Category: TCP/IP

  • Kafka vs Z-Mesh

    Both Z-Mesh and Apache Kafka are both distributed event streaming platforms. Both can be used for real-time data processing, data integration and message queuing. But what are the differences?

    TLDR: Z-Mesh uses a request-response pattern and supports publish/subscribe. Kafka uses one-way message queues that supports event-streaming.

    Z-Mesh

    Z-Mesh is a distributed network of interconnected Forwarders, device and systems.

    Message pattern: request-response

    Kafka

    Kafka is a message queue / broker.

    Message pattern: One-way

    Consumers are systems like space-, cleaning or energy-optimization systems, Facility Management- or analytics- or manufacturing intelligence systems.

    Z-Mesh request-response pattern

    In Z-Mesh, the network is tasked with the responsibility to return the requested content (event). There are two scenarios, depending on whether the network has stored (cached) the content or not:

    • If stored, the network returns the content
    • If not stored, the network forwards the request to the producing node, which then responds with the content

    Z-Mesh data-frame

    Content (events) in a Z-Mesh network are pieces of data that are labeled with a Name and a sequence number. IoT-devices and systems (nodes) can request content by using it’s name and sequence number. Content produced by IoT-devices and systems are stored in the Forwarding nodes (Forwarders) for a set period of time (eg. 24 hours) and can be requested at a later time. This enables battery-driven IoT-devices to wake up from sleep and request or publish content.

    Event Streaming or Publish / Subscribe

    Event streaming or publish/subscribe is initiated by the requesting device, by sending a request to the network with a wildcard sequence number and a long timeout. When content is published, it is instantly forwarded to all the requesting nodes.

    Direct data-exchange

    Content between two nodes can be exchanged directly; Two wireless Sub-GHz nodes can exchange directly, without the need for a Forwarder/network being present.

    Kafka one-way message queuing

    In Kafka, producers (devices or systems) sends data/events to a queue (Kafka) which consumers then either receive or retrieve at a later point in time. Content flows one-way and as the request, by the consumer, is served by Kafka, it never reaches the producer.

    Encryption and authorization

    In Z-Mesh, any node (that has access to the network) can request any piece if content at any time, however only the nodes with the encryption key can decode it. The object of encryption is the content (event/data), not the connection like in TCP/IP.

    Kafka is built on top of TCP/IP and so the connection between the sender/receiver and Kafka is encrypted (TLS). It means that data is stored unencrypted in Kafka and that access to data (authorization) is implemented at the connection level.

    Application layer

    The Z-Mesh Device Management protocol defines data-formats for many types of events. This means that when consumers are given access to an event-stream (by providing them with the Content Name and Encryption Key) they are also provided with the data-format, so they know how to interpret the received data. The Z-Mesh network itself has no knowledge of the data-format.

    Like MQTT and Z-Mesh, Kafka is agnostic to the data-format. There is no standard that defines how producers and consumers “speak together”.

    Device Management

    The Z-Mesh Device Management protocol authorizes devices and systems to participate in the network. Each Content Name has it’s own encryption key and data-format and the Z-Mesh Device Management protocol defines how they are managed.

    Kafka, like MQTT, is a transport layer and does not define Device Management.

    Addressing content

    Any device or system in a Z-Mesh network is able to request (address) any piece of content.

    The value of a telecommunications network is proportional to the square (N2) of the number of connected compatible communicating devices
    — Bob Metcalfe

    Kafka is not designed as a network is was designed as a one-way event streaming platform. Addressing content is done by connecting to a message queue (topic). But you could argue that it supports addressing any piece of content by using the Message Queue Name (topic) as the address.

    A note on distributed systems

    Distributed systems has no single-point of failure. Z-Mesh is a distributed network. MQTT is an example of a centralized network.

    Comparison table

    Z-MeshKafkaMQTTLoRa
    PatternReq/ResOne-way
    ArchitectureDistributedDecentralizedCentralizedCentralized
    Central Device ManagementXX
    Application layerX
    Direct commsX
    Group comm.X
    Centrally manage secure data-flowsXX
    Offline supportXX
    Vendor neutral hardwareXXX
    Software update possibleXX(?)
    Uses 20% of battery.
    No vendors support it.
    Royalty freeXXX

  • The problem with TCP/IP for IoT?

    This section will discuss the problems with the IP protocol and why it it not a good fit for the IoT.

    Small MTU

    The maximum transfer unit (MTU) refers to the maximum amount of bytes you can fit in a data-packet. The MTU can be as little as 64 bytes in many wireless IoT systems. This is in clear contrast with today’s IP networks which typically assume a minimum MTU of 1500 bytes or higher.

    Multi-link subnets

    Multi-link subnets is the notion that a subnet may span multiple links connected by routers. RFC 4903, “Multi-Link Subnet Issues” [29], documents the reasons why the IETF decided to abandon the multi-link subnet model in favor of 1:1 mapping between Layer-2 links and IP subnets. An IoT mesh network, on other hand, contains a collection of Layer-2 links joined without any Layer-3 device (i.e., IP routers) in between. This essentially creates a multi-link subnet model that is not anticipated by the original IP addressing architecture.

    Multicast

    Multicast is a group communication model where data-transmission is addressed to a group of destination devices simultaniously. A lot of IP-based protocols make heavy use of IP multicast to achieve one of the two functionalities: notifying all the members in a group and making a query without knowing exactly whom to ask. Using multicast raises a number of concerns:

    • Devices sleeping will not receive the data-transmission
    • Receivers may have different data-transmission rate
    • Broadcasting data is too expensive, so a routing mechanism is necessary
    • Encryption for IP multicast still needs to be invented

    Mesh network routing

    IP based host-routing is a major challenge in constrained IoT devices as each host needs to maintain a routing table. This consumes memory and causes network overhead when the network changes. Also, forwarding traffic may involve decrypting the data from the incoming link and then encrypting it on the outgoing link – an expensive operation for battery-driven devices.

    Transport layer problems

    Due to the energy constraints, devices may frequently go into sleep mode, thus it is infeasible to maintain a long-lived connection in IoT applications. Also, a lot of communication involves only a small amount of data making the overhead of establishing a connection unacceptable.

    Unfortunately, current TCP/IP architecture does not allow to embed application semantics into network packets, thus failing to provide sufficient support for application level framing, which would allow the application more control over the data transmission.

    Application layer problems

    Many IoT applications implement a resource-oriented request-response communication model. ZigBee, CHIP/Matter are such examples. Influenced by the web, many IoT protocols has been working on bringing the same REST architecture into IoT applications. CoAP is an example of such a standard, which is also being used in the Thread protocol. There are a number of problems with this approach:

    • It usually requires resource discovery, such as DNS or Core-RD which in turn uses broadcast.
    • It requires that the client (requester) and the server (resource) is online at the same time
    • It requires a fundamental change to the security model in order to make the in-network caches secure and trustworthy

    Security

    In the IP based host-centric model, TLS/DTLS is used to secure the communication channel between the requester and the resource. However, this model does not fit with the requirements of IoT:

    • TLS/DTLS requires two or more exchanges of data to negotiate the communication channel, a resource and energy extensive task. Also, both ends have to maintain the state of the channel until it is closed, stopping devices from entering sleep-mode
    • Encryption for IP multicast still needs to be invented so security only works in host-based communication

    MQTT and AMQP

    MQTT and AMQP are publish/subscribe protocols that support x-to-many and many-to-x communication models. The underlying protocol is actually connection oriented, meaning that every publisher or subscriber have a connection to the broker (message exchange server). Messages are published to the broker and then the broker sends the message to each of the subscribers in turn, one by one.
    MQTT and AMQP does not have support for offline devices, so using a publish/subscribe protocol, requires the device to be awake 100% of the time. Battery driven sensors sleep and is offline most of the time, therefore not suited for using MQTT and AMQP.
    As these protocols are transport protocols, they do not specify how device management is done. Device management is supposed to be implemented as a layer on top.

    CoAP

    CoAP is a client-server protocol, modeled after the HTTP protocol, but for constrained (battery driven) devices. It allows a device to send a command or retrieve a value directly from another device – still connection oriented. It requires the sensor (server) to be awake (not sleeping) in order for it to respond.

    CoAP has a feature called “Observe”, which as described in RFC 7641, allows clients “subscribe” and be notified, when the condition has occurred. The great thing is that it allows a sensor to sleep until the condition occurs thereby saving battery, the downside of this one-to-many approach is that the sensor (server) must notify each client individually, each time setting up and tearing down a new connection. These connections are secured with DTLS, which is energy- and bandwidth consuming task, so a better way is clearly needed. So why not just use CoAP multicast? Well, you can, but there is no standard for encrypting CoAP multicast traffic. In fact, (DTLS) encryption in IP multicast still needs to be invented, meaning that you can not send encrypted information over the air to other CoAP devices using multicast!

    As for for sending data to an offline sensor, the CoAP standard does not specify how this is done, it is left to the device-creator, to implement this functionallity, making the device non-standard and therefore incompatible with other networks.

    As CoAP is just a transport protocol, it does not specify how device management is done. Device management is supposed to be implemented on top of CoAP.