>>> 1) DNCP allows an option of whether a network state TLV contains optional >>> nested payload (HNCP) TLV's or not.
>> I'm pretty sure that's not the case. RFC 7787 Section 7.2.2. > A OK so you're saying this is already covered in (Section 4.4 of) 7787 [...] > state hash. The Node State TLVs SHOULD NOT contain the optional > node data part to avoid redundant transmission of node data, > unless explicitly specified in the DNCP profile. > So what I was suggesting was merely additional clarification of that. Careful here. There is no optional part in the *network*-state TLV - this TLV's payload is just the network state hash. The optional payload is for the *node*-state TLVs. >> The replying node MUST reply to all node state queries. However, it is up >> to the replying node whether these replies are sent in a single packet or >> split into multiple packets. > So requesting multiple node status TLV's in one packet could lead to an > oversized UDP reply packet. Yes, this was discussed back in July 2015. Here's what I said back then: It should also say that a node MUST NOT send a datagram with a larger payload, and that it MUST silently drop any larger datagrams (optionally log to system management, etc.). If this is not done, persistent state desynchronisation may occur. This is what Markus replied: I am not sure I want to cripple use in non-crippled networks, just provide guaranteed base value which works everywhere and *RED ALERT* light should light up on crippledbox if it encounters this Since nobody supported my position at the time, I had to agree to the following: - Section 3 of RFC 778 says that "Each node MUST be able to receive (and potentially reassemble) UDP datagrams with a payload of at least 4000 bytes." - there is no limit on the size of the packets that a node may send. > So if I understand you correctly, you're saying this is the problem of the > sender of the response to ensure UDP fragmentation doesn't break, I'm not sure what you mean. We certainly assume that the network obeys RFCs 2460 and 4443. > and that multiple long UDP replies can be generated from a single query > packet (potential amplification). Let's please discuss security at some other time, I'd like the current discussion to come to a conclusion first. > If there's multiple UDP replies required for a single query, would you expect > sending of these individual packets to also be rate limited by trickle? Let's please discuss congestion control at some other time, I'd like the current discussion to come to a conclusion first. > What behavior would we expect from the requester during this time? The requester parses each top-level TLV in turn, and acts upon it. > Wait for all outstanding replies to arrive? No. The requester parses each top-level TLV and acts upon it as soon as it arrives. > Re-transmit a node TLV request for missing / dropped replies? How would the receiving node detect missing replies? If some node-state TLVs are missing, then the receiving node's state might not get updated correctly, which will cause the network hash to mismatch, which will be detected when it receives a new network-state TLV (trickle-driven, worst-case 17s). -- Juliusz _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet