[Dots] draft-ietf-dots-telemetry: Large responses
Jon Shallow <supjps-ietf@jpshallow.com> Mon, 06 April 2020 09:35 UTC
Return-Path: <supjps-ietf@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 669873A0CAE for <dots@ietfa.amsl.com>; Mon, 6 Apr 2020 02:35:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NsMe7E0qhtya for <dots@ietfa.amsl.com>; Mon, 6 Apr 2020 02:35:33 -0700 (PDT)
Received: from mail.jpshallow.com (mail.jpshallow.com [217.40.240.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03B393A0C87 for <dots@ietf.org>; Mon, 6 Apr 2020 02:35:31 -0700 (PDT)
Received: from mail2.jpshallow.com ([192.168.0.3] helo=N01332) by mail.jpshallow.com with esmtp (Exim 4.92.3) (envelope-from <jon.shallow@jpshallow.com>) id 1jLOA9-00056k-3X for ietf-supjps-dots@ietf.org; Mon, 06 Apr 2020 10:35:25 +0100
From: Jon Shallow <supjps-ietf@jpshallow.com>
To: dots@ietf.org
Date: Mon, 06 Apr 2020 10:35:23 +0100
Message-ID: <154301d60bf6$b21158f0$16340ad0$@jpshallow.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdYL9q+Bp8yfeG8pQDShfjmRU2oGhA==
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/Gbtf8bBWpxD9CWNBhS_TZtsWeP4>
Subject: [Dots] draft-ietf-dots-telemetry: Large responses
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Apr 2020 09:35:36 -0000
Hi All, With support for telemetry status updates, there is a good chance that a status response will not fit into a single IP packet. Do we need a new CoAP Option or response code? These status responses are sent back using CoAP NON-confirmable packets - in other words the DOTS client does not have to acknowledge receipt of the packet which works in an environment where there is heavy packet loss in the same direction as the status packet - the DOTS server is not waiting on acknowledgement of the previous status packet before sending out the next one (which too may get dropped). For the status data that is larger than an IP packet, this can currently be handled in 2 ways that I can think of 1- Let IP fragmentation be used by sending large data that is fragmented across several IP packets 2- Make use of the CoAP BLOCK2 option (RFC9759) which is already referred to in the signal draft to create CoAP fragmentation. The disadvantage of (1) is that the receiving CoAP library has to have a large enough receive data buffer size to handle both the encrypted and then plaintext data. The libcoap library I use has the default receive buffer sized for that of an IP packet that is not fragmented. This buffer can be made bigger, but how big? What if the DOTS client is a constrained device with RAM etc. limitations? There is also a challenge of managing missing IP fragmented packets which is primarily done by the network stack. The disadvantage of (2) is that BLOCK2 is a synchronous transmission where the DOTS client receives a block of data and then has to request the next block of data. With a lossy network, if the client does not see a block of data then this status data transmission will stall and not recover leaving the DOTS server with outstanding data that cannot be transmitted and hence the need for garbage collection of failed transmissions. Furthermore with (2), RFC9759 recommends use of CONfirmable responses to handle potential packet loss - which does not work with a flooded pipe DDoS situation. I agree that if all can fit into one packet then this is not an issue, but enforcing that is difficult unless there are data reduction policies in place (such as using Queries or the remainder of the data is not sent (parameter/values deleted) and a response (may need new code) that says status is too large to fit into a packet or has been truncated). Another possibility is to create a new CoAP option that is equivalent to BLOCK2 in format but does not need to work symmetrically. Here, the DOTS server sequentially sends all of the CoAP fragmented data without requiring the DOTS client to request the next block (just as fragmented IP packets would be sent). It would then be up to the DOTS client to do the CoAP plain text block fragmentation re-assembly (again a limitation requiring more RAM on the DOTS client and garbage collection if there are missing packets). Using this new option reduces the load on the DOTS server who could be serving many DOTS clients. Thoughts? Regards Jon
- [Dots] draft-ietf-dots-telemetry: Large responses Jon Shallow
- Re: [Dots] draft-ietf-dots-telemetry: Large respo… mohamed.boucadair
- Re: [Dots] draft-ietf-dots-telemetry: Large respo… Jon Shallow