Re: TSVDIR review of draft-ietf-intarea-shared-addressing-issues-02

Joe Touch <> Thu, 03 February 2011 18:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8D8203A69A8 for <>; Thu, 3 Feb 2011 10:09:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -104.632
X-Spam-Status: No, score=-104.632 tagged_above=-999 required=5 tests=[AWL=1.967, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id YNUXIoIYnlb3 for <>; Thu, 3 Feb 2011 10:09:31 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id CAFB33A69F3 for <>; Thu, 3 Feb 2011 10:09:31 -0800 (PST)
Received: from [] ( []) (authenticated bits=0) by (8.13.8/8.13.8) with ESMTP id p13IBItF013866 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Thu, 3 Feb 2011 10:12:27 -0800 (PST)
Message-ID: <>
Date: Thu, 03 Feb 2011 10:11:18 -0800
From: Joe Touch <>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv: Gecko/20101207 Thunderbird/3.1.7
MIME-Version: 1.0
To: Masataka Ohta <>
Subject: Re: TSVDIR review of draft-ietf-intarea-shared-addressing-issues-02
References: <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 03 Feb 2011 18:09:32 -0000

On 2/3/2011 1:48 AM, Masataka Ohta wrote:
> Joe Touch wrote:
>>>>> 9. ICMP
>> I quoted the start of the section. The first sentence, without further
>> qualification, is inaccurate, IMO.
>> ICMP messages do not themselves have port numbers, but they are intended
>> to *carry* port numbers of the messages that caused their generation (if
>> they report errors).
> FYI, traceroute both with UDP or ICMP ECHO is working to/from
> /between private network behind end to end gateway is working.

Understood, but my issue is that "ICMP" is more than just ICMP echo;
many other messages are the result of sending a regular packet (as with
traceroute), and those are intended to include both the address and port
of the packet that causes the ICMP.

>> IMO, any device that initiates packets MUST verify that the IDs emitted
>> follow spec. Once a packet's address(es) are rewritten, the NAT is
>> responsible for ensuring that the IDs are unique across the
>> src/dst/proto triple.
>> I'm not aware of NATs that do this; they typically copy the ID field,
>> and this can easily cause reassembly errors later - even if the packet
>> is reassembled at the NAT itself.
> IC. We can rely on random id and transport checksum, then.

Transport checksum works only if the entire transport packet is included
in the ICMP response, and should not be relied on because it's only a
SHOULD to include the entire packet (and that entire packet wouldn't fit
if it was already at the path MTU anyway - there wouldn't be room for
the ICMP "IP" header or its additional fields).

>> See draft-ietf-intarea-ipv4-id-update for more a discussion of this
>> issue and the proposed requirements to address it.
> It should be noted that packet smaller than 69B is also atomic.

Packet size is not a consideration in whether a packet is atomic.

Packets under 69B must be able to be carried without fragmentation by a
link as per RFC791, but there's nothing in RFC791 that prohibits such
packets from being fragmented anyway. The only trick would be that the
node that did such fragmentation would need to know when to stop - so
that a packet with a max IP header and at least one 8-octet fragment
could eventually get through. But nothing in RFC791 requires that this
be the original packet.

> The problem of the draft (and IPv6) is that it depends on PMTUD.

Please explain how and where. PMUTD isn't even discussed or cited.