Ouroboros Functional Layering
This page is under construction
The Ouroboros model is the result of countless architectural refinements made during the (still ongoing) implementation of the Ouroboros prototype. This page provides an overview of this model as it currently stands, and some insights in how it compares to other models such as TCP/IP, Location/Identifier split and the Recursive InterNetwork Architecture (RINA).
As this prototype started off as an implementation of principles outlined by RINA, the Ouroboros model inherits a lot of concepts and terminology from RINA. As such, that's where the credit for those ideas goes.
Unicast model
Unicast API
The Unicast API provides the interface for an application to create, manage and destroy unicast flows and read and write from and to these flows. The API is network-agnostic and provides application primitives for synchronous and asynchronous Inter-Process Communication. It supports message-based and (byte)stream-based communication.
Application End-to-End layer
The application end-to-end layer provides the functionality to establish flows and make packet transmission on that flow reliable and secure. Unicast flows are initiated by a client process towards a server process, identified by a service name.
The application end-to-end layer can provide the following operations:
- Encryption (Public key or symmetric key)
- Authentication (validation/verification of certificate chains, HMAC)
- Reliability, implemented by the FRCP protocol
- Fragmentation
- In order delivery
- Discarding duplicate packets
- Automated-Repeat Request (retransmission of lost packets)
- Flow control
- Integrity (hash-based checks such as CRC32)
Establishment of the flow, authentication and symmetric key distribution are implemented using a 2-way handshake each. If the MTU allows, the authentication and symmetric key exchanges can be piggybacked onto the flow establishment request/reply in a single combined 2-way exchange, so within a 1 Round-Trip Time. See Flow Allocation for more details.
The application end-to-end layer provides the interface into the network end-to-end layer below.
Network End-to-End layer / Flow Allocator
The network End-to-End layer is responsible for creating a network flow in a suitable Unicast Layer between two Unicast IPCPs (designated the source and destination IPCP) that implements a client flow (between two end-user processes, designated the client process and server process). The source and destination IPCP reside in the same systems as the respective client and server end-user processes.
We often refer to the Network End-to-End layer as the flow allocator after the core component in the IPCP that implements it.
It provides three core functions:
- Name-to-address resolution: given a service name, find an address for a suitable IPCP that can serve as a destination for the network flow. The directory service holds this mapping for the layer.
- Flow allocation: create shared state between the source and destination IPCP associated with a flow
- Generate a local Endpoint Identifier for a flow
- Map this local Endpoint Identifier to the peer address
- Congestion avoidance: Monitor the network flow for congestion and police throughput as needed.
The network-layer flow allocation exchange maps the application-requested QoS to a network traffic class. The application-level request/response is carried over by the network-level request/response handshake to fit the complete flow allocation process (application-level and network-level) within a single round-trip.
The network end-to-end layer provides the interface for the application end-to-end layer on top, so these two layers always go hand-in-hand.
Network Forwarding layer
The network forwarding layer is responsible for forwarding Ouroboros Data Transfer Protocol packets from the source IPCP to the destination IPCP, based on their addresses and QoS class.
The forwarding function takes the destination address and decides on which flow(s) to forward the packet, usually implemented as a table (forwarding table). In order to do this, distance information needs to be available at each IPCP, which we call the routing dissemination function.
Transmission layer
At the bottom we find the 'Transmission layer', which is the abstraction for a point-to-point communications channel whose operation is completely independent to all other components of O7s. This can be the wire protocol over a physical medium (copper wire, wireless broadcast, machine RAM, ...) or a network technology such as Ethernet, IP, UDP, Bluetooth, ... to allow constructions as O7s-over-UDP, O7s-over-Ethernet.
This transmission layer is coupled to its own specifically tailored network end-to-end layer to interface with the application end-to-end layer above (as these 2 end-to-end layers always go hand-in-hand). This special network end-to-end layer at least needs to implement a minimal flow allocator.
Broadcast model
Broadcast API
The Broadcast API provides the interface for an application to join and leave broadcast flows, and read and write from and to such flows. The API is network-agnostic and provides application primitives for synchronous and asynchronous IPC. It supports message-based and (byte)stream-based communication. QoS for Broadcast flows is (inherently) limited when compared to the options available for Unicast Flows.
Multicast is not a distinct concept in the O7s model, but rather the combination of 2 processes:
- Enrolling a Broadcast IPCP in a Broadcast Layer that consists of other Broadcast IPCPs in systems that are home to the applications what would colloquially be called a 'multicast group', and
- The application then joining in that Broadcast Layer.
Network Flooding layer
The network flooding layer is responsible for flooding packets from the input data transfer flow to all other data transfer flows. This operation is in essence stateless.