IETF Logo Mail Archive

[dtn] DTN addressing, routing, and ownership

Brian Sipos <BSipos@rkf-eng.com> Sun, 28 June 2020 15:05 UTC

Return-Path: <BSipos@rkf-eng.com>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2B933A0D2E for <dtn@ietfa.amsl.com>; Sun, 28 Jun 2020 08:05:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rkfeng.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MfZ21Nfy4LKa for <dtn@ietfa.amsl.com>; Sun, 28 Jun 2020 08:05:31 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2066.outbound.protection.outlook.com [40.107.223.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 898163A0D2D for <dtn@ietf.org>; Sun, 28 Jun 2020 08:05:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FzVoYXy4dMBWJgC2pjqEcL5ZfQoioG0ScUrQDoCTI+fgL9S1YCI+eVbFy1UvsjsPmsqS88iHzW3BelcQSHgGY4zOD+xrRe/sfamMC50FCeS3OyshxVITyVQ7cGj/CV4Kh7Eoj7ZUR73Oc2/cwLHG9Mf8aJZg9br9Nk/AwB42ZYImXZaqHQyUcJoLd3ASnftHD5h7Qy+nkcWZJNMVLxYhvfmE6kdP3EQ84FeDsPdKULLVChfKBHxylLuzBS0DYHAUrEmG7Tvyf/5tHnr6H/ZLPJeRrYbU28DeAO526a+z/jLDx+FvTIonvlPMSbGmeatIxlCsqiNzmxpWTVxM03j7Ug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lYGzMEDEEA52kdKc/UcErSLXoYDRrcx0zXNIANH0wCs=; b=OQjHqrH3AYdPC4g/v3WsybWzu2lWfbTMV9v7X4GYL8jcJmNn4j2dhXD2phVr9HjFc35zsX7p1SgRzcIMw/w+U7KiCyO3GJAZ+U9ox19+FZJICQau5B4DP5qdNK9s1nM11zLTZ3nRbm7TYCA8Zl97S0n/m3r1/86ssWnEr6oP6wGyLFuo1y89rvEHbGpf6AUNSNiil/le9HRE1JIJpu3Ipqy0Id+fUoBIx60ENyENOkWPI0OiQUb5edaiGhisUPm4UpfEPWpUFfLXZZviynkXfXDUJNYUrl9mXb1VujhpSXImOkiTDakgeei6Wyfa9NSdJAtrTDqZdsPx+c2kZcx4qA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=rkf-eng.com; dmarc=pass action=none header.from=rkf-eng.com; dkim=pass header.d=rkf-eng.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rkfeng.onmicrosoft.com; s=selector2-rkfeng-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lYGzMEDEEA52kdKc/UcErSLXoYDRrcx0zXNIANH0wCs=; b=wlx5WI+BPHNY79ExNofCtrwMHbL/kXMu5fGIKIXMBPgY+X1Tzuse4w8oTTuT5BFy+cwYntuzGPitm6Qsr0/UBsmiEyGJBxitdLkifPBTF9eBFgg2a/gh6r4C/7ZYCU1uQtdrpJPRqipSS+y0QI30hYlrcyt3TbpBOnrLK11S6Ec=
Received: from MN2PR13MB3567.namprd13.prod.outlook.com (2603:10b6:208:168::10) by MN2PR13MB3118.namprd13.prod.outlook.com (2603:10b6:208:13c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.16; Sun, 28 Jun 2020 15:05:29 +0000
Received: from MN2PR13MB3567.namprd13.prod.outlook.com ([fe80::2d35:414:84c4:d1c5]) by MN2PR13MB3567.namprd13.prod.outlook.com ([fe80::2d35:414:84c4:d1c5%5]) with mapi id 15.20.3153.013; Sun, 28 Jun 2020 15:05:29 +0000
From: Brian Sipos <BSipos@rkf-eng.com>
To: "dtn@ietf.org" <dtn@ietf.org>
Thread-Topic: DTN addressing, routing, and ownership
Thread-Index: AQHWTVTx85boqEKc/0KX1l4tcd8Z7Q==
Date: Sun, 28 Jun 2020 15:05:29 +0000
Message-ID: <MN2PR13MB356748622EBD29B0028737E19F910@MN2PR13MB3567.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=rkf-eng.com;
x-originating-ip: [108.18.140.127]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fa25afc9-1ef6-43a2-84af-08d81b74b238
x-ms-traffictypediagnostic: MN2PR13MB3118:
x-microsoft-antispam-prvs: <MN2PR13MB31181F2546FAAD99EE828C5D9F910@MN2PR13MB3118.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0448A97BF2
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: fQHD539z1VaLl78GNdInHycyjJdwgCMVIi/mFr5msTkU04xKhKG4NlberUofceK7uuqddC9/xVfTj+lXhU2HVKcPdUhUEoynJJ3FZ5tOvrLTGUhcvJO7yEhU3UQVq0Qj00rrWDvfrgiCM96Et8GJx72MOAhLdNktMUUAq4QG7uU2lFu7aq0h+uOoY7U12wmvbSPtkaZ6NiGEuaAlmgVDZPwlxpXfGNiy1fHjsx0GmM1r1aDQz+51QFCxnvWbL8F/zw+lSTSYn5OytOfsW8LscT4idyw5LqTDeunc+B56wIFCNRU57aJYuN4IbM7kwfVRhaVYOGNmT2/R74fNb3y9M7Vtb8xBTBDd1FFgLCJx/yWF9lYFQ25en8p4pqd+KdqmFg6UUUNR5C67/sIK7d6jrw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR13MB3567.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(136003)(366004)(346002)(396003)(39830400003)(376002)(966005)(508600001)(71200400001)(66574015)(33656002)(6916009)(186003)(83380400001)(7696005)(6506007)(166002)(19627405001)(26005)(55016002)(316002)(8936002)(64756008)(66556008)(66476007)(52536014)(76116006)(66446008)(2906002)(66946007)(5660300002)(9686003)(86362001)(8676002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: gmfDdE7iQspOCjSemmUAFvacz916YlFKeel1vtno9PWAuVMRkIcAVkeB8oxNkhX3rhbDj+njUVxNDNU4H+mrQNiy84ZIu+rn4HCtuh+QxbvMAn05qHSLDN0eoImNWrdxmL0Kx5m07DMW077Bkdj/gxQIrOKOIgV6gLN9IAfkCmPI16Ec7N8TeAH9xJbsoc7bPn9XajntFwvDotb+KPOpNM1g7K0g1CI0PnAY6iftYi0iQ/xE16b1ceuryjW92nnHDTl9+xY9LfTQU5shLLoheEWNEZnd4BLLfTDWK9GldZsSnMkanO1ufjjuAWwSzgNXIZ9yOCbw3qDMyCSt4ETye2oFxPXkIdFd3mvVgTDqg/rsHnzfyRzCeEGk6VwAcYlhEzMKuckzIVyG5+6jjxZ8UdntTHtBo0SeVcjwlVkwLj3CnPZv3mWRfFwGycYEwsr5uv8rp6eMWozemkNQEeMPkKRxzkxQGxKLbGDr3XhIyoi8uIoi4AhG+E4QnxXytIKR
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR13MB356748622EBD29B0028737E19F910MN2PR13MB3567namp_"
MIME-Version: 1.0
X-OriginatorOrg: rkf-eng.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR13MB3567.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fa25afc9-1ef6-43a2-84af-08d81b74b238
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jun 2020 15:05:29.2000 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4ed8b15b-911f-42bc-8524-d89148858535
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: X3Wm6X8FumiHY5UeVby2CvdEk/MRptRv5vqpZqJSPiDXX1y9oA1a25aIypS5kiR9F9hYAIMONJyRxPD9Pf2o5Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR13MB3118
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/bM_D32g9mTDmrS5lXNIQbTkkwlg>
Subject: [dtn] DTN addressing, routing, and ownership
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jun 2020 15:05:34 -0000

All,
I've been trying to figure out some details related to DTN addressing which are not covered in detail in the DTN architecture document [1]. My exposure to DTN has been from the protocol definition perspective and not from the historical-use perspective, so any undocumented current practices are probably unknown to me.

My questions are similar to the following:

  1.  Are EIDs with identical dtn-scheme "node name" or ipn-scheme "node number" guaranteed to be routed to the same BP agent? How is this guaranteed? What document requires or disallows it?
  2.  Are bundle routers allocated a well-known dtn-scheme "demux" text or ipn-scheme "service number"? i.e., is a bundle always routed through "dtn://NodeA/router" before it reaches endpoint "dtn://NodeA/svc1"?
  3.  Must each node run its own router service? Can a router on NodeA deliver bundles to an endpoint service on NodeB? Through what mechanism would this occur?
  4.  Can a single BP agent use convergence layers (CLs) which expose different Node IDs to neighbors? Can my BP agent use TCPCL sessions with local Node ID as "dtn://NodeA/svc1" and "dtn://NodeA/svc2"? Must it only expose the router service to CLs? Or does the CL itself constitute a service (e.g. as "dtn://NodeA/tcpcl")?

BPbis for Node ID schemes "dtn" [2] and "ipn" [3] has syntax explained but not full semantics. CBHE [4] gives some non-normative explanation of node number vs. service number semantics, but again doesn't dig into much detail about relationship requirements.

The reason for all of these questions are two answer security topics such as:

  1.  If I get a PKI certificate [5] for my node, do I need to authenticate (i.e. have a subjectAltName for) all possible Node IDs which could be used on my node? Or do I only need to authenticate for one "router" service, which is the only Node ID used by CLAs?
  2.  If I validate that I "own" a single Endpoint ID using a method such as [6], what else can be derived from that EID validation? Can I be said to own the entire dtn "node name" or ipn "node number"? Or can separate BP agents own EIDs with identical node-name/node-number?
  3.  When using BPsec [6] as a security acceptor, when I look up implicit keys associated with a security source Node ID must I relate keys to the full URI or can I relate keys to any URI with the same node-name/node-number? Will a security source always be a router service, or some other well-known service on a node?
  4.  When using a neighbor discovery (ND) protocol such as [8], which Node ID is supposed to be used as the "canonical EID" for each node? Just the router Node ID? Just the CL-based Node IDs? What about endpoint IDs directly delivered by the router on this node?

My own intuition makes me think that there is such a "router" service which is implicitly present on each node, which is used as the CL "Node ID" or ND "canonical EID", but that doesn't seem to actually be documented anywhere. It looks like there was a similar attempt to clarify DTN services in [9] but I don't see any movement on that after 2012.

Thanks in advance for clarification on any of these points.

[1] https://tools.ietf.org/html/rfc4838
[2] https://tools.ietf.org/html/draft-ietf-dtn-bpbis-24#section-10.7
[3] https://tools.ietf.org/html/draft-ietf-dtn-bpbis-24#section-10.8
[4] https://tools.ietf.org/html/rfc6260#section-2.1
[5] https://datatracker.ietf.org/doc/html/draft-ietf-dtn-tcpclv4-21
[6] https://datatracker.ietf.org/doc/html/draft-sipos-acme-dtnnodeid-01
[7] https://datatracker.ietf.org/doc/html/draft-ietf-dtn-bpsec-22
[8] https://datatracker.ietf.org/doc/html/draft-irtf-dtnrg-ipnd-03
[9] https://datatracker.ietf.org/doc/html/draft-blanchet-dtnrg-bp-application-framework-01

v2.23.0 | Report a Bug | By Email