[Nfd-dev] Fwd: NFD mgmt: eliminate double-dispatch
Junxiao Shi
shijunxiao at email.arizona.edu
Wed Oct 8 09:28:34 PDT 2014
This proposal describes the original design intention of the Interest
dispatch mechanism of NFD management.
This message was originally sent on Jun 02. This version is a correction.
Current implemented approach:
NFD management module consists of:
- several Managers, such as FaceManager, FibManager,
StrategyChoiceManager
- an InternalFace
- a configuration parser
To process an Interest:
- InternalFace receives ndn:/localhost/nfd Interests from forwarding,
looks at the third component (management module), and dispatch it to a
Manager.
- Upon Interest arrival, Manager looks at the fourth component, and do
one of the following:
- for command verb: validate Command Interest, and then dispatch the
Interest to the function that handles this command
- for dataset: dispatch the Interest to the function that generates
data for this dataset
- for notification stream: drop the Interest
- Replies are directly written to InternalFace
Drawback of this design:
- Each Interest is dispatched twice: once in InternalFace, again in
Manager.
- Authentication is scattered across Managers.
- Reply encryption is non-existent.
Design intention:
partial interface InternalFace {
// reply(const Data& data, bool isFinal);
// data: unsigned and unencrypted Data
// isFinal: true if this is that last Data to send
typedef function<void(const Data&, bool)> ReplyFunc;
// process(const Interest& interest, const Name& identity, ReplyFunc
reply);
// identity: verified identity of requester, if available; otherwise
empty
// reply: a function to send replies
typedef function<void(const Interest&, const Name&, ReplyFunc)>
InterestHandler;
// accept(const Name& identity)
// identity: verified identity of requester, if available; otherwise
empty
typedef function<void(const Name&)> AcceptContinuation;
// reject(bool reply401)
// send401: whether to reply 401 or silently drop
typedef function<void(bool)> RejectContinuation;
// authorize(const Name& prefix, const Interest& interest,
AcceptContinuation accept, RejectContinuation reject);
// accept: function to call if authentication succeeds
// reject: function to call if authentication fails
typedef function<void(const Name&, const Interest&, AcceptContinuation,
RejectContinuation)> Authorization;
// encryptReply(const Name& identity, shared_ptr<Data> data);
typedef function<void(const Name&, shared_ptr<Data>)> ReplyEncryption
void register(const Name& prefix, Authorization, ReplyEncryption,
InterestHandler handler);
}
- During initialization, Manager should register its commands, datasets,
and notification streams into InternalFace
- examples:
face->register("ndn:/localhost/nfd/faces/create",
CommandInterestAuthorization("faces"), NullReplyEncryption(),
bind(&FaceManager::onCreateCommand, this, _1, _2, _3));
face->register("ndn:/localhost/nfd/faces/list",
DatasetAuthorization(), NullReplyEncryption(),
bind(&FaceManager::generateFaceList, this, _3));
face->register("ndn:/localhost/nfd/faces/events",
DropAllAuthorization(), nullptr, nullptr);
- InternalFace receives ndn:/localhost/nfd Interests from forwarding,
perform a longest prefix match on registered prefixes
- if no registration is found, record to log, and drop the Interest
- Perform authorization as requested
- CommandInterestAuthorization(const std::string& privilege) accepts
valid Command Interests with this privilege, and rejects with
401 otherwise
- DatasetAuthorization accepts Interests with Name equal to the
prefix, and drops other Interests (they should be satisfied by
ContentStore)
- DropAllAuthorization drops all Interests; this is used with
notification streams because Interests should wait until notification is
delivered
- Dispatch to the handler
- Handler calls ReplyFunc zero or more times with unsigned and
unencrypted Data
- ReplyFunc is a bound function that knows the ReplyEncryption; it
encrypts Data as requested, and then sign and send it
In addition, derive a ndn::Face subclass (which has the same API as a
client face in ndn-cxx), so that the same Dataset publisher and
Notification Stream publisher can be used both in external app and within
NFD management.
Yours, Junxiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20141008/a5f6ba11/attachment.html>
More information about the Nfd-dev
mailing list