[babel] Babel and undefined behaviour [was: babel Digest, Vol 17, Issue 4]
Juliusz Chroboczek <jch@irif.fr> Thu, 05 January 2017 15:27 UTC
Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 846A1129B62 for <babel@ietfa.amsl.com>; Thu, 5 Jan 2017 07:27:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3vVTTatGMI6F for <babel@ietfa.amsl.com>; Thu, 5 Jan 2017 07:27:05 -0800 (PST)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E8EB129459 for <babel@ietf.org>; Thu, 5 Jan 2017 07:27:05 -0800 (PST)
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/56228) with ESMTP id v05FR3cp008837; Thu, 5 Jan 2017 16:27:03 +0100
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 4BF5FD79EF; Thu, 5 Jan 2017 16:27:03 +0100 (CET)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id moeCHwGYILrm; Thu, 5 Jan 2017 16:27:02 +0100 (CET)
Received: from trurl.irif.fr (dra38-1-82-225-44-56.fbx.proxad.net [82.225.44.56]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 4725CD79B5; Thu, 5 Jan 2017 16:26:59 +0100 (CET)
Date: Thu, 05 Jan 2017 16:26:59 +0100
Message-ID: <87y3ypr0ho.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Tony Przygienda <tonysietf@gmail.com>
In-Reply-To: <CA+wi2hMe05L9GkpU-3r-t+weg8cyC7nG4Wu41pNcmNx721RG5A@mail.gmail.com>
References: <mailman.102.1483560014.29717.babel@ietf.org> <CA+wi2hMe05L9GkpU-3r-t+weg8cyC7nG4Wu41pNcmNx721RG5A@mail.gmail.com>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Thu, 05 Jan 2017 16:27:03 +0100 (CET)
X-Miltered: at korolev with ID 586E65C7.002 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 586E65C7.002 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 586E65C7.002 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/a9Y0QbU9eTAhW3XaCLJM5LHuLBo>
Cc: Babel at IETF <babel@ietf.org>
Subject: [babel] Babel and undefined behaviour [was: babel Digest, Vol 17, Issue 4]
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 15:27:07 -0000
Hi Tony, good to hear from you. > FSM cannot "overspecify" a protocol unless you are perfectly happy with > "undefined" behavior on certain transitions. Yes, Babel is tolerant of undefined behaviour in many cases. Please bear with me while I lecture a little. Traditional link-state protocols are based on an algorithm that is extremely refined: their correctness crucially depends on three non-trivial properties: 1. the LSDBs are synchronised at all times; 2. Dijkstra converges; 3. the concatenation of each node's truncated tree yields a forest. These properties are not built into the algorithm, they must be guaranteed by the protocol. (1) is why OSPF and IS-IS use a reliable transport and split large routing domains into areas; (2) and (3) are why link-state protocols are restricted to integer metrics and lowest-metric route selection without filtering (within areas). Babel is more similar to BGP: it uses a primitive and therefore robust algorithm, that can survive filtering, non-isotonic metrics, unreliable transports, and different neighbour acquisition algorithms. The only requirements Babel puts on the implementation are: 1. In the flat routing case, Babel is safe (yields a loop-free tree) as long as: (a) no message is received before it is sent; and (b) the feasibility condition is respected. 2. Babel is complete (eventually yields all possible routes) as long as: (a) every neighbour is eventually acquired; (b) every update is eventually received; (c) every request eventually reaches the source. Because the algorithm is so robust, there are fewer requirements on the protocol. For example, property 2.a above can be satisfied by acquiring a neighbour as soon as we receive a packet, as soon as we receive a Hello, as soon as we receive an IHU, or at any other time as soon as this happens often enough. (Aside: note that filtering is a structured way of violating property 2b. That's fine, Babel remains safe in the presence of filtering, although it is no longer complete.) (Aside: as we've discussed before, Tony, property 1.a does not assume a global clock -- it merely says that the happens-before relation is well-founded.) > Descriptive language is nothing but ad-hoc extended FSM description along the > lines "if THAT happens, do THIS" .. There are a few places in Babel where the protocol says "it doesn't matter when you do this, as long as it eventually happens". I don't know how to express that in an FSM, even a non-deterministic one. > In OSPF, it was largely a question of "style" given John is > a mathematician by trade The notion of "often enough" is well established in Maths, although it's usually called "infinitely often". Of course, since Babel uses expiry timers, "often enough" really means "before the timer expires and flushes your incomplete state". -- Juliusz
- Re: [babel] babel Digest, Vol 17, Issue 4 Tony Przygienda
- [babel] Babel and undefined behaviour [was: babel… Juliusz Chroboczek