| Special Features: After IP |

The Trend Towards Connection Mode Is Inevitable

Lu Xuefeng Professor, Shanghai Alcatel University

Abstract
The network layer of the Internet needs to adopt the connection-oriented mode for three reasons. One is the requirement of the higher layer services, the second is requirement for reaching the telecom grade network standard, and the third is the need of the Internet development per se. The paper also makes comments on the concept of using the connectionoriented and connectionless modes simultaneously. The paper argues that it is harmful to further retain the connectionless mode while enumerates the development of some other technologies. Either the separation of the Internet control and forwarding functions or the introduction of other connection oriented technologies can lead to the adoption of the connection-oriented mode and the retreat of the connectionless mode. Key words: Internet, Connection-oriented mode, connectionless mode, Telecom grade network, Control plane, Data plane

1 Introduction
While a lot of people suppose that the future network would be based on the Internet Protocol, there is still someone who does not agree to it. The paper The Problems and Solutions for the Internet Development [1] is the one among others. In fact there is also some debate inside the IETF community. The dispute of Death of Internet [2], taking place in January in the e-mail exchange between some members of IETF is another example.

The debate is just related to the technical development of Internet Protocol. No body has intention to deny the fruitful results and great contributions made by the Internet to our society. The main focus is whether the Internet Protocol, including IPv4 and IPv6, can meet the requirements of future development as a carrier-grade communication infrastructure. It is especially important today to well answer this question, because there is great tendency that the future networks, including NGN, broadband mobile, multi-media, will all be based on the IP. So if the base is really quite solid, then everything will be OK. But if it is not the case, what will be the result? This matter is worth careful consideration. In fact, while the Internet and its applications develop quickly, and show great potentials to us, they meet a lot of problems, which are quite embarrassing. Among them, three have been remaining persistently, they are: QoS, network security and the depletion of network addresses, which cannot vary in length as required. We have spent about 10 years to cope with that issue, but the problems are still there. The paper The Problems and Solutions for the Internet Development has talked a lot about it, so it is not necessary to repeat it here. The paper has pointed out that the rout of the problems is related to the Internet Protocol itself. The main cause is due to the nature of the connectionless network service provided by the Internet. Not only the IPv4, but also IPv6 are all connectionless; that is the problem to be tackled.

90

China Communications Feb. 2005

| Special Features: After IP |

2 The necessities of connection mode

The necessities of using the connection mode network service can be shown from several aspects.

To well serve such kinds of services and applications, the Internet should provide connectionoriented network services, but it is not the case. On the contrary, the Internet network service is connectionless; the connection mode is supported at the transport layer or even higher, such as TCP. The disadvantages of using higher layers to support the required connection mode are obvious, and some instances are listed as follows:

2.1 Service needs from higher layers

First of all, it is higher layers that demand a service in connection mode. In the traffic of Internet, the most prevalent part works in the connection mode; this is a well-known fact. The RFC-3439 issued by the end of 2002 quotes the statistics from CAIDA (Cooperative Association for Internet Data Analysis) [3] , which says, About 95% of WAN bytes and 85% of packets are TCP. Only a small part is from UDP. This situation has kept for long. For the present the service VoIP is using UDP, and the VoIP traffic is increasing. But VoIP uses not only UDP, it also needs RTP and signaling, that is still connection mode above IP. What will it be in the future? It is hard to say it with precise figures. But it can be assumed that the most traffic from higher layers will still desire connection mode, considering the following facts: The traffic from voice and video will take a big part of the Internet traffic, including the conversational (e.g. telephony and videotelephony) and streaming services. These services have a relatively long duration, which need to work in real-time or better timing. They are less sensitive with regard to the errors. It is obvious that the connection mode is better for them; For the data traffic, such as file transfer, database backup, and a lot of other applications, they not only have a longer duration, but also need to be error free. These traffic also want connection mode;

Longer transfer delay and delay variation. For the traffic using TCP, the requirement for error-free is important. But the error is corrected end-to-end with TCP, this surely takes more time for the correction; and what is more, with the changing of routes and probable congestion, the delay and the delay variation can be even longer, which can be harmful for some services and applications.

Bad persistence for the connection. When some thing happens, such as congestion, or timer expiration due to retransmission, the TCP connection will be completely broken. The hosts using the connection are obliged to restart the connection establishment. No guarantee of QoS. This may be more important for real-time services, multimedia and streaming services. They require some performance to be met by the network, such as delay, delay variation, and packet loss ratio. But the higher layers can do nothing with network performances. So although the services with connection mode can be provided with TCP or other transport layer protocols, the services are just a sort of best effort services.

2.2 Needs to implement carrier-grade services

As a carrier-grade network, the following requirements are basic and mandatory: Higher availability. It should be as high as 99.999%. QoS will be guaranteed for various kinds of

For other kinds of data traffic, if error free is required, they still need connection mode. Only for the traffic, which is a short burst, and not quite error-sensitive, the connectionless can be better.

China Communications Feb. 2005

91

| Special Features: After IP |

services and applications. Security. The network should be secure enough, being as good as the traditional networks, including efficient access control, confidentiality, data integrity and resistant to various attacks. Manageable. Networks should be well under control by the Administrations or ISPs. No malicious attacks can make any mess of networks. It is sorry to say that the Internet is quite far from meeting all the targets. Neither IPv4, nor IPv6 can be qualified as carrier-grade. Because a lot of things have been discussed in The Problems and Solutions for the Internet Development, so no more is going to be repeated here. The good news is that IETF has concluded from its 10-years experience that connection mode is required for Internet at least from the QoS point of view. This has been reported from the minutes of 58th meeting of IETF. This issue will be discussed more in the following section.

2.3 Needs to develop Internet itself

Although Internet has experienced a splendid time and great success, but the architecture of Internet has not been well considered, when it became a worldwide infrastructure. It was designed just for a small network used by a limited community. Now Internet has become a worldwide infrastructure, but the basic architecture does remain there. In fact the architecture is not quite advanced. What is a good architecture? People in the ICT community have reached the following common views:

It should have a layered reference model for open interconnection. Three separate planes are needed for the networks, namely data plane, control plane and management plane, and the separation of control and data transfer is essential. > The technologies of control and data planes are quite different. Data plane needs more hardware, and is required for

more bandwidth or higher speed, on the contrary, the control plane is more software dependent, is required with more services or functionality. The separation will make them develop separately, using the most advanced technologies. > With the separation, the users can easily change or re-negotiate the facilities and parameters of communications without interrupting the existing information exchange. > With the separation, less layers are needed for the data plane, probably two layers, i. e. optical layer and packet layer, will be enough in the future. And with regard to the control, a single control layer can probably control all the transport layer networks. This is what the ASTN/GMPLS is going to do. The separation of core and edge networks. The core network will only handle the macroflow, and automatically adjust the configuration of the network resources to make quick responses to the variation of traffic distribution. The exchanges or routers in the core will not care the states of calls, or sessions. And it is the edge devices that takes care of the end user services and applications, and keeps some states for the micro-flow from end users. The signaling should be designed to make the states of micro-flow to be kept in the edges as less as possible. The above principles have become a common understanding in our society, including IETF. But no matter whether IPv4 or IPv6 is used, the principle of control and data separation has not been followed. The control functions and data forwarding functions are fully integrated in the routers. It is important to note that the IP addresses are the important control information, which has global significance, but they are bound with the user data in the same PDU. In fact, IETF has not only accepted the principle of control and data separation, but also taken to

92

China Communications Feb. 2005

| Special Features: After IP |

implement it. For doing this, a working group, called FORCES (Forwarding and Control Element Separation) [4] has been established. And some progresses have been made, such as RFC-3654: Requirements for Separation of IP Control and Forwarding [5], and RFC-3746: Forwarding and Control Element Separation (ForCES) Framework. There is another working group, called NSIS (Next Steps in Signaling) [6], which is working on signaling, which is very important for implementing the control and data separation. Besides, a working group, called CCAMP [7] (Common Control and Measurement Plane), is working the control protocol for core networks, which is also known as GMPLS for ASTN/ASON. So the control and data separation is also the need of Internet. And it is known that the control plane and signaling are really connection-oriented technologies. The so-called Separation of IP Control and Forwarding means surely Internet will also use that connection mode. Now the problem is not whether IETF will accept the connection mode or not, it has become whether IETF will abandon the existing connectionless mode. This will be discussed in section 3.

2.4 Return to connection mode does not mean to go back to the dated switching mode
Here it is only to emphasize that the connection mode technology is also developing. The return to the connection mode does not mean going back to the dated switching mode. The previous section has mentioned that the ICT community has agreed on the principle of separation of core and edge networks. The cores take care of macro-flows and edges take care of micro-flows. This will make the core exchange or routers more scalable and easier to implement. So dont worry about going back to the connection mode.

RFC-3654 (Requirements for Separation of IP Control and Forwarding) has proposed a new architecture for the Internet. According to the proposal, the Internet will consist of a data forwarding plane and a control plane. RFC says that the task of the forwarding plane is of per-packet processing and forwarding. And it is under the control of the network operating system that is responsible for operations in the control plane. The network operating system runs routing, signaling and control protocols (such as RIP, OSPF and RSVP), and dictates the forwarding behavior by manipulating forwarding tables, per-flow QoS tables and access control lists. All this is reasonable. But according to the minutes of 58th meeting of IETF, NSIS has reached an agreement that both the connection mode and the connectionless mode are mandatory. This means that switches or routers should be equipped with dual modes. This is also shown in RFC-3654, which says in the 9th item of requirements that the new architecture must explain how that architecture supports all of the router functions as defined in [RFC1812]. IPv4 forwarding functions such IP header validation, performing longest prefix match algorithm, TTL decrement, Checksum calculation, generation of ICMP error messages, etc defined in RFC 1812 should be explained. It is obvious that the structure of IP header will remain, and the handling of IP packets will remain unchanged. In brief, the working mode of datagram will remain existed. It is worth studying whether the choice of dual modes is correct. This is what to say in the following sections.

3.1 Not good for simplifying the network architecture

When using the connection mode, the router or switches for data plane should be able to be simplified, be easy to implement and also be cheaper. Because with the signaling the IP addresses would be transferred in the signaling, in this case, the packets would not go up to the layer 3, and IP

3 Comments on dual modes

China Communications Feb. 2005

93

| Special Features: After IP |

encapsulation at the network layer becomes unnecessary. The packets could remain at layer 2, probably with 802.3 format plus a MPLS slim. Controlled by the control plane, the routing of the router or switches for the packets could use some kinds of L2 addresses, which only have local significance, something similar to VCI/VPI of ATM, labels of MPLS, EVC-ID of MEN, etc. These local addresses will surely be much shorter than the L3 addresses with global significance. In this case, the routing table will be much smaller, and the looking up of the table will be much quicker. But if the datagram mode (connectionless mode) is kept, in addition to the introduction of connection mode, the network will surely be complicated, and the cost will be increased. It is not strange to us to have a network, whose control works are at layer 3, while the data just stay at lower layers. A good example is ISDN: its data plane (also said as the user plane) works only at real circuit layer. For a full packet network, a similar architecture can be implemented, but instead of using real circuits, layer 2 virtual circuits can be used. It is worth mentioning the RFC-3439 (Some Internet Architectural Guidelines and Philosophy [8]). In the beginning of the document, it says that The major thrust of this document, ...is to raise awareness about the complexity of some of our current architectures, and to examine the effect such complexity will almost certainly have on the IP carrier industrys ability to succeed. In the document some problems caused by the complexity have to be analyzed, such as non-linearity of ADE (Architecture, Design, and Engineering) and its effects of amplification and so on. And at the conclusion part of the document, it says the important conclusion of this work is that for packet networks that are of the scale of todays Internet or larger, we must strive for the simplest possible solutions if we hope to build cost effective infrastructures. RFC-3439 emphasizes again and again to keep the simplicity of our networks. But the architecture proposed by FORCES and NSIS

seems not to comply with the principle of RFC-3439.

3.2 Problems will remain with the double modes

With dual modes, the problem of QoS may be solved, but the others will remain. The length of addresses will still be fixed, and it could be too short or too long, but it cannot be changed according to the needs. The major problem is network security. If only one mode and it is the connection mode, the problem of security could surely be well solved. Because with connection mode, it is impossible for a man to dispatch a virus message to a lot of known and unknown addresses just with a small program within an instant, communication can only take place after a successful signaling exchange, and this is a good way to authenticate and authorize the communication. It is a well known fact that the traditional telecommunications data networks, which were also used for packets exchange, did not have many problems with security. It was due to the connection mode they took. So the story saying that connection mode is much more secure is concluded from history.

3.3 Worthless for keeping the connectionless mode

Why some people want to keep the connectionless (or data-gram) mode? One of the reasons may be for continuing to provide connectionless services. That is a reason, because there are still needs for connectionless services. In case that only the connection mode is used, then some adaptation functions should be provided for connectionless services both in terminals and related network elements. So, for the required connectionless services, the network using the connection mode seems a bit complex. But it can still not prove the necessity of dual modes. Because: Hua LeiThe traffic of connectionless services is quite smaller. It is worthless only for a small part of traffic to keep the data-gram mode with the cost of network complexity

94

China Communications Feb. 2005

| Special Features: After IP |

and problem of network security. Most demands for connectionless services come from remote Ethernet connectivity and LAN interconnection. And these demands will be well served with the technologies of MEN (Metro Ethernet Network) [9], which is in development. This new technologies have the potential to replace the connectionless services provided by Internet. So from connectionless service demands point of view, keeping the present connectionless mode is worthless.

3.4

Say no to peer-to-peer

Another argument for keeping connectionless is the principle of peer-to-peer [10]. The so-called peerto-peer is claiming that all the hosts in the network are logically equal. In this case, all the hosts in the network can talk to each other freely: any host can be served (as client), and can also serve others (as server). What is more, in Internet, the ordinary hosts are also equal with the network elements. According to RFC-1812, the only difference between end hosts and routers is that the latter has the responsibility of forwarding packets. The claimers of peer-to-peer say that this principle will create a new medium, which is an open discussing place, where people can speak freely, publish papers and get response back immediately, do shopping and bargain, distribute audio-visual products, etc. In brief, people can interact spontaneously. With such a medium an ordinary person can publish his works, and get well known to the world just overnight. But what are the real results of this peer-to-peer principle? Network attacks take place everyday. People begin to understand that with such a network, no privacy and security can be guaranteed. More and more network crimes and criminals appear. All the hosts should live together with viruses. And because an ordinary host can attack the network infrastructure, the network elements should take special measures to protect themselves and if the security measures have some loopholes, there will be a big catastrophe.

In fact, in a connection oriented network, end users and hosts are also equal independent of your point of view: protocol point of view, application point of view, or others. Every end user can be served and can also serve others. If Internet works with the connection mode, there is nothing, which will affect the creation and access of Web stations, or affect the e-mail delivery. There is no reason, which can tell us that some applications cannot run on a network with connection mode. What the claimers of peerto-peer really want is the equality between network and users. And there is also some kind of network anarchism. It is just this kind of anarchism, which makes the network unmanageable, un-secure. It also opens the door for the inversion in the area of ideology. So network anarchism is a big enemy of network security, a big enemy for the healthy network development. So peer-to-peer is really harmful to us.

3.5

Connectionless will be abandoned

Although IETF states that both modes are mandatory, but the use of the modes is the choice of users. It can be anticipated that for secure purposes, more and more people will take the connection mode. In this case, the connectionless mode will exist only in name.

New technology will negate the connectionless protocol of Internet

Internet will evolve to introduce connection mode. Besides, some other technologies can also negate the connectionless protocol of the Internet. Among others the following examples can be listed:

The development of MPLS. MPLS is a connection-oriented technology. Today it is mainly used inside administrative areas or ASs, and used to interconnect edge routers of areas. Following the development of MPLS, especially the use of MPLS-SVC, more MPLS connections across areas will be

China Communications Feb. 2005

95

| Special Features: After IP |

used, and the MPLS switches will replace core routers. The development of ASTN/ASON, which is also a connection-oriented technology. When its connections can work across several areas, ASTN switches will replace the core routers. The development of Metro Ethernet. MEF (Metro Ethernet Forum) [9] has defined 3 types of UNIs. The third one will have dynamic connection set-up capability. When this is used, the connection will extend from CE (customer edge) to CE, and there will be no place for routers. At that time, the internal communication within a unit is connectionless with Ethernet protocol, but the network connection between CEs will be in connection mode. The development of Ethernet in the first mile. This will make access networks work with Ethernet.

which works above L2 and controls all transport layer networks. In that picture, no router with connectionless mode will exist any more. In summary, not only the development of the Internet but also the emerging new technologies are going to make connection mode return to the public networks.

References:
[1] Lu Xufeng, The Problems and Solutions for the Internet Development, published on Telecommunications Science in Nov. 2003. [2] http://search.ietf.org/ [3] CAIDA (Cooperative Association for Internet Data Analysis) :http://www.caida.org/. [4] http://www.ietf.org/html.charters/forcescharter.html [5] IETF RFC-3654 - Requirements for Separation of IP Control and Forwarding, November 2003 [6] http://www.ietf.org/html.charters/nsis-charter. html [7] http://www.ietf.org/html.charters/ccampcharter.html [8] IETF RFC-3439: Some Internet Architectural Guidelines and Philosophy December 2002 [9] http://www.metroethernetforum.org/ [10] http://www.fourmilab.ch/documents/digitalimprimatur/

The development of VoMPLS. This technology will probably have nothing to do with Internet Protocol. And it could replace VoIP. With the combination of all these technologies, probably also with the new comers, the future network will have a data plane (or user plane), which has only two layers: an optical layer and a L2 packet layer. And the network will also have a control plane,

96

China Communications Feb. 2005