[Dots] DOTS Interop tests Update
Jon Shallow <supjps-ietf@jpshallow.com> Thu, 18 August 2022 17:39 UTC
Return-Path: <supjps-ietf@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A380DC1522C1 for <dots@ietfa.amsl.com>; Thu, 18 Aug 2022 10:39:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NHYedoI1l-fa for <dots@ietfa.amsl.com>; Thu, 18 Aug 2022 10:39:11 -0700 (PDT)
Received: from mail.jpshallow.com (mail.jpshallow.com [31.22.13.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68024C14F727 for <dots@ietf.org>; Thu, 18 Aug 2022 10:39:10 -0700 (PDT)
Received: from n01332.jpshallow.com ([192.168.0.78] helo=N01332) by mail.jpshallow.com with esmtp (Exim 4.92.3) (envelope-from <jon.shallow@jpshallow.com>) id 1oOjU3-0006cF-TG for ietf-supjps-dots@ietf.org; Thu, 18 Aug 2022 18:39:08 +0100
From: Jon Shallow <supjps-ietf@jpshallow.com>
To: dots@ietf.org
Date: Thu, 18 Aug 2022 18:39:01 +0100
Message-ID: <05a401d8b329$6780e080$3682a180$@jpshallow.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_05A5_01D8B331.C9474450"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdizKWdeWs9CbC0GQduqB1je0/G1Hg==
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/kxgzoG6j17SQDEO3j_O993crqoA>
Subject: [Dots] DOTS Interop tests Update
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2022 17:39:15 -0000
Hi all, Over the last 2 days, Kaname and I did some interop tests - in particular to test out the RFC9177 "Constrained Application Protocol (CoAP) Block-Wise Transfer Options Supporting Robust Transmission" and the associated DOTS usage draft https://www.ietf.org/archive/id/draft-ietf-dots-robust-blocks-03.html. This was between a proprietary implementation and open source go-dots. Both are using libcoap to provide the underlying CoAP layer. As ever, there were a few minor issues in the respective DOTS applications implementations which were resolved. No updates to libcoap were required, but Q-Block was used extensively. Out of this, several things were raised, which are detailed below. Kaname, please add to this in case I missed something. Issue 1: ====== It became obvious that MAX_PAYLOADS must be the same for both the idle-config and mitigating-config definitions. Otherwise, if there is a mitigating state change at one end, then MAX_PAYLOADS changes and hence we are in violation of (and get significant transmission delays) RFC9177 7.2. Non-confirmable (NON) MAX_PAYLOADS should be configurable with a default value of 10. Both CoAP endpoints MUST have the same value (otherwise, there will be transmission delays in one direction), So, for draft-ietf-dots-robust-blocks 3. DOTS Attributes for Robust Block Transmission OLD: max-payloads: This attribute echoes the MAX_PAYLOADS parameter in [I-D.ietf-core-new-block]. This is an optional attribute. NEW: max-payloads: This attribute echoes the MAX_PAYLOADS parameter in [RFC9177]. This is an optional attribute. However, if defined, it MUST have an equal value in the 'idle-config' and 'mitigating-config' configurations. If only one of the 'idle-config' and 'mitigating-config' definitions are defined in a message exchange, then the other (missing) definition MUST be updated to the same value. END NEW Issue 2: ====== NON_PROBING_WAIT and NON_PARTIAL_TIMEOUT RFC9177 7.2. Non-confirmable (NON) states Note that MAX_PAYLOADS, NON_MAX_RETRANSMIT, NON_TIMEOUT, NON_PROBING_WAIT, and NON_PARTIAL_TIMEOUT can be negotiated between DOTS peers, e.g., as per [DOTS-QUICK-BLOCKS]. When explicit values are configured for NON_PROBING_WAIT and NON_PARTIAL_TIMEOUT, these values are used without applying any jitter. draft-ietf-dots-robust-blocks 3. DOTS Attributes for Robust Block Transmission has Implementation Note 1: 'non-probing-wait' ideally should be left having some jitter and so should not be hard-coded with an explicit value. It is suggested to use a base value (using NON_TIMEOUT instead of NON_TIMEOUT_RANDOM) and, then, the jitter (ACK_RANDOM_FACTOR - 1) is added to each time the value is checked. Implementation Note 2: If any of the signal channel session configuration parameters is updated, the 'non-probing-wait' and 'non-partial-timeout' values should be recalculated according to the definition algorithms in Section 7.2 of [I-D.ietf-core-new-block]. If 'non-probing-wait' and 'non-partial-timeout' end up with negotiated values that are considerably different from the values as computed by the definition algorithms in Section 7.2 of [RFC9177], then it is likely that the Q-Block recovery mechanisms will fail. Any recommendations here are definitely out of scope without extensive testing. It is recommended that 'non-probing-wait' and 'non-partial-timeout' are not negotiated by DOTS, and hence removed from. draft-ietf-dots-robust-blocks all together. Issue 3: ====== draft-ietf-dots-robust-blocks 3. DOTS Attributes for Robust Block Transmission, typo OLD: NON_PROBING_WAIT: is used to limit the potential wait needed calculated when using PROBING_WAIT. NEW NON_PROBING_WAIT: is used to limit the potential wait needed calculated when using PROBING_RATE. Issue 4: ====== RFC9132 4.4.1.3. Processing Mitigation Requests, has The DOTS client MUST include the same ETag value in subsequent GET requests to retrieve the rest of the representation. This statement is erroneous and should be deleted to remove confusion as it is likely to return a 2.03 response instead of a 2.05 response as per RFC7252 5.10.6.2. ETag as a Request Option A server can issue a 2.03 Valid response (Section 5.9.1.3) in place of a 2.05 Content response if one of the ETags given is the entity- tag for the current representation, i.e., is valid; the 2.03 Valid response then echoes this specific ETag in a response option. Regards Jon
- [Dots] DOTS Interop tests Update Jon Shallow
- Re: [Dots] DOTS Interop tests Update mohamed.boucadair