Add an RFC for a echo/ping mechanism #232
Conversation
|
I'm not sure if I like this proposal, on two levels:
This seems to add a lot of complexity to our otherwise very simple protocol. An alternative proposal (the one connectorland already uses, actually): If Alice wants to ping Bob, she establishes an out-of-band communication channel with Bob, a trustline over that, and then sends a small payment to |
Good point. Obviously, that's a no-go. But you could easily fix it by making
The receiver isn't required to implement anything if they don't want to offer echo functionality. Many hosts on the Internet respond to pings, but some choose not to. Either behavior is perfectly legitimate. But if someone does want to offer ping functionality, there should be a standard way to do it.
The
Again, only if they want to implement pinging.
This involves a lot more complexity than the protocol described in this RFC. First, we need to define the "out-of-band communication" used to create the trustline and the format of the messages exchanged that way. Then we also need a way to tear down the channel after I've done the ping. Your proposal also only tests a payment from Bob -> Alice, not from Alice -> Bob. The user experience I'm looking for is similar to |
|
ok, so how about running a 'ping' account on a ledger, which will send a 'pong' payment for each amount you pay to it? then it's all at the highest layer. could even be on top of spsp. |
Then it wouldn't be trivial to figure out the ping address for a given ILP address... Think of how many times you've tried to debug why two machines couldn't talk to each other and went "Hmm, try pinging me..." I think it's also a good idea for the ping to be low-level. You might use a ping to narrow down a problem you're having. If you're trying to debug "my SPSP payments aren't working", but your ping relies on SPSP, it doesn't really narrow down the problem. You want that "Oh, ping is working, so it must be an SPSP issue" or "Oh, ping is not working, so it must be an ILP issue" effect. I spent some more time thinking about it today and realized that the connector changes are only needed for the quoting part and we can probably live without quoting just by choosing to ping using some default amount. We need to choose a max cost that we're willing to tolerate anyway. That also means that we don't need a weird special address, we can ping any ILP address, we just put |
|
Updated the RFC using the new simplified flow. With this new flow, the only proposed changes to the implementation are:
One possible change we may want to discuss: In the current flow, the receiver doesn't quote. This was done to minimize the burden on the receiver, but it does mean that the sender always pays the maximum. Might be ok if payments are pretty cheap and you can successfully ping with a very small amount (think fraction of a cent.) The alternative is to have the receiver quote by source amount before responding to the ping. The downside is that it's more work for the recipient and if quoting is slow it also means that the payment is on hold for a relatively long time. |
|
|
||
| The echo protocol is designed to test uptime, latency and cost. It is not designed to debug routing issues and does not provide additional diagnostic information about the state of routing. That use case would be better served by a separate traceroute mechanism. | ||
|
|
||
| All Interledger implementations should implement the echo service, unless they have a specific reason not to, such as security or privacy concerns. |
There was a problem hiding this comment.
only receivers, right? senders and connectors don't have to do anything?
There was a problem hiding this comment.
and only if they want to join "destinations that are known to support the protocol described in this document" as mentioned at the end?
There was a problem hiding this comment.
Yes to all three questions.
This is raising some interesting questions though around how separate the sender, connector and receiver functions are. Our ilp module already includes sender and receiver and I don't see a strong reason why it shouldn't also include a connector the same way that IP stacks usually include a connector. It wouldn't add a whole lot to the size of the module as @sharafian's minimalistic connector is proving (and as you would expect.)
|
|
||
| Participants of the Interledger network may use this mechanism to test their own connectivity by sending pings to one or more destinations that are known to support the protocol described in this document. | ||
|
|
||
| A monitoring service that is testing the availability of different ILP connectors may send pings to these connectors from various sources. Connectors that wish to use this monitoring service must support the protocol described in this document. |
There was a problem hiding this comment.
instead of "wish to use", "wish to be monitored by" would maybe be more accurate. If it is the monitoree itself who wants to measure its reachability, then we could assume there is out-of-band communication between the monitoree and the monitoring service, and so they could just send test payments in both directions without the need to do roundtrip pingpong.
|
ok, I think this protocol would be useful in the situation where If all of the above are true, then it makes sense for Monitor to send a PING payment to Alice, as an in-network way to inform her that she should initiate a PONG payment. So the PING prepare phase is really an in-network way for the Monitor to tell Alice "please send me a test payment", and the PONG prepare (not the PING prepare) is the actual test. I usually think of the PING as the thing that tests, not the PONG. So maybe better terms than 'PING' and 'PONG' would be 'PLEASE PING' and 'PING', respectively. The fulfillment of the 'PING', which goes from Monitor to Alice, is then what I would think of as the 'PONG' If Alice and Monitor had out-of-band communication, then Monitor could just tell Alice "hey, can you send me a test payment for a tiny amount?" - this is actually what we do a lot in the Luxembourg office, and it's very useful. :) For this to work usefully, we should implement the 'forwarded by' list in rejection messages, IIRC, we specified that but didn't implement it yet. The Monitor could then see if the test payment made it past Alice or not. If Alice does not implement this protocol, then the Monitor will see that Alice rejected the payment with an error message indicating she doesn't know how to fulfill the payment's condition. That way, not all ILP nodes have to implement this protocol, only the ones that want to be pingable. So having said all that, I think this could be a useful optional addition on top of ILP! :) |
| - Destination amount: The quoted destination amount from the quote response | ||
| - Destination ILP address: Mirror's ILP address | ||
| - Data: The string `PING` followed by a newline character (a 0x0A byte), followed by a UUID in canonical textual representation, followed by another newline character, followed by the Client's ILP address. | ||
|
|
There was a problem hiding this comment.
What condition and expiry are used?
| - Destination amount: 0 | ||
| - Destination ILP address: Client's ILP address (taken from the data field of the incoming payment) | ||
| - Data: The string `PONG` followed by a newline character (a 0x0A byte), followed by the UUID taken from the incoming payment's data field. | ||
|
|
There was a problem hiding this comment.
Does the mirror ever fulfill the transfer?
There was a problem hiding this comment.
It passes on the fulfillment that it receives from the return path. Will clarify in the text.
|
@justmoon what's the status of this? |
|
Closing while we're waiting for other protocol decisions to settle. |
We'd like to:
In order to take into account the liquidity, latency and cost in both directions, the ping should be an end-to-end payment both ways.
I threw together a quick strawman for an echo protocol analogous to ICMP's Echo Request/Response.