[nfsv4] Re: seqids after changing slot table size
NeilBrown <neilb@suse.de> Sun, 08 December 2024 23:29 UTC
Return-Path: <neilb@suse.de>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D006AC14CF1A for <nfsv4@ietfa.amsl.com>; Sun, 8 Dec 2024 15:29:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.407
X-Spam-Level:
X-Spam-Status: No, score=-4.407 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=suse.de header.b="sJ/qAb1W"; dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=suse.de header.b="xqlL/Ub0"; dkim=pass (1024-bit key) header.d=suse.de header.b="sJ/qAb1W"; dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=suse.de header.b="xqlL/Ub0"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pbhiytLxC43J for <nfsv4@ietfa.amsl.com>; Sun, 8 Dec 2024 15:29:41 -0800 (PST)
Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F8AFC15154D for <nfsv4@ietf.org>; Sun, 8 Dec 2024 15:29:39 -0800 (PST)
Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id A20181F453; Sun, 8 Dec 2024 23:29:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1733700575; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Woq8f1XWxxxGN5zIHrvy5dwzGk5SFS3YJjP88RIrZ40=; b=sJ/qAb1WooEIEBPhNVp9UdFal2MFaND8d2Zya1S1IKpXO6cnqzhPgGkU8QopfFxQoEL9Bp YGUzol/hj7njnnRddUjxIeu4em9D5p0m51r+wtoJcB9u1NTXxwM48mEY7P5FXvLa/3Cknf Y642ZvbCpc+weGwBP8qgzY++va5+pmQ=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1733700575; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Woq8f1XWxxxGN5zIHrvy5dwzGk5SFS3YJjP88RIrZ40=; b=xqlL/Ub0Gx1E9tD3i1fc40OENQ9ikOtK8PHYhtF2fbPPbsO5tiruXLDJ3aefBiONoNcOXE fAy87dgFsVtEX2CQ==
Authentication-Results: smtp-out2.suse.de; dkim=pass header.d=suse.de header.s=susede2_rsa header.b="sJ/qAb1W"; dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b="xqlL/Ub0"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1733700575; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Woq8f1XWxxxGN5zIHrvy5dwzGk5SFS3YJjP88RIrZ40=; b=sJ/qAb1WooEIEBPhNVp9UdFal2MFaND8d2Zya1S1IKpXO6cnqzhPgGkU8QopfFxQoEL9Bp YGUzol/hj7njnnRddUjxIeu4em9D5p0m51r+wtoJcB9u1NTXxwM48mEY7P5FXvLa/3Cknf Y642ZvbCpc+weGwBP8qgzY++va5+pmQ=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1733700575; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Woq8f1XWxxxGN5zIHrvy5dwzGk5SFS3YJjP88RIrZ40=; b=xqlL/Ub0Gx1E9tD3i1fc40OENQ9ikOtK8PHYhtF2fbPPbsO5tiruXLDJ3aefBiONoNcOXE fAy87dgFsVtEX2CQ==
Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 1F526133D1; Sun, 8 Dec 2024 23:29:33 +0000 (UTC)
Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id V+PoMN0rVmeECwAAD6G6ig (envelope-from <neilb@suse.de>); Sun, 08 Dec 2024 23:29:33 +0000
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
From: NeilBrown <neilb@suse.de>
To: David Noveck <davenoveck@gmail.com>
In-reply-to: <CADaq8jd+REbnckQ8x2sCG7ZoixK0cPoTyOC6KR1LM_85supMrg@mail.gmail.com>
References: <>, <CADaq8jd+REbnckQ8x2sCG7ZoixK0cPoTyOC6KR1LM_85supMrg@mail.gmail.com>
Date: Mon, 09 Dec 2024 10:29:26 +1100
Message-id: <173370056670.1734440.12873523017736051294@noble.neil.brown.name>
X-Rspamd-Queue-Id: A20181F453
X-Spamd-Result: default: False [-4.51 / 50.00]; BAYES_HAM(-3.00)[100.00%]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; TO_DN_ALL(0.00)[]; FREEMAIL_ENVRCPT(0.00)[gmail.com]; FREEMAIL_TO(0.00)[gmail.com]; RBL_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:104:10:150:64:97:from]; FUZZY_BLOCKED(0.00)[rspamd.com]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_ALL(0.00)[]; DKIM_TRACE(0.00)[suse.de:+]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from]; RECEIVED_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:106:10:150:64:167:received]; MISSING_XM_UA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:dkim]
X-Rspamd-Server: rspamd2.dmz-prg2.suse.org
X-Rspamd-Action: no action
X-MailFrom: neilb@suse.de
X-Mailman-Rule-Hits: nonmember-moderation
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-nfsv4.ietf.org-0
Message-ID-Hash: 5OB26WPEV2BHOIMKBXHRLYLQY5BB734Q
X-Message-ID-Hash: 5OB26WPEV2BHOIMKBXHRLYLQY5BB734Q
X-Mailman-Approved-At: Sun, 08 Dec 2024 15:32:54 -0800
CC: Tom Talpey <tom@talpey.com>, Jeff Layton <jlayton@kernel.org>, NFSv4 <nfsv4@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [nfsv4] Re: seqids after changing slot table size
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/KydedbmF60yHiNQ0786UIcpHK_E>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Owner: <mailto:nfsv4-owner@ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Subscribe: <mailto:nfsv4-join@ietf.org>
List-Unsubscribe: <mailto:nfsv4-leave@ietf.org>
On Sat, 16 Nov 2024, David Noveck wrote:
>
>
> I'm convinced. The next draft of rfc5661bis will address this issue.
>
Hi,
I would like to offer some thoughts on how this issue could be
addressed.
The issue is that retiring of DRC slots is mentioned in the RFC but
details are scarce. It is not clear whether or when either peer can be
sure that that the other has retired a slot, or exactly what that
means. It *is* clear on some cases where the peer *cannot* retire a
slot.
I think there are broadly two issues. One is how to deal with the lack
of specificity in the text. The other is how to be sure that resetting
the seqid for a slot (which might be implied when a slot is retired)
doesn't result in any risk of a request from before the retirement being
processed after the retirement.
It is possible for a request to be sent on one connection, then for
that connection to be closed and the same request (session,slot,seq) to
be sent on another connection. The seqno ensures that if both
instances are received it is only handled once. Reusing a seqno
*quickly* defeats this. It is already possible to reuse seqno after
2^32 requests but this is not quick enough to cause a problem. We must
ensure that the reuse that can happen when a slot is retired and the
seqno is reset is also delayed enough - though maybe not quite that
much.
It is clear that if the requester indicates a particular max slot
number is in use, the replier indicates a new max-slot number to use
(not less than the max in use, but less than the previous max-to-use),
and if the requester sends another request on the same slot with the same
or less max-slot number in use, then the replier can discard cached
replies in slots higher than the agreed max.
I believe that the replier SHOULD NOT discard the seqno together with
the cached reply. If it subsequently increases the max-slot number it
should allow the requester to use either the next seqno in the original
sequence, or 1. If the requester uses 1, then the stored seqno for all
subsequent slots can at that point be discarded.
I believe the requester is never required to discard the seqno for any
slot that it has used (while the session is still active) but may
choose to if:
1/ it has never resent any request on that slot or a later slot or
2/ it has resent a request on that or a later slot but the connection
that the original was sent on, which is now closed of course, has
received a confirmation of closure from the replier or has been
closed for one full lease time.
As an extra caution I wonder if the replier should wait not only for a
confirmation of the reduced max-slot number but should wait to see a
confirmation on every connection that is bound to the session. This
could be important if a retired slot had only seen 1 request so seeing
seqno=1 could be an old or new request. If the request is being
careful as described above that shouldn't be a problem, but we cannot
be sure that all current implementations are that careful.
Implementing this may have to wait for an idle connection to be
closed. However it could be problematic if a connection is bound to
two session, but only one session is using it. In that case it would
not be closed due to idleness, but would not present a confirming
request for the session of interest. Possibly the replier could
generally decide that one lease-time is sufficient to wait before
retiring slots, but can do it more quickly if a confirmation request is
received on each connection. As lease-time is typically less than
idle-connection-timeout, this is likely the more efficient approach.
Thanks,
NeilBrown
- [nfsv4] seqids after changing slot table size Jeff Layton
- [nfsv4] Re: seqids after changing slot table size Tom Talpey
- [nfsv4] Re: seqids after changing slot table size Jeff Layton
- [nfsv4] Re: seqids after changing slot table size Tom Talpey
- [nfsv4] Re: seqids after changing slot table size NeilBrown
- [nfsv4] Re: seqids after changing slot table size Jeff Layton
- [nfsv4] Re: seqids after changing slot table size Tom Talpey
- [nfsv4] Re: seqids after changing slot table size Jeff Layton
- [nfsv4] Re: seqids after changing slot table size Tom Talpey
- [nfsv4] Re: seqids after changing slot table size Jeff Layton
- [nfsv4] Re: seqids after changing slot table size Tom Talpey
- [nfsv4] Re: seqids after changing slot table size David Noveck
- [nfsv4] Re: seqids after changing slot table size NeilBrown
- [nfsv4] Re: seqids after changing slot table size Trond Myklebust