Re: [core] "Too Many Requests Response Code for CoAP" draft (draft-keranen-core-too-many-reqs-00)

Klaus Hartke <hartke@projectcool.de> Mon, 05 March 2018 16:23 UTC

Return-Path: <hartke@projectcool.de>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4477012D944 for <core@ietfa.amsl.com>; Mon, 5 Mar 2018 08:23:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_FAIL=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hFXilQovfqfD for <core@ietfa.amsl.com>; Mon, 5 Mar 2018 08:23:41 -0800 (PST)
Received: from wp382.webpack.hosteurope.de (wp382.webpack.hosteurope.de [IPv6:2a01:488:42:1000:50ed:8597::]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F09B912D940 for <core@ietf.org>; Mon, 5 Mar 2018 08:23:40 -0800 (PST)
Received: from mail-qt0-f180.google.com ([209.85.216.180]); authenticated by wp382.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1esstm-0001xT-GL; Mon, 05 Mar 2018 17:23:38 +0100
Received: by mail-qt0-f180.google.com with SMTP id c7so20991717qtn.3 for <core@ietf.org>; Mon, 05 Mar 2018 08:23:38 -0800 (PST)
X-Gm-Message-State: AElRT7Fjgj2N865rpFrhlsjv1ioLsbxNqc2jhcppyE7JdTmaMGblvipW MzAjGocnVHRC5tcNV3iPLPuRtjxAHMRS5zC9/Uo=
X-Google-Smtp-Source: AG47ELuYMXV+/m0RfnjqZe94KF3EWfyYHVEWi5PLIm8vmC9xgTh6O+a0hTZqnl0XtMEu/ELCCndZPv22bBW34LUP+p8=
X-Received: by 10.200.35.235 with SMTP id r40mr24486233qtr.256.1520267017344; Mon, 05 Mar 2018 08:23:37 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.134.195 with HTTP; Mon, 5 Mar 2018 08:22:57 -0800 (PST)
In-Reply-To: <225023B8-B663-482A-93E6-8DD054606A79@ericsson.com>
References: <152025806136.14652.11784946748337213501.idtracker@ietfa.amsl.com> <225023B8-B663-482A-93E6-8DD054606A79@ericsson.com>
From: Klaus Hartke <hartke@projectcool.de>
Date: Mon, 5 Mar 2018 17:22:57 +0100
X-Gmail-Original-Message-ID: <CAAzbHvYBycMA48UBA=J_ZZBUf9fjsam8uaQPpwpe_02swhQp4Q@mail.gmail.com>
Message-ID: <CAAzbHvYBycMA48UBA=J_ZZBUf9fjsam8uaQPpwpe_02swhQp4Q@mail.gmail.com>
To: =?UTF-8?B?QXJpIEtlcsOkbmVu?= <ari.keranen@ericsson.com>
Cc: core <core@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-bounce-key: webpack.hosteurope.de; hartke@projectcool.de; 1520267021; d0a8fecd;
X-HE-SMSGID: 1esstm-0001xT-GL
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/AB8ibhnroyAxnUjZ7rLM7c8TjIE>
Subject: Re: [core] "Too Many Requests Response Code for CoAP" draft (draft-keranen-core-too-many-reqs-00)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2018 16:23:43 -0000

Hi Ari,

> TBD: If a server chooses to (not)accept a request based on the
> method/resource, how should this be indicated in the reply?
>
> TBD: what kind of requests are (not) OK during the Max-Age?  For
> example: the client MAY send a different request, in particular if
> the expected load for the server is smaller with that request?

I guess the response code could be used in a number of ways, e.g.:

A:
    1. if not resource exists: return 4.04
    2. if too many requests: return 4.29
    3. if not method supported: return 4.05
    4. process request

B:
    1. if not resource exists: return 4.04
    2. if not method supported: return 4.05
    3. if too many requests: return 4.29
    4. process request

C:
    1. if too many requests: return 4.29
    2. if not resource exists: return 4.04
    3. if not method supported: return 4.05
    4. process request

'A' seems to make sense if the request rate is limited per
client/resource pair; 'B' if the request rate is limited per
client/resource/method triple; and 'C' if the request rate is limited
per client only.

Is it important that a client can distinguish between these three modes?

Should all of them be supported or would it be ok to mandate one of them?

RFC 6585 seems to leave all details to implementations.


Quick, pedantic review of KEYWORDS:

>   If a CoAP server is unable to serve a client that is sending CoAP
>   request messages more often than the server is capable or willing to
>   handle, the server SHOULD respond to the request(s) with the Response
>   Code 4.29, "Too Many Requests".

This "SHOULD" is hard to satisfy since not all implementers might be
aware that this response code exists.

--> "A server MAY return a 4.29 (Too Many Requests) response if a CoAP
client request messages more often than the server is capable or
willing to handle."

>   The server MAY include in the
>   response a Max-Age option indicating the number of seconds after
>   which the server assumes it is OK for the client to retry the
>   request.

Thou shalt not make normative statements that repeat or contradict RFC 7252.

Every 4.xx response has a Max-Age option (which may be efficiently
encoded with 0 bytes if the value equals the default value, but is
technically still there).

--> "The Max-Age Option is used to indicate the number of seconds
after which to retry."

>   If a client receives the 4.29 Response Code from a CoAP server to a
>   request, it SHOULD NOT send the same request to the server before the
>   time indicated in the Max-Age option has passed.

Not sure if this can be required. It's more like the client is
encouraged to not retry before Max-Age expires.

>   If the response
>   does not contain Max-Age option, the client SHOULD wait for the Max-
>   Age default value, 60 seconds.

Thou shalt not make normative statements that repeat or contradict RFC 7252.

The default value of 60 seconds is already specified.

Review summary: Ready for WG adoption. (Are there any other proposed
CoAP codes that could be merged into this document to streamline
registration?)

Klaus


On 5 March 2018 at 15:52, Ari Keränen <ari.keranen@ericsson.com>; wrote:
> Hi all,
>
> I submitted a new draft about the "Too Many Requests" CoAP Response Code (see details below). This was part of the CoAP pub/sub draft before, but as discussed in the previous meeting, there's also more wider use for this response code so it makes sense to have a separate draft about it.
>
> While thinking about the details, I did realize that we may want to also define ways for the server to indicate what kind of requests are OK, or not OK. However, that topic may also be applicable beyond this Response Code so I didn't yet put any details here, just TBD markers. Perhaps that's also something to discuss at the London meeting.
>
>
> Cheers,
> Ari
>
>> A new version of I-D, draft-keranen-core-too-many-reqs-00.txt
>> has been successfully submitted by Ari Keranen and posted to the
>> IETF repository.
>>
>> Name:         draft-keranen-core-too-many-reqs
>> Revision:     00
>> Title:                Too Many Requests Response Code for the Constrained Application Protocol
>> Document date:        2018-03-05
>> Group:                Individual Submission
>> Pages:                4
>> URL:            https://www.ietf.org/internet-drafts/draft-keranen-core-too-many-reqs-00.txt
>> Status:         https://datatracker.ietf.org/doc/draft-keranen-core-too-many-reqs/
>> Htmlized:       https://tools.ietf.org/html/draft-keranen-core-too-many-reqs-00
>> Htmlized:       https://datatracker.ietf.org/doc/html/draft-keranen-core-too-many-reqs-00
>>
>>
>> Abstract:
>>   A Constrained Application Protocol (CoAP) server can experience
>>   temporary overload because one or more clients are sending requests
>>   to the server at a higher rate than the server is capable or willing
>>   to handle.  This document defines a new CoAP Response Code for a
>>   server to indicate that a client should reduce the rate of requests.
>>
>>
>>
>>
>> Please note that it may take a couple of minutes from the time of submission
>> until the htmlized version and diff are available at tools.ietf.org.
>>
>> The IETF Secretariat