[Sis-dtn] LTPv2 Draft Blue Book for Review

Jeremy.Mayer at dlr.de Jeremy.Mayer at dlr.de
Wed May 17 14:38:12 UTC 2023 

Hi,
I'm going to inline my responses to both of these emails, since there are a variety of excellent points brought up. My DLR email was having trouble today, so I'm going through the backlog.

Thanks,
Jeremy

From: sburleig.sb at gmail.com <sburleig.sb at gmail.com>
Sent: Monday, May 15, 2023 7:20 PM
To: 'Sipos, Brian J.' <Brian.Sipos at jhuapl.edu>; Mayer, Jeremy <Jeremy.Mayer at dlr.de>; Felix.Flentge at esa.int
Cc: sis-dtn at mailman.ccsds.org
Subject: RE: [Sis-dtn] LTPv2 Draft Blue Book for Review

Hi.  Very thoughtful comments, on which I will offer two remarks.

Pausing and resuming sessions would be critical to the successful operation of this protocol over interplanetary links characterized by long signal propagation latencies and punctuated transmission opportunities.  For continuous connectivity in LEO, probably no problem.
JPM: Agreed, the procedures must be expanded, but we've implemented a simple suspend all timers method for pausing, as well as the relevant metadata. For resuming, we just assume that the first new segment sent from a paused session is a functional resumption of that session.
I can appreciate the appeal of symmetry between input and output, blocks in / blocks out.  In my experience, though, the operators of some space flight missions will find any delay in the delivery of unreliable data segments (while waiting for a block to be reassembled or a timer to expire) functionally unacceptable.  Maybe the way to reconcile these concerns is to make it clear that the block size for unreliable data is variable, so that the source entity can freely transmit small, independently significant client service data units in individual blocks such that each one is sent in a single segment.
JPM: That's an excellent approach to that and may negate the implementation of the "rangeReceived.indication" primitive, at least in many cases.
Scott

From: SIS-DTN <sis-dtn-bounces at mailman.ccsds.org<mailto:sis-dtn-bounces at mailman.ccsds.org>> On Behalf Of Sipos, Brian J. via SIS-DTN
Sent: Monday, May 15, 2023 8:54 AM
To: Jeremy.Mayer at dlr.de<mailto:Jeremy.Mayer at dlr.de>; Felix.Flentge at esa.int<mailto:Felix.Flentge at esa.int>
Cc: sis-dtn at mailman.ccsds.org<mailto:sis-dtn at mailman.ccsds.org>
Subject: Re: [Sis-dtn] LTPv2 Draft Blue Book for Review

Jeremy, Felix,
I think there is a lot of improvement in both encoding and state machine for this new protocol draft, while keeping with the capabilities and rough service interface of earlier LTP. I'm attaching a document with inline comments for specific sections and paragraphs. Two areas that I think are underspecified currently are session invariants/state and the underlying transport requirements/assumptions.
JPM: Thanks!
An explanation of session invariants would be redundant, but I think helpful to an implementer to understand which parameters are associated with an individual session, are unchanging between all segments within a session, and for a receiver are memorized when first received. As a follow-on it would be good to indicate how a receiver should respond if a segment comes in that violates that invariant; does that session get ignored from that point on, canceled with in-band messaging, or something more severe like stop processing all segments from that sender (I don't recommend this but some specific guidance would bound an engine behavior).
JPM: Agreed (as non-normative), since it's sort of implementation/mission-specific, and may also (as happened in our case), differ between uplink and downlink. In our FPGA, all lengths of outbound fields were fixed during synthesis time. However, as received data transited the CPU as opposed to the FPGA, we were pretty free to be selective with invariants. I'll iterate something and we can discuss.
Also in earlier LTP implementations there is the possibility of pausing a session (by simply pausing all timers associated with the session and stopping any transmit of new/queued segments for that session); is this behavior useful enough to include in the official LTP engine service interface? It seems straightforward enough to be an optional indication to the engine to pause/un-pause a session.
JPM: See my previous response to Scott: I'll add an optional.
The parts missing from specification of the underlying transport interface are comments in the document, but generally it is good to be explicit about what is required and what is assumed about the transport. This helps in two ways: it makes it more obvious to an implementer about what must be added as glue between what the upper protocol requires and the lower transport provides, and it also makes it obvious when a specific transport is just inappropriate and to not try to use it. For example, earlier LTP had a few assumptions about in-order segment delivery (some workarounds are possible within the protocol requirements) which would make it unsuitable or vulnerable DoS if used over IP. These kinds of things are not necessarily bad, just need to be known to the implementer rather than assumed and unstated.
JPM: part of the rationale for the "block length" field was to model IP-esque out-of-order behaviour, e.g. we understand that IP and multipath traffic will eventually do weird out-of-order things, so we need to compensate for that in such a way that we don't force the receiver to do anything strange or novel.
Earlier issues reported to HDTN project related to out-of-order reception are linked below. Issue #22 and #24 are both optimizations to allow an engine to delay sending report or data retransmit segments long enough to receive any out-of-order segments that would affect the report claims or avoid the retransmit entirely. Issue #23 is about when to send an "asynchronous reception report" which is defined by LTP but never specified when an engine would actually send one. Issue #19 is another unspecified behavior that (could, and in HDTN case did) allow a memory leak and provide a method of denial-of-service attack.
https://github.com/nasa/HDTN/issues/24
https://github.com/nasa/HDTN/issues/23
https://github.com/nasa/HDTN/issues/22
https://github.com/nasa/HDTN/issues/19

On the topic of the overlayer service interface for unreliable data, I am strongly in favor of the current interface where the LTP engine provides the entire block data with a reception map. It is much more useful from an overlayer/BPA perspective to have both TX and RX interfaces operate at the scale of entire blocks (i.e. "block goes in to TX, block comes out of RX"). Since any overlayer will need to reassemble segments and include a reception timeout anyway, it's better for that logic to be as close to the segment processing as possible (in the LTP engine) and not need to be re-implemented with every use of the engine. This is especially true as unreliable timeout presents a possible DoS attack vector.
JPM: You mean the LTPv2 completion interface?
Finally, regardless of whatever name applies to this new protocol it would be helpful to explicitly state that it is on-the-wire unique from earlier LTP and can be used over the same transport as LTP and segments can be handled unambiguously from LTP segments. This will allow re-use of existing allocation such as the LTP UDP Port<https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=1113> and similar service identifiers.

Thanks for all of the effort in designing and documenting this.
Brian S.

From: SIS-DTN <sis-dtn-bounces at mailman.ccsds.org<mailto:sis-dtn-bounces at mailman.ccsds.org>> On Behalf Of Jeremy Mayer via SIS-DTN
Sent: Tuesday, May 9, 2023 5:48 PM
To: sis-dtn at mailman.ccsds.org<mailto:sis-dtn at mailman.ccsds.org>
Cc: ccorsten at gmv.com<mailto:ccorsten at gmv.com>
Subject: [EXT] [Sis-dtn] LTPv2 Draft Blue Book for Review

APL external email warning: Verify sender sis-dtn-bounces at mailman.ccsds.org<mailto:sis-dtn-bounces at mailman.ccsds.org> before clicking links or attachments



Hi everyone,
In order to provide a baseline for tomorrows discussion of the proposed LTPv2 protocol, I've attached the draft blue book for the standard. After showcasing the proposed approach and rational, we're intending to go through the document, focusing on the underlying protocol.

Thanks,
Jeremy & Felix
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/sis-dtn/attachments/20230517/cf486ce8/attachment-0001.htm>

More information about the SIS-DTN mailing list