Re: [6lo] Intdir last call review of draft-ietf-6lo-minimal-fragment-04

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Thu, 07 November 2019 11:23 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DFF5120073; Thu, 7 Nov 2019 03:23:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=WZj/NFv+; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=a4Iqh9G0
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2RO1VammwpYv; Thu, 7 Nov 2019 03:23:23 -0800 (PST)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD98212001E; Thu, 7 Nov 2019 03:23:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9956; q=dns/txt; s=iport; t=1573125802; x=1574335402; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=zkGZroJPhUl68qXQgZ4y4eKAVAf1cPrlGmzAepnDifA=; b=WZj/NFv+GO6mZxWrAUEc9JfB78bMDG4XZetGcPdRm4foYM4ZJb9V6NYs Y1whNzOyyru+QmlMhcpw0DhBmZFA8hroZnQaScjQSGN0gS0DkdpHY6hp7 XILrn/jmMrKc0aeExBjgvx8O9CYflc06QqTmDo0aK/LdD5HAJfavof40R M=;
IronPort-PHdr: 9a23:dPLSTRS85sv4rt29WlVXlGAnMtpsv++ubAcI9poqja5Pea2//pPkeVbS/uhpkESXBNfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH15g640NmhA4RsuMCEn1NvnvOjQmHNlIWUV513q6KkNSXs35Yg6arw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CwAADB/cNd/40NJK1lGgEBAQEBAQEBAQMBAQEBEQEBAQICAQEBAYF+gUskLAWBRCAECyqEKYNGA4sAgl6XfoJSA1QJAQEBDAEBLQIBAYRAAheDdyQ4EwIDCwEBBAEBAQIBBQRthTcMhVEBAQEBAgESEREMAQE3AQQHBAIBBgIOAwQBAQMCJgICAjAVCAgCBAENBQgahUcDDiABApc1kGMCgTiIYHWBMoJ+AQEFhQcYghcJgQ4ohRqEMYJJGIFAP4FXgkw+hEcVgnkygiyNIIJnngEKgiSMOYR7hCiCPIdghDSGaoQ4jkaZagIEAgQFAg4BAQWBaSKBWHAVGoMNUBEUkDYJGoNQilN0gSiQAQEB
X-IronPort-AV: E=Sophos;i="5.68,278,1569283200"; d="scan'208";a="374722490"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 07 Nov 2019 11:23:21 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by alln-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id xA7BNLHN011041 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 7 Nov 2019 11:23:21 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 7 Nov 2019 05:23:20 -0600
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 7 Nov 2019 06:23:20 -0500
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 7 Nov 2019 05:23:19 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MpziVYac1kdclBzi8JYcWq8fIo9D56n172wrYS/+q9i6C1K5dsCiChlkOaD+8i1+O1PJFBrdBTG9be+ty8PEhFlfvusWioMuYhjgtK8QQqhxn93SML11GEdG1Trd8fYwjtiaaoyR8oYYK9LDfg4EVTX7D5kmNSZU5mqtbPIxiDbIsVPagUfBNNvNukAqqn4w/KvBuYxw0ibZkjiqw4cO4gazwu5AlcaGDjjjcYbB6dRdUJKRfTjK967oXlU7ReAv6uC7OtPciwyqZyu2rlB8hP9rA2o0KB30QcPok2Ec4cuuQ5nVFwF6ZSZNPXWgikn3M2ZyeULGlYwwWsDp57kSpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zkGZroJPhUl68qXQgZ4y4eKAVAf1cPrlGmzAepnDifA=; b=BtRV9jGmE4vE0lfid1LLfLg1Y2kX4GHjVPs+tp9rsPCVC4z6ZSJWcfjSNeMLTB4aVcCQprDYDdBYkmjXOFGv4s78z3JbAV3zustcSR0dSjMu5RuFY41S5NMqXEWdTmLKG2Otzml4wyEkyM6vHahTp+qeyrTWAyzSxzKiFpya+KYQXjqH5Ltdj30jCHX4az1eNwBmp7E94yBsSCLwN92XeDCvH0EJlI97sY3CN8L7XdgwUWW+eZPBjkao/9fP+sUPX+FT9VvWAJr6xIAIUGHKGEVXSdh+FFJ9RFA6gILe4e+7HyJDeQDAZ7Wkg00Q5LsKCiWM/yhWy14bDIEBFwv3/A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zkGZroJPhUl68qXQgZ4y4eKAVAf1cPrlGmzAepnDifA=; b=a4Iqh9G0iwYVRwLMpg1rTuVw2u/EKOAtxP6FCUcMz7iE6q1NuvnkkqccFaoK+1Ss8o7WvIhK4KI4R4kKqRsdA7xdfhSJ/7vkBonl0oUNSMiuEF3nq2lmTVJ4iuEehbnFI3mX33FQYz6CbCrsROLliuv8FtbOrnIRQoFmLxssQqY=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB3952.namprd11.prod.outlook.com (10.255.181.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.20; Thu, 7 Nov 2019 11:23:19 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::31c9:3a31:3c07:a920]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::31c9:3a31:3c07:a920%6]) with mapi id 15.20.2430.020; Thu, 7 Nov 2019 11:23:19 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Dave Thaler <dthaler@microsoft.com>, "int-dir@ietf.org" <int-dir@ietf.org>
CC: "draft-ietf-6lo-minimal-fragment.all@ietf.org" <draft-ietf-6lo-minimal-fragment.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "6lo@ietf.org" <6lo@ietf.org>
Thread-Topic: Intdir last call review of draft-ietf-6lo-minimal-fragment-04
Thread-Index: AQHVlPdRdAzM57x8DkqeVzdB76HcJ6d/f0lA
Date: Thu, 07 Nov 2019 11:23:17 +0000
Deferred-Delivery: Thu, 7 Nov 2019 11:22:42 +0000
Message-ID: <MN2PR11MB356517192D428E8181F7FB06D8780@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <157308179603.20089.3680167711838185681@ietfa.amsl.com>
In-Reply-To: <157308179603.20089.3680167711838185681@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:c0c0:1005::1ec]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a3450202-e27a-4e75-fe46-08d76374e423
x-ms-traffictypediagnostic: MN2PR11MB3952:
x-microsoft-antispam-prvs: <MN2PR11MB3952F89A0D7A07EFF797563DD8780@MN2PR11MB3952.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0214EB3F68
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(136003)(366004)(396003)(39860400002)(199004)(189003)(43544003)(55674003)(13464003)(7696005)(561944003)(186003)(99286004)(14444005)(102836004)(33656002)(76176011)(476003)(5660300002)(256004)(64756008)(66556008)(66946007)(6506007)(9686003)(229853002)(66446008)(55016002)(2906002)(6116002)(1511001)(53546011)(66476007)(4326008)(316002)(14454004)(6246003)(478600001)(2501003)(76116006)(52536014)(6436002)(486006)(54906003)(110136005)(8676002)(305945005)(74316002)(7736002)(25786009)(8936002)(46003)(81156014)(81166006)(11346002)(446003)(71200400001)(86362001)(71190400001); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3952; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9IWfluxHKDfjLWhbuZgaINP0HOMUyfvjMiaTukaCgJhx4v2lvYgVANO+Wscn0Sh8utMMQW1hlMoxi1Nol0NIeyWVRpDWuy0BrZlKO8fU6B0Bh9PDxLUkQdadFC9EEYnNAGlVTqrc132o5KCRXhWXJl8F5pZUk1DqSnnmN1TqW+JeVGyHKCPCxsIKDzWXkbNvS4YXF8gCssLMx9+rj1toXBuAZOEe5W3OVjb9MW4xqj48prPRt3U25LSEf37s8zVw9RMb5o4mJVYZQ2cIEApq9AQki8syiw/cRgn6j7GAV8HTZbUJWljwNXypGaCyHFxwL9M2zbcqmq4PsrcQnfz0xkT400a7yQH/8C2eRoOq89l/0/BIAWVYWSzGaxHIl0v5RKqoAFq92fXx0GjdKmPLq7D54MrUljcyivzYxLSwOrmR+qUN3p/lKoSrVQspnCjn
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: a3450202-e27a-4e75-fe46-08d76374e423
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Nov 2019 11:23:18.9905 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 60nyPOO3iS1JcrktRzn/H2ZRwLoiMWZ4eBDEc+1NKNRWI5zC/yx/TYPWgUyy7XAxqT0KTxtapDs2AMaIcp9n2w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3952
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: alln-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/bKq2nzY2g36FRtFG8SUQt52CBkA>
Subject: Re: [6lo] Intdir last call review of draft-ietf-6lo-minimal-fragment-04
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2019 11:23:25 -0000

Hello Dave

Many thanks for being so reactive 😊

Please see below

> -----Original Message-----
> From: Dave Thaler via Datatracker <noreply@ietf.org>
> Sent: jeudi 7 novembre 2019 00:10
> To: int-dir@ietf.org
> Cc: draft-ietf-6lo-minimal-fragment.all@ietf.org; last-call@ietf.org;
> 6lo@ietf.org
> Subject: Intdir last call review of draft-ietf-6lo-minimal-fragment-04
> 
> Reviewer: Dave Thaler
> Review result: Ready with Issues
> 
> The title implies the document specifies a forwarding mechanism, but it does
> not, it merely provides discussion of two mechanisms in other docs (RFC 4944
> and draft-ietf-lwig-6lowpan-virtual-reassembly). I would recommend at least
> changing the title to be more clear as to the purpose of the doc.

A suggestion would help : ) 

Does "On Forwarding 6LoWPAN Fragments over a Multihop IPv6 Network" go the right way?


> 
> Technical confusion
> -------------------
> 1) Page 3 says the reassembly buffer contains "the link-layer address that
> node B uses to forward the
>    fragments".  I cannot tell whether this is referring to B's link-layer
>    address that it received the fragment on, or B's link-layer address that it
>    uses as a source link-layer address for forwarding it on, or the link-layer
>    address of the next hop to which B forwards.

The latter. B needs to send all the fragments with the same source link-layer address because that's part of the index for the datagram in C. Proposed change:
"
the Link-Layer address that node B uses as source to forward the fragments

"



> 
> 2) Page 3 also says the reassembly buffer contains "the link-layer address of
> the next hop that is resolved
>    on the first fragment".  I found this similarly confusing.  What does it
>    mean to resolve something "on" the first fragment?  Does it mean "during
>    processing of the first fragment"?  Maybe I missed it, but I couldn't find
>    in RFC 4944 anywhere that says that it would do next-hop resolution before
>    the datagram can be reassembled.  That would seem like a waste, if the
>    fragments are then discarded (e.g., due to timer expiry) without actually
>    doing any forwarding.
> 

RFC 4944 reassembles and then routes. We make the routing decision on the first fragment before we receive the second fragment, forward the first fragment and store that state. Unsure how to reword, your suggestion would be appreciated.


> 3) Section 3 talks about "MAC address" specifically whereas section 1 always
> talked about the more
>    generic "link-layer address".  Why the inconsistency?
> 

Fixed to "link-layer address" consistently.

> 4) Section 3 talks about "a 1280-byte reassembly buffer for each packet", but
> section 2.2 talks assumes
>    a "1 kB reassembly buffer".  1k != 1280 bytes.  Why the inconsistency?
> 

Fixed to
"                                                                           Assuming a reassembly buffer
   for a 6LoWPAN MTU of 1280 bytes as defined in section 4 of [6LoWPAN],
   typical nodes only have enough memory for 1-3 reassembly buffers.
"

> 5) Section 3 explains that "the first fragment must always be forwarded first",
> but does not explain
>    what the behavior is if a fragment other than the first fragment is received
>    before the first fragment. Figure 1 shows that the fragments can be received
>    out of order, since there fragment 6 is received before 5, which is received
>    before 4.   Presumably it is either queued or dropped.  If it's queued, then
>    section 4 is insufficient, which talks about an attacker generating a large
>    number of bogus "fragment 1" fragments, since if you queue the first
>    fragment received even if it's not "fragment 1", then the same attack
>    presumably exists, it's not specific to "fragment 1" packets.
> 

6LoWPAN does not mandate that all the fragments are sent in order, thus Fig1. But fragment 1 is sent first 
Quoting section 5.5 of Rfc 4944
"
                                                                   The first link fragment
   SHALL contain the first fragment header as defined below.

                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |1 1 0 0 0|    datagram_size    |         datagram_tag          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                         Figure 4: First Fragment

   The second and subsequent link fragments (up to and including the
   last) SHALL contain a fragmentation header that conforms to the
   format shown below.

                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |1 1 1 0 0|    datagram_size    |         datagram_tag          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |datagram_offset|
      +-+-+-+-+-+-+-+-+

                      Figure 5: Subsequent Fragments
"

The first fragment is the one with the IPv6 address of the destination that enables to find the next hop that the other fragments will use. So it is always available before a fragment can be forwarded. So it is easy to mandate that we forward it first. 
If we do that then the only way for a next fragment to arrive first is that the first fragment was lost in the transmission by the previous node. The first fragment may be queued for retries in the previous hop but that's a really bad idea.

Proposal:

* we add text on the above to clarify
* we mandate that on a link with ARQ, the node only forwards a next fragment if the first was acknowledged.
* we clarify that a next fragment that is received with no state from a first fragment for that datagram should be dropped.


> Grammatical nits:
> -----------------
> 
> Abstract has "... to forwarding ...", which should be "to forward" or "for
> forwarding"

done
> 
> Abstract has "to the virtual Reassembly Buffer", which seems incorrect both in
> terms of capitalization (since sectoin 3 has VRB) and grammar.  Suggest "to
> using virtual reassembly buffers".

I think we meant to the VRB draft. Applied your recommendation in the meantime:
"
This method reduces the latency and increases end-to-end reliability in route-over forwarding.
It is the companion to using virtual reassembly buffers which is a pure implementation technique.

"
Does that read well?

> 
> Section 1, first paragraph: "though possibly" is likely a typo for "through
> possibly"
> 
Fixed

> Section 1, 6th paragraph: "a same datagram" is oddly worded.  Suggest either
> "a datagram" or "the same datagram"

Yes French uses "a" to mean like any old datagram but still the same one; fixed : )

> 
> Section 2.2, grammar issue in "Assuming 1 kB reassembly buffer".  Either
> "buffers" plural or "Assuming a ..."
> 

Fixed as discussed above

Many thanks Dave. I'll be waiting for you answer on the open issues above before publishing.

Take care

Pascal