1 / 17

5.4 Correctness criteria for protocols

5.4 Correctness criteria for protocols. Delivery using different clocks . ISIS message delivery. 5.5 Group Communication. IPv4 multicast addresses. Class D (starts with bit sequence1110) 224.0.0.1 to 239.255.255.255 (about 2 28  268 million)

wardah
Download Presentation

5.4 Correctness criteria for protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 5.4 Correctness criteria for protocols

  2. Delivery using different clocks

  3. ISIS message delivery

  4. 5.5 Group Communication

  5. IPv4 multicast addresses • Class D (starts with bit sequence1110) • 224.0.0.1 to 239.255.255.255 (about 228268 million) • 224.0.0.1 is for “all systems on this subnet” • 224.2.0.0 ~ 224.2.127.253 are for multimedia conference calls

  6. Java multicast sender • String msg = “This is a test msg.”; • InetAddress group=InetAddress.getByName("239.1.2.3"); • MulticastSocket s = new MulticastSocket(3456); • s.joinGroup(group); • DatagramPacket msgOut = new DatagramPacket(msg.getBytes(), msg.length(), group, 3456); • s.send(msgOut);

  7. Java multicast receiver • byte[ ] buf = new byte[1000]; • InetAddress group=InetAddress.getByName("239.1.2.3"); • MulticastSocket s = new MulticastSocket(3456); • s.joinGroup(group); • DatagramPacket msgIn = new DatagramPacket(buf, buf.length); • s.receive(msgIn);

  8. How to run

  9. Formal description of ISIS clock ICi • Pi initializes its clockICi = [0,…,0]. • For each msg sendingevent by Pi • ICi[i]++ • Pi attaches ICi to message it sends. • Upon receiving msg M from Pj with M.ts, Pichecks if • 1) M.ts[j] == ICi[j] + 1 (M is next msg expected from Pj) • 2) ICi[k]  M.ts[k] for all otherk (all msgs from Pkthat sender Pjhas received have been received byPi) • If both are satisfied, PideliversM after ICi[j]++ • Otherwise, Pi puts M in hold-back Q until they are satisfied.

  10. Comments • 1) M.ts[j] == ICi[j] + 1 (M is next msg expected from Pj) • 2) ICi[k]  M.ts[k] for all otherk (all msgs from Pkthat sender Pjhas received have been received byPi) • If ICi[k] < M.ts[k], then before sending M, sender Pj received msg M’from Pk that causally precedes M but M’ hasn’t beenreceived by Pi yet. • ISIS delivers M before any other msg that is causally preceded by M delivery respects causality order.

  11. P1 P2 P3 000 000 000 001 100 “foo to P2” “Do you havefoo?” 101 001 201 101 “Given to P2 (=M2)” 202 “Do you have foo?”(=M3) M1 Time Example Violation check: M3.ts[j] > IC2[j]for some j (j!=3)? • Is there msg that sender knows about but receiver doesn’t? • If so, receiver (P2) delays delivery of M3. • M3.ts[1] = 2 > 0 = IC2[1]in above example.

  12. continued… P1 P2 P3 Migrate foo to P2 “Where is foo?” 100 000 001 101 M1 M2.ts[1]> IC3[1]+1 Put M2in Hold-back Q 201 M2 “foois at P2” M1.ts[1] = IC3[1]+1 IC3101; deliver M1 IC3201; deliver M2 Time • Note: jth component of M.ts is • sequence number of latest msg sent • by Pj that is known to sender of M

  13. M’Mif and only if M’.ts< M.ts • Assume M’ (M) was sent by Pk (Pj), where j=k is possible. • [If M’M then M’.ts< M.ts] is easy to show • Pj received M’ before sending M: M’.ts < ICj[ ] < M.ts • To show [IfM’.ts< M.tsthen M’M], we show instead ![M’M] then ![M’.ts< M.ts] • Assume ![M’M] • Sender of M(Pj) didn’t know about M’ at time of sending M. • Thus,M’.ts[k]> M.ts[k], i.e., ![M’.ts< M.ts]

  14. Safety • Sufficient to show that msgs are delivered in timestamp order. • Suppose not • Letm(m’)be event of sending message M (M’) • Assume Pi delivered msg M (from Pk) before M’(from Pj), even though M’.ts(= ICj(m’)) < M.ts (=ICk(m)) …….(A) (a) Just before Pi delivered M’: ICi[j]+1= ICj(m’)[j]henceICi[j] < ICj(m’)[j] (b) Delivery of M would have resulted in ICi[j]*= ICk(m)[j] at time of delivery • (a) and (b) contradict (A) since (b) took place before (a), hence ICi[j]* ICi[j]

  15. Liveness

  16. continued … • Assume ICi[k] < M.ts[k] for some k (!=j), i.e., condition (2) is violated; want to derive contradiction from this. • Let M’ be latest msg from Pk that Pj delivered prior to sendingMso that M’.ts < M.ts and M’.ts[k] = M.ts[k]. • If Pi hasn’t delivered copy of msg M’ from Pk, then M’ with M’.ts < M.ts is inholdback Q of Pi, contradicting assumption that M is not causally preceded by any other msg in holdback Q of Pi. • So Pimust have delivered copy of msg M’ from Pk.Thus ICi[k] M’.ts[k] = M.ts[k], contradictingICi[k] < M.ts[k] • Must give up assumption that Pi cannot deliver M.

  17. Proof illustration Pj M’ Pk M.ts>M’.ts M M’ Pi Pi already delivered M’  ICi[k]  M.ts[k]

More Related