[Nsi-wg] Some questions/remarks on the v2 connection wsdl GlobalID
Jerry Sobieski
jerry at nordu.net
Thu Dec 6 07:19:45 EST 2012
The GlobalID was created at the request of the perfSONAR developers to
enable monitoring - how could you determine which segments belonged to a
end-to-end connection without each segment being tagged with a Globally
unique identifier? (IMO this was a situation where old ideas and
processes die slowly.)
The proper way to do this is to just use the ConnectionID and walk the
tree - a detailed Query(). The detailed Query() exposes the actual
domains along the path that are actually responsible for processing the
service request - rather than trying to find just the domains that are
carrying the bits (think about virtualized transit domains). The
Query() process provides _/authorized access/_ to this information
throughout the service tree, and it provides genuine and reliable
associations between the ConnectionIDs assigned at each NSA for its
children. Using GLobalID - without descending the tree - is a
scattershot and unreliable means of discovering which segments comprise
a reservation, and it bypasses all security policy asserted above. Bad
bad bad. The Query() command is fully authorized and so completing a
detailed query provides all the information about the connection
segments belonging to a reservation and does so according to
authorization policy along the tree and according to the requesters that
actually built (and are paying for and/or are responsible for) the
reservation.
The only other application of GlobalID that I recall was a batch query
possibility (not currently implemented) - the ability to obtain
information on a whole batch of unrelated connection segments. I.e. if
my agent wanted to know about all the connections your NSA was servicing
then a global ID might provide some correlation with upstream/downstream
segments obtained similarly. Either way, this poses too many security or
privacy issues to count...
So our compromise was to allow a tag assigned by a RA to be carried
along the segmentation tree so that Connections that wanted to be
monitored by perfSONAR could be - but it was optional. For perfSONAR
monitoring purposes - this tag needed to be globally unique - thus its
moniker.
As Vagellis observes - if each NSA in the tree wishes to assert their
own GlobalID downward, then the GlobalID from above gets overwritten, or
ignored altogether. (I don't recall - it may be the case that if the
GID is present, it was supposed to be replicated down - but this then
prevents intermediate aggregator RAs from asserting a GlobalID
themselves. ) If we want all GLobalIDs to be carried downward, the
field must be able to carry multiple GlobalIDs, possibly from each
network along a path (think hop-by-hop "chain" provisioning). And if
the field can carry multiple GLobalIDs, why limit each NSA to only
inserting a single globalID? Why not let each NSA insert multiple
tags? Indeed, is there really any requirement for the tag to be
globally unique in some way? It was only perfSONAR that required a
globally unique identifier.
Now two years later, I don't know that there has been any perfSONAR
tools modified to actually monitor NSI connections, much less to utilize
the GlobalID field to do so. Does any one know? Are there any
other tools that expect/require the GID to be present? or to be globally
unique? (and how easy will it be to break those tools? :-)
Given that NSI has the detailed Query() function that reliably and
_/securely/_ exposes the end-to-end segmentation, I do not think the
GlobalID field is required any more. Does anyone have
continuing/additional reasons for having it?
Unless there is a specific and compelling reason to retain the field as
a general purpose communications field preserved in the Reservation
record, I propose we should deprecate it and simplify the protocol. As
a general practice for standards, we should *NOT* retain it simply "just
in case"...to retain it we need a specific and compelling reason to
include it that makes it worthwhile for every implementation to support
it. "optional requirements" is a oxymoron. Eitehr we need it, or we do
not. If we retain the field, then we need to redefine it so that it
can carry multiple tags and so those tags can be recognized/parsed by
generalized other agents, and the field should be constrained in size
(don't want MPG4 movies being carried in the signaling messages.)
One last indirectly related note: The ability of Query() to serve
generalized agents -besides the uRA- will rely upon these agents issuing
a detailed Query() to an NSA that is NOT the first hop PA at the root of
the service tree. For instance, a NORDUnet perfSONAR agent will see a
local Connection ID it needs to monitor - how does it discover which NSA
is the first hop? And should it need to? Why can't the local agent
issue a detailed Query() directly to the local NSA PA - and let the
local NSA PA walk it *UP and OVER* in the service tree as well as down
the service tree? This is a "flooding" detailed Query(). The Query()
functions the same way as it does now, only that the Query() is passed
up to the parent RA as well, and the parent/child link from which the
Query() came (if it came from a parent/child NSA in this connection's
service tree) is pruned from the recursive flooding - it just gets the
result.
By tweeking the Query() in this fashion, we enable a much more powerfull
ability to manage the reservation. This will also be an important
capability for Notify() functions - an error condition could be flooded
to all NSAs in the service tree using a similar flooding model thus
being able to notify all NSAs upstream and downstream in the data plane
of local interuptions. Of course, we won't be able to use the current
funky WS respondTo process for these upward bound messaging...we'll need
a real symmetric session MTL model to do this. But we already know this.
Jerry
On 12/6/12 5:06 AM, Jeroen van der Ham wrote:
> Hi,
>
> On 5 Dec 2012, at 18:24, Vangelis Chaniotakis <haniotak at es.net> wrote:
>
>> Oh, speaking of globalreservationid!
>>
>> we're only passing it around and persisting it not doing anything with it AFAICT.
>>
>>
>> - it's supposed to be a way to tie this connection with external services, right?
>> - if so, the name is not quite descriptive of its function
>> - it's also optional, while the name sounds terribly important
>> - why a URI instead of a string? or key-value pair
>> - there's only one of them, why not allow for a set?
> It is supposed to be the ID for the global reservation. The aggregator NSA receives a request, generates an ID and uses this global ID to make connection requests to each of the participating NSAs. They generate a connection ID for their segment, but must be able to relate that to the global reservation ID.
>
> So yes, it does perform a very important global function :)
>
> It is indeed also meant for tieing in to other services. The URN is used to make it very clear that this is a network global reservation ID.
>
> Jeroen.
>
> _______________________________________________
> nsi-wg mailing list
> nsi-wg at ogf.org
> https://www.ogf.org/mailman/listinfo/nsi-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.ogf.org/pipermail/nsi-wg/attachments/20121206/db1425ba/attachment-0001.html>
More information about the nsi-wg
mailing list