tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 7567

BCP 197
Pages: 31
Top     in Index     Prev     Next
in Group Index     No Prev: Lowest Number in Group     Next in Group     Group: AQM

IETF Recommendations Regarding Active Queue Management

Part 1 of 2, p. 1 to 12
None       Next RFC Part

Obsoletes:    2309

Top       ToC       Page 1 
Internet Engineering Task Force (IETF)                     F. Baker, Ed.
Request for Comments: 7567                                 Cisco Systems
BCP: 197                                               G. Fairhurst, Ed.
Obsoletes: 2309                                   University of Aberdeen
Category: Best Current Practice                                July 2015
ISSN: 2070-1721

         IETF Recommendations Regarding Active Queue Management


   This memo presents recommendations to the Internet community
   concerning measures to improve and preserve Internet performance.  It
   presents a strong recommendation for testing, standardization, and
   widespread deployment of active queue management (AQM) in network
   devices to improve the performance of today's Internet.  It also
   urges a concerted effort of research, measurement, and ultimate
   deployment of AQM mechanisms to protect the Internet from flows that
   are not sufficiently responsive to congestion notification.

   Based on 15 years of experience and new research, this document
   replaces the recommendations of RFC 2309.

Status of This Memo

   This memo documents an Internet Best Current Practice.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   BCPs is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at

Page 2 
Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   ( in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November
   10, 2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

Top       Page 3 
Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   4
     1.1.  Congestion Collapse . . . . . . . . . . . . . . . . . . .   4
     1.2.  Active Queue Management to Manage Latency . . . . . . . .   5
     1.3.  Document Overview . . . . . . . . . . . . . . . . . . . .   6
     1.4.  Changes to the Recommendations of RFC 2309  . . . . . . .   7
     1.5.  Requirements Language . . . . . . . . . . . . . . . . . .   7
   2.  The Need for Active Queue Management  . . . . . . . . . . . .   7
     2.1.  AQM and Multiple Queues . . . . . . . . . . . . . . . . .  11
     2.2.  AQM and Explicit Congestion Marking (ECN) . . . . . . . .  12
     2.3.  AQM and Buffer Size . . . . . . . . . . . . . . . . . . .  12
   3.  Managing Aggressive Flows . . . . . . . . . . . . . . . . . .  13
   4.  Conclusions and Recommendations . . . . . . . . . . . . . . .  16
     4.1.  Operational Deployments SHOULD Use AQM Procedures . . . .  17
     4.2.  Signaling to the Transport Endpoints  . . . . . . . . . .  17
       4.2.1.  AQM and ECN . . . . . . . . . . . . . . . . . . . . .  18
     4.3.  AQM Algorithm Deployment SHOULD NOT Require Operational
           Tuning  . . . . . . . . . . . . . . . . . . . . . . . . .  20
     4.4.  AQM Algorithms SHOULD Respond to Measured Congestion, Not
           Application Profiles  . . . . . . . . . . . . . . . . . .  21
     4.5.  AQM Algorithms SHOULD NOT Be Dependent on Specific
           Transport Protocol Behaviors  . . . . . . . . . . . . . .  22
     4.6.  Interactions with Congestion Control Algorithms . . . . .  22
     4.7.  The Need for Further Research . . . . . . . . . . . . . .  23
   5.  Security Considerations . . . . . . . . . . . . . . . . . . .  25
   6.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .  25
   7.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  25
     7.1.  Normative References  . . . . . . . . . . . . . . . . . .  25
     7.2.  Informative References  . . . . . . . . . . . . . . . . .  26
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  31
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  31

Top      ToC       Page 4 
1.  Introduction

   The Internet protocol architecture is based on a connectionless end-
   to-end packet service using the Internet Protocol, whether IPv4
   [RFC791] or IPv6 [RFC2460].  The advantages of its connectionless
   design -- flexibility and robustness -- have been amply demonstrated.
   However, these advantages are not without cost: careful design is
   required to provide good service under heavy load.  In fact, lack of
   attention to the dynamics of packet forwarding can result in severe
   service degradation or "Internet meltdown".  This phenomenon was
   first observed during the early growth phase of the Internet in the
   mid 1980s [RFC896] [RFC970]; it is technically called "congestion
   collapse" and was a key focus of RFC 2309.

   Although wide-scale congestion collapse is not common in the
   Internet, the presence of localized congestion collapse is by no
   means rare.  It is therefore important to continue to avoid
   congestion collapse.

   Since 1998, when RFC 2309 was written, the Internet has become used
   for a variety of traffic.  In the current Internet, low latency is
   extremely important for many interactive and transaction-based
   applications.  The same type of technology that RFC 2309 advocated
   for combating congestion collapse is also effective at limiting
   delays to reduce the interaction delay (latency) experienced by
   applications [Bri15].  High or unpredictable latency can impact the
   performance of the control loops used by end-to-end protocols
   (including congestion control algorithms using TCP).  There is now
   also a focus on reducing network latency using the same technology.

   The mechanisms described in this document may be implemented in
   network devices on the path between endpoints that include routers,
   switches, and other network middleboxes.  The methods may also be
   implemented in the networking stacks within endpoint devices that
   connect to the network.

1.1.  Congestion Collapse

   The original fix for Internet meltdown was provided by Van Jacobsen.
   Beginning in 1986, Jacobsen developed the congestion avoidance
   mechanisms [Jacobson88] that are now required for implementations of
   the Transport Control Protocol (TCP) [RFC793] [RFC1122].  ([RFC7414]
   provides a roadmap to help identify TCP-related documents.)  These
   mechanisms operate in Internet hosts to cause TCP connections to
   "back off" during congestion.  We say that TCP flows are "responsive"
   to congestion signals (i.e., packets that are dropped or marked with
   explicit congestion notification [RFC3168]).  It is primarily these

Top      ToC       Page 5 
   TCP congestion avoidance algorithms that prevent the congestion
   collapse of today's Internet.  Similar algorithms are specified for
   other non-TCP transports.

   However, that is not the end of the story.  Considerable research has
   been done on Internet dynamics since 1988, and the Internet has
   grown.  It has become clear that the congestion avoidance mechanisms
   [RFC5681], while necessary and powerful, are not sufficient to
   provide good service in all circumstances.  Basically, there is a
   limit to how much control can be accomplished from the edges of the
   network.  Some mechanisms are needed in network devices to complement
   the endpoint congestion avoidance mechanisms.  These mechanisms may
   be implemented in network devices.

1.2.  Active Queue Management to Manage Latency

   Internet latency has become a focus of attention to increase the
   responsiveness of Internet applications and protocols.  One major
   source of delay is the buildup of queues in network devices.
   Queueing occurs whenever the arrival rate of data at the ingress to a
   device exceeds the current egress rate.  Such queueing is normal in a
   packet-switched network and is often necessary to absorb bursts in
   transmission and perform statistical multiplexing of traffic, but
   excessive queueing can lead to unwanted delay, reducing the
   performance of some Internet applications.

   RFC 2309 introduced the concept of "Active Queue Management" (AQM), a
   class of technologies that, by signaling to common congestion-
   controlled transports such as TCP, manages the size of queues that
   build in network buffers.  RFC 2309 also describes a specific AQM
   algorithm, Random Early Detection (RED), and recommends that this be
   widely implemented and used by default in routers.

   With an appropriate set of parameters, RED is an effective algorithm.
   However, dynamically predicting this set of parameters was found to
   be difficult.  As a result, RED has not been enabled by default, and
   its present use in the Internet is limited.  Other AQM algorithms
   have been developed since RFC 2309 was published, some of which are
   self-tuning within a range of applicability.  Hence, while this memo
   continues to recommend the deployment of AQM, it no longer recommends
   that RED or any other specific algorithm is used by default.  It
   instead provides recommendations on IETF processes for the selection
   of appropriate algorithms, and especially that a recommended
   algorithm is able to automate any required tuning for common
   deployment scenarios.

Top      ToC       Page 6 
   Deploying AQM in the network can significantly reduce the latency
   across an Internet path, and, since the writing of RFC 2309, this has
   become a key motivation for using AQM in the Internet.  In the
   context of AQM, it is useful to distinguish between two related
   classes of algorithms: "queue management" versus "scheduling"
   algorithms.  To a rough approximation, queue management algorithms
   manage the length of packet queues by marking or dropping packets
   when necessary or appropriate, while scheduling algorithms determine
   which packet to send next and are used primarily to manage the
   allocation of bandwidth among flows.  While these two mechanisms are
   closely related, they address different performance issues and
   operate on different timescales.  Both may be used in combination.

1.3.  Document Overview

   The discussion in this memo applies to "best-effort" traffic, which
   is to say, traffic generated by applications that accept the
   occasional loss, duplication, or reordering of traffic in flight.  It
   also applies to other traffic, such as real-time traffic that can
   adapt its sending rate to reduce loss and/or delay.  It is most
   effective when the adaption occurs on timescales of a single Round-
   Trip Time (RTT) or a small number of RTTs, for elastic traffic

   Two performance issues are highlighted:

   The first issue is the need for an advanced form of queue management
   that we call "Active Queue Management", AQM.  Section 2 summarizes
   the benefits that active queue management can bring.  A number of AQM
   procedures are described in the literature, with different
   characteristics.  This document does not recommend any of them in
   particular, but it does make recommendations that ideally would
   affect the choice of procedure used in a given implementation.

   The second issue, discussed in Section 4 of this memo, is the
   potential for future congestion collapse of the Internet due to flows
   that are unresponsive, or not sufficiently responsive, to congestion
   indications.  Unfortunately, while scheduling can mitigate some of
   the side effects of sharing a network queue with an unresponsive
   flow, there is currently no consensus solution to controlling the
   congestion caused by such aggressive flows.  Methods such as
   congestion exposure (ConEx) [RFC6789] offer a framework [CONEX] that
   can update network devices to alleviate these effects.  Significant
   research and engineering will be required before any solution will be
   available.  It is imperative that work to mitigate the impact of
   unresponsive flows is energetically pursued to ensure acceptable
   performance and the future stability of the Internet.

Top      ToC       Page 7 
   Section 4 concludes the memo with a set of recommendations to the
   Internet community on the use of AQM and recommendations for defining
   AQM algorithms.

1.4.  Changes to the Recommendations of RFC 2309

   This memo replaces the recommendations in [RFC2309], which resulted
   from past discussions of end-to-end performance, Internet congestion,
   and RED in the End-to-End Research Group of the Internet Research
   Task Force (IRTF).  It results from experience with RED and other
   algorithms, and the AQM discussion within the IETF [AQM-WG].

   Whereas RFC 2309 described AQM in terms of the length of a queue,
   this memo uses AQM to refer to any method that allows network devices
   to control the queue length and/or the mean time that a packet spends
   in a queue.

   This memo also explicitly obsoletes the recommendation that Random
   Early Detection (RED) be used as the default AQM mechanism for the
   Internet.  This is replaced by a detailed set of recommendations for
   selecting an appropriate AQM algorithm.  As in RFC 2309, this memo
   illustrates the need for continued research.  It also clarifies the
   research needed with examples appropriate at the time that this memo
   is published.

1.5.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in [RFC2119].

2.  The Need for Active Queue Management

   Active Queue Management (AQM) is a method that allows network devices
   to control the queue length or the mean time that a packet spends in
   a queue.  Although AQM can be applied across a range of deployment
   environments, the recommendations in this document are for use in the
   general Internet.  It is expected that the principles and guidance
   are also applicable to a wide range of environments, but they may
   require tuning for specific types of links or networks (e.g., to
   accommodate the traffic patterns found in data centers, the
   challenges of wireless infrastructure, or the higher delay
   encountered on satellite Internet links).  The remainder of this
   section identifies the need for AQM and the advantages of deploying
   AQM methods.

Top      ToC       Page 8 
   The traditional technique for managing the queue length in a network
   device is to set a maximum length (in terms of packets) for each
   queue, accept packets for the queue until the maximum length is
   reached, then reject (drop) subsequent incoming packets until the
   queue decreases because a packet from the queue has been transmitted.
   This technique is known as "tail drop", since the packet that arrived
   most recently (i.e., the one on the tail of the queue) is dropped
   when the queue is full.  This method has served the Internet well for
   years, but it has four important drawbacks:

   1.  Full Queues

       The "tail drop" discipline allows queues to maintain a full (or,
       almost full) status for long periods of time, since tail drop
       signals congestion (via a packet drop) only when the queue has
       become full.  It is important to reduce the steady-state queue
       size, and this is perhaps the most important goal for queue

       The naive assumption might be that there is a simple trade-off
       between delay and throughput, and that the recommendation that
       queues be maintained in a "non-full" state essentially translates
       to a recommendation that low end-to-end delay is more important
       than high throughput.  However, this does not take into account
       the critical role that packet bursts play in Internet
       performance.  For example, even though TCP constrains the
       congestion window of a flow, packets often arrive at network
       devices in bursts [Leland94].  If the queue is full or almost
       full, an arriving burst will cause multiple packets to be dropped
       from the same flow.  Bursts of loss can result in a global
       synchronization of flows throttling back, followed by a sustained
       period of lowered link utilization, reducing overall throughput
       [Flo94] [Zha90].

       The goal of buffering in the network is to absorb data bursts and
       to transmit them during the (hopefully) ensuing bursts of
       silence.  This is essential to permit transmission of bursts of
       data.  Queues that are normally small are preferred in network
       devices, with sufficient queue capacity to absorb the bursts.
       The counterintuitive result is that maintaining queues that are
       normally small can result in higher throughput as well as lower
       end-to-end delay.  In summary, queue limits should not reflect
       the steady-state queues we want to be maintained in the network;
       instead, they should reflect the size of bursts that a network
       device needs to absorb.

Top      ToC       Page 9 
   2.  Lock-Out

       In some situations tail drop allows a single connection or a few
       flows to monopolize the queue space, thereby starving other
       connections, preventing them from getting room in the queue

   3.  Mitigating the Impact of Packet Bursts

       A large burst of packets can delay other packets, disrupting the
       control loop (e.g., the pacing of flows by the TCP ACK clock),
       and reducing the performance of flows that share a common

   4.  Control Loop Synchronization

       Congestion control, like other end-to-end mechanisms, introduces
       a control loop between hosts.  Sessions that share a common
       network bottleneck can therefore become synchronized, introducing
       periodic disruption (e.g., jitter/loss).  "Lock-out" is often
       also the result of synchronization or other timing effects

   Besides tail drop, two alternative queue management disciplines that
   can be applied when a queue becomes full are "random drop on full" or
   "head drop on full".  When a new packet arrives at a full queue using
   the "random drop on full" discipline, the network device drops a
   randomly selected packet from the queue (this can be an expensive
   operation, since it naively requires an O(N) walk through the packet
   queue).  When a new packet arrives at a full queue using the "head
   drop on full" discipline, the network device drops the packet at the
   front of the queue [Lakshman96].  Both of these solve the lock-out
   problem, but neither solves the full-queues problem described above.

   In general, we know how to solve the full-queues problem for
   "responsive" flows, i.e., those flows that throttle back in response
   to congestion notification.  In the current Internet, dropped packets
   provide a critical mechanism indicating congestion notification to
   hosts.  The solution to the full-queues problem is for network
   devices to drop or ECN-mark packets before a queue becomes full, so
   that hosts can respond to congestion before buffers overflow.  We
   call such a proactive approach AQM.  By dropping or ECN-marking
   packets before buffers overflow, AQM allows network devices to
   control when and how many packets to drop.

Top      ToC       Page 10 
   In summary, an active queue management mechanism can provide the
   following advantages for responsive flows.

   1.  Reduce number of packets dropped in network devices

       Packet bursts are an unavoidable aspect of packet networks
       [Willinger95].  If all the queue space in a network device is
       already committed to "steady-state" traffic or if the buffer
       space is inadequate, then the network device will have no ability
       to buffer bursts.  By keeping the average queue size small, AQM
       will provide greater capacity to absorb naturally occurring
       bursts without dropping packets.

       Furthermore, without AQM, more packets will be dropped when a
       queue does overflow.  This is undesirable for several reasons.
       First, with a shared queue and the "tail drop" discipline, this
       can result in unnecessary global synchronization of flows,
       resulting in lowered average link utilization and, hence, lowered
       network throughput.  Second, unnecessary packet drops represent a
       waste of network capacity on the path before the drop point.

       While AQM can manage queue lengths and reduce end-to-end latency
       even in the absence of end-to-end congestion control, it will be
       able to reduce packet drops only in an environment that continues
       to be dominated by end-to-end congestion control.

   2.  Provide a lower-delay interactive service

       By keeping a small average queue size, AQM will reduce the delays
       experienced by flows.  This is particularly important for
       interactive applications such as short web transfers, POP/IMAP,
       DNS, terminal traffic (Telnet, SSH, Mosh, RDP, etc.), gaming or
       interactive audio-video sessions, whose subjective (and
       objective) performance is better when the end-to-end delay is

   3.  Avoid lock-out behavior

       AQM can prevent lock-out behavior by ensuring that there will
       almost always be a buffer available for an incoming packet.  For
       the same reason, AQM can prevent a bias against low-capacity, but
       highly bursty, flows.

       Lock-out is undesirable because it constitutes a gross unfairness
       among groups of flows.  However, we stop short of calling this
       benefit "increased fairness", because general fairness among
       flows requires per-flow state, which is not provided by queue
       management.  For example, in a network device using AQM with only

Top      ToC       Page 11 
       FIFO scheduling, two TCP flows may receive very different shares
       of the network capacity simply because they have different RTTs
       [Floyd91], and a flow that does not use congestion control may
       receive more capacity than a flow that does.  AQM can therefore
       be combined with a scheduling mechanism that divides network
       traffic between multiple queues (Section 2.1).

   4.  Reduce the probability of control loop synchronization

       The probability of network control loop synchronization can be
       reduced if network devices introduce randomness in the AQM
       functions that trigger congestion avoidance at the sending host.

2.1.  AQM and Multiple Queues

   A network device may use per-flow or per-class queueing with a
   scheduling algorithm to either prioritize certain applications or
   classes of traffic, limit the rate of transmission, or provide
   isolation between different traffic flows within a common class.  For
   example, a router may maintain per-flow state to achieve general
   fairness by a per-flow scheduling algorithm such as various forms of
   Fair Queueing (FQ) [Dem90] [Sut99], including Weighted Fair Queueing
   (WFQ), Stochastic Fairness Queueing (SFQ) [McK90], Deficit Round
   Robin (DRR) [Shr96] [Nic12], and/or a Class-Based Queue scheduling
   algorithm such as CBQ [Floyd95].  Hierarchical queues may also be
   used, e.g., as a part of a Hierarchical Token Bucket (HTB) or
   Hierarchical Fair Service Curve (HFSC) [Sto97].  These methods are
   also used to realize a range of Quality of Service (QoS) behaviors
   designed to meet the need of traffic classes (e.g., using the
   integrated or differentiated service models).

   AQM is needed even for network devices that use per-flow or per-class
   queueing, because scheduling algorithms by themselves do not control
   the overall queue size or the sizes of individual queues.  AQM
   mechanisms might need to control the overall queue sizes to ensure
   that arriving bursts can be accommodated without dropping packets.
   AQM should also be used to control the queue size for each individual
   flow or class, so that they do not experience unnecessarily high
   delay.  Using a combination of AQM and scheduling between multiple
   queues has been shown to offer good results in experimental use and
   some types of operational use.

   In short, scheduling algorithms and queue management should be seen
   as complementary, not as replacements for each other.

Top      ToC       Page 12 
2.2.  AQM and Explicit Congestion Marking (ECN)

   An AQM method may use Explicit Congestion Notification (ECN)
   [RFC3168] instead of dropping to mark packets under mild or moderate
   congestion.  ECN-marking can allow a network device to signal
   congestion at a point before a transport experiences congestion loss
   or additional queueing delay [ECN-Benefit].  Section 4.2.1 describes
   some of the benefits of using ECN with AQM.

2.3.  AQM and Buffer Size

   It is important to differentiate the choice of buffer size for a
   queue in a switch/router or other network device, and the
   threshold(s) and other parameters that determine how and when an AQM
   algorithm operates.  The optimum buffer size is a function of
   operational requirements and should generally be sized to be
   sufficient to buffer the largest normal traffic burst that is
   expected.  This size depends on the amount and burstiness of traffic
   arriving at the queue and the rate at which traffic leaves the queue.

   One objective of AQM is to minimize the effect of lock-out, where one
   flow prevents other flows from effectively gaining capacity.  This
   need can be illustrated by a simple example of drop-tail queueing
   when a new TCP flow injects packets into a queue that happens to be
   almost full.  A TCP flow's congestion control algorithm [RFC5681]
   increases the flow rate to maximize its effective window.  This
   builds a queue in the network, inducing latency in the flow and other
   flows that share this queue.  Once a drop-tail queue fills, there
   will also be loss.  A new flow, sending its initial burst, has an
   enhanced probability of filling the remaining queue and dropping
   packets.  As a result, the new flow can be prevented from effectively
   sharing the queue for a period of many RTTs.  In contrast, AQM can
   minimize the mean queue depth and therefore reduce the probability
   that competing sessions can materially prevent each other from
   performing well.

   AQM frees a designer from having to limit the buffer space assigned
   to a queue to achieve acceptable performance, allowing allocation of
   sufficient buffering to satisfy the needs of the particular traffic
   pattern.  Different types of traffic and deployment scenarios will
   lead to different requirements.  The choice of AQM algorithm and
   associated parameters is therefore a function of the way in which
   congestion is experienced and the required reaction to achieve
   acceptable performance.  The latter is the primary topic of the
   following sections.

Next RFC Part