IETF Logo Mail Archive

Re: [dnssd] Adoption call for draft-sctl-advertising-proxy

Ted Lemon <mellon@fugue.com> Thu, 12 August 2021 14:58 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC8D63A15D7 for <dnssd@ietfa.amsl.com>; Thu, 12 Aug 2021 07:58:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IFUvtqCDNJHw for <dnssd@ietfa.amsl.com>; Thu, 12 Aug 2021 07:58:08 -0700 (PDT)
Received: from mail-ot1-x32d.google.com (mail-ot1-x32d.google.com [IPv6:2607:f8b0:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 608A23A156F for <dnssd@ietf.org>; Thu, 12 Aug 2021 07:58:03 -0700 (PDT)
Received: by mail-ot1-x32d.google.com with SMTP id v10-20020a9d604a0000b02904fa9613b53dso8057325otj.6 for <dnssd@ietf.org>; Thu, 12 Aug 2021 07:58:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:in-reply-to:references:mime-version:date:message-id:subject:to; bh=KwXLFHf4g2zevCC+y7W49iJ/2pzHzNV6AMW/5wBEeq8=; b=ue5kWDBdcsuh9zQFXVvOS0XxzmXP9OSxsR2XOgnlDfd6+7PSfeWhDMxaJULi3US/Dj sxuMQ6cqInB9tERkO0OoozQ9nvYgb6IYcKzKHW+aSkvJMMtI1j+43q5RM/UrpdYc3IYm 27iDcA7rQg5hvDFTEn3nX3EdWzqz+J/o5I1Esx699E8wY9mWd3TQWZZfIkcg0zp8AEEO E3AhSPNPHDPJ32Jnvsd6kvwnrvCOE6hzyKvx5/I7YpmaBbVlPOc+OW2ZzQnKvqKSEUFo YCwTNwtsvShEom5xwfWTjyCOMJ1wlAaWxaM0D2wn+5XPI9Xy+1BgeF9htrk6EMHOIdqg hdBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to; bh=KwXLFHf4g2zevCC+y7W49iJ/2pzHzNV6AMW/5wBEeq8=; b=BuJzj370MVrtWe1g19aouKMQ72jBEoCf3nlWyEehHJqpvrGU9UhVqwYtVa954DPJhW fjYQFGFJe4cEX4UB2OD8jLFnjSf74Mg2UuWlqmtOq41qzDlgkVT06RKpDtBZMkxM0Roc 8jfXeQOlMoi8MOK/trtdRhi1Vq89R4rcUhhVt28hIc42er0Xry/yvrPFRXY/M4cs76Zx tI07e1TiX2KOYSKFWcbyfbjCHWu//UIjr9kcpDPu6fuuN6zDkUhuL6CILSj+rHNtsuL5 THPx8UpPygy0UEBHYI3/NUUKLl8m2bhPaFyoD+Lpsil5KmcNorNHpHvu4tEYKqRTDiGP 4m0w==
X-Gm-Message-State: AOAM533asieCabHtQE2dU5/sXOUVTpliGHBPEMMJ2hrThGxLcPR5GkN2 V1jQokRrk4eMdHBrhEB/Z5wG4pUz7eV3vHdA2GI4ndjf9Rj1Lg==
X-Google-Smtp-Source: ABdhPJyXD4025RNIHetV7SJ/FuorWur1DZkIxP6yWyQRiyIDusoI9C2VXhjKgpi1P6F5ZpmxNBazlUbJeaztOp8yhIY=
X-Received: by 2002:a9d:450c:: with SMTP id w12mr168015ote.18.1628780282054; Thu, 12 Aug 2021 07:58:02 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 12 Aug 2021 07:58:01 -0700
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <CAOOu1=AJSMur=Nj4Vq_Hpr0U0EnZN-GSNsoF8m+XSeFHUWksbg@mail.gmail.com>
References: <CAOOu1=AJSMur=Nj4Vq_Hpr0U0EnZN-GSNsoF8m+XSeFHUWksbg@mail.gmail.com>
MIME-Version: 1.0
Date: Thu, 12 Aug 2021 07:58:01 -0700
Message-ID: <CAPt1N1=fCFizaDWf--1e+w_dkt537-ZPji9YRkCWrufS2HKYcw@mail.gmail.com>
To: Martin Turon <mturon=40google.com@dmarc.ietf.org>, dnssd@ietf.org
Content-Type: multipart/alternative; boundary="000000000000211d5405c95df606"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/l5eb6BX6BNexrQ1C6JK9KMoHYjg>
Subject: Re: [dnssd] Adoption call for draft-sctl-advertising-proxy
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Aug 2021 14:58:21 -0000

On August 12, 2021 at 6:32:47 AM, Martin Turon (
mturon=40google.com@dmarc.ietf.org) wrote:

Is the case of a device conflicting with itself handled? Specifically,
imagine a dual-radio device (WiFi and Thread) which for some reason
migrates from being an SRP client to an mDNS client or vice versa.  When
the device tries to re-register its services to direct to its new,
renumbered IP addresses, could its own stale records on the proxy possibly
lock it out?

This is exactly the discussion I think we want to have.

With a single SRP server, this is a non-problem: the SRP First-Come,
First-Served Naming mechanism guarantees that if the same client registers
twice, it will be recognized the second time and its update will supersede
the previous registration, rather than conflicting with it.

With multiple SRP servers, we have a problem because the SRP client might
register with a different SRP server the second time, since it has no idea
it's connected to the same infrastructure (and indeed the SRP server
contact mechanism may be different, so that which server is updated is
non-deterministic or just not under the client's control). In this case,
we'll see a conflict when the second update comes in.

The way I'm currently proposing to address this is by requiring SRP
replication when there is more than one SRP server, and by not renaming,
but rather waiting for the conflict to resolve. With SRP replication, we
can use FCFS naming to see that it's actually the same client doing the
update, so there's no conflict at the SRP level. The only conflict is in
mDNS. When the SRP update propagates to the SRP server with the conflicting
data, that SRP server will remove the old data and replace it with the new,
which eliminates the conflict.

I think this is pretty tight; the only problem is that it does rely on SRP
replication working well. If SRP replication gets wedged, then the conflict
won't be resolved until the old data expires. This is not great, of course.

An additional mitigation strategy is to not actually detect conflicts. If
we have two conflicting registrations, and SRP replication doesn't resolve
them, then they just coexist until one goes away. This should happen when
the old SRP lease expires. This means that the consumer of the data has to
be smart about it: if there are conflicting TXT records, it needs to have a
strategy for choosing which one to trust. If there are conflicting address
records, it needs to do happy eyeballs.

The only other alternative is to rename. I think this is too heavy of a
solution, but I'm open to debate. The problem is that if we rename, we now
have two advertisements for the same accessory, so we're pretty much in the
same place we'd be with the "don't detect conflicts" strategy, except that
we have a gratuitous extra name.

So consumers of the data now have to use some other identifier than the
name to uniquely identify the device, and if there are two advertisements
under two different names that present the same identifier, we now have to
have a browse going to detect that, whereas if we don't change the name,
dealing with an unresolved conflict is a lot simpler.

With that said, that's just my thinking on this, and I'd really like to get
more eyes on this problem.

v2.23.0 | Report a Bug | By Email