Re: [manet] New DLEP extension drafts
Stan Ratliff <ratliffstan@gmail.com> Tue, 05 September 2017 16:54 UTC
Return-Path: <ratliffstan@gmail.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E959132D98 for <manet@ietfa.amsl.com>; Tue, 5 Sep 2017 09:54:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IWft2cBvJhbK for <manet@ietfa.amsl.com>; Tue, 5 Sep 2017 09:54:11 -0700 (PDT)
Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26A0E132D8B for <manet@ietf.org>; Tue, 5 Sep 2017 09:54:11 -0700 (PDT)
Received: by mail-io0-x22a.google.com with SMTP id i200so18774344ioa.2 for <manet@ietf.org>; Tue, 05 Sep 2017 09:54:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Nh2YMvidrzPEFwtD9No0d6u04yAFLvV9XNKK/xbGjQg=; b=CAYMD7Lma6i2PgM93RZkdlk7j7RdDlZNXmm1lxtb+i4n1S1OiFHrMpPfLWeKUv1+6x /OWB3elal7wPuobHm8CnzW62BSUZ69kXtOT/mTPvAjzp/mlrAWfHztgCWLb0uUM7d/G9 Bl9ng9VysKHlIrCaIqj/9DyFzdXXhRsa9lRuotMNhqJe5ouSKcDXWDS1s6LHg6oqlv7G k3LIVkqoubw8bQnAaUi9E+dVzohEHDpX7W0NDXgaFjXhZAAzN4lSwKvCtDtPns2pFkAe t2s2hL946sQI3ODeTRAPmtG8fS1jfJrgVhj1KXDIovLzgTEGymgLhMTfPmMu0BPfpZT7 hTEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Nh2YMvidrzPEFwtD9No0d6u04yAFLvV9XNKK/xbGjQg=; b=XMLoG8kX7w2ntN/ym62nvN+RC3OAz5X4O4GX7M9p8w8O5/i7bgV/6BkLJbtYH1JmoQ YmZb5BfLbOHp0qYqUZWubwNJ1bbEa0CpBdYUrAZ9eqdWv3dnUb+v85oaELNT1aqa9YO6 f1lJBA1yzF3T9AsKDZN1cAtZukFYg8KlsPXG/6Z9y9CgPS6njYoTAwwFxw3fTJHrR/fx 7/dhskiXYH8y+Ank1qar1vhU9+4Yd4ZiVxw2vkDhsa0aGey5OeImsr8FaMy+seXtIwn5 HSszzw13Gh8388V/F2S+aDCJuV+ttV+uyMe0EHtWPw57cyIyC7ipJhcP1EQ4PGm2WQYo KymA==
X-Gm-Message-State: AHPjjUjVyTu3yXan5doBO0lNJpfqCiKUDv9sQMAbXacMOJnXHwNTgQn1 Qsp4wvaClhenqba7YNChz7Odko2YxQ==
X-Google-Smtp-Source: ADKCNb731Ik1I6LfPW3vzDuDabO9iB09e3XNnhIP/HMV72aexkoizlMiFpUECxzfyDd8w72tnuo/wYH16zH8WFxRLQ0=
X-Received: by 10.107.104.4 with SMTP id d4mr5291135ioc.72.1504630450311; Tue, 05 Sep 2017 09:54:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.124.138 with HTTP; Tue, 5 Sep 2017 09:54:09 -0700 (PDT)
In-Reply-To: <1504603998.15735.9.camel@tropicalstormsoftware.com>
References: <1500890455.2721.234.camel@tropicalstormsoftware.com> <1504171326.31980.2.camel@tropicalstormsoftware.com> <e7aa4a01-3eab-7625-26ed-49d2e43893e6@fkie.fraunhofer.de> <38A5475DE83986499AEACD2CFAFC3F9801D30BA2E9@tss-server1.home.tropicalstormsoftware.com> <CALtoyomabfv+kbonfFG7T37JtcqeVLJ3XTESKcoTeqZKbi8s3A@mail.gmail.com> <CAGnRvuqqFg5EjOgRHABtVPuNjsufoWAw_wixTzmdwUKMNDEWMQ@mail.gmail.com> <38A5475DE83986499AEACD2CFAFC3F9801D30BD277@tss-server1.home.tropicalstormsoftware.com> <275b3ace-23c6-7db1-3bb8-07dbafdde5d5@fkie.fraunhofer.de> <1504603998.15735.9.camel@tropicalstormsoftware.com>
From: Stan Ratliff <ratliffstan@gmail.com>
Date: Tue, 05 Sep 2017 12:54:09 -0400
Message-ID: <CALtoyok5FHraEvKpTHJ4Kb95ho9UvwvG6CEWadcT5kOAsgp-gQ@mail.gmail.com>
To: Rick Taylor <rick@tropicalstormsoftware.com>
Cc: "henning.rogge@fkie.fraunhofer.de" <henning.rogge@fkie.fraunhofer.de>, "manet@ietf.org" <manet@ietf.org>
Content-Type: multipart/alternative; boundary="089e0825fdec8266020558741340"
Archived-At: <https://mailarchive.ietf.org/arch/msg/manet/UYlCDNGPjy_h8Mh--Nc9k4AUsuU>
Subject: Re: [manet] New DLEP extension drafts
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2017 16:54:14 -0000
On Tue, Sep 5, 2017 at 5:33 AM, Rick Taylor <rick@tropicalstormsoftware.com> wrote: > Inline as usual... > > On Tue, 2017-09-05 at 09:51 +0200, Henning Rogge wrote: > > Am 04.09.2017 um 23:46 schrieb Rick Taylor: > > > Ripostes inline... > > > > What is even the advantage moving "router to router" > > > > communication > > > > to DLEP? > > > > > > The major advantage I can see is fast 'edge triggered' adjacency > > > formation. This is one of the selling points of DLEP for Layer 3, > > > so > > > why not expose Layer 4+ triggers as well. Given I work for a > > > company > > > whose vehicles move at some speed, being able to form an adjacency > > > between peer services fast is helpful. If I have a transmission > > > window of 1 minute max, I don't want to spend the first 30 seconds > > > Hello'ing with every protocol that might want to find a peer over > > > the > > > possibly restricted/flakey link. > > > > You could easily use the existing layer2/layer3 'edge trigger' to > > start > > a UDP (unicast?) based service discovery for the new neighbor. No > > need > > to relay the data over the radio. > > Yes, I agree, you can, and I do. My routers will use DLEP events to > kick off a proprietary service discovery protocol between peers, and it > works beautifully. However, it only works between my routers. When a > peer is a Cisco, or an OpenWRT router, or whatever, then I have to fall > back to per-service probing. > > I also know Cisco have previously played with embedding > service/capability data in EIGRP and using that in a similar way. > > In all honesty, there is nothing big or clever about my service > discovery (it looks a lot like DSA, but with some session maintenance > messages). When I was last reviewing the design for this it occurred > to me that it would make more sense to re-use the existing DLEP session > to carry this extra information, hence the DSA extension draft. > This looks like more of an implementation problem to me - one that doesn't actually require an interoperability spec. There's more than 1 way to leverage existing hooks (up to and including using some of the "private use" TLVs) to transmit the information you're looking for. Right now, from your description, I get the mental image of an Airbus A380 arbitrarily connecting up to..... WiFi at Starbucks? One of Henning's roof-top nodes? And then scrounging around for services. It also seems like there's a potential for a hacker exploit - if some bad actor gets connected to one of these radios, it would get a list of services available, which leads to the attacker knowing how to disrupt the service. > > > > > > > I can see the point of IP address propagation, especially on > > > > radios > > > > without multicast support. Without the unicast IP of the other > > > > side > > > > you cannot reach it. > > > > > > > > But for supporting services putting it into DLEP is no advantage > > > > at > > > > all... you could easily just let the routers exchange the > > > > information directly. > > > > > > I'm not suggesting moving/wrapping the service protocol in DLEP, > > > just > > > the knowledge that it's even worth trying to begin it. > > > > > If, as you say, "Even if the only service announced is mDNS, > > > > > and > > > > > mDNS is then used..." - why not *assume* that mDNS is present, > > > > > and go for it? > > > > > > Haha... you know the answer as well as I do. Someone will say they > > > don't use mDNS, they use what they consider better. I couldn't be > > > so > > > bold as to suggest mDNS as a one size fits all solution. This is > > > the > > > IETF! > > > > Which is another reason not to put another solution for the same > > problem > > into DLEP, because people will not be happy with it anyways. > > Fair point, but one doesn't have to support individual extensions, as > it's already optional. > > > > > > > > I've gone back & forth over the notion of service > > > > > announcements. > > > > > I think we're going to get significant pushback from the IETF > > > > > that there are already multiple protocols for service > > > > > announcement, and we're just re-inventing the wheel for the > > > > > 47th > > > > > time. > > > > > > > > That too. > > > > > > > > > > I quite agree... I'm expecting legitimate push-back, I just feel > > > there is a missing piece here. This is why my first pass was > > > simply > > > to announce tuples of [service, address, port] and not much > > > else. It > > > should be enough to bootstrap whatever service you're running. > > > Actually what's described in DSA is very close to DNS SRV records, > > > hence the text form. > > > > DLEP trigger for an existing DNS-based service discovery? > > The whole of DSA might boil down to a single Data Item for this... > > Actually I need to re-read mDNS to check if it will work in the kinds > of ad-hoc peer-to-peer modes we're discussing here, I have a worry that > it is built around a very homenet/client-server view of the network. > > > > > > One reason why core DLEP is not quite good enough might be that a > > > remote router might only be running a given service (say NTP) bound > > > to a loopback interface. > > > > Are we talking about a node with routing or just a layer-2 endpoint? > > I don't actually care, and I'm keen not to make this distinction. > > > > > > The DLEP Dest_Up may include the loopback > > > address as part of the IP address data items in the message, but > > > any > > > potential peer is going to have to probe every reported address > > > until > > > it finds the one that works, if any. > > > > > > I keep picking NTP as the example service as it is an a-priori > > > configured protocol (unless there is an exciting NTP peer discovery > > > protocol I don't know about). For services that have a discovery > > > protocol (e.g. OLSRv2), DSA is overkill, for static I feel it's > > > less > > > clear cut. > > > > Routing must do its own discovery because it has to work before Ip > > routing is finished. ;) > > Agreed, routing services were a bad example. > > > > > As soon as we have normal connectivity, > > > > > Where additional config data beyond [service,address,port] might be > > > useful is for something like BGP AS number, but the counter- > > > argument > > > could be that you only need to advertise 1 tuple: [NETCONF,addr] > > > ;-) > > > > > > I think any later revision will have to be liberally sprinkled with > > > text that warns that this extension is only for bootstrapping, not > > > for protocol parameter negotiation. > > > > Which sounds like a hint that we still have to work on the concept. > > Oh yes, I quite agree. This is definitely not finished! > > > > > I see the "necessary" use-case for announcing IPs... > > radios/modems/networks that can not multicast/broadcast. They are a > > pain, but they exist... you need the IP of the other side to do > > "automatic discovery". > > > > In fact, NHDP works quite fine over networks like this if you know > > the > > IPs of the other router. > > Yes, and this is because NHDP was designed for MANETs by people who > understood the problem space. There are however Layer4+ protocols that > are really useful in MANETs but were designed for fixed networks, e.g. > NTP, XMPP and most network overlays. Any protocol that features the > immortal phrase "A TCP connection is made to each configured peer" is a > prime candidate. > > > > > > > > Having said that, I'm interested in being able to transmit > > > > > *some* additional information at Destination Up. For example, > > > > > consider a military deployment (I only use it because I've seen > > > > > this implemented, and can articulate the problem). There are > > > > > some > > > > > vehicles that are equipped with LoS mesh radios; and there are > > > > > also a few equipped with the mesh radios and a satellite > > > > > terminal/dish for reach back. I'd like some way for one of the > > > > > satellite-equipped "reach back guys" to be able to communicate > > > > > via DLEP on the LoS mesh radio that "I have reach-back > > > > > capability". To me, this information would fold into things > > > > > like > > > > > > > > selection of a "Designated Router" > > > > > for OSPF, or an MPR for OLSR. This is something of a > > > > > "capabilities" TLV, where a "capability" (e.g., the reach back) > > > > > is not necessarily a part of the radio being used. > > > > Both OSPF and OLSR(v2) already work fine without any service > > discovery... you can make them work faster by using "triggered > > Hello/TC > > messages", e.g. triggered by Destination Up messages of DLEP. > > An interesting 'service' might be announcing IPSec tunnel endpoint > capability, rather than relying on NHRP (which requires a hub-spoke > model to bootstrap). A kind of "I do IKE!" service announcement > allowing DMVPN construction without requiring a hub. I know a lot of > modems 'do' transport security in some unspecified way, but not all of > them, and sometimes a consistent security policy across multiple > bearers is desirable. As I've said before this is all optional. > I still want to push for some of the characteristics I listed earlier. And to avoid confusion, I'm looking at them as remote characteristics. If I have a vehicle with an LoS radio, and I connect to another vehicle that has LoS and Satcom, I want to know sooner rather than later. I also want to know if my new connection partner is actually a "base station" (with good uninterruptible power), because that could influence my routing decisions. I also like the notion of "I do IKE!"... I'm not completely sure, but I don't think there are any IPSec/IKE discovery protocols. > > > > > My problem with this "use DLEP as transparent router to router > > communication" is that it breaks a major design goal of DLEP that I > > (we?) told a lot of people... the advantage of DLEP is that it does > > not > > introduce additional over-the-air traffic. The radio exports > > everything > > it knows and everything it can already do for you. > > Yes, DLEP doesn't mandate any extra over the air comms, but if you (as > a radio vendor) allow DLEP to squeeze some extra data into your control > channel, then you can support some really useful extensions. It's the > difference between MUST and MAY. > +1 with Rick here. Yes, I've told people that no OTA traffic is *specified*. And for the base DLEP, that will always be the case. But again, if a radio vendor wants to exploit the Layer 3 addressing, then additional OTA is required. If a vendor wanted to support this extension, more OTA transmission is required. Since the extensions are (more or less) a-la-carte, then you pick & choose as you see fit. > > I suppose I'm trying to address the problem that the link just > announced by DLEP may be an extremely precious resource, and anything > DLEP can do to allow attached devices to make best use the link is a > good thing. > > > > > > Another > > > > > "capability" would be to somehow announce "I'm plugged into a > > > > > reliable, 24/7 power source, so battery consumption isn't a > > > > > problem". In both of these cases, they enhance the node's > > > > > ability > > > > > and willingness to act as a traffic relay. > > > > > > I share your use-cases, but I think you're in danger of conflating > > > local radio capability (what Henning was desiring) and remote > > > router > > > capability, but that's not to say I don't like the idea of both, > > > I'm > > > just trying to keep the scope manageable. > > > > Capability might also include "need unicast traffic for datarate > > > > selection". > > > > > > That's a good capability, but I consider that more local not > > > remote. > > > I think "You need to use the link before the CDR goes above 0" is > > > something the local modem should know. > > > > Yes, it is. > > > > A "I cannot to multicast/broadcast" capability flag would also be a > > major help for some radios. > > This can be done by rejecting a Destination Announce for a multicast > MAC. But it's not instantly obvious that this can be done. > > > > > > Let's keep the conversation going, I think there is some value in > > > here somewhere! > > > > I think so too. > > Do you fancy starting a 'local modem capabilities announcement' draft? > I'd prefer (and am volunteering to help) making it a "capabilities draft" - one that encompasses both 'local' and 'remote' capabilities. I think the scope is manageable, Regards, Stan
- [manet] New DLEP drafts Rick Taylor
- Re: [manet] New DLEP extension drafts Rick Taylor
- Re: [manet] New DLEP extension drafts Henning Rogge
- Re: [manet] New DLEP extension drafts Henning Rogge
- Re: [manet] New DLEP extension drafts Rick Taylor
- Re: [manet] New DLEP extension drafts Stan Ratliff
- Re: [manet] New DLEP extension drafts Henning Rogge
- Re: [manet] New DLEP extension drafts Rick Taylor
- Re: [manet] New DLEP extension drafts Henning Rogge
- Re: [manet] New DLEP extension drafts Rick Taylor
- Re: [manet] New DLEP extension drafts Rex Buddenberg
- Re: [manet] New DLEP extension drafts Stan Ratliff
- Re: [manet] New DLEP extension drafts Henning Rogge