• State Suggested Answer
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 76 subscribers
  • Views 1075 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 331827
Options

How big is the DTLS 1.2 CID message header for CoAP messages?

RoryL

I'm using the Cloud Multi-Service app on nRF9160 to test the CoAP DTLS 1.2 CID support while connected to nRF Cloud to evaluate, and want to check the data size for messages sent to help estimate total data use over time. In coap_client.c I can see the size of the CoAP message layer sent and received, but I need to know how big the underlying DTLS overheads are.

1) In DTLS 1.2. CID - How big is the CID used by the nRF SDK 2.6.1 + Modem v1.3.6?


2) Using AT%XCONNSTAT to help check the message overheads for a CoAP POST (after DTLS has already connected)

Using AT%XCONNSTAT? to check the modem states (with AT%XCONNSTAT=1 just before temperature data sent) returns:

%XCONNSTAT: 0,0,0,0,139,97 - where: max_packet = 139, min_packet = 97

Where the coap POST (confirmable) len = 51 (for header_len=12(token=8), options len=11, data len=28).

Does this mean the total data pkt overhead = 139 - 51 = 88 bytes for this POST? And 97 bytes is the size for the Coap Ack (including overheads) ?

3) After a Google search on DTLS overheads - I had expected total data overheads for DTLS 1.2 CID + UDP/IP to be approx = ~57 bytes if CID length is say 16 bytes long.

Assuming IP(20) + UDP(8) + DTLS(13) + CID (16) = 57.  So I'm not sure if the results from XCONNSTAT implies a much bigger CID length is being used?

In conclusion - Can you please confirm the actual data overheads for DTLS 1.2 CID with nRF SDK. This will be very helpful for estimating data use over time

Parents
  • 0

    > IP(20) + UDP(8) + DTLS(13) + CID (16)

    If you want to "save" data, I would not use a 16 bytes CID (but that's the server's configuration, e.g. "coap.nrfcloud.com" uses 10 bytes).

    The DTLS 1.2 CID record does not only add the DTLS 1.2 header with the CID, it also adds the explicit part of the "nonce" (usually 8 bytes) and 8, 16, 32 or <what ever> bytes MAC (depending on the negotiated cipher suite). There is also some CoAP header (variable, depending on the options as path or query or), therefore, overall, I usually consider 100 bytes overhead per message (that includes then also the handshake). e2e security isn't for free. e.g. the "explicit nonce" is used to ensure, that the same data doesn't result in the same encrypted message. The MAC is used, to protect the appl. layer (e.g. CoAP) from "noise by an attacker". Other techniques may come with an other balance here, but that usually only effects applications, which are using very small application messages.

    To be frank, in my cases, I more afraid, that a MVNO disables my SIM because of the very low usage than in a too expensive bill for the extra 100 bytes.

  • 0 in reply to Achim Kraus

    Just in the case you want "exact numbers" for your case, using a modem trace, cellular monitor and wireshark will show the data usage in your case.

  • 0 in reply to Achim Kraus

    Thank you Achim,

    That's all good information to know (I didn't find CID=10 for nRF Cloud in my search of the docs).

    The total DTLS 1.2 CID overheads are bigger than I expected, but they're not a deal breaker. My concern with data overheads was to help me understand the expected total data use per day for our use-cases. It can add up fast with multiple POST/Acks and GET/responses per day, but still much more efficient than MQTT (without the need  for pings)

    My question about what's reported in the %XCONNSTAT response in (2) and (3) above is still relevant. From your answer it seems to me the max_packet length could be for the whole payload (including DTLS/UDP overheads, given it's 88 bytes bigger than the CoAP payload). But in my previous MQTT testing with the same nRF Cloud Multi-Service app I found the max_packet lengths reported exactly matched the total MQTT payload (without the TLS/TCP overheads).

    So I'm still interested to hear what the modem includes in the max_packet and min_packet lengths for  %XCONNSTAT - does it include the total DTLS/UDP overheads, but not the TLS/TCP overheads?

  • 0 in reply to RoryL

    > %XCONNSTAT

    I'm only a community member (and expert for CoAP / DTLS).

    In my UDP experience, it matches all parts, from the IP-header up to the payload.

    If %XCONNSTAT reports different numbers for UDP or TCP then I guess someone from Nordic will know the reason and may answer this.

Reply Children
Related
Terms of service