IETF Logo Mail Archive

Re: [Anima] 2nd WGLC for draft-ietf-anima-constrained-join-proxy-12, ends September 20th 2022

Michael Richardson <mcr+ietf@sandelman.ca> Mon, 24 October 2022 01:25 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54BC6C14F749 for <anima@ietfa.amsl.com>; Sun, 23 Oct 2022 18:25:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.707
X-Spam-Level:
X-Spam-Status: No, score=-1.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (bad RSA signature)" header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rdOqv_QX-cOU for <anima@ietfa.amsl.com>; Sun, 23 Oct 2022 18:25:34 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00:e000:2bb::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2224DC14F73F for <anima@ietf.org>; Sun, 23 Oct 2022 18:25:33 -0700 (PDT)
Received: from dyas.sandelman.ca (ipv6.dooku.sandelman.ca [IPv6:2607:f0b0:f:6::1]) by relay.sandelman.ca (Postfix) with ESMTPS id C97AD1F450; Mon, 24 Oct 2022 01:25:31 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sandelman.ca; s=mail; t=1666574732; bh=do8suUp6x/f8uffTvDz489vYrNAhm/6yHZANsp1zSLI=; h=From:To:Subject:In-reply-to:References:Date:From; b=lRAj/V8kzi1Rree+IReMI6nCMp7J8xvsJUB35XvY//Q+Hi0/ifKOAlMo3FUyQ/WYA 4RqEeS2N0L8f1a87IqunL2nStxljUB+CjKxsRcxiMJ3Bqq9NHtARwHd6l5CcqEX2nr KQgRLAOiZT84fOuFddtbbNxnvY/8Ft7FYgHrz1cApHvls8H/n1W5GL0Vw4Pik2xtkm zANLmk0XZMiC77ZtfUKkgvvMpXgLUKT4sFRPtuzB0S63SMBE4Qnls5G6uiocQh+Fo5 GUXe5s0JTyAWMuwkiG56vH+Kzc8tkrRgNlMxFXApc8qwCkIM2wseqIHysgP3jyj9Nu fl/Vsd1HySxmA==
Received: by dyas.sandelman.ca (Postfix, from userid 1000) id E2323A02E9; Sun, 23 Oct 2022 21:25:26 -0400 (EDT)
Received: from dyas (localhost [127.0.0.1]) by dyas.sandelman.ca (Postfix) with ESMTP id DFBEAA01A0; Mon, 24 Oct 2022 03:25:26 +0200 (CEST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>, Toerless Eckert <tte@cs.fau.de>, Anima WG <anima@ietf.org>
In-reply-to: <DU0P190MB1978A4C862C2DE321FD8680EFD229@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
References: <Yxd/oBl0dmbmUI8L@faui48e.informatik.uni-erlangen.de> <DU0P190MB1978F420D478B93CE29F36D3FD4C9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <46723.1663756262@dooku> <DU0P190MB1978AC04BBB22272B360984DFD4F9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <YzH8R88OY/kNDLxz@faui48e.informatik.uni-erlangen.de> <DU0P190MB1978A4C862C2DE321FD8680EFD229@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
Comments: In-reply-to Esko Dijk <esko.dijk@iotconsultancy.nl> message dated "Wed, 12 Oct 2022 07:49:06 -0000."
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 24 Oct 2022 03:25:26 +0200
Message-ID: <1126712.1666574726@dyas>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/PFiH1jHIEtrHIAsbi7a7gV7Pbc4>
Subject: Re: [Anima] 2nd WGLC for draft-ietf-anima-constrained-join-proxy-12, ends September 20th 2022
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Oct 2022 01:25:38 -0000

Esko Dijk <esko.dijk@iotconsultancy.nl> wrote:
    > For the stateless proxy, it is hard to determine a good rate limit
    > number. 1% is not good because it would slow down the joining process
    > of a genuine Pledge to a crawl. Some strategies that could work better:

    > 1. Initially allow a (near) unlimited use of "uplink" bandwidth, to get
    > a fast enrollment in the common case. When the relayed traffic persists
    > for some time (either by same Pledge or other Pledge, no difference)
    > apply a stricter rate limit.

Well, you've described a 1% limit with a longer integration time :-)

    > 2. Apply a (rough) 'data budget' for upstream traffic to the
    > Registrar. Only if sufficient "downstream" traffic comes back from the
    > Registrar to Pledge(s), the upstream data is allowed at a high rate. If
    > that's not the case, a strict rate limit is applied.

This is a kind of token bucket system where the downstream traffic fills the bucket.

    > 3. Send the radio frames associated to relayed "upstream" traffic with
    > the lowest priority.  I.e. have a scheduler with packet priority. I
    > know e.g. OpenThread has this to prioritize mesh management-traffic.

Yes, as does 6tisch.
I think that this is probably the simplest, because it requires the least state.

    > A combination of approaches is also possible.
    > Solution 3 seems easiest to implement, if the mesh network stack
    > already has a working priority-based scheduler. But it will probably
    > need to be combined with some rate-limit approach too.

:-)

    > Proxy SHOULD locally schedule the "upstream" IP packets to be sent with
    > lowest priority.  And Proxy SHOULD apply a rate limit to "upstream"
    > data volume to be approximately equal to the "downstream" data volume
    > (all that's coming back from the Registrar).

It seems that you have some suggested text.

    > Yes, the key part here is that when a Proxy once discovers a Registrar
    > it cannot assume that this Registrar will be alive on that IP address
    > forever. So it needs to rediscover in case the original discovery
    > information expired. If rediscovery fails, it will not forward traffic
    > anymore to the old IP address.

GRASP makes this timeout pretty clear.
mDNS does too, I think.
It's just CoAP RD that has the problem, I think.


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email