MWareman Posted December 24, 2017 Posted December 24, 2017 I don’t see why sending events in UDP with JSON payloads would cause a security issue - as long as we can specify the destination IP. You can then decide to send to a specific IP or broadcast to the subnet... (much like the Weatherflow hub does...)
G W Posted December 24, 2017 Posted December 24, 2017 I don’t see why sending events in UDP with JSON payloads would cause a security issue - as long as we can specify the destination IP. You can then decide to send to a specific IP or broadcast to the subnet... (much like the Weatherflow hub does...)There is always someone that will find something wrong. Personally I don't have an issue.
RaginBajin Posted December 24, 2017 Author Posted December 24, 2017 I don’t see why sending events in UDP with JSON payloads would cause a security issue - as long as we can specify the destination IP. You can then decide to send to a specific IP or broadcast to the subnet... (much like the Weatherflow hub does...) I don’t think it’s a security concern but UDP would not give you the confidence that the message was delivered. We are not talking 10000’s of messages a second so TCP should work well. Adding in websockets would give an even faster experience. Sent from my iPhone using Tapatalk Pro
MWareman Posted December 24, 2017 Posted December 24, 2017 I don’t think it’s a security concern but UDP would not give you the confidence that the message was delivered. We are not talking 10000’s of messages a second so TCP should work well. Adding in websockets would give an even faster experience. Sent from my iPhone using Tapatalk Pro True, but UDP still is the default messaging for syslog. In critical areas you use TCP where you need forensically correct logs. However, for HA purposes I’ll take the ability to ‘broadcast’ the events as a priority. That way multiple device could receive them without the ISY having to send multiple streams.
G W Posted December 24, 2017 Posted December 24, 2017 I don’t think it’s a security concern but UDP would not give you the confidence that the message was delivered. We are not talking 10000’s of messages a second so TCP should work well. Adding in websockets would give an even faster experience. Sent from my iPhone using Tapatalk Pro "10000's of messages a second..." I disagree with that statement.
RaginBajin Posted December 24, 2017 Author Posted December 24, 2017 "10000's of messages a second..." I disagree with that statement. What do you mean? As in, you have apps pushing out 10,000+ messages a second to a system? I mean that’s some serious set of data coming out. I’m not trying to argue just find it a bit hard to believe and may need some education on how we get to that number. Sent from my iPhone using Tapatalk Pro
G W Posted December 24, 2017 Posted December 24, 2017 What do you mean? As in, you have apps pushing out 10,000+ messages a second to a system? I mean that’s some serious set of data coming out. I’m not trying to argue just find it a bit hard to believe and may need some education on how we get to that number. Sent from my iPhone using Tapatalk Pro Maybe you do, but not on my system.
RaginBajin Posted December 24, 2017 Author Posted December 24, 2017 Maybe you do, but not on my system. Maybe you need to go back and re-read my original statement. I said we DON’T need anything that can handle 10,000+ messages a second. You said you disagreed. I responded with I’m not aware of anything like that and needed some education. Now you are saying maybe I need 10k messages per second but you don’t. I’m lost now. Do you need something that handles 10k messages a second or not? Sent from my iPhone using Tapatalk Pro
MWareman Posted December 24, 2017 Posted December 24, 2017 Message volume has no bearing on this, at all. An ISY, even at the most verbose logging is no more than 10 a second. My pfSense spits out way more than that. This is about having the ISY publish events to other systems on the LAN - and UDP allows that without having to have devices ‘subscribe’ or even have any knowledge about them. A Rpi on the LAN could listen in and react to events... as just one example. Without having to have any code to subscribe, and without the ISY having to previously know about receiving devices. With UDP this becomes possible. It’s not with TCP based messaging, without introducing multicast.
G W Posted December 24, 2017 Posted December 24, 2017 Maybe you need to go back and re-read my original statement. I said we DON’T need anything that can handle 10,000+ messages a second. You said you disagreed. I responded with I’m not aware of anything like that and needed some education. Now you are saying maybe I need 10k messages per second but you don’t. I’m lost now. Do you need something that handles 10k messages a second or not? Sent from my iPhone using Tapatalk Pro Is it a statement or a question?
RaginBajin Posted December 24, 2017 Author Posted December 24, 2017 Is it a statement or a question? I don’t know is it? Sent from my iPhone using Tapatalk Pro
Michel Kohanim Posted December 25, 2017 Posted December 25, 2017 Hi all, UDP and specifically DTLS sounds good. With kind regards, Michel
kck Posted December 25, 2017 Posted December 25, 2017 I think if I were going to add this to the ISY I would probably do something like add a simple MQTT client to it (readily available in the open source community). Then add a field to devices and scenes that had an optional topic to publish to. Would also add an option to programs to publish. Given what's available on the net this should be a relatively simple add to the ISY and would immediately give it a high degree of integration possibility with a large and growing community. The other thing to add would be a subscribe option that would allow a program to execute on subscription. That might be a bit trickier but probably not much. I realize that this type of addition would be far behind the existing priorities of 5.x but it would have a pretty high return for the effort at some point. While I suspect that the blind UDP broadcast approach might be a bit easier I don't think you get much for it beyond us dedicated DIYers who craft our own code because it wouldn't conform to any standard. The advantage of something like MQTT (and there may be a better choice - I just see a lot of tooling that is MQTT compatible) is that once you do it there is immediate connectivity to other things that don't have to know anything about the ISY beforehand.
G W Posted December 25, 2017 Posted December 25, 2017 Hi all, UDP and specifically DTLS sounds good. With kind regards, Michel DTLS would be great. I'd like to see this along with JSON, if possible.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.