IETF Logo Mail Archive

Re: Is Fragmentation at IP layer even needed ?

Mark Andrews <marka@isc.org> Mon, 08 February 2016 20:09 UTC

Return-Path: <marka@isc.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF9F1B3290 for <ietf@ietfa.amsl.com>; Mon, 8 Feb 2016 12:09:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.902
X-Spam-Level:
X-Spam-Status: No, score=-6.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wNFtqzFL5pUI for <ietf@ietfa.amsl.com>; Mon, 8 Feb 2016 12:09:50 -0800 (PST)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [199.6.1.65]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 748BB1B328E for <ietf@ietf.org>; Mon, 8 Feb 2016 12:09:50 -0800 (PST)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.ams1.isc.org (Postfix) with ESMTPS id 1A03C1FCACC; Mon, 8 Feb 2016 20:09:47 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id ED785160041; Mon, 8 Feb 2016 20:09:45 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id DEC941600A2; Mon, 8 Feb 2016 20:09:45 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id eOl1ctAXA5Z6; Mon, 8 Feb 2016 20:09:45 +0000 (UTC)
Received: from rock.dv.isc.org (c110-21-49-25.carlnfd1.nsw.optusnet.com.au [110.21.49.25]) by zmx1.isc.org (Postfix) with ESMTPSA id 6B50C160041; Mon, 8 Feb 2016 20:09:45 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id A615941B5B96; Tue, 9 Feb 2016 07:09:43 +1100 (EST)
To: Ronald Bonica <rbonica@juniper.net>
From: Mark Andrews <marka@isc.org>
References: <CAOJ6w=EvzE3dM4Y2mFFR=9YyPBdmFu_jkF4-42LjkdbRd3yz_w@mail.gmail.com> <BLUPR05MB1985F5F2BB3118362C67B921AED50@BLUPR05MB1985.namprd05.prod.outlook.com>
Subject: Re: Is Fragmentation at IP layer even needed ?
In-reply-to: Your message of "Mon, 08 Feb 2016 17:21:30 -0000." <BLUPR05MB1985F5F2BB3118362C67B921AED50@BLUPR05MB1985.namprd05.prod.outlook.com>
Date: Tue, 09 Feb 2016 07:09:43 +1100
Message-Id: <20160208200943.A615941B5B96@rock.dv.isc.org>
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/LBt9u3F3fRMUKLbYA9txqZ0E2rQ>
Cc: ietf <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2016 20:09:52 -0000

In message <BLUPR05MB1985F5F2BB3118362C67B921AED50@BLUPR05MB1985.namprd05.prod.
outlook.com>, Ronald Bonica writes:
> Hi Alexey,
>
> This question comes up every few years. The short answer is:
>
>
> -          The vast majority of Internet traffic rides over TCP or UDP
>
> -          Generally speaking, traffic that rides over TCP does not rely
> on IP fragmentation
>
> -          However, traffic the rides over UDP absolutely relies on IP
> fragmentation
>
> So, as things stand, IP fragmentation is required to support UDP.
> However, the conversation doesnt end at that.
>
> Operational experience has taught us that IPv6 fragmentation does not
> work so well. Unlike IPv4, IPv6 encodes fragmentation information in an
> IPv6 extension header. Sadly, many operators discard packets containing
> that extension header. So, as specified, IPv6 provides fragmentation
> services, but as deployed, it does not.

Actually fragmentation works well unless you have a firewall that
drops fragments.  When they are not being deliberately blocked the
packets get through and are reassembled.  It is also not many
operators.  It is some operators.

Additionally there is zero reasons why firewalls can't open <src,
dst, frag offset != 0> when they open <src, dst, proto, src port,
dst port> for reply traffic for those that are paranoid about just
letting all non-zero fragment offset through.  I just let the
non-zero offset fragments through.

You might get a few extra packet through.

> Many end-stations work around this problem by sending packets no longer
> that the IPv6 minimum MTU (1280 bytes). This ensures that IPv6
> fragmentation services will never be required. However, it also prevents
> applications and networks from realizing the benefits of larger packets.
>
> So, the internet community has the following options:
>
>
> 1)      Live with the status quo / Send only packets < 1280 bytes
>
> a.       Say nothing in the standards about the issue, beyond what has
> already been said
>
> b.      Write an RFC informing developers of UDP applications of the
> problem and advising them not to rely on protocol MTU > 1280
>
> c.       Deprecate IPv6 fragmentation
>
> 2)      Fix the problem / Allow end-stations to send larger packets
>
> a.       Convince operators not to drop fragmented packets
>
> b.      Design a UDP replacement that provides fragmentation service and
> migrate UPD applications to the replacement protocol
>
> Options 2a and 2b may not achievable, because they require action on the
> part of many, many parties. So, we seem to be stuck with Options 1a, 1b
> and 1c.
>
> In light of this, your original question is not only appropriate, it is
> telling.
>
>
>                               Ron
>
>
>
> From: ietf mailto:ietf-bounces@ietf.org On Behalf Of Alexey Eromenko
> Sent: Sunday, February 07, 2016 7:47 AM
> To: ietf <ietf@ietf.org>
> Subject: Is Fragmentation at IP layer even needed ?
>
> Hi All,
>
> I'm re-evaluating TCP/IP stack again with my ongoing IP-FF research.
>
> My question: Is packet fragmentation at IP layer even needed ?
>
> Basically here are few possibilities:
>
> 1. Fragmentation-and-reassembly at every hop. (I don't know if anybody
> implements it)
> 2. IPv4 style-fragmentation -- fragmentation per every hop, reassembly at
> destination end.
> 3. IPv6-style-fragmentation -- fragmentation only at source end,
> reassembly at destination end.
> 4. No fragmentation at all (the advantage here: faster Router processing
> vs #1 or #2 and less implementation bugs); Assuming standard packet size
> is defined at 1280 bytes, like in IPv6
> 5. MTU path discovery via ICMP -- RFC-1981
> 6. MTU path discovery via TCP (or other Transport) -- RFC-4821 (or other
> way)
>
> I'm leaning towards 4 + 6 solution in my own protocol, IP-FF.
> What do you think ?
> Should IP layer provide fragmentation ?
>
> --
> -Alexey Eromenko "Technologov"

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email