Echo’ing my comment here: When we move from a reliable UDP implementation to one based on TCP, we need to think about how to provide reliability on top of TCP. If you dig into TCP, you’ll find that it tries really hard (sometimes up to 15 minutes!!) but doesn’t guarantee message delivery. Does this matter in practice? Yes it does--I’ve worked on geode issues where a faulty network cable eventually caused a cluster hang because of a dropped TCP packet.
One technique for dealing with this is to pair requests and responses. If a response is not received within a timeout, close the socket and assume any incomplete requests must be resent. While DTLS looks interesting, it does impose some constraints on packets that could lead to poor performance. I think overall we’ll be better suited to focus on TCP for secure transport. Anthony > On Mar 31, 2020, at 10:17 AM, Dan Smith <dsm...@pivotal.io> wrote: > > Hi all, > > We created a RFC for replacing our UDP messaging in Geode with a TCP based > solution. This will address the issues we have supporting our current udp > encryption solution, along with helping us move away from jgroups, which > currently can't be upgraded. > > Please review and comment by 4/7/2020. > > https://cwiki.apache.org/confluence/display/GEODE/Replace+UDP+messaging+for+membership+with+TCP > > Thanks! > -Dan
