Re: [dnssd] SRP: Name Conflicts Handling
Ted Lemon <mellon@fugue.com> Mon, 18 January 2021 14:21 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 865253A136F for <dnssd@ietfa.amsl.com>; Mon, 18 Jan 2021 06:21:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id egGi6fVDE_Cc for <dnssd@ietfa.amsl.com>; Mon, 18 Jan 2021 06:21:51 -0800 (PST)
Received: from mail-qv1-xf34.google.com (mail-qv1-xf34.google.com [IPv6:2607:f8b0:4864:20::f34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 979573A136B for <dnssd@ietf.org>; Mon, 18 Jan 2021 06:21:51 -0800 (PST)
Received: by mail-qv1-xf34.google.com with SMTP id a13so7544442qvv.0 for <dnssd@ietf.org>; Mon, 18 Jan 2021 06:21:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=3h9vkuCu5I4xxm5YdzMmb6V98iNUMJ2+aifuUPzzYYc=; b=O9Tb3LBLWQkx33BUbjxw/8l8HGrMrKLU7eGx0fHq/OwxDX7+E6vOoXE/EOMe1FKpSP gqE8e31feWeiCQ2g7Gnp1/Gflis8PqD8aEmmhyNwoo+LwI/9bLmLm9jrimfCviP6bCFq lWbCJS0vnBBa+OIzI3iQYqsQ/7QueGjj5z8vRx0+HGJFqicCyEq3UCcJkEknKKAWV0wa vWQDPA7UmrxMxh5ssVSW71QWwm7qPWfThI2Twb4TjQTt4IX2Fkvw+yFY5qR6oHv76VV8 2uNq96pFGll3eKaScG2CSRJgEAtzDfyJRDNwAoIXTWyR1MK3l4fkKRAaDik/4EnWvyZ2 sx2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=3h9vkuCu5I4xxm5YdzMmb6V98iNUMJ2+aifuUPzzYYc=; b=QCzAo75NJw+VOX/IEp2hTLH1uuxbPg7n+FpfPM/cTC0xg5EuQttfj4+hz95IoMlL/u dFOY0hBdAid3ppdpstxnt0FMb9wI8bk1FpFQdX9RzBEsuxB9G+6ysz8tpy03IlNNdvtV WBScMj7BIv+JNH+78/qjtUm96Cr/pcRlTKTRtBkL1A4Spb4mH10SNvkgbiE+JaAtCH+C t/w0q4IW2vhKY4eyPbrMXi2r6seqbYpSrsRuI+UdL+W3bstkxvS9EH3DVuGfNRiHxJy8 T/nKrlX6Rzpz9uZDqYDdftjWM6ZOkDtT4JmPp24DnCOd9Z0TFqQUPMVFkUMj7aCZo0My 8Hgw==
X-Gm-Message-State: AOAM531+Jel+LTXYZXTMKcjW9o7hNsXWF72AGzkVJrApWUT7sTCwDL1P HxHDjQ+Ef63bpNGFz1Zk/x5fqw==
X-Google-Smtp-Source: ABdhPJx5eqAk6x3veN4x5mttxAB8dgb+8jTa8KMkWeZMGI+uT7jXUbl5WMksoue89txQ/ZqOzQRVrQ==
X-Received: by 2002:a0c:a525:: with SMTP id y34mr23985880qvy.37.1610979710521; Mon, 18 Jan 2021 06:21:50 -0800 (PST)
Received: from [192.168.4.70] (c-24-91-177-160.hsd1.nh.comcast.net. [24.91.177.160]) by smtp.gmail.com with ESMTPSA id i13sm10592290qkk.83.2021.01.18.06.21.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Jan 2021 06:21:49 -0800 (PST)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <0A1488E9-BFB8-4E82-815B-EF1F2A40B35E@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_750878D8-6D7E-4250-BD1B-E400004CFD78"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.2\))
Date: Mon, 18 Jan 2021 09:21:47 -0500
In-Reply-To: <CAJ5Rr7bXLiZJ=5Q-nYn2hWb2QSGzpJACv8b12BPqyTa1wJQVnA@mail.gmail.com>
Cc: DNSSD <dnssd@ietf.org>, Jonathan Hui <jonhui@google.com>, Abtin Keshavarzian <abtink@google.com>, ronglisun-team@google.com, Yakun Xu <xyk@google.com>
To: Kangping Dong <wgtdkp@google.com>
References: <CAJ5Rr7Zc-Yma9EVXw1OeEKP+H1ZkPxB48Q5U45zoERX7=gNLJA@mail.gmail.com> <C224E9B3-EA9F-4A49-B73C-96F3D147B1E4@fugue.com> <CAJ5Rr7bXLiZJ=5Q-nYn2hWb2QSGzpJACv8b12BPqyTa1wJQVnA@mail.gmail.com>
X-Mailer: Apple Mail (2.3654.60.0.2.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/e7FF_vIGBCoo_zNkGCU42vIQpBU>
Subject: Re: [dnssd] SRP: Name Conflicts Handling
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2021 14:21:54 -0000
On Jan 18, 2021, at 2:05 AM, Kangping Dong <wgtdkp@google.com> wrote: > Thanks, then I think both zero rdata and original rdata work for me. Okay. I think it’s better if the response is syntactically valid to a parser that doesn’t have special knowledge, so we shouldn’t use zero-length rdata. We could encode some information in the CLASS or TTL of the response, though. One thing that occurs to me is that there’s a failure mode that can occur if you are using an advertising proxy (as opposed to an authoritative server) model: two different clients choose the same name at roughly the same time, but their advertising proxies aren’t in communication, so duplicate detection fails to detect the conflict before a positive reply is sent to both. Later on, the conflict is noticed, and one or both of these devices gets renamed. At this point we don’t have a way to communicate the name change to the SRP client, because it’s not expecting another reply. For SRP clients that make TCP connections to the server, we could use some sort of subscription model to address this, but for constrained clients (e.g. Thread accessories), that won’t work. There are three ways to address this problem that have occurred to me: The next time the SRP client registers, we signal to it that it was renamed, and give it its new name. The SRP client is then free to either register another name, or accept the new name that it was given. The next time the client registers, we signal to it that there is a name conflict, and it renames itself; the temporary new name is removed. The SRP server just carries on with the new name without notifying the client. Right now, my advertising proxy implementation does (3). The reason is that this produces the fewest name changes, and that seemed like a desirable characteristic. I did this because the only simple alternative that occurred to me at the time was (2), which would always result in the client being renamed twice. However, since we are now contemplating sending back conflict information, (1) becomes possible—we can send back the name that was rejected, and the new name, marking the rejected name with a TTL of zero and the new name with a TTL that is nonzero. This gives the client the option to choose a new name if there is a conflict. It doesn’t have to choose a new name—it can do nothing. So now we have full transparency, and the correct amount of efficiency. What do you think of these approaches?
- [dnssd] SRP: Name Conflicts Handling Kangping Dong
- Re: [dnssd] SRP: Name Conflicts Handling Ted Lemon
- Re: [dnssd] SRP: Name Conflicts Handling Kangping Dong
- Re: [dnssd] SRP: Name Conflicts Handling Ted Lemon
- Re: [dnssd] SRP: Name Conflicts Handling Kangping Dong
- Re: [dnssd] SRP: Name Conflicts Handling Ted Lemon
- Re: [dnssd] SRP: Name Conflicts Handling Kangping Dong
- Re: [dnssd] SRP: Name Conflicts Handling Ted Lemon
- Re: [dnssd] SRP: Name Conflicts Handling Kangping Dong
- Re: [dnssd] SRP: Name Conflicts Handling Ted Lemon
- Re: [dnssd] SRP: Name Conflicts Handling Kangping Dong
- Re: [dnssd] SRP: Name Conflicts Handling Ted Lemon
- Re: [dnssd] SRP: Name Conflicts Handling Kangping Dong