EPICS Version 4

On Thursday, June 14, 2012, Michael Davidsaver wrote:
> > Each message contains an endiannes flag
>
> * Can a endpoint change endianness mid way through a TCP session?

As I understood Matej, the rules are different for server and client: Client
must always send in the byte order announced by the server (in 'Set byte
order (0x02)' control message) on connection startup. Server has two
options, depending on the payload size field of the same control message:
0x0 means that server sends everything in the same byte order, 0xff...f
means that server sends in varying byte order (i.e. client must look at the
byte order bit in each message).

The second part of the above explanation is missing from chapter 2 "Data
Encoding". The information is there but is hidden in the details of 'Set
byte order' message.

Cheers
Ben

________________________________

Helmholtz-Zentrum Berlin für Materialien und Energie GmbH

Mitglied der Hermann von Helmholtz-Gemeinschaft Deutscher Forschungszentren e.V.

Aufsichtsrat: Vorsitzender Prof. Dr. Dr. h.c. mult. Joachim Treusch, stv. Vorsitzende Dr. Beatrix Vierkorn-Rudolph
Geschäftsführung: Prof. Dr. Anke Rita Kaysser-Pyzalla, Thomas Frederking

Sitz Berlin, AG Charlottenburg, 89 HRB 5583

Postadresse:
Hahn-Meitner-Platz 1
D-14109 Berlin

http://www.helmholtz-berlin.de

Hi,

1. Overview

>
> * The overview mentions "PV locking" but nothing further is said.  Is
> this an omission?
>

Hmmm... right, nothing to do with the protocol spec.
(However, the API is designed to allow efficient locking).

>
> > In practice, this means there is no need for a pvAccess equivalent of
> > Channel Access' EPICS_CA_MAX_ARRAY_BYTES.
>
> * The existence of EPICS_CA_MAX_ARRAY_BYTES is an implementation detail
> and not required by the CA protocol.
>

The sentence was added to make things more understandable. That's why it's
in italics.



>
> 2. Data Encoding
>
> > This MUST be done by inserting just enough bytes before the first
> > element of the array.
>
> * So padding is inserted between the array size and the first value?
>

Yes.


> Perhaps an example is in order?
>

Planned (see Missing aspects section - last item).

> Each message contains an endiannes flag
>
> * Can a endpoint change endianness mid way through a TCP session?
>

In case where server is an gateway (pass-thru type), yes. This must be
indicated at connection time, see 15.3.

* Given the small message size, are there measurable performance
> benefits to allowing the sender use different endianness for UDP?
>

Data over UDP + segmented messages (images over multicast).

2.1 Sizes
>
> * How should an endpoint react if it decodes a negative size?
>

TCP disconnect where encoding is wrong, definitely for sizes (you get lost
in the stream then).

Note that this will change to support negative offsets (== offset from end
of the array).


>
> 2.2 User Data
>
> * The sub-sub-sections in this document should be numbered.
>
>
> 2.2 User Data (Status)
>
> * What are the rules for decoding the status?  What about type < -1 or > 3?
>
> (The optimization for StatusOK saves only 2 bytes.  Is this worth the
> extra complexity in decoding?)
>

This question already came up in the past.
OK is sent pretty often. To avoid object recreation, special code -1 means
"reuse static object"
against comparing 3 fields to zero.
Not a big overhead, but we decided in this case, it's worth special code.


> 2.2 User Data (Introspection Data)
>
> * I find the description of the encoding, particularly for structure and
> structureArray, to be unclear.  Perhaps this would be better to use a
> different syntax like:
>
> COUNT = [0-254] | (255 + [0x000000ff-0x7fffffff])
>
> BYTE = [0-255]
>
> STRING = COUNT , {BYTE}
>
> ID = [0-65535]
> NULL_TYPE = 0xff
> ONLY_ID = 0xFE , ID
> FULL_ID = 0xFE , ID , FieldDesc
>
> SCALAR_ID = ID
> SCALARARRAY_ID = ID
> STRUCT_ID = ID , COUNT , {STRING + FieldDesc}
> STRUCTARRAY_ID = ID , FieldDesc
>
> PLAIN_TYPE = SCALER_ID | SCALARARRAY_ID | STRUCT_ID | STRUCTARRAY_ID
>
> FieldDesc = NULL_TYPE | ONLY_ID | FULL_ID | PLAIN_TYPE
>

We need both.


> 3. Connection Management
>
> > Echo message MUST be periodically sent until response is received or
> > the connection is reported to be lost.
>
> * Who is reporting the connection as lost?  Is this meant to depend on
> the TCP implementation?  Would it be better to fully specify the timeout
> delay and response action (close connection) in this document?
>
>
>
> 4. Channel Life-cycle
>
> > If a connection has been already established by the client, it MUST be
> > reused.
>
> * So a client is not permitted to implement any kind of load
> balancing/prioritization?  Perhaps replace MUST with SHOULD.  Also, how
> could MUST be enforced in this case?
>


See last paragraph of 14.2.
"Each Quality of Service (QoS) parameter value REQUIRES a separate TCP/IP
connection."


> 6. Flow Control

Maybe flow control is not a good naming here...
The "flow control" I am describing here is to make monitor update rates
more fluid under congestion, e.g. instead of getting 10 samples every 10
seconds, getting one every second is much more better idea.

... and (big) buffers cause this problem.

TCP flow control is perfectly fine (no need to re-implement it again). Just
might need some tuning on higher level.

Now having this in mind the flow control sections might become more
reasonable.

> 7. Channel Discovery

> * Will name lookup over TCP be supported?

Yes.


> 9. Protocol Messages

> * What are the rules governing use of segmented messages?  (eg. The
> complete application header must be placed in the first segment)

Payload is segmented.

> * Aside from the flow control mechanism discussed above, is there any
> reason to prefer segmented messages to a variable length payloadSize
field?

This leads to variable header size.
And you cannot send a other message over same TCP connection when large
payload is in process of sending.

> Messages MUST BE aligned on a 64-bit boundary.

> Alignment offset MUST be preserved between segmented messages

* Would it be better just to require that segments sizes must be a
multiple of 8 bytes?

Not always true. You can send 15 bytes of payload in one segmented message,
not to split the next e.g. 4-byte integer in the next segmented message.
This makes implementation simpler.
This calls for an example in the spec :)

> 10.5 Search request and 10.6 search response

> * How should searchSequenceID be chosen?

0, 1, 2, 3 .... 0xFFFE, 0xFFFF, 0, 1, 2 ...

> * Should UDP servers honor the replyRequired field?

Yes, but it should be used carefully.

> X. General comments

> It would be a good idea to specify how a client/server should respond to
> unknown messages.  If this isn't specified and clients do bad things
> (event printing warnings) this will prevent new messages from being
> introduced in future revisions.

Right.

One would say: if remote side protocol version is greater than local and
unknown message is received, than client can ignore it gracefully. However,
this calls for problems - remote side will never get a response back and so
on...
The spec say that any new version must be backward compatible. Meaning that
remote implementation needs to handle it - or throw unsupported exception
to an user or transform request to what older version understands.

ps I hope I was not too short with answers (being busy)...

Matej

On 6/14/2012 7:59 AM, Matej Sekoranja wrote:


>
>     2.1 Sizes
>
>     * How should an endpoint react if it decodes a negative size?
>
>
> TCP disconnect where encoding is wrong, definitely for sizes (you get 
> lost in the stream then).

Good.

> Note that this will change to support negative offsets (== offset from 
> end of the array).

I was only thinking of sizes or counts.  Certainly offset can be negative.


> > 10.5 Search request and 10.6 search response
>
> > * How should searchSequenceID be chosen?
>
> 0, 1, 2, 3 .... 0xFFFE, 0xFFFF, 0, 1, 2 ...

What is the meaning though?  Is this meant to be a counter to 
disambiguate otherwise identical messages?

When can a sequence ID be reused?

Is it valid for a client to always use the same sequence ID?


* Also a new question.  Is it allowed for a server to split/combine 
responses going to the same requester?


>
> > * Should UDP servers honor the replyRequired field?
>
> Yes, but it should be used carefully.

Can you give a definition of "carefully"?  Preferably once which doesn't 
involve our network being flooded with NACKs ;)


>     2.2 User Data (Status)
>
>     * What are the rules for decoding the status?  What about type <
>     -1 or > 3?
>
>     (The optimization for StatusOK saves only 2 bytes.  Is this worth the
>     extra complexity in decoding?)
>
>
> This question already came up in the past.
> OK is sent pretty often. To avoid object recreation, special code -1 
> means "reuse static object"
> against comparing 3 fields to zero.
> Not a big overhead, but we decided in this case, it's worth special code.

Ok.

My remaining question is, should only type==-1 be decoded specially?  
What about type==-2?

I ask this because I have often seen

if(value==-1) {}

morph into

if(value<0) {}

Hi Matej,


On 6/14/2012 7:59 AM, Matej Sekoranja wrote:
> ...
>
>     * Given the small message size, are there measurable performance
>     benefits to allowing the sender use different endianness for UDP?
>
>
> Data over UDP + segmented messages (images over multicast).

So that intent is to support UDP at an equivalent level to TCP?

How do you plan to reconstruct a message of more than 3 segments when 
these segments are delivered out of order?

...
>
>
> > 6. Flow Control
>
> Maybe flow control is not a good naming here...
> The "flow control" I am describing here is to make monitor update 
> rates more fluid under congestion, e.g. instead of getting 10 samples 
> every 10 seconds, getting one every second is much more better idea.

I agree that this effect is desirable.

>
> ... and (big) buffers cause this problem.

Also agreed.

> TCP flow control is perfectly fine (no need to re-implement it again).

And yet this appears to be done...

> Just might need some tuning on higher level.

Are you referring to an algorithm or some application message fields?

> Now having this in mind the flow control sections might become more 
> reasonable.

Not really :)

I would also point out that you haven't answered my questions for this 
section.


> > 9. Protocol Messages
>
> > * What are the rules governing use of segmented messages?  (eg. The
> > complete application header must be placed in the first segment)
>
> Payload is segmented.

Which payload?  The segment payload or the application message payload?

>
> > * Aside from the flow control mechanism discussed above, is there any
> > reason to prefer segmented messages to a variable length payloadSize 
> field?
>
> This leads to variable header size.
> And you cannot send a other message over same TCP connection when 
> large payload is in process of sending.

So instead of one variable length header an implementation has to handle 
an unknown number of fixed sized headers to get the same information?

Decoding a variable length header is not difficult when the header has a 
fixed minimum size with enough information for the next step in decoding.

>
> > 10.5 Search request and 10.6 search response
>
> > * How should searchSequenceID be chosen?
>
>  0, 1, 2, 3 .... 0xFFFE, 0xFFFF, 0, 1, 2 ...
>
>
> What is the meaning though?  Is this meant to be a counter to disambiguate
> otherwise identical messages?
>
> When can a sequence ID be reused?
>
> Is it valid for a client to always use the same sequence ID?
>

Server won't mind.

SequenceID can be used to detect UDP routing problems, UDP congestion
control implementation (RTT monitoring)...


* Also a new question.  Is it allowed for a server to split/combine
> responses going to the same requester?
>

Can you give an example?

> * Should UDP servers honor the replyRequired field?
>
> Yes, but it should be used carefully.
>
>
> Can you give a definition of "carefully"?  Preferably once which doesn't
> involve our network being flooded with NACKs ;)
>

Flag can be used by a special tool(s) (non-existant now) or in case of
unicast. Sure, (normal) clients won't have ability to set
this replyRequired to true.

Search over TCP will have this flag set to true.


> My remaining question is, should only type==-1 be decoded specially?  What
> about type==-2?
>
> I ask this because I have often seen
>
> if(value==-1) {}
>
> morph into
>
> if(value<0) {}
>

I do not expect any other special code/Status. Public API will never see
(-1) code. -1 is used only internally.

Matej

Hi,

On 6/14/2012 7:59 AM, Matej Sekoranja wrote:
>
>  ...
>
>  * Given the small message size, are there measurable performance
>> benefits to allowing the sender use different endianness for UDP?
>>
>
>  Data over UDP + segmented messages (images over multicast).
>
>
> So that intent is to support UDP at an equivalent level to TCP?
>

UDP has some advantages over TCP. Broadcast/multicast is the biggest in our
case (as I see it), e.g. images over multicast.

(Then there are: low latency and less resources needed on server side to
handle really lots of connections.)


> How do you plan to reconstruct a message of more than 3 segments when
> these segments are delivered out of order?
>

This aspect is not yet covered. I have some ideas how (put seq # in the
header), but not yet there...


> > 6. Flow Control
>
> Maybe flow control is not a good naming here...
> The "flow control" I am describing here is to make monitor update rates
> more fluid under congestion, e.g. instead of getting 10 samples every 10
> seconds, getting one every second is much more better idea.
>
>
> I agree that this effect is desirable.
>
>
>  ... and (big) buffers cause this problem.
>
>
> Also agreed.
>
>   TCP flow control is perfectly fine (no need to re-implement it again).
>
>
> And yet this appears to be done...
>
>   Just might need some tuning on higher level.
>
>
> Are you referring to an algorithm or some application message fields?
>

Sending algorithm (e.g. do not fill all the send buffers with the recent
values if you expect congestion control or are in congestion).


>
>   Now having this in mind the flow control sections might become more
> reasonable.
>
>
> Not really :)
>
> I would also point out that you haven't answered my questions for this
> section.
>
>
>   > 9. Protocol Messages
>
> > * What are the rules governing use of segmented messages?  (eg. The
> > complete application header must be placed in the first segment)
>
>  Payload is segmented.
>
>
> Which payload?  The segment payload or the application message payload?
>

Imagine data: 1 2 3 4 5 6 7 8 9 0

This can be split to:

message 1: <pvAccess header> + <1 2 3>
message 2: <pvAccess header> + <4 5 6>
message 3: <pvAccess header> + <7 8 9>
message 4: <pvAccess header> + <0>

So, only data is segmented, each segment has it's own header.
Header is overhead.


>   > * Aside from the flow control mechanism discussed above, is there any
> > reason to prefer segmented messages to a variable length payloadSize
> field?
>
>  This leads to variable header size.
> And you cannot send a other message over same TCP connection when large
> payload is in process of sending.
>
>
> So instead of one variable length header an implementation has to handle
> an unknown number of fixed sized headers to get the same information?
>
> Decoding a variable length header is not difficult when the header has a
> fixed minimum size with enough information for the next step in decoding.
>

Another reason:
Non-streaming protocols (like UDP) cannot send >64k bytes at once (once
packet). Segmentation allows this.

Segmentation is used when large messages are being sent. Message header
overhead is negligible then.

Matej

On 6/15/2012 6:51 AM, Matej Sekoranja wrote:
>
>>     > 10.5 Search request and 10.6 search response
>>
>>     > * How should searchSequenceID be chosen?
>>
>>     0, 1, 2, 3 .... 0xFFFE, 0xFFFF, 0, 1, 2 ...
>
>     What is the meaning though?  Is this meant to be a counter to
>     disambiguate otherwise identical messages?
>
>     When can a sequence ID be reused?
>
>     Is it valid for a client to always use the same sequence ID?
>
>
> Server won't mind.

I take this to mean that the server MUST not ignore duplicate search 
requests.

>
>     * Also a new question.  Is it allowed for a server to
>     split/combine responses going to the same requester?
>
>
> Can you give an example?

A client wishing to lookup a lot of channels (eg. archiver) broadcasts 
two requests with 50 channels each and replyRequired==0.  The Server in 
question has 1 channel included in the first request, and 1 channel 
included in the second request.

Is the server allowed to send 1 response message including both 
channels?  Or must it send two response messages with 1 channel each?


Once of the reasons the previous questions come to mind is because I 
can't find any mention of whether or not it is allowed to include more 
than one pvA message in a single UDP packet.

>
>>     > * Should UDP servers honor the replyRequired field?
>>
>>     Yes, but it should be used carefully.
>
>     Can you give a definition of "carefully"?  Preferably once which
>     doesn't involve our network being flooded with NACKs ;)
>
>
> Flag can be used by a special tool(s) (non-existant now)

So there is no defined use case for this "feature"?

> or in case of unicast.

Is there some way to tell if the message was sent as unicast or 
broadcast?  My concern applies only to broadcast queries.

If this can't be determined I would strongly suggest UDP search response 
should never be sent.  This is a DoS attack waiting to happen.


> Search over TCP will have this flag set to true.

Is this a MAY, SHOULD, or MUST?

>
>
>     My remaining question is, should only type==-1 be decoded
>     specially?  What about type==-2?
>
>     I ask this because I have often seen
>
>     if(value==-1) {}
>
>     morph into
>
>     if(value<0) {}
>
>
> I do not expect any other special code/Status.

Ok.  I would suggest a stronger statement like:

All Status types other than type==-1 MUST include message and callTree 
strings.


Michael

On 6/15/2012 7:17 AM, Matej Sekoranja wrote:
> Hi,
>
>     On 6/14/2012 7:59 AM, Matej Sekoranja wrote:
>>     ...
>>
>>         * Given the small message size, are there measurable performance
>>         benefits to allowing the sender use different endianness for UDP?
>>
>>
>>     Data over UDP + segmented messages (images over multicast).
>
>     So that intent is to support UDP at an equivalent level to TCP?
>
>
> UDP has some advantages over TCP.

Just as TCP has advantages over UDP.

> Broadcast/multicast is the biggest in our case (as I see it), e.g. 
> images over multicast.
>
> (Then there are: low latency and less resources needed on server side 
> to handle really lots of connections.)

I agree that this is an interesting use case.

>     How do you plan to reconstruct a message of more than 3 segments
>     when these segments are delivered out of order?
>
>
> This aspect is not yet covered. I have some ideas how (put seq # in 
> the header), but not yet there...

What I am oh so subtly hinting is that I don't see how the currently 
defined header contains enough information to do this over UDP.  In my 
mind, supporting data over UDP would require incompatible changes to 
what is presented here.

In the mean time, for TCP the defined header+control message definitions 
are redundant (looks like TCP on top of TCP).

Would it make sense to define two different headers for these two 
different transport protocols?


...
>
>>     Now having this in mind the flow control sections might become
>>     more reasonable.
>
>     Not really :)
>
>     I would also point out that you haven't answered my questions for
>     this section.
>

>>     > 9. Protocol Messages
>>
>>     > * What are the rules governing use of segmented messages?  (eg. The
>>     > complete application header must be placed in the first segment)
>>
>>     Payload is segmented.
>
>     Which payload?  The segment payload or the application message
>     payload?
>
>
> Imagine data: 1 2 3 4 5 6 7 8 9 0
>
> This can be split to:
>
> message 1: <pvAccess header> + <1 2 3>
> message 2: <pvAccess header> + <4 5 6>
> message 3: <pvAccess header> + <7 8 9>
> message 4: <pvAccess header> + <0>
>
> So, only data is segmented, each segment has it's own header.
> Header is overhead.

So I take it you mean that the application message payload is segmented.

Then the minimum segment size is the application message header plus one 
byte?

Which application messages fields constitute the header, and which the data?

In the case of a channelGetRepsonse is it just pvStructureData, or can 
the changedBitSet field also be split across segments?

What about pvRequestIF and pvRequest in channelPutGetRequestInit?


9.1 Message Header
> Between two segmented messages of the same set there MUST NOT be any 
> other application message than the segmented message of the same set. 
> Control messages are allowed to be in-between. 

It would seem to me that this is sufficient to allow processing of an 
additional segment without repeating the application message header.  
Why is the application message header repeated in each segment?


>>     > * Aside from the flow control mechanism discussed above, is
>>     there any
>>     > reason to prefer segmented messages to a variable length
>>     payloadSize field?
>>
>>     This leads to variable header size.
>>     And you cannot send a other message over same TCP connection when
>>     large payload is in process of sending.
>
>     So instead of one variable length header an implementation has to
>     handle an unknown number of fixed sized headers to get the same
>     information?
>
>     Decoding a variable length header is not difficult when the header
>     has a fixed minimum size with enough information for the next step
>     in decoding.
>
>
> Another reason:
> Non-streaming protocols (like UDP) cannot send >64k bytes at once 
> (once packet). Segmentation allows this.

Then why use a 4 byte size field for pvA over UDP?

>
> Segmentation is used when large messages are being sent. Message 
> header overhead is negligible then.

So messages MUST only be segmented if the length is greater then the 
supported transport protocol payload?

How does this work with the injection of control messages?


Michael

>
> * Also a new question.  Is it allowed for a server to split/combine
>> responses going to the same requester?
>>
>
>  Can you give an example?
>
>
> A client wishing to lookup a lot of channels (eg. archiver) broadcasts two
> requests with 50 channels each and replyRequired==0.  The Server in
> question has 1 channel included in the first request, and 1 channel
> included in the second request.
>
> Is the server allowed to send 1 response message including both channels?
> Or must it send two response messages with 1 channel each?
>

Each search request has a searchSequenceID associated with a set of
channels to be searched for. A response (for one or more channels) must
match associated searchSequenceID from the request.
This implies: responses can be split (several response messages with the
same searchSequenceID), however you cannot join responses for the channels
associated with different searchSequenceIDs.

So, your example requires 2 response messages (both can be in one packet).

Once of the reasons the previous questions come to mind is because I can't
> find any mention of whether or not it is allowed to include more than one
> pvA message in a single UDP packet.
>

Yes.

> * Should UDP servers honor the replyRequired field?
>>
>> Yes, but it should be used carefully.
>>
>>
>>  Can you give a definition of "carefully"?  Preferably once which doesn't
>> involve our network being flooded with NACKs ;)
>>
>
>  Flag can be used by a special tool(s) (non-existant now)
>
>
> So there is no defined use case for this "feature"?
>

No.

or in case of unicast.
>
>
> Is there some way to tell if the message was sent as unicast or
> broadcast?  My concern applies only to broadcast queries.
>

You can always check "received from" address.


> If this can't be determined I would strongly suggest UDP search response
> should never be sent.  This is a DoS attack waiting to happen.
>

So, you are suggesting to disallow NACK responses to broadcasted UDP search
requests.
Sounds reasonable.

> Search over TCP will have this flag set to true.
>
>
> Is this a MAY, SHOULD, or MUST?
>

SHOULD.
However, I do not see an use-case for replyRequired==false over TCP. So, it
can be MUST.

My remaining question is, should only type==-1 be decoded specially?  What
>> about type==-2?
>>
>> I ask this because I have often seen
>>
>> if(value==-1) {}
>>
>> morph into
>>
>> if(value<0) {}
>>
>
>  I do not expect any other special code/Status.
>
>
> Ok.  I would suggest a stronger statement like:
>
> All Status types other than type==-1 MUST include message and callTree
> strings.
>

OK. Note that callTree is optional, but the message is MUST.

Matej

Hi,

How do you plan to reconstruct a message of more than 3 segments when these
>> segments are delivered out of order?
>>
>
>  This aspect is not yet covered. I have some ideas how (put seq # in the
> header), but not yet there...
>
>
> What I am oh so subtly hinting is that I don't see how the currently
> defined header contains enough information to do this over UDP.  In my
> mind, supporting data over UDP would require incompatible changes to what
> is presented here.
>
> In the mean time, for TCP the defined header+control message definitions
> are redundant (looks like TCP on top of TCP).
>
> Would it make sense to define two different headers for these two
> different transport protocols?
>


Implementing UDP reliability, large message support, ordering, ... is a
project of its own. I do not want to re-invent things. If this is needed,
an already existing design (implementation) of reliable UDP should be taken
and new "pluggable pvAccess protocol" written, e.g. pvAccess->reliable
UDP->UDP.
The specification already allows this.
I think this is the best way.

The same goes for "flow control". TCP works perfectly fine. However, we
have a special case here - a stream where some data can be ignored. TCP
flow control was not designed/optimized for this.
In our case, these are pvAccess monitors (for all the rest TCP flow control
is OK). Now I added some control messages to provide enough information, so
that monitor sending algorithm could tune what amount of monitors to send.
If you have a better idea, let me know.


Now, back to UDP. There is one use-case I would handle using pure pvAccess,
that is without additional layer: images (larger messages) over multicast.
A simple implementation: still unreliable, I would only take care for out
of order packet arrival.
Does this sound good?
A simple idea: each packet (not message) gets a control message that gives
a packet a sequence ID. A receiver monitors packets' sequence IDs and
simply discards whole "segment set" in case of "errors" (out of order,
missing packet). A more advanced implementation could try to do some
reordering. Simple and nothing fancy. For monitoring only.
Have I missed anything out?






>  Which payload?  The segment payload or the application message payload?
>>
>
>  Imagine data: 1 2 3 4 5 6 7 8 9 0
>
>  This can be split to:
>
>  message 1: <pvAccess header> + <1 2 3>
>  message 2: <pvAccess header> + <4 5 6>
> message 3: <pvAccess header> + <7 8 9>
> message 4: <pvAccess header> + <0>
>
>  So, only data is segmented, each segment has it's own header.
> Header is overhead.
>
>
> So I take it you mean that the application message payload is segmented.
>
> Then the minimum segment size is the application message header plus one
> byte?
>

Yes (minimum is 9 bytes including 8-byte header; actually 8 is allowed too
(no payload), but it does not make sense).


> Which application messages fields constitute the header, and which the
> data?
>

Header is standard 8-byte header (magic number, version, flags, cmd,
payloadSize). All the rest is payload.


> In the case of a channelGetRepsonse is it just pvStructureData, or can the
> changedBitSet field also be split across segments?
>
> What about pvRequestIF and pvRequest in channelPutGetRequestInit?
>

Payload can be split anywhere.

9.1 Message Header
>
> Between two segmented messages of the same set there MUST NOT be any other
> application message than the segmented message of the same set. Control
> messages are allowed to be in-between.
>
>
> It would seem to me that this is sufficient to allow processing of an
> additional segment without repeating the application message header.  Why
> is the application message header repeated in each segment?
>

You are right. And it isn't.

There is no such thing as "application message header". There is only a
standard pvAccess header for an application message (i.e. a message that is
not a control message).
In the example above "<pvAccess header>" is standard 8-byte header.


Segmentation is used when large messages are being sent. Message header
> overhead is negligible then.
>
>
> So messages MUST only be segmented if the length is greater then the
> supported transport protocol payload?
>

I am not so strict. If segmentation helps particular implementation to gain
performance, then it can use this feature.

How does this work with the injection of control messages?
>

Any control message can be injected (e.g. "flow control"). In fact, any
non-segmented application message would work also. Injecting another
segmented set (or more) makes it more complicated.

Matej

On 6/17/2012 3:52 PM, Matej Sekoranja wrote:
>
>>         * Also a new question.  Is it allowed for a server to
>>         split/combine responses going to the same requester?
>>
>>
>>     Can you give an example?
>
>     A client wishing to lookup a lot of channels (eg. archiver)
>     broadcasts two requests with 50 channels each and
>     replyRequired==0.  The Server in question has 1 channel included
>     in the first request, and 1 channel included in the second request.
>
>     Is the server allowed to send 1 response message including both
>     channels?  Or must it send two response messages with 1 channel each?
>
>
> Each search request has a searchSequenceID associated with a set of 
> channels to be searched for. A response (for one or more channels) 
> must match associated searchSequenceID from the request.
> This implies: responses can be split (several response messages with 
> the same searchSequenceID), however you cannot join responses for the 
> channels associated with different searchSequenceIDs.
>
> So, your example requires 2 response messages (both can be in one packet).
>
>     Once of the reasons the previous questions come to mind is because
>     I can't find any mention of whether or not it is allowed to
>     include more than one pvA message in a single UDP packet.
>
>
> Yes.

Ok.  I think this is settled.

>>>         > * Should UDP servers honor the replyRequired field?
>>>
>>>         Yes, but it should be used carefully.
>>
>>         Can you give a definition of "carefully"?  Preferably once
>>         which doesn't involve our network being flooded with NACKs ;)
>>
>>
>>     Flag can be used by a special tool(s) (non-existant now)
>
>     So there is no defined use case for this "feature"?
>
>
> No.
>
>>     or in case of unicast.
>
>     Is there some way to tell if the message was sent as unicast or
>     broadcast?  My concern applies only to broadcast queries.
>
>
> You can always check "received from" address.

And this will tell me if it was sent _to_ a broadcast address?

>     If this can't be determined I would strongly suggest UDP search
>     response should never be sent.  This is a DoS attack waiting to
>     happen.
>
>
> So, you are suggesting to disallow NACK responses to broadcasted UDP 
> search requests.
> Sounds reasonable.

This is what I am suggesting (no NACK over UDP).  Are we in agreement on 
this point?

>>     Search over TCP will have this flag set to true.
>
>     Is this a MAY, SHOULD, or MUST?
>
>
> SHOULD.
> However, I do not see an use-case for replyRequired==false over TCP. 
> So, it can be MUST.

I don't see a use case either.  But if it is allowed I can imagine a 
lazy server implementation never sending NACK replies.

>
>>         My remaining question is, should only type==-1 be decoded
>>         specially?  What about type==-2?
>>
>>         I ask this because I have often seen
>>
>>         if(value==-1) {}
>>
>>         morph into
>>
>>         if(value<0) {}
>>
>>
>>     I do not expect any other special code/Status.
>
>     Ok.  I would suggest a stronger statement like:
>
>     All Status types other than type==-1 MUST include message and
>     callTree strings.
>
>
> OK. Note that callTree is optional, but the message is MUST.

I assume by optional you mean zero length string?

Forgive me for further splitting this discussion...

On 6/18/2012 2:31 AM, Matej Sekoranja wrote:
> ...
>
>>         Which payload?  The segment payload or the application
>>         message payload?
>>
>>
>>     Imagine data: 1 2 3 4 5 6 7 8 9 0
>>
>>     This can be split to:
>>
>>     message 1: <pvAccess header> + <1 2 3>
>>     message 2: <pvAccess header> + <4 5 6>
>>     message 3: <pvAccess header> + <7 8 9>
>>     message 4: <pvAccess header> + <0>
>>
>>     So, only data is segmented, each segment has it's own header.
>>     Header is overhead.
>
>     So I take it you mean that the application message payload is
>     segmented.
>

So by pvAccess header you mean the header defined in section 9.1?  And 
by "data" you mean any of the application messages defined in section 10?

I think I have been confused by your example.  I assumed that by "data" 
you meant eg. the pvData returned by a get operation.

>
>     Then the minimum segment size is the application message header
>     plus one byte?
>
>
> Yes (minimum is 9 bytes including 8-byte header; actually 8 is allowed 
> too (no payload), but it does not make sense).

If it does not make sense then why allow it?  It seems to me that 
forbidding un-useful behavior is within the purview of a specification.

> ...
>
>     9.1 Message Header
>>     Between two segmented messages of the same set there MUST NOT be
>>     any other application message than the segmented message of the
>>     same set. Control messages are allowed to be in-between. 
>
> ...
>
>>     Segmentation is used when large messages are being sent. Message
>>     header overhead is negligible then.
>
>     So messages MUST only be segmented if the length is greater then
>     the supported transport protocol payload?
>
>
> I am not so strict. If segmentation helps particular implementation to 
> gain performance, then it can use this feature.

Ok, so there is no requirement?  An implementation is free to segment a 
message in any way it chooses?  This may be one byte at a time.  Can it 
send segments larger than the peers advertised buffer size?

>
>     How does this work with the injection of control messages?
>
>
> Any control message can be injected (e.g. "flow control"). In fact, 
> any non-segmented application message would work also. Injecting 
> another segmented set (or more) makes it more complicated.

I fully agree with the decision to prohibit mixing application message 
segments.


Michael

> ...
>
> Implementing UDP reliability, large message support, ordering, ... is 
> a project of its own. I do not want to re-invent things.

I'm glad we agree on this at least :)

> If this is needed, an already existing design (implementation) of 
> reliable UDP should be taken and new "pluggable pvAccess protocol" 
> written, e.g. pvAccess->reliable UDP->UDP.
> The specification already allows this.
> I think this is the best way.

You are refering to the "protocol" field in the search responce (10.5)?

If so that I agree.  In the absense of a design the only way is to leave 
it unspecified for now.

> The same goes for "flow control". TCP works perfectly fine. However, 
> we have a special case here - a stream where some data can be ignored. 
> TCP flow control was not designed/optimized for this.

TCP flow control pushes the decision of what to drop to the sender by 
applying back pressure by the need to wait for an ACK.  The usual BSD 
sockets concept couples this with fixed size buffers on either end.  So 
the guarentee provides by a TCP socket is to reliably deliver all the 
data accepted into the send buffer.

You are correct that TCP flow control was not designed to drop data, 
because defining a generic way to do this is hard.  Instead it forces 
this decision up to the next layer (aka. us).

> In our case, these are pvAccess monitors (for all the rest TCP flow 
> control is OK). Now I added some control messages to provide enough 
> information, so that monitor sending algorithm could tune what amount 
> of monitors to send.

Ah, this changes the problem.  As I said initially, my issue with the 
current specification is that it is redundant to TCP flow control in two 
ways: it has the same scope (per socket), and conveys the same 
information (buffer sizes).  If either of these changed then it would be 
(solving) a new problem.

> If you have a better idea, let me know.

Focus more on implementing buffering in the sender.  Instead of 
implementing flow control for a second level socket buffer, use per 
channel or per monitor buffers.  I believe that the existing IOC (in 
dbEvent?) has per subscription ring buffers to level the load.

This doesn't require any extra protocol level flow control.

> Now, back to UDP. There is one use-case I would handle using pure 
> pvAccess, that is without additional layer: images (larger messages) 
> over multicast. A simple implementation: still unreliable, I would 
> only take care for out of order packet arrival.
> Does this sound good?

Before we go any further, would you agree that this is outside the scope 
of this iteration of the specification?

> A simple idea: each packet (not message) gets a control message that 
> gives a packet a sequence ID. A receiver monitors packets' sequence 
> IDs and simply discards whole "segment set" in case of "errors" (out 
> of order, missing packet). A more advanced implementation could try to 
> do some reordering. Simple and nothing fancy. For monitoring only.
> Have I missed anything out?
>

I think this would be enough information. yes.

To me the question is more in how to handle subscriptions.


Michael

On Tuesday, June 19, 2012, Michael Davidsaver wrote:
> >     Then the minimum segment size is the application message header
> >     plus one byte?
> >
> > Yes (minimum is 9 bytes including 8-byte header; actually 8 is allowed
> > too (no payload), but it does not make sense).
>
> If it does not make sense then why allow it?  It seems to me that
> forbidding un-useful behavior is within the purview of a specification.

Note that excluding zero length payload would just add a special case that
must be considered (e.g. by implementations). It is simpler to allow any
non-negative size for the payload. Furthermore, message types added in
future might make sense with zero length payload.

Cheers
Ben

________________________________

Helmholtz-Zentrum Berlin für Materialien und Energie GmbH

Mitglied der Hermann von Helmholtz-Gemeinschaft Deutscher Forschungszentren e.V.

Aufsichtsrat: Vorsitzender Prof. Dr. Dr. h.c. mult. Joachim Treusch, stv. Vorsitzende Dr. Beatrix Vierkorn-Rudolph
Geschäftsführung: Prof. Dr. Anke Rita Kaysser-Pyzalla, Thomas Frederking

Sitz Berlin, AG Charlottenburg, 89 HRB 5583

Postadresse:
Hahn-Meitner-Platz 1
D-14109 Berlin

http://www.helmholtz-berlin.de

>
> Is there some way to tell if the message was sent as unicast or
>> broadcast?  My concern applies only to broadcast queries.
>>
>
>  You can always check "received from" address.
>
>
> And this will tell me if it was sent _to_ a broadcast address?
>

Right, no way to get "to address".

 If this can't be determined I would strongly suggest UDP search response
>> should never be sent.  This is a DoS attack waiting to happen.
>>
>
>  So, you are suggesting to disallow NACK responses to broadcasted UDP
> search requests.
> Sounds reasonable.
>
>
> This is what I am suggesting (no NACK over UDP).  Are we in agreement on
> this point?
>

I agree.


>  Ok.  I would suggest a stronger statement like:
>>
>> All Status types other than type==-1 MUST include message and callTree
>> strings.
>>
>
>  OK. Note that callTree is optional, but the message is MUST.
>
>
> I assume by optional you mean zero length string?
>

Yes (we have no nulls).

Matej

>
> Which payload?  The segment payload or the application message payload?
>>>
>>
>>  Imagine data: 1 2 3 4 5 6 7 8 9 0
>>
>>  This can be split to:
>>
>>  message 1: <pvAccess header> + <1 2 3>
>>  message 2: <pvAccess header> + <4 5 6>
>> message 3: <pvAccess header> + <7 8 9>
>> message 4: <pvAccess header> + <0>
>>
>>  So, only data is segmented, each segment has it's own header.
>> Header is overhead.
>>
>>
>>  So I take it you mean that the application message payload is segmented.
>>
>
> So by pvAccess header you mean the header defined in section 9.1?  And by
> "data" you mean any of the application messages defined in section 10?
>

Yes.


> I think I have been confused by your example.  I assumed that by "data"
> you meant eg. the pvData returned by a get operation.
>

Sorry for confusion.


>> Then the minimum segment size is the application message header plus one
>> byte?
>>
>
>  Yes (minimum is 9 bytes including 8-byte header; actually 8 is allowed
> too (no payload), but it does not make sense).
>
>
> If it does not make sense then why allow it?  It seems to me that
> forbidding un-useful behavior is within the purview of a specification.
>

Right. For segmented messages this really does not make sense.
For non-segmented messages zero payloadSize is OK.

...
>
>  9.1 Message Header
>>
>> Between two segmented messages of the same set there MUST NOT be any
>> other application message than the segmented message of the same set.
>> Control messages are allowed to be in-between.
>>
>>  ...
>
>    Segmentation is used when large messages are being sent. Message
>> header overhead is negligible then.
>>
>>
>>  So messages MUST only be segmented if the length is greater then the
>> supported transport protocol payload?
>>
>
>  I am not so strict. If segmentation helps particular implementation to
> gain performance, then it can use this feature.
>
>
> Ok, so there is no requirement?  An implementation is free to segment a
> message in any way it chooses?  This may be one byte at a time.
>

Yes.


>  Can it send segments larger than the peers advertised buffer size?
>

Spec now allows this. Current implementation can also handle this w/o any
problem. However, I limit send message size to a half of TCP rx buffer
(performance drop on Windows). But this is an implementation detail.
I find it useful for remote side to optionally set max send size (might
make implementation easier if performance is not an issue).


Matej

>
> ...
>
>  Implementing UDP reliability, large message support, ordering, ... is a
> project of its own. I do not want to re-invent things.
>
>
> I'm glad we agree on this at least :)
>

I think we agree on most of the things, but mailing just messse things up.

If this is needed, an already existing design (implementation) of reliable
> UDP should be taken and new "pluggable pvAccess protocol" written, e.g.
> pvAccess->reliable UDP->UDP.
> The specification already allows this.
> I think this is the best way.
>
>
> You are refering to the "protocol" field in the search responce (10.5)?
>

Yes.


>
> If so that I agree.  In the absense of a design the only way is to leave
> it unspecified for now.
>
>
>   The same goes for "flow control". TCP works perfectly fine. However, we
> have a special case here - a stream where some data can be ignored. TCP
> flow control was not designed/optimized for this.
>
>
> TCP flow control pushes the decision of what to drop to the sender by
> applying back pressure by the need to wait for an ACK.  The usual BSD
> sockets concept couples this with fixed size buffers on either end.  So the
> guarentee provides by a TCP socket is to reliably deliver all the data
> accepted into the send buffer.
>
> You are correct that TCP flow control was not designed to drop data,
> because defining a generic way to do this is hard.  Instead it forces this
> decision up to the next layer (aka. us).
>
>
>   In our case, these are pvAccess monitors (for all the rest TCP flow
> control is OK). Now I added some control messages to provide enough
> information, so that monitor sending algorithm could tune what amount of
> monitors to send.
>
>
> Ah, this changes the problem.  As I said initially, my issue with the
> current specification is that it is redundant to TCP flow control in two
> ways: it has the same scope (per socket), and conveys the same information
> (buffer sizes).  If either of these changed then it would be (solving) a
> new problem.
>
>
>   If you have a better idea, let me know.
>
>
> Focus more on implementing buffering in the sender.  Instead of
> implementing flow control for a second level socket buffer, use per channel
> or per monitor buffers.  I believe that the existing IOC (in dbEvent?) has
> per subscription ring buffers to level the load.
>

We already have per monitor ring-buffers implemented (can be also
configured per monitor instance).


> This doesn't require any extra protocol level flow control.
>

Still does not solve "fluidity" problems.
However... I quote:
"Requiring flow control (in addition to already existing monitor queues)
would add complexity to the protocol's implementation. It needs to be
decided whether the above flow control should be specified as part of the
normative specification, or only suggested non-normatively. At present, it
is only suggested."

I am still not 100% decided whether we really need "flow control" or not. I
am collecting input.
So, you say not needed/not worth it?

Now, back to UDP. There is one use-case I would handle using pure pvAccess,
> that is without additional layer: images (larger messages) over multicast.
> A simple implementation: still unreliable, I would only take care for out
> of order packet arrival.
> Does this sound good?
>
>
> Before we go any further, would you agree that this is outside the scope
> of this iteration of the specification?
>

Yes, this is not specified (yet).

A simple idea: each packet (not message) gets a control message that gives
> a packet a sequence ID. A receiver monitors packets' sequence IDs and
> simply discards whole "segment set" in case of "errors" (out of order,
> missing packet). A more advanced implementation could try to do some
> reordering. Simple and nothing fancy. For monitoring only.
> Have I missed anything out?
>
>
> I think this would be enough information. yes.
>
> To me the question is more in how to handle subscriptions.
>

Right. Should we spawn another mail discussion and define this?

Matej

On 6/19/2012 6:03 AM, Benjamin Franksen wrote:
> On Tuesday, June 19, 2012, Michael Davidsaver wrote:
>>>      Then the minimum segment size is the application message header
>>>      plus one byte?
>>>
>>> Yes (minimum is 9 bytes including 8-byte header; actually 8 is allowed
>>> too (no payload), but it does not make sense).
>> If it does not make sense then why allow it?  It seems to me that
>> forbidding un-useful behavior is within the purview of a specification.
> Note that excluding zero length payload would just add a special case that
> must be considered (e.g. by implementations).

So this would mean effectively ignoring the frame?

>   It is simpler to allow any
> non-negative size for the payload.

This is true.

>   Furthermore, message types added in
> future might make sense with zero length payload.

Isn't this is what the control messages are?


Just to be clear I am advocating that application messages with zero 
length payload not be allowed.

>
>
> Just to be clear I am advocating that application messages with zero
> length payload not be allowed.
>

I guess you wanted to say:
 "Just to be clear I am advocating that _segmented_ messages with zero
length payload not be allowed."

Application message with zero payload (i.e. only command) can be e.g.
shutdown server.

Matej

On 6/20/2012 5:25 PM, Matej Sekoranja wrote:
>
>
>     Just to be clear I am advocating that application messages with zero
>     length payload not be allowed.
>
>
> I guess you wanted to say:
>  "Just to be clear I am advocating that _segmented_ messages with zero
> length payload not be allowed."

Ah semantics :)

In fact I did mean any application message.  Application message meaning 
the messages defined in section 10.  None of these message definitions 
would seem to allow a zero length payload.

>
> Application message with zero payload (i.e. only command) can be e.g. 
> shutdown server.

Where is the "shutdown server" message defined?

>
> In fact I did mean any application message.  Application message meaning
> the messages defined in section 10.  None of these message definitions
> would seem to allow a zero length payload.
>

True.
(Unless you use echo without payload).

> Application message with zero payload (i.e. only command) can be e.g.
> shutdown server.
>
>
> Where is the "shutdown server" message defined?
>

Just an example of a valid application message of zero payload.

Matej

On 6/20/2012 5:46 PM, Matej Sekoranja wrote:
>
>     In fact I did mean any application message.  Application message
>     meaning the messages defined in section 10.  None of these message
>     definitions would seem to allow a zero length payload.
>
>
> True.
> (Unless you use echo without payload).

Which echo message?  I just noticed that there are two.  One in section 
10.3 with a payload.  The second in 11.4 and 11.5 without a payload.

Am I missing something?  Why are there two?

>>     Application message with zero payload (i.e. only command) can be
>>     e.g. shutdown server.
>
>     Where is the "shutdown server" message defined?
>
>
> Just an example of a valid application message of zero payload.

If this is a valid application message, which section contains the 
definition?  I find no matches for "shutdown" or "shut down" anywhere in 
the document.

On 6/19/2012 7:08 AM, Matej Sekoranja wrote:
> ...
>
>
>     This doesn't require any extra protocol level flow control.
>
>
> Still does not solve "fluidity" problems.

I assume you are referring to delivery (buffering and transmission) of 
monitor updates?

What do you mean be "fluidity"?  Do you mean low latency?  Constant 
rate?  Low drop rate?

> However... I quote:

Who are you quoting?

> "Requiring flow control (in addition to already existing monitor 
> queues) would add complexity to the protocol's implementation. It 
> needs to be decided whether the above flow control should be specified 
> as part of the normative specification, or only suggested 
> non-normatively. At present, it is only suggested."
>
> I am still not 100% decided whether we really need "flow control" or 
> not. I am collecting input.
> So, you say not needed/not worth it?

No only is is not needed, I suspect that it could actually cause 
additional latency in some cases due to the ACK messages (sec. 11.2) 
being in-band.

To be clear.  To accept that this flow control is useful I would need to 
see a clear description of what additional benefit it gives beyond what 
is already provided by TCP.  So far I have not seen this.

>
> Right. Should we spawn another mail discussion and define this?

Since this discussion would not be related to comments on the spec 
document, yes.


Michael

>
> True.
> (Unless you use echo without payload).
>
>
> Which echo message?  I just noticed that there are two.  One in section
> 10.3 with a payload.  The second in 11.4 and 11.5 without a payload.
>
> Am I missing something?  Why are there two?
>

Application (can have payload) vs control message (cannot have payload,
codec internal).



> Application message with zero payload (i.e. only command) can be e.g.
>> shutdown server.
>>
>>
>>  Where is the "shutdown server" message defined?
>>
>
>  Just an example of a valid application message of zero payload.
>
>
> If this is a valid application message, which section contains the
> definition?  I find no matches for "shutdown" or "shut down" anywhere in
> the document.
>

There is no such message. Just a fictional example.

Matej

>
>
>> This doesn't require any extra protocol level flow control.
>>
>
>  Still does not solve "fluidity" problems.
>
>
> I assume you are referring to delivery (buffering and transmission) of
> monitor updates?
>

Yes.


>
> What do you mean be "fluidity"?
>




>   Do you mean low latency?  Constant rate?  Low drop rate?
>

Constant rate (vs. lower frequency bursts of monitors).


>
>  However... I quote:
>
>
> Who are you quoting?
>
>
The spec.


>
>  "Requiring flow control (in addition to already existing monitor queues)
> would add complexity to the protocol's implementation. It needs to be
> decided whether the above flow control should be specified as part of the
> normative specification, or only suggested non-normatively. At present, it
> is only suggested."
>
>  I am still not 100% decided whether we really need "flow control" or
> not. I am collecting input.
> So, you say not needed/not worth it?
>
>
> No only is is not needed, I suspect that it could actually cause
> additional latency in some cases due to the ACK messages (sec. 11.2) being
> in-band.
>
> To be clear.  To accept that this flow control is useful I would need to
> see a clear description of what additional benefit it gives beyond what is
> already provided by TCP.  So far I have not seen this.
>

When I'll have some time, I'll record a movie.


> Right. Should we spawn another mail discussion and define this?
>
>
> Since this discussion would not be related to comments on the spec
> document, yes.
>

OK.

Matej

On 6/21/2012 4:09 AM, Matej Sekoranja wrote:
>
>>
>>         This doesn't require any extra protocol level flow control.
>>
>>
>>     Still does not solve "fluidity" problems.
>
>     I assume you are referring to delivery (buffering and
>     transmission) of monitor updates?
>
>
> Yes.
>
>
>     What do you mean be "fluidity"?
>
>
>
>       Do you mean low latency?  Constant rate?  Low drop rate?
>
>
> Constant rate (vs. lower frequency bursts of monitors).

I think a better statement would be "constant latency" or "constant 
delivery time" as you can't in general assume that your data source is 
periodic.  Even sources which are periodic at a lower level may not 
remain so when they have risen to the level of pvAccess (think of value 
deadbands).

The examples you have given focus on message loss due to buffer size.  
One way to state what happens here is that the buffers fill (and 
overflow) when the average delivery time is longer than the average 
update period.

Is this the only case you are considering?  That is, would you propose 
to drop or delay messages when the buffer is not full?

When buffering update messages, the typical EPICS algorithm is that when 
the buffer is full to always drop the last entry in the buffer and 
replace it with the latest update.  This gives a bias to drop later 
samples over earlier ones.  I think this is what you would like to avoid?

One way to avoid this is to change the buffering algorithm so that the 
sample dropped is not always the last in the buffer.  One simple way 
would be to randomly drop any sample other than the first.

I don't have a specific algorithm in mind yet, but this seems like a 
problem which has likely been solved before.


Michael