The Negotiation Problem Jana Iyengar Bryan Ford Franklin & - - PowerPoint PPT Presentation

the negotiation problem
SMART_READER_LITE
LIVE PREVIEW

The Negotiation Problem Jana Iyengar Bryan Ford Franklin & - - PowerPoint PPT Presentation

Sep 07, 2023 23 likes •356 views

The Negotiation Problem Jana Iyengar Bryan Ford Franklin & Marshall College Yale University jiyengar@fandm.edu bryan.ford@yale.edu Presentation for TSVAREA meeting Nov 13, 2009 http://baford.info/tng A Proliferation of Layers and

slide-1
SLIDE 1

The Negotiation Problem

Bryan Ford

Yale University

bryan.ford@yale.edu

Presentation for TSVAREA meeting – Nov 13, 2009 http://baford.info/tng

Jana Iyengar

Franklin & Marshall College

jiyengar@fandm.edu

slide-2
SLIDE 2

A Proliferation of Layers and Layer Combinations

SCTP DCCP DTLS IPv6 IPsec UDP HTTP DNS RTP FTP Application SSL Transport Security TCP UDP Transport IPsec Network Security IP Network Ethernet Token-Ring PPP Data Link TCP SSL HTTP IPv6 IPsec IPsec UDP Teredo IPv6 (DirectAccess) HTTP SSL TCP IP Ethernet

slide-3
SLIDE 3

Future: Ever More Layers/Combinations?

Application Stream Stream Network Link Channel

Multi-Streaming Transports

SCTP [rfc4960], SST [SIGCOMM'07] Network Link Application Subflow Multipath Transport Subflow

Multipath Transports

SCTP [rfc4960], MPTCP [WIP] Network Link Application Endpoint Flow Semantic Isolation

Further Decomposition [“Breaking Up the Transport Logjam”,

HotNets'08]

slide-4
SLIDE 4

The Negotiation Problem

Decisions, decisions!

Network Transport Transport Security Application

IPv4 IPv6 TCP SCTP SSL HTTP IPv4 IPv6 UDP DCCP DTLS SIP IAX

slide-5
SLIDE 5

Compatibility and Preference

Which combinations do both endpoints support? Which combinations do they prefer?

IPv4 IPv6 UDP DCCP DTLS SIP IAX

Host A Host B

IPv4 IPv6 UDP DCCP DTLS SIP IAX

?

slide-6
SLIDE 6

Talk Outline

  • Three negotiation strategies (2 explicit, 1 implicit)

— Including a new in-band negotiation mechanism — Combined explicit/implicit negotiation

  • A framework for negotiation
  • Discussion
slide-7
SLIDE 7

Negotiation Strategies

Implicit Negotiation

slide-8
SLIDE 8

Approach 1: Try and Fall Back

Host A Host B

SCTP INIT TCP INIT SCTP RST TCP ACK

slide-9
SLIDE 9

Challenge 1: Controlling Delay

  • Failures can incur timeouts (e.g., due to NATs)
  • … potentially compounded by layering

UDP DCCP

Host A Host B

UDP DCCP

Timeout(s)

IPv4 IPv6 DTLS SIP IAX IPv4 IPv6 DTLS SIP IAX

Timeout(s) Timeout(s) Timeout(s)

slide-10
SLIDE 10

Approach 2: Try in Parallel

Host A Host B

SCTP INIT TCP INIT SCTP RST TCP ACK

slide-11
SLIDE 11

Challenge 2a: Redundant State

Host A Host B

SCTP INIT TCP INIT SCTP ACK TCP ACK

slide-12
SLIDE 12

SIP UDP IPv4 SIP UDP IPv4 DTLS IAX UDP IPv4 IAX UDP IPv4 DTLS SIP DCCP IPv4 SIP DCCP IPv4 DTLS IAX DCCP IPv4 IAX DCCP IPv4 DTLS SIP UDP IPv6 SIP UDP IPv6 DTLS IAX UDP IPv6 IAX UDP IPv6 DTLS SIP DCCP IPv6 SIP DCCP IPv6 DTLS IAX DCCP IPv6 IAX DCCP IPv6 DTLS

Challenge 2b: Combinations

Layering can lead to explosion of choices

IPv4 IPv6 UDP DCCP DTLS SIP IAX

Host A Host B

slide-13
SLIDE 13

Negotiation Strategies

Implicit Negotiation Explicit Out-of-band Negotiation

slide-14
SLIDE 14

Approach 3: Out-of-Band Information

Host A Host B

DNS++ Req DNS++ Reply

IPv4 IPv6 UDP DCCP DTLS SIP IAX

SIP DCCP IPv6 DTLS

DNS Server

slide-15
SLIDE 15

Challenge 3a: Administration

Host B DNS Server

“Dynamic DNS++”?

DNS server must know:

  • Name→IP mapping

(as before)

  • Entire protocol stack

supported by Host B

  • Protocol options?

⇒ Synchronization Nightmare?

slide-16
SLIDE 16

Challenge 3b: E2E Robustness

If endpoints agree on confguration X, will it work?

IPv4 IPv6 UDP DCCP DTLS SIP IAX

Host A Host B

IPv4 IPv6 UDP DCCP DTLS SIP IAX IPv4 IPv6 UDP DCCP

Middlebox

slide-17
SLIDE 17

Negotiation Strategies

Implicit Negotiation Explicit Out-of-band Negotiation Explicit In-band Negotiation

slide-18
SLIDE 18

Approach 4: In-band Negotiation

  • Hosts explicitly describe possible confgurations

during initial “meta-communication” exchange, before actual communication commences

Host A Host B

“Hi, I speak: ”

IPv4 IPv6 UDP DCCP DTLS SIP IAX

“Hi, I speak: ”

IPv4 IPv6 UDP DCCP DTLS SIP IAX

slide-19
SLIDE 19

Message 1: Initiator → Responder: Propose Protocol Graph

TCP DCCP TLS DTLS

  • pt1
  • pt2
  • pt1
  • pt2
  • pt1
  • pt2
  • pt1
  • pt2

(alternatives) goal (SIP)

  • pt1
  • pt2

base (IP) Negotiation Message 1

Host A Host B

slide-20
SLIDE 20

Negotiation Message 2

Host A Host B

Message 2: Responder → Initiator: Revise Protocol Graph

TCP DCCP TLS DTLS

  • pt1
  • pt2
  • pt1
  • pt2
  • pt1
  • pt2
  • pt1
  • pt2

base (IP) goal (SIP)

  • pt1
  • pt2
slide-21
SLIDE 21

Message 3: Initiator → Responder: Acknowledge Protocol Graph

TCP TLS

  • pt1

base (IP) goal (SIP)

  • pt2

Negotiation Message 3

Host A Host B

slide-22
SLIDE 22

Message 4+: According to Negotiated Stack

TCP TLS SIP

Host A Host B

Normal Packets

slide-23
SLIDE 23

Concurrent Protocol Initialization

Whenever feasible:

— embed protocol-specifc handshake info into graph — run handshakes concurrently while negotiating

TCP DCCP TLS DTLS

ClientHello ClientHello INIT Request

SIP

REGISTER

IP

Host A Host B

TCP DCCP TLS DTLS

ServerHello ServerHello INIT-ACK Reply

SIP

200 OK

IP 1 2

slide-24
SLIDE 24

Key Benefts of Negotiation Model

  • Happens strictly between nodes concerned

— Users, Name server admins don't have to care

  • Middleboxes can participate in process
  • Protocol graph representation scales to handle:

— Arbitrarily deep protocol stacks — Many alternatives per layer

  • Setup whole “layer cakes” in minimal # of RTTs

— With options

(For representing and transmitting graph, negotiation transport protocol, etc., see our HotNets '09 paper)

slide-25
SLIDE 25

Contexts and Stacks

  • Context ≡ underlying substrate; cannot change
  • Stack ≡ protocols to be set up; can change

IPv4 IPv6 UDP DCCP DTLS SIP IAX Stack Context Example 1: Application-Level VoIP Protocol Stack Negotiation IPv4 IPv6 DCCP TCP HTTP Stack Context Example 2: OS-Level, Application-Transparent Transport Stack Negotiation SST OS API OS API

slide-26
SLIDE 26

Negotiation Across Contexts

IPv4 IPv6 DCCP TCP HTTP Stack Context Scenario 2: Application-Transparent Transport Protocol Negotiation SST OS API IPv4 IPv6 UDP DCCP DTLS SIP IAX Stack Context Scenario 1: Application-Level VoIP Protocol Stack Negotiation OS API

App can't send 1 packet that's both UDP & DCCP! OS can't send 1 packet that's both IPv4 & IPv6!

⇒ must try each context separately

slide-27
SLIDE 27

Combined Solution

1.Identify feasible communication Context(s)

— e.g., UDP session (IPa:porta, IPb:portb)

2.Negotiate Stack within each context:

a) Initiator sends a Protocol Graph Proposal b)Responder returns Revised Protocol Graph c)(Optional) further protocol graph revision steps d)Peers commit, Acknowledge Protocol Graph e)Communication proceeds via negotiated protocols

slide-28
SLIDE 28

Combined Implicit/Explicit Solution

  • Implicit, parallel negotiation across contexts
  • Explicit, in-band negotiation within a context

Host A Host B

UDP IP SIP

Nego Req

DTLS SIP IAX

UDP IP

Nego Reply

DTLS SIP IAX

UDP IP

slide-29
SLIDE 29

A Framework for Negotiation

slide-30
SLIDE 30

Negotiation Strategies

Implicit Negotiation Explicit Out-of-band Negotiation Explicit In-band Negotiation

slide-31
SLIDE 31

The Negotiation Triangle

Implicit Negotiation Explicit Out-of-band Negotiation Explicit In-band Negotiation End-to-end Robustness Combinatorial Scalability Multi-Context Support

slide-32
SLIDE 32

The Negotiation Triangle

Implicit Negotiation Explicit Out-of-band Negotiation Explicit In-band Negotiation

End-to-end Robustness Combinatorial Scalability Multi-Context Support

For any given negotiation strategy, you get two of three desirable properties T

  • get all three properties,

a hybrid of at least two strategies is necessary

slide-33
SLIDE 33

Arigato! The foodgates are open! (Please join tae@ietf.org for discussions)