Parameters for testing involve:1.Throughput
2. Latency
3. Memory Footprint
4. Persistence
5 .Scalability
6. Failover mechanism
7. Communication patterns support
8. Security
9. Routing algorithm used and its algorithmic complexity w.r.t Time and space.
Some more queries involve:1. I tried enabling tcps for security but the test applications crashed .
--
You received this message because you are subscribed to a topic in the Google Groups "yami4" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/yami4/90Qq1uDfgJQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to yami4+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
1. Considering the throughput, I am interested in a single pub sub pair.I m trying to restructure the code of the broker and the library as well .It would beo f great help if you can lend some support in this context. I have sought after a mechanism wherein publishing time to the broker and publishing time to the subscriber is to be found. I am unable to find the latter one.
4. For scalability , I am interested in all the four scenarios.
8. I tried the security mechanism for the request response tests ,but still the application crashed. The screenshot of the same is provided.
9. Can any other approach be applied for routing to decrease the linear search time?
Additional issue that I am facing is everytime I try and run the broker test applications , the queue overflows for different message counts for same message . How is that to be interpreted?
Thank you for your reply, Maciej.
1. From throughout context in brokered mechanism, the time taken to send message upto the broker and the time taken to send the message from broker upto the end subscriber seems different because of queue overflow. This might be because of inequality between number of incoming messages and outgoing messages due to queue overflow.I would like to find the same.
9. With respect to routing , I agree with your answer. But I was trying to find efficiency of Yami4 from all the perspectives and routing was one of the parameters.
1. From throughout context in brokered mechanism, the time taken to send message upto the broker and the time taken to send the message from broker upto the end subscriber seems different because of queue overflow. This might be because of inequality between number of incoming messages and outgoing messages due to queue overflow.I would like to find the same.
A great suggestion, sir.
1. But I am getting abandoned subscription message in the logger... Can you specify for what error condition such a message is displayed? Is it possible to find queue statistics during message transfer?? How to go about?
2.Regarding security, I did generate certificate and private key. I renamed both to server_ssl.cert and server_ssl.key and placed both in the calculator directory in core.But still the issue persists. How is that to be resolved?
3. For demonstrating failover mechanism, do I need to prepare my own application or the applications in broker service and cpp cater to the mechanism?
Best,
Shirley Holmes
I have certain other questions in my mind.Do answer if possible.1. Memory footprintI have found the statistics while running the exe in task manager. But how do I calculate the space complexity of yami4 in terms of BigOh , Theta or Omega?
2 .ScalabilityHow many pub sub pairs can be active at a time in yami4 without affecting the throughput of the messages.
Is this configurable or fixed? where is it initialized?I have found the max subscriptions field in .cfg file but what about the number of publishers ?
3. Routing algorithmHow do I calculate time complexity of routing algorithm in terms of bigoh , theta or omega?
4. What is the use of server side selectors ?
5.How do I calculate number of bytes for a tag: message pair?
A great suggestion, sir.
1. But I am getting abandoned subscription message in the logger... Can you specify for what error condition such a message is displayed?
Is it possible to find queue statistics during message transfer?? How to go about?
2.Regarding security, I did generate certificate and private key. I renamed both to server_ssl.cert and server_ssl.key and placed both in the calculator directory in core.But still the issue persists. How is that to be resolved?
3. For demonstrating failover mechanism, do I need to prepare my own application or the applications in broker service and cpp cater to the mechanism?
Okay sir,
Regarding security, I had provided ssl_server.key and ssl_server.cert, there was this typing error in the mail. Yes, I'll print the res value and see.
But I would like to know some other fact: Does yami handle messages differently in Windows 8, because my application crashes when receiving data from broker to subscriber.
Kindly reply.
Best,
Shirley Holmes
But I would like to know some other fact: Does yami handle messages differently in Windows 8, because my application crashes when receiving data from broker to subscriber.
Yes, By my application I mean my own code.
Regarding the security problem, I addressed the other day, u had suggested of printing the res value, I did do that and it gives unexpected value as the result value, what could be the issue, because I did generate the key and certificate using openssl, renamed them as ssl_server.cert and ssl_server.key, placed both in the calculator example's directory, still the example crashes. Kindly revert back.
Best,
Shirley Holmes
Yes, By my application I mean my own code.
Regarding the security problem, I addressed the other day, u had suggested of printing the res value, I did do that and it gives unexpected value as the result value, what could be the issue, because I did generate the key and certificate using openssl, renamed them as ssl_server.cert and ssl_server.key, placed both in the calculator example's directory, still the example crashes.
OK, I'll look into that.
Regarding ssl_server.cert and ssl_server.key generation, I referred the below link, and used those in calculator directory.
http://blog.didierstevens.com/2015/03/30/howto-make-your-own-cert-with-openssl-on-windows/
One more thing that I am uncertain is, yami's current library contains only server side authentication functionality, right??
Best,
Shirley Holmes
Regarding ssl_server.cert and ssl_server.key generation, I referred the below link, and used those in calculator directory.
http://blog.didierstevens.com/2015/03/30/howto-make-your-own-cert-with-openssl-on-windows/
One more thing that I am uncertain is, yami's current library contains only server side authentication functionality, right??
Thank you, Maciej and apologies for late reply. I was on a vacation, so couldn't reply.
I will certainly try your approach for enabling security in yami 4.
Best,
Shirley Holmes
I tried the same security for the broker code using similar approach as of calculator example, but I keep getting 'cannot set up listener' with res value = 'bad protocol'. I made necessary changes in the config file as 'tcps' and even in the 'listener' function of Broker configuration file ,still the issue persists.
Thank you, Maciej. I'll definitely look into what I might have missed.
But, would like an answer as to why did you choose the certificate method for authentication for a middleware designed for control and monitoring systems. I mean such systems have very rapid influx and outflux of data and are always in connected mode, there is very rare use of session concept since they get disconnected very rarely. Hence in a scenario where the certificate is found to be revoked, the client won't connect to the server and by that time, there is a chance of huge data loss affecting performance. My basic concern is regarding the security approach for control and monitoring systems. Why not go for Kerberos authentication rather ??
Kindly reply.
Best,
Shirley Holmes
But, would like an answer as to why did you choose the certificate method for authentication for a middleware designed for control and monitoring systems
Why not go for Kerberos authentication rather ??
Yes, Maciej. SSL got enabled at the broker end too. The issue was from my side. Thank you for your prompt reply.
Your reply for usage of ssl certificates in yami4 broker is also satisfactory. But what is your take on enabling certificate authentication for control and monitoring systems? Is this approach suitable enough or any other approach should be looked upon?
Best,
Shirley Holmes
But what is your take on enabling certificate authentication for control and monitoring systems? Is this approach suitable enough or any other approach should be looked upon?
SSL_CTX_set_verify(ssl_ctx_, SSL_VERIFY_PEER, verify_callback);
Everything works fine when only server certificates are set.
A document is attached for output reference for the above mentioned two cases.If you could please look into these issues and reply.
Best,
Shirley Holmes
Hello, Maciej, in my previous mail, I had listed some security related issues w.r.t Openssl and YAMI4. Such issues have arisen only when certificates were associated with publisher and subscriber, the usual client -server applications work fine. Could you please look into the issue. Awaiting reply.
Best,
Shirley Holmes
Hello, Maciej, in my previous mail, I had listed some security related issues w.r.t Openssl and YAMI4.
Thank you, Maciej. I'll take a look at the openssl forum for the security related solution.
I have been trying a new feature to make it work with yami4 middleware. I am trying to incorporate websockets support to yami4 for real time monitoring for Web clients and for this, I would like broker. exe to listen on multiple ports. I have developed a websocket server but am facing difficulty in integrating it with yami. How do I make the broker listen on multiple ports in a single threaded manner. Will this require modifying YAMI's methods or could it be done independently. I found out an approach wherein if I get the listen socket I'd of the broker, I would use a select on both the broker's listen socket I'd and my websocket server's listen socket I'd to find out for connection events on respective ports. But YAMI's API doesn’t expose any method to return socket I'd for an agent object.
Please suggest some way out. Awaiting response.
Best,
Shirley Holmes
How do I make the broker listen on multiple ports in a single threaded manner.
Hello Maciej,
I tried with websockets and built a wrapper, and it's working fine now. 1. But I am still stuck with the security issue. As we know, YAMI4 had been used in some financial trading applications and that required security support and hence ssl support was added. But my question is security comes into picture only in an environment where the server is in public domain and there is some web client that tries to connect to the server. But as of now, YAMI4 is basically a TCP server, and the server is used in a closed environment which nullifies the security concern.
So what is the use of the feature??
2. The certificate and key generation is a manual process and only one during handshake ssl authentication is done and certificate verification is done. In control and monitoring systems, the clients are in ever connected state to the server, and once verification of certificates has been done, and after some days if the certificate expires, the issue would not be known till the client disconnects and then reconnects which will lead to Handshake and then verification will fail. This is not the normal condition because due to certificate invalidity, attack chances are high, How can this be fixed?
3. Does this certificate validity checking and installation of new ones a manual process or can be automated? What is the general mechanism?
Please answer.
Best,
Shirley Holmes
But as of now, YAMI4 is basically a TCP server, and the server is used in a closed environment which nullifies the security concern.
So what is the use of the feature??
In control and monitoring systems, the clients are in ever connected state to the server, and once verification of certificates has been done, and after some days if the certificate expires,
How can this be fixed?
3. Does this certificate validity checking and installation of new ones a manual process or can be automated? What is the general mechanism?
OK... Thank you, Maciej.
The websockets implementation works fine for a private network. But I would like to check the websocket implementation for a server listening over a public ip. I tried associating my machine's public ip to listener in yami4broker.cfg file as tcp ://public ip :port, but the broker. exe shows cannot setup listener as the message.
Why is such an issue and how can that be resolved??
Please answer.
Best,
Shirley Holmes
I tried associating my machine's public ip to listener in yami4broker.cfg file as tcp ://public ip :port,
but the broker. exe shows cannot setup listener as the message.
Yes.That's a typo in post. The problem I was facing got resolved. I was trying to make the yami4broker listen on tcp:// public ip:port so as to allow web clients to connect to it. But understood that's not possible because the socket implementation is for internal network and the to achieve web aspect the router does the Network Address Translation from public to private ip.
Best,
Shirley Holmes
Hello, Maciej. I was trying with the tcp keepalive feature of yami4 and hence set it to true at the library level, but do not see any effect at the publisher -subscriber applications.
My goal is: publisher client should be notified as soon as the subscriber client closes connection so that the publisher doesn't keep sending packets to prevent network from flooding. For such a use case, how can be tcp keepalive used?
Or do I need to write an event notification callback at the broker and the client applications?
What is the methodology? Please suggest.
Best,
Shirley Holmes
Hello, Maciej. I was trying with the tcp keepalive feature of yami4 and hence set it to true at the library level, but do not see any effect at the publisher -subscriber applications.
My goal is: publisher client should be notified as soon as the subscriber client closes connection so that the publisher doesn't keep sending packets to prevent network from flooding. For such a use case, how can be tcp keepalive used?
Or do I need to write an event notification callback at the broker and the client applications?
OK Maciej.
1. Is it that the keepalive won't be helpful for my requirement?
2. I have a need regarding security in the broker. I need to pass an I'd to the init method of channel_group.cpp like ssl certificate and ssl key files are sent, can this be done without changing the channel_group. cpp ?
Best,
Shirley Holmes
1. Is it that the keepalive won't be helpful for my requirement?
2. I have a need regarding security in the broker. I need to pass an I'd to the init method of channel_group.cpp
2. Yes, I need to set a new variable using configuration options the way ssl certificate and key files are set. But for a new variable to be set, I need to declare it in the option_names. h file, which will be an intrusion into YAMI's code. Is there any alternative to this?
Best,
Shirley Holmes
2. Yes, I need to set a new variable using configuration options
I want ssl enabled server to keep track of the connecting clients by using client identities that I have set it at my application level so that the server executes the authentication logic for my identified clients (trusted) and untrusted ones.The requirement is my system does not want the server to terminate every client that fails authentication. I would like to have a different behavior for each client based on their identities.
I would want to read the variable in the init method of channel_group.cpp so as to use my callback function verify_callback differently for each client based on their identities.
SSL_CTX_set_verify (ssl _ctx, SSL_VERIFY_PEER, verify_callback )
Best,
Shirley Holmes
I would want to read the variable in the init method of channel_group.cpp so as to use my callback function verify_callback differently for each client based on their identities.
SSL_CTX_set_verify (ssl _ctx, SSL_VERIFY_PEER, verify_callback )
Hello Maciej,
I am trying to run the subscription example of the cpp library. The reason I do this is I understand the example shows the implementation of brokerless architecture where there is no central broker and the publisher itself acts as the server. The point where I am stuck is I need to implement the secure version of the example and am unable to do so. If I create a yami cpp agent and pass a parameter object (the ssl certificate, ssl key embedded) in both the publisher and subscriber and no more modifications in the example. I run as app.exe tcps://ip:port ... I get the message :value given or received is wrong. This is because, there is no ssl related processing in the options.cpp of cpp library.
I tried with even open connection (pub address, parameters object), this still doesn't work. I get io error. This open connection is for broker related application I guess.
I even saw the calculator example of the core library. But that is a request response scenario.
How could I implement secure brokerless example for publish subscribe model ?
This is basically throughput and latency measurement of the brokerless solution. Hence a small pseudo code would be really helpful.
Please reply soon.
Best,
Shirley Holmes
Hello Maciej,
I tried with different solutions for the problem stated earlier but every time I receive a Handshake failure from publisher (server) and only initial client Hello happens. I guess this happens because the implementation I try with is faulty. Could you please look into the problem?
Best,
Shirley Holmes