
beg the question of fairness, and in doing so lead to congestion
control or buffer management schemes which are seriously
deficient.
5 Buffer Management with a Shortage of Buffers (ARPANET)
We have so far been discussing the issues that arise in
the design of a buffer management scheme for a node which has
ample buffer space. We have argued that good buffer management
is important for good network performance, no matter how many
buffers exist in a node. Our basic approach has been to dedicate
enough buffers to each function which requires them so that all
such functions can be performed at full speed, with the minimum
amount of interference from other functions. The assumption that
there is an "ample" supply of buffer space is just the assumption
that there exist enough buffers to do this. Any excess amount of
buffers should be sharable among several functions, and should be
-32-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen used to smooth the effects of stochastic peak loads or processor latency. We turn now to the issues that must be addressed when designing a buffer management scheme for a node which does NOT have ample buffer space. Our main interest will be buffer management in the 316/516 IMP, which is severely memory-limited. However, our discussion will also have application to the design of a buffer management scheme for new networks which are not expected to be memory-limited. It is often thought that networks designed with present technology will always have ample buffer space, since memory is now one of the cheapest components of a computer. This is somewhat of an oversimplification, though. However cheap memory is, it is always cheaper to have less. We would not expect nodes to be designed with arbitrarily large amounts of buffer space. Rather, the amount of memory configured into a node will generally be determined by making a sizing decision based both on economics and on the design objectives of the node. Yet at the present state of the art, making such sizing decisions is more of an art than a science, and such decisions can easily be wrong. Furthermore, future re- configurations of the network, e.g., adding long-delay or higher speed lines, can invalidate the original sizing decisions. Yet the addressing, mapping, or bus structure of the computer may -33-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen make it difficult or impossible to freely add additional memory to the initial configuration. It is never good to assume, in network design, that buffer space will always be ample throughout the life of the network. For these reasons, our discussion of buffer management in the ARPANET should have wider application. In the ARPANET, each Honeywell 316/516 IMP has between 30 and 35 buffers, depending on the configuration of the node and the presence or absence of various optional software packages (which, when present, reside in an area of memory otherwise devoted to buffer space). This is nowhere near the amount of buffers needed to ensure that all processes requiring buffers can run at full speed. A sensible approach in such a case is to dedicate to each process enough buffers to allow the process to run at only a fraction of full speed, while making the additional buffers sharable. However, unless there are enough sharable buffers to enable some of the processes to sometimes run at full speed, the scheme will prevent any process from EVER running at full speed, even when there are a sufficient number of idle buffers. This would be a very undesirable situation. With a severely memory-limited node, as in the ARPANET, it may be necessary to dedicate to a process only the minimum number of buffers required to ensure that the process can run at all (i.e., to prevent a deadlock situation in which the process is -34-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen completely locked out). THIS MEANS THAT MUCH OF THE ABILITY OF THE BUFFER MANAGEMENT SCHEME TO PROTECT ONE PROCESS FROM UNDUE INTERFERENCE BY ANOTHER IS LOST. The price for retaining that ability would be to guarantee slow performance by some of the processes, even while resources (buffers) lie idle. Such a price may be too high to pay. To put this point another way, we must worry not only about under-control of the buffer space, but also about over- control. If buffer space is under-controlled, one process can hog the buffers, preventing other processes from getting their fair share. If buffer space is over-controlled, then a process may be limited to a particular proportion of the buffer space, even if granting it a larger proportion in some particular situation may be the best strategy from the point of view of overall network performance. With ample buffer space, over- control is not generally a problem, since every process can get as many buffers as it needs. When buffer space is scarce, however, strict and inflexible limitations on the amount of buffer space that can be under the control of a particular process may result in no process ever being able to get enough buffers to perform well. A loosening of the controls may be necessary in such cases. As we shall see, the current ARPANET buffer management scheme suffers from over-control in some -35-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen instances. In the ARPANET, the situation is even worse. There are not enough buffers available to dedicate even the minimum amount to certain processes. For example, one process which requires buffers is the process governing output to a host, of which there may be four attached to each node. An ARPANET message may be up to 8 packets long (i.e., may occupy up to 8 buffers). Before any message can be delivered to a host, all eight packets must be present, so that the message can be "reassembled." There is no point to dedicating fewer than 8 buffers to each host, since that would not guarantee that enough buffer space would always be available to deliver a message to the host. On the other hand, one cannot dedicate 8 buffers to each of four hosts, since that would leave no buffers for any other function. A similar problem arises with respect to packets which must be buffered at the source node awaiting end-end acknowledgments (RFNMs). There can be as many as 8 such packets per "connection," where two packets are considered to be on the same connection if they have the same source host, the same destination host, and the same priority. With four source hosts per node, each of which can be communicating with an arbitrary number of destination hosts, the number of buffers required to guarantee maximum throughput is more buffers than exist in the entire node. However, it is still -36-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen the case that there are too few buffers to enable a buffer management scheme to ensure fairness to both host input and host output functions. This means, of course, that improving the buffer management scheme can increase the fairness, but not optimize it. The way the ARPANET deals with this problem is simply to lump together all host input and output functions and dedicate a single pool of buffers to the combined set of functions. This pool is known as the "Reassembly" pool, and its size varies from about 18 to 22 buffers, depending on an IMP's configuration. (The term "reassembly" is very misleading in this context, since reassembly of packets into messages is only one of many functions which must obtain buffers from the reassembly pool.) This approach recognizes that there is simply an insufficient amount of buffering to enable separate pools of buffers to be dedicated to the separate hosts, or even to enable separate pools of buffers to be dedicated separately to input and output functions, without paying the overly high price of ensuring poor performance by some processes even under conditions of low buffer utilization. The main disadvantage of the approach is that it robs the buffer management scheme of its ability to ensure fairness among the various competing functions that are lumped together. However, that is really just the result of having an -37-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen insufficient supply of buffers, and we do not see any way of improving the situation simply by altering the buffer management scheme. Attempting to maximize fairness under these conditions requires a strategy other than partitioning the buffer space. The scheme in the ARPANET, though, does make an attempt to separate host-related functions from functions related solely to the operation of the inter-IMP trunks. Failure to separate host- related functions from each other may cause different host- related functions to interfere with each other. Failure to separate host-related functions from operation of the inter-IMP trunks would enable host-related functions to interfere with the node's store-and-forward ability, which could be even worse, since that could make the network more prone to congestion. As we shall see, however, the ARPANET's buffer management scheme is not entirely successful in preventing interference between store-and-forward functions and host-related functions. Even though fairness between host input and host output functions cannot be guaranteed in the ARPANET simply by partitioning the buffer space, there are other sorts of procedures which a buffer management scheme can bring to bear to help bring about (if not to guarantee) fairness. The present buffer management scheme makes no real attempt to "prioritize" the input and output functions. That is, if at some given time, -38-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen buffers are needed for both input and output, the buffers will be assigned in the order in which they are requested. Because of the software architecture of the IMP, this appears to give an advantage to host input. The request for a buffer to hold a packet received from a local host is made by the high-priority routine which services the host-IMP interface. The request for a buffer to hold a packet for output to a local host is made either by the TASK process or by one of the background processes, which run at lower priority levels. Furthermore, requests for output buffers, if not served the first time they are made (because of unavailability of buffers), are put on a queue which is served in round-robin fashion at the lowest priority level. Any number of requests for host input buffers can be served between the time a request for a host output buffer is first queued and the time it is finally served. This seems to violate the principle of congestion control which states that output-related functions should be favored over input-related functions. It would not seem to be a difficult matter for requests for buffer space to be prioritized or re-ordered so that buffers are never provided for input while there are outstanding requests for output buffers. (Note that this issue of re-ordering the requests would not arise if there were ample buffer space, since in that case, all functions could be guaranteed sufficient buffering, regardless of the order in which requests were made.) -39-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen This principle, however, would have to be applied with some care. In the ARPANET, a request for output buffer space may be either a request for one buffer (for single packet messages) or a request for eight buffers (for multi-packet messages). If a source node has requested a single-packet allocate for some packet from some destination node, it must buffer the packet until the output buffer space is made available. Meanwhile, other packets from the same source host may still be entering the network. On the other hand, if a source node is waiting for a multi-packet allocate, it does not buffer the multi-packet message while waiting. Rather, it stops all input from the source host until the output buffers are allocated. That is, if a single-packet request remains unserved, buffer space is used as the source node, while input at the source node continues unabated. If a multi-packet request remains unserved, not only is no buffer space wasted at the source node, but input from the source host is stopped. The congestion control principle that output should be favored over input is reasonable because "output" means that resources already in use will be freed, while "input" means that resources currently free will be put into use. Competition between a host input packet and an unserved single packet request is clearly competition between input and output. However, competition between host input and an unserved multi- packet request is more like competition between input at one IMP -40-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
and input at another. Hence, prioritization or re-ordering of
requests for buffers need only be done in the former case. Even
there, care must be taken to ensure that a large flow of single
packet messages to the hosts at one IMP does not prevent those
hosts from ever sending any inputs of their own into the network.
While output should be favored over input, output should not be
able to lock out input. After all, output at one IMP is input at
another. If output is too much favored over input, the result is
that input at one IMP is favored over input at another IMP.
Therefore, it is possible that, IN THE ABSENCE OF A GENERAL FLOW
CONTROL PROCEDURE, which would explicitly match IMP-IMP flows to
the amount of resources available, PRIORITIZATION OF BUFFER
REQUESTS COULD DO AS MUCH HARM AS GOOD. A full investigation of
the issues relevant to end-end flow control in the ARPANET is not
within the scope of the present contract, however.
The 316/516 IMP does not have enough buffer space to
ensure transmission over the inter-IMP trunks at the full rate of
50 kbps. Only the minimum number of buffers necessary to prevent
a trunk from being locked out is dedicated to each trunk. This
minimum number, of course, is one. There is also a maximum
number of buffers which can ever be under the control of the
combined trunk output processes. This number is either 10, 12,
or 14, depending on whether the IMP has 2, 3, or 4 trunks.
-41-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen Furthermore, there is also a minimum number of buffers which are available for trunk output, but unavailable for host-related functions. This number (which includes the single buffer dedicated to each output trunk) is either 6, 9, or 12, depending on whether the IMP has 2, 3, or 4 trunks. (There are certain exceptions to this rule, such as IMPs which have 16-channel satellite lines. See chapter 7 of BBN Report No. 4088 for details. There appears to be no hard and fast rationale for having chosen these particular numbers. Rather, they just "seem to work.") These buffers, except for the buffers which are dedicated to particular trunks, are not, however, dedicated to trunk output; they are also available for other functions that we will discuss shortly. The small difference between the minimum and maximum numbers of buffers available for trunk output (either 4, 3, or 2, depending on IMP configuration) form a pool of buffers which are generally sharable among all the processes in the IMP, which can get them on a first-come, first-serve basis. There is also a maximum number of buffers which can even be under the control of the process which runs a PARTICULAR output trunk. This number is eight (except for satellite lines, for which the number is sixteen). The number eight does not appear to have been chosen in order to meet constraints on the buffer management system. Rather, eight is the number of logical -42-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen channels maintained by the IMP-IMP protocol. That is, it is the number of packets which can be in flight simultaneously on an inter-IMP trunk. There is no inherent reason why the maximum number of packets under control of an output trunk (i.e. the number in-flight at some instant PLUS the number queued at that instant) should be the same as the maximum number of packets which can be in flight simultaneously on that trunk. This particular choice of number appears to have been made primarily for ease of programming. The ARPANET IMP does contain a pool of buffers dedicated to the creation of end-end control messages. In keeping with the principle that, when buffers are in severely short supply, only a minimum number should be dedicated to any particular function, the size of this pool is one. Of course, an IMP may have more than one extant end-end control message at a time. When additional end-end control messages must be created, they are treated as host-related messages. That is, to create an end-end control message, a buffer from the pool for host-related functions must be obtained. This restriction is apparently due to the fact that after a control message is created, it is treated in some ways as if it were a packet submitted by a host. That is, after a control message is created, it is placed on a queue known as the Reply Queue. Packets are removed from the -43-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen Reply Queue by a "Back Host," and submitted to the IMP as if they came from a real host. A Back Host is a software routine which runs at the background level of the IMP. Its purpose is to submit control packets as if they were packets from a real host (though of course, they are submitted at a point which is later in the IMP's logic than the point where a real host would submit a packet). This fact about the software architecture of the IMP makes it appropriate to treat the creation of control packets in a manner analogous to host input. If the submission of control packets were handled differently from the submission of ordinary host input, then it might not be appropriate to create protocol messages on the same buffer pool as ordinary host messages, since protocol messages are handled very differently and in general have different constraints. (Of course, one could raise the further question as to whether the "back host" mechanism is appropriate for handling control packets. However, this cannot be considered here.) We have spoken of the need for having a buffer dedicated to input from each inter-node trunk, in order to be able to process certain sorts of control messages which, although occurring relatively infrequently, need to be processed quickly, with a high degree of responsiveness (i.e., without having to wait on a queue). The IMP does indeed dedicate a buffer to each -44-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen input trunk. That is, a packet which has just arrived on a certain trunk will not even be queued for the dispatcher (TASK) if that would result in there being no buffer at all available to receive the next input from the trunk. However, these dedicated buffers are NOT used for processing those control packets which require high responsiveness. Not only are such buffers not queued for processing, but the packets in such buffers are NEVER processed at all, they are simply discarded. Even if the packet is a line up/down protocol packet, which is ordinarily processed immediately by the routine that handles input from the trunks, it will not be processed if processing it would mean that there is a period of time when no buffer is available to receive the next input from that trunk. Not even the acknowledgments which may be piggybacked in the packet are processed. Rather, the packet is simply discarded, and its buffer reused for the next input. The apparent purpose of this procedure is to ensure that there is never any period of time when a packet can be lost because there is no buffer available in which to receive it. However, although this procedure does help to avoid packet loss, it does this by deliberately discarding packets. From a performance perspective, there does not seem to be much difference between losing a packet and throwing it away. In general, it is not sensible to throw one packet away so that the next will not be lost. Either the buffer dedicated to an input trunk should be used to ensure the -45-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen processing of packets which need high responsiveness (such as line up/down protocol packets, routing updates, and received IMP-IMP acknowledgments), or there should not be any dedicated input buffers. Currently, the dedicated buffers are wasted. The worst thing a buffer management scheme can do is to waste buffers, particularly when buffers are a scarce resource. The IMP does have a small pool of buffers which cannot be placed under the control of any host-related process or of any process which regulates output on the inter-IMP trunks. (The size of this pool is regulated by the parameter MINF, currently set to 3.) These buffers are available only for the processing of such high responsiveness packets as routing updates, line up/down protocol packets, and received IMP-IMP acknowledgments, and for the creation of such subnetwork control packets (not end-end control packets) as nulls, routing updates, and line up/down protocol packets. These buffers are also useful for mediating processor latency. They are not, however, dedicated to the individual input trunks. As we have pointed out previously, it is quite desirable to have such a pool of buffers; this seems a good feature of the IMP's buffer management system. In BBN Report No. 4088 we pointed out several bugs in the IMP's buffer management procedure. One bug was the fact that the buffers which are dedicated to input from the inter-IMP trunks -46-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen are completely wasted. This bug can be fixed either by refraining from dedicating buffers to trunk input, or by processing the packets in these buffers if (and only if) they require high responsiveness. This latter approach would in some sense be equivalent to increasing the value of MINF to three plus the number of trunks, except that it would also ensure some degree of fairness among the input trunks with respect to their ability to obtain buffers from the MINF pool. As we have already discussed, the correct way to fix the bug may depend on whether the IMP is short on buffers or short on CPU cycles. Some mixture of the two approaches may be needed, since in practice the IMPs are sometimes short of buffer space and sometimes short of CPU cycles. It must also be pointed out that processing of received acknowledgments from a particular input trunk may also be important if the corresponding output trunk has most of its logical channels in use, even if there are plenty of free buffers. After all, processing of received acknowledgments not only frees buffers, but also frees logical channels, and a shortage of unused logical channels can have the same effect in degrading performance as a shortage of buffers. In order to pick the strategy which will have the best effect on network performance, we will need to design a method of determining in real time which resource is scarcest in the IMP at some particular moment. -47-
IEN-182 Bolt Beranek and Newman Inc.
Eric C. Rosen
We also pointed out several other bugs in BBN Report No.
4088. These bugs all have a common source, namely the fact that
when a buffer is moved from a source process to a destination
process, the buffer management scheme takes no notice of the
source process. In particular, a buffer may be rejected even if
it cannot be freed. This not only leads to the bugs we described
in our previous report, but also to the following sort of bug.
Suppose an IMP has three trunks, and that it has a maximum of 12
buffers which can be under the control of the process which
regulates output to the trunks. Suppose that there are 8 buffers
queued for output to trunk 1, and 3 to trunk 2, while there is
one buffer which has already been transmitted on trunk 3, but
which is presently awaiting acknowledgment. Suppose also that a
packet received from a local host is now ready for transmission
to its destination, and that it is routed out trunk 3. The IMP
will not permit this packet to be transmitted, since that would
place a 13th buffer under control of the trunk output routines.
Thus the buffer will be rejected, even through the trunk is idle,
and the other resources needed to transmit the packet (e.g.,
logical channels) are freely available. Furthermore, the
rejected buffer will not be freed. Refusing the buffer simply
delays transmission of the packet without resulting in the
freeing of any resource. Thus it has no salutary effect on
network performance, and is in fact counter-productive. This is
-48-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen an example of OVER-CONTROL in the buffer management scheme; a buffer is prevented from moving, even though considerations of general network performance would dictate that it be passed to the destination process immediately. This bug, as well as others we have discussed, would be eliminated if the IMP took account of the buffer's source process as well as its destination process. Then the IMP could adopt a policy of never refusing a buffer FOR CONSIDERATIONS OF BUFFER MANAGEMENT unless doing so would result in the buffer's being freed. Even if the ARPANET's buffer management scheme were modified to take account of the criticisms we have been making, there would still be a major problem with it. The problem is that in the competition for buffers to be used to transmit packets to a neighboring IMP, packets input from local hosts are favored over packets arriving from neighboring IMPs, thereby violating an important principle of congestion control. Not only can host access lines be of higher speeds than inter-IMP trunks, but the 1822 protocol, which governs host-IMP access, does not allow the IMP to drop a packet it has received. The IMP-IMP protocol, on the other hand, does allow a receiving IMP to drop a packet. We have already pointed out the way in which this can cause a buffer management scheme to favor the packets from the local hosts. Since it is not feasible to modify the 1822 -49-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen protocol, some other means of eliminating or at least reducing this favoritism must be developed. One way of reducing this favoritism would be to define a pool of buffers reserved exclusively for "transit packets", i.e. packets whose origin and destination are both remote. No such buffer pool exists in the ARPANET at present. The current store-and-forward pool can be completely filled with locally originating packets. Although a locally originating packet requires a buffer from reassembly space when it first enters the IMP, it is moved into store-and-forward space as soon as it is queued to an output trunk. Since locally originating packets cannot be discarded, and hence should never be refused by the buffer management scheme after they are originally received, this division of the buffer pool does not prevent host packets from locking out transit packets entirely. It does prevent all the buffers in the IMP from being devoted to host-related functions, which is very important if the IMP is to continue to function as a store-and-forward node even while handling a large amount of host traffic. Note, however, that a pool dedicated to transit packets would have the same effect. Furthermore, it would have the additional salutary effect of ensuring a supply of buffers for transit packets. We recommend therefore the elimination of the store-and- -50-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen forward pool, and the creation of a transit pool. The transit pool would consist of a minimum number of buffers which would be dedicated to packets with remote origins and remote destinations. Locally originating packets would never be placed in the transit pool, but would remain in the Reassembly pool (which we suggest renaming the "end-end" pool), even while queued for transmission out an inter-IMP trunk. It is also desirable to ensure that a certain number of transit packets may always be queued simultaneously to a given output trunk. Although the presence of the transit pool prevents transit packets from being locked out entirely, it does not prevent them from being locked out on some particular output trunk. However, since every packet queued for an output trunk must be assigned to a logical channel, this can be prevented by saving a certain number of logical channels on each trunk for transit packets only. This may require that a locally originating packet with a remote destination sometimes be refused, even though the trunk is idle and the refused buffer cannot be freed. However, the reason for refusing in this case is not buffer management, but management of logical channels. Refusing a host packet (destined to a remote destination) for reasons of logical channel management WILL result in keeping free a logical channel that would otherwise be occupied. So even -51-
IEN-182 Bolt Beranek and Newman Inc. Eric C. Rosen though no buffer is freed, the packet can still be refused without violating any principles of resource management. -52-
mirror server hosted at Truenetwork, Russian Federation.