IETF Logo Mail Archive

Re: [homenet] DNCP/HNCP Revisited

Mark Andrews <marka@isc.org> Wed, 18 September 2019 10:00 UTC

Return-Path: <marka@isc.org>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 314761200DE for <homenet@ietfa.amsl.com>; Wed, 18 Sep 2019 03:00:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v_NusZ2hU_4n for <homenet@ietfa.amsl.com>; Wed, 18 Sep 2019 03:00:53 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26540120033 for <homenet@ietf.org>; Wed, 18 Sep 2019 03:00:52 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 8AA6F3AB016; Wed, 18 Sep 2019 10:00:51 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 6F8CA160060; Wed, 18 Sep 2019 10:00:51 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 5D29C160070; Wed, 18 Sep 2019 10:00:51 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id dgsQD0_-dKp9; Wed, 18 Sep 2019 10:00:51 +0000 (UTC)
Received: from [172.30.42.67] (n1-40-244-161.bla1.nsw.optusnet.com.au [1.40.244.161]) by zmx1.isc.org (Postfix) with ESMTPSA id 89F0B160060; Wed, 18 Sep 2019 10:00:50 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <2737406f-c615-3963-2226-d2eadf79e846@globis.net>
Date: Wed, 18 Sep 2019 20:00:48 +1000
Cc: HOMENET <homenet@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3239E081-4B52-464D-85A4-57D17DAD574B@isc.org>
References: <2737406f-c615-3963-2226-d2eadf79e846@globis.net>
To: "Ray Hunter (v6ops)" <v6ops@globis.net>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/WivFw4-xo6T8u81kInl4jFzXV9k>
Subject: Re: [homenet] DNCP/HNCP Revisited
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 10:00:56 -0000


> On 18 Sep 2019, at 5:36 pm, Ray Hunter (v6ops) <v6ops@globis.net> wrote:
> 
> Hi,
> 
> I've been experimenting with Homenet before looking at enhancing HNCP for extended naming functionality (the current implementation only covers resolver configuration and not name server configuration).
> 
> During my testing I managed to break HNCP, so that it got stuck in a state where it didn't converge.
> 
> Looking at the specification in detail this shouldn't have been a surprise to me or anyone else due to the design choices that were made.
> 
> 
> 
> First observation: Running HNCP over L2TPv3 breaks HCNP because L2TPv3 breaks UDP fragmentation (works as designed).
> 
> The L2TPv3 tunnel has a lower MTU than the local LAN, and does not report ICMP PTB, so HNCP packets in one direction get through, but replies get dropped.
> 
> Early drafts of HNCP stated that UDP fragmentation would not be broken in the Homenet for the foreseeable future. Well I managed to break that ;)
> 
> So this is a known situation.
> 
> Changing the MTU on the LAN interfaces of my routers to 1280 brought everything back to normal, as expected.
> 
> Question: If Homenets are moving to flat L2 meshes over foo, as some have said, will this impact HNCP?
> 
> The Linux kernel (in Openwrt) can/could easily support PMTUD.
> 
> But since the L2 tunnels don't report drops, it makes PMTUD potentially challenging for a simple protocol like HNCP.
> 
> Question: As a simple mitigation, is there any way of manually signalling to the kernel that ALL UDP packets on port 8231 should assume an PMTU of 1280 octets?

setsockopt(IPV6_USE_MIN_MTU=1); from RFC 3542 works provided the OS has implemented it.  It’s a really pity that POSIX hasn’t picked up RFC 3542 in the 16 years since it was published like they picked up RFC 3493.  This is a epic fail of SDOs.

> That wouldn't require any specification change and would allow HNCP to work reliably in the presence of tunnels and varying MTU's that don't match the local interface MTU.
> 
> 
> 
> 
> Second Observation: HNCP packets grow quickly in size, which may become a concern for scaling.
> 
> Again, by design, DNCP is limited to TLV content of 64K (RFC7787 intro).
> 
> AFAICS that is 64K per DNCP system, not per node.
> 
> Question: Is that correct?
> 
> For my 4 node Homenet, HNCP reached 3140 octets, without any modifications or additions or long names.
> 
> Question: Does the amount of state scale linearly with the number of routers?
> 
> Question: Is this starting to become a concern?
> 
> The limitation for 64K seems to come from the following:
> 
> RFC7788
> Request Network State TLV (Section 7.1.1): The receiver MUST reply
>       with a Network State TLV (Section 7.2.2) and a Node State TLV
>       (Section 7.2.3) for each node data used to calculate the network
>       state hash.
> 
> 
> In the Openwrt implementation, I observe that the requester is requesting the node state for all 4 devices in one packet.
> 
> I also observe that the reply from the peer contains the entire state of the entire Homenet in a single UDP packet (network TLV and node state TLV for all 4 routers + optional payload data).
> 
> Question: Is that as designed/intended? Is this where the 64K data limit comes from in RFC7787?
> 
> If this was a design goal to reduce chatiness, and improve convergence time, is it possible to implement this differently to reduce packet size and/or increase overall TLV data capacity?
> 
> Could the requester in step1 request the network status TLV, and the peer reply with just the network status TLV and the node TLV's, but without the underlying optional HNCP payload data TLV's.
> 
> Maybe include a new "more-HNCP-data-to-come" TLV to distinguish this from blank node data?
> 
> That would give enough information for both nodes to know exactly which payload data needed synchronising.
> 
> Then as step 2, the requester could individually request the Node TLV for each node one per packet, and the peer would reply with the Node TLV but this time including the optional data TLV's. 
> 
> The receiver and peer would both know that HNCP hadn't converged whilst waiting for the additional data, and could mark it internally as being stale whilst waiting for the additional detailed update.
> 
> Question: What would break?
> 
> Question: What would need to be amended in the standard RFC? The more-HNCP-data-to-come TLV in RFC7788?
> 
> Question: Would this tweak increase the ±64K limit of TLV data from being per network to being 64K per node? [max UDP packet size for a single node TLV + associated payload data]
> 
> Question: Is this raw fragmentation by separating DNCP essentials from HNCP payload something that the WG would support?
> 
> regards,
> 
> -- 
> regards,
> RayH
> _______________________________________________
> homenet mailing list
> homenet@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email