Re: [6lo] [6tisch] Thomas' review of draft-thubert-6lo-forwarding-fragments-04
Tero Kivinen <kivinen@iki.fi> Fri, 07 April 2017 09:49 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0E671200DF for <6lo@ietfa.amsl.com>; Fri, 7 Apr 2017 02:49:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.12
X-Spam-Level:
X-Spam-Status: No, score=-1.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZldLw5Gh6l_2 for <6lo@ietfa.amsl.com>; Fri, 7 Apr 2017 02:49:04 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53264128B44 for <6lo@ietf.org>; Fri, 7 Apr 2017 02:49:02 -0700 (PDT)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id v379muTE029719 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 7 Apr 2017 12:48:56 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id v379mtFA003377; Fri, 7 Apr 2017 12:48:55 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID: <22759.24711.77992.225193@fireball.acr.fi>
Date: Fri, 07 Apr 2017 12:48:55 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: PWK <pat.kinney@kinneyconsultingllc.com>
Cc: Thubert Pascal <pthubert@cisco.com>, Ralph Droms <rdroms.ietf@gmail.com>, Carsten Bormann <cabo@tzi.org>, Palattella Maria Rita <6tisch@ietf.org>, Thomas Watteyne <thomas.watteyne@inria.fr>, "6lo@ietf.org" <6lo@ietf.org>
In-Reply-To: <956EDC0E-3671-4230-BF74-5C962437FD1C@kinneyconsultingllc.com>
References: <CADJ9OA9AX6N+-pciaCxyO-oWNft2fwKf8OXSn71VDi+tdXHoKw@mail.gmail.com> <4A946964-5BE9-449F-B9F1-798A3FB56B30@tzi.org> <7520BB3A-B30B-4E0B-8C84-600893C19E4A@gmail.com> <2323795c367f4aa88b178c1710187ad6@XCH-RCD-001.cisco.com> <22758.13790.469557.896809@fireball.acr.fi> <8C7F867A-B669-4681-9FD7-FCF85E675DAD@kinneyconsultingllc.com> <22758.22825.803918.100803@fireball.acr.fi> <956EDC0E-3671-4230-BF74-5C962437FD1C@kinneyconsultingllc.com>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 9 min
X-Total-Time: 11 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/yxinkG5KITbvWsExF4UeQCuH8pI>
Subject: Re: [6lo] [6tisch] Thomas' review of draft-thubert-6lo-forwarding-fragments-04
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2017 09:49:06 -0000
PWK writes: > Actually, with 802.15.4 Layer 1 fragmenting, the source device sends > the destination device a message containing the Fragment Sequence > Context Description which includes (among other information) the > source and destination addresses and a 6-bit transaction identifier > which uniquely defines this fragment sequence. The destination > device must ACK this message before the fragment sequence starts. > After that ACK, the source sends the fragments that include the > transaction identifier but not the source and destination addresses. > Any device receiving a fragment checks to see if the transaction > identifier belongs to that device, if it doesn’t, the fragment is > discarded. In summary, multiple fragment sequences will not get > mixed up since the Fragment Sequence Context Description maps the > transaction identifier to the source and destination addresses. That is only true if you have two nodes on the channel. If node A sends fragment sequence context description IE and sets up fragmentation context with node B with TID of 0x00, and at the same time node C decides to send fragmented packet to node D, the node C will send similar frame to setup the fragmentation context with D, but as those fragment sequence context description IE frames do have addressing fields, only the intended targets will see them, thus only B receives the FSCD from A and only D receives it from C. Thus C does not have any idea which TIDs are in use, and it might also pick TID of 0x00. Then when A sends a fragment with TID of 0x00, and without addressing fields, both B and D will receive it and they both think it belongs to them. Similar when C sends fragments with TID 0x00 both B and D receive it and both will add it to their reassembly queue. If security is enabled then the problem is not as bad, as the MIC-32 of the fragment is calculated using nonce, which includes the sender extended address, thus MIC-32 will fail if the sender is not the one device assumes it is, thus node B will only accept fragments from A, and all fragments sent by the C will have invalid MIC-32, thus they will fail the authentication and will be dropped. Similarly with node D. If no security is used then there is nothing protecting the fragments, thus they will get mixed up. In LECIM this is not problem (at least that was told to me), because there is only one sender in one channel, thus the recipient can know that frame is from that sender by just receiving it on that channel. Of course the security of the fragments was broken in the 4k, and it was fixed in the 802.15.4-2015 version. In 4k the fragment counters and the frame counters could overlap, thus it could generate same nonce twice in some cases (i.e. frame number 0x00000001, and fragment 0x01 of frame number 0x000000 had same nonce or so). -- kivinen@iki.fi
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Tero Kivinen
- [6lo] Thomas' review of draft-thubert-6lo-forward… Thomas Watteyne
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Carsten Bormann
- Re: [6lo] Thomas' review of draft-thubert-6lo-for… Pascal Thubert (pthubert)
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Ralph Droms
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Carsten Bormann
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Pascal Thubert (pthubert)
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Rahul Jadhav
- Re: [6lo] Thomas' review of draft-thubert-6lo-for… Lijo Thomas
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Tero Kivinen
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Carsten Bormann
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Muhammad Akbar
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Rahul Jadhav
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… PWK
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Carsten Bormann
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… PWK
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Rahul Jadhav
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Tero Kivinen
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Tero Kivinen
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… PWK
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Pascal Thubert (pthubert)
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… Tero Kivinen
- Re: [6lo] [6tisch] Thomas' review of draft-thuber… PWK