Network Working Group B. Carpenter
Internet-Draft Univ. of Auckland
Intended status: Standards Track B. Liu, Ed.
Expires: April 5, 2018 Huawei Technologies
W. Wang
X. Gong
BUPT University
October 2, 2017

Generic Autonomic Signaling Protocol Application Program Interface (GRASP API)


This document specifies the application programming interface (API) of the Generic Autonomic Signaling Protocol (GRASP). The API is used for Autonomic Service Agents (ASA) calling the GRASP protocol module to exchange autonomic network messages with other ASAs.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on April 5, 2018.

Copyright Notice

Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents ( in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

1. Introduction

As defined in [I-D.ietf-anima-reference-model], the Autonomic Service Agent (ASA) is the atomic entity of an autonomic function; and it is instantiated on autonomic nodes. When ASAs communicate with each other, they should use the Generic Autonomic Signaling Protocol (GRASP) [I-D.ietf-anima-grasp].

As the following figure shows, GRASP could contain two major sub-layers. The bottom is the GRASP base protocol module, which is only responsible for sending and receiving GRASP messages and maintaining shared data structures. The upper layer is some extended functions based upon GRASP basic protocol. For example, [I-D.liu-anima-grasp-distribution] describes a possible extended function.

It is desirable that ASAs can be designed as portable user-space programs using a portable API. In many operating systems, the GRASP module will therefore be split into two layers, one being a library that provides the API and the other being core code containing common components such as multicast handling and the discovery cache. The details of this are system-dependent.

+----+                              +----+
|ASAs|                              |ASAs|
+----+                              +----+
   |                                   |
   | GRASP Function API                |
   |                                   |
+------------------+                   |GRASP API
| GRASP Extended   |                   |
| Function Modules |                   |
+------------------+                   |
|                   GRASP Library          |
|  GRASP Module - - - - - - - - - - - - - -|
|                   GRASP Core             |

Both the GRASP base module and the extended function modules should be available to the ASAs. Thus, there needs to be two sub-sets of API. However, since the extended functions are expected to be added in an incremental manner, it is inappropriate to define the function APIs in a single document. This document only defines the base GRASP API.

Note that a very simple autonomic node might contain only a single ASA in addition to the autonomic infrastructure components described in [I-D.ietf-anima-bootstrapping-keyinfra] and [I-D.ietf-anima-autonomic-control-plane]. Such a node might directly integrate GRASP in its autonomic code and therefore not require this API to be installed.


2.1. Design Principles

The assumption of this document is that any Autonomic Service Agent (ASA) needs to call a GRASP module that handles protocol details (security, sending and listening for GRASP messages, waiting, caching discovery results, negotiation looping, sending and receiving sychronization data, etc.) but understands nothing about individual objectives. So this is a high level abstract API for use by ASAs. Individual language bindings should be defined in separate documents.

An assumption of this API is that ASAs may fall into various classes:

The API also assumes that one ASA may support multiple objectives. Nothing prevents an ASA from supporting some objectives for synchronization and others for negotiation.

The API design assumes that the operating system and programming language provide a convenient mechanism for multi-threaded code. A solution in case this does not apply is described in Section 3.

This is a preliminary version. Two particular gaps exist:

2.2. API definition

2.2.1. Parameters and data structures

This section describes parameters and data structures uaed in multiple API calls. Errorcode

All functions in the API have an unsigned 'errorcode' integer as their return value (the first returned value in languages that allow multiple returned parameters). An errorcode of zero indicates success. Any other value indicates failure of some kind. The first three errorcodes have special importance:

  1. Declined: used to indicate that the other end has sent a GRASP Negotiation End message (M_END) with a Decline option (O_DECLINE).
  2. No reply: used in non-blocking calls to indicate that the other end has sent no reply so far (see Section 3).
  3. Unspecified error: used when no more specific error code applies.

Appendix A gives a full list of currently defined error codes. Timeout

Wherever a 'timeout' parameter appears, it is an integer expressed in milliseconds. If it is zero, the GRASP default timeout (GRASP_DEF_TIMEOUT, see [I-D.ietf-anima-grasp]) will apply. If no response is received before the timeout expires, the call will fail unless otherwise noted. Objective

 typedef struct {
    char *name;
    bool neg;
    bool dry;
    bool synch;
    int loop_count;
    int value_size;           // size of value
    uint8_t cbor_value[];     // CBOR bytestring of value
    } objective;
 class objective:
    """A GRASP objective"""
    def __init__(self, name): = name    #Unique name, string
        self.neg = False    #Set True if objective supports negotiation
        self.dry = False    #Set True if objective also supports dry-run negotiation
        self.synch = False  #Set True if objective supports synch
        self.loop_count = GRASP_DEF_LOOPCT  #Default starting value
        self.value = 0      #Place holder; any valid Python object

An 'objective' parameter is a data structure with the following components: ASA_locator

An 'ASA_locator' parameter is a data structure with the following contents: Tagged_objective

A 'tagged_objective' parameter is a data structure with the following contents: Asa_nonce

In most calls, an 'asa_nonce' parameter is required. It is generated when an ASA registers with GRASP, and any call in which an invalid nonce is presented will fail. It is an up to 32-bit opaque value (for example represented as a uint32_t, depending on the language). It should be unpredictable; a possible implementation is to use the same mechanism that GRASP uses to generate Session IDs [I-D.ietf-anima-grasp]. Another possible implementation is to hash the name of the ASA with a locally defined secret key. Session_nonce

In some calls, a 'session_nonce' parameter is required. This is an opaque data structure as far as the ASA is concerned, used to identify calls to the API as belonging to a specific GRASP session. In fully threaded implementations this parameter might not be needed, but it is included to act as a session handle if necessary. It will also allow GRASP to detect and ignore malicious calls or calls from timed-out sessions. A possible implementation is to form the nonce from the underlying GRASP Session ID and the source address of the session.

2.2.2. Registration

These functions are used to register an ASA and the objectives that it supports with the GRASP module. If an authorization model is added to GRASP, it would be added here.

2.2.3. Discovery

2.2.4. Negotiation

2.2.5. Synchronization and Flooding

2.2.6. Invalid Message Function

3. Non-threaded Implementations

If an operating system or language does not provide convenient support for multi-threading, ASAs may need to be written using a polling or 'event loop' structure, whereby a main loop supports multiple GRASP sessions in parallel by repeatedly checking each one for a change of state. To facilitate this, an API implementation may provide alternative versions of all the functions that involve blocking and queueing. In the calls, the error code 2 ("noReply") will be returned by each call instead of blocking, until such time as the event for which it is waiting has been queued. Thus, for example, request_negotiate() would return "noReply" instead of waiting until an incoming request or timeout arrived, and an identical call to request_negotiate() would be repeated in the next cycle of the main loop. In the case of negotiations, the session_nonce parameter is used to distinguish sessions from each other, if necessary.

The calls to which this mechanism applies are:

4. Example Logic Flows


(Until this section is written, some Python examples can be found at <>, <>, and <>.)

5. Security Considerations

Security issues for the GRASP protocol are discussed in [I-D.ietf-anima-grasp]. Authorization of ASAs is a subject for future study.

The 'asa_nonce' parameter is used in the API as a first line of defence against a malware process attempting to imitate a legitimately registered ASA. The 'session_nonce' parameter is used in the API as a first line of defence against a malware process attempting to hijack a GRASP session.

6. IANA Considerations

This does not need IANA assignment.

7. Acknowledgements

This document was produced using the xml2rfc tool [RFC7749].

Excellent suggestions were made by Michael Richardson.

8. References

8.1. Normative References

[I-D.ietf-anima-grasp] Bormann, C., Carpenter, B. and B. Liu, "A Generic Autonomic Signaling Protocol (GRASP)", Internet-Draft draft-ietf-anima-grasp-15, July 2017.

8.2. Informative References

[I-D.ietf-anima-autonomic-control-plane] Behringer, M., Eckert, T. and S. Bjarnason, "An Autonomic Control Plane (ACP)", Internet-Draft draft-ietf-anima-autonomic-control-plane-10, September 2017.
[I-D.ietf-anima-bootstrapping-keyinfra] Pritikin, M., Richardson, M., Behringer, M., Bjarnason, S. and K. Watsen, "Bootstrapping Remote Secure Key Infrastructures (BRSKI)", Internet-Draft draft-ietf-anima-bootstrapping-keyinfra-07, July 2017.
[I-D.ietf-anima-reference-model] Behringer, M., Carpenter, B., Eckert, T., Ciavaglia, L., Pierre, P., Liu, B., Nobre, J. and J. Strassner, "A Reference Model for Autonomic Networking", Internet-Draft draft-ietf-anima-reference-model-04, July 2017.
[I-D.liu-anima-grasp-distribution] Liu, B. and S. Jiang, "Information Distribution over GRASP", Internet-Draft draft-liu-anima-grasp-distribution-04, May 2017.
[RFC7749] Reschke, J., "The "xml2rfc" Version 2 Vocabulary", RFC 7749, DOI 10.17487/RFC7749, February 2016.

Appendix A. Error Codes

This Appendix lists the error codes defined so far, with suggested symbolic names and corresponding descriptive strings in English. It is expected that complete API implementations will provide for localisation of these descriptive strings.

ok               0 "OK"
declined         1 "Declined"
noReply          2 "No reply"
unspec           3 "Unspecified error"
ASAfull          4 "ASA registry full"
dupASA           5 "Duplicate ASA name"
noASA            6 "ASA not registered"
notYourASA       7 "ASA registered but not by you"
notBoth          8 "Objective cannot support both negotiation
                    and synchronization"
notDry           9 "Dry-run allowed only with negotiation"
notOverlap      10 "Overlap not supported by this implementation"
objFull         11 "Objective registry full"
objReg          12 "Objective already registered"
notYourObj      13 "Objective not registered by this ASA"
notObj          14 "Objective not found"
notNeg          15 "Objective not negotiable"
noSecurity      16 "No security"
noDiscReply     17 "No reply to discovery"
sockErrNegRq    18 "Socket error sending negotiation request"
noSession       19 "No session"
noSocket        20 "No socket"
loopExhausted   21 "Loop count exhausted"
sockErrNegStep  22 "Socket error sending negotiation step"
noPeer          23 "No negotiation peer"
CBORfail        24 "CBOR decode failure"
invalidNeg      25 "Invalid Negotiate message"
invalidEnd      26 "Invalid end message"
noNegReply      27 "No reply to negotiation step"
noValidStep     28 "No valid reply to negotiation step"
sockErrWait     29 "Socket error sending wait message"
sockErrEnd      30 "Socket error sending end message"
IDclash         31 "Incoming request Session ID clash"
notSynch        32 "Not a synchronization objective"
notFloodDisc    33 "Not flooded and no reply to discovery"
sockErrSynRq    34 "Socket error sending synch request"
noListener      35 "No synch listener"
noSynchReply    36 "No reply to synchronization request"
noValidSynch    37 "No valid reply to synchronization request"
invalidLoc      38 "Invalid locator"

Appendix B. Change log [RFC Editor: Please remove]

draft-liu-anima-grasp-api-05, 2017-10-02:

Added send_invalid()

draft-liu-anima-grasp-api-04, 2017-06-30:

Noted that simple nodes might not include the API.

Minor clarifications.

draft-liu-anima-grasp-api-03, 2017-02-13:

Changed error return to integers.

Required all implementations to accept objective values in CBOR.

Added non-blocking alternatives.

draft-liu-anima-grasp-api-02, 2016-12-17:

Updated for draft-ietf-anima-grasp-09

draft-liu-anima-grasp-api-02, 2016-09-30:

Added items for draft-ietf-anima-grasp-07

Editorial corrections

draft-liu-anima-grasp-api-01, 2016-06-24:

Updated for draft-ietf-anima-grasp-05

Editorial corrections

draft-liu-anima-grasp-api-00, 2016-04-04:

Initial version

Authors' Addresses

Brian Carpenter Department of Computer Science University of Auckland PB 92019 Auckland, 1142 New Zealand EMail:
Bing Liu (editor) Huawei Technologies Q22, Huawei Campus No.156 Beiqing Road Hai-Dian District, Beijing, 100095 P.R. China EMail:
Wendong Wang BUPT University Beijing University of Posts & Telecom. No.10 Xitucheng Road Hai-Dian District, Beijing 100876, P.R. China EMail:
Xiangyang Gong BUPT University Beijing University of Posts & Telecom. No.10 Xitucheng Road Hai-Dian District, Beijing 100876, P.R. China EMail: