IETF Logo Mail Archive

Re: [Int-area] draft-bonica-intarea-frag-fragile-01

Ron Bonica <rbonica@juniper.net> Wed, 07 March 2018 15:40 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5C3F127873 for <int-area@ietfa.amsl.com>; Wed, 7 Mar 2018 07:40:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I0HOjcFRPqAx for <int-area@ietfa.amsl.com>; Wed, 7 Mar 2018 07:39:52 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A43AA12D876 for <int-area@ietf.org>; Wed, 7 Mar 2018 07:39:52 -0800 (PST)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w27Fcoil018303; Wed, 7 Mar 2018 07:39:50 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=hy6wHnW/nMwZ1sHObVdXVnwnNdlmU8p00w5ERkATsAU=; b=UuiaJqE4a1+xvqYEXDwca21hOyIIqNUFiKNpQmVX3eiYVLq79Xxwy6TQiat5OIyg+Rao dmU82Y4nkRjySX0ZqV1saWMVr0IAlFeSWv31bUVUZRaiblgkYUFuT1EtPdjD5TdZEgtg DUW3l4rbSNA5KiQh9uh6mo3GAZVbtVfSXlxyq4P9o4P2GlQPwDG17x7R5mWcR+EA/kyS INI6qu3RXa/NO600UBoXAfvgtLGZ9zHgrhomo2pSR4AjmwzkBy8R5FTOVcrqo8oKwTvt LyjMeV12lfm0JNfaG+/U6xBP4fHLJmppf0dJAVf7BKeBFx/UgeI234FMrq/oKaU9qLWc tA==
Received: from nam03-co1-obe.outbound.protection.outlook.com (mail-co1nam03lp0016.outbound.protection.outlook.com [216.32.181.16]) by mx0b-00273201.pphosted.com with ESMTP id 2gjjny00tp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 07 Mar 2018 07:39:49 -0800
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com (10.164.23.21) by BLUPR0501MB2019.namprd05.prod.outlook.com (10.164.23.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.567.6; Wed, 7 Mar 2018 15:39:47 +0000
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com ([fe80::2d0f:9ef6:9bce:7853]) by BLUPR0501MB2051.namprd05.prod.outlook.com ([fe80::2d0f:9ef6:9bce:7853%2]) with mapi id 15.20.0567.011; Wed, 7 Mar 2018 15:39:47 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Joe Touch <touch@strayalpha.com>, Ole Troan <otroan@employees.org>
CC: Tom Herbert <tom@herbertland.com>, "int-area@ietf.org" <int-area@ietf.org>
Thread-Topic: [Int-area] draft-bonica-intarea-frag-fragile-01
Thread-Index: AdO0jIS4ltp/Psx9RAixmQiDhRi6uAA2As0AAANZtgAAA2vkAAAQF22AABqHe+A=
Date: Wed, 07 Mar 2018 15:39:47 +0000
Message-ID: <BLUPR0501MB20518A17336A2D9A6C36C3B8AED80@BLUPR0501MB2051.namprd05.prod.outlook.com>
References: <BLUPR0501MB2051C0DCCE28384FCD08F7C4AEDA0@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S37q8zLQidnyFRBnQSkzFv6ZegohpCTSRnARjikbNSa_yw@mail.gmail.com> <3B1D63EF-36E4-4AA5-B51D-36CC7614A7D9@strayalpha.com> <FA95FB35-C4C4-45E9-A604-8E96367BFE00@employees.org> <3C9B7F16-CC90-4E4F-9BBE-C20236DA6553@strayalpha.com>
In-Reply-To: <3C9B7F16-CC90-4E4F-9BBE-C20236DA6553@strayalpha.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BLUPR0501MB2019; 7:6AVrwuQlkUzDJLdXdDvJEM6DU/jR53zX568lIc7weXzaup72bW4Qdjy5VFjK1FnqQhsifzrtxyOpszHDFmQPBpBjjn1sIovMIc37JV0ELo8QsYd1bZDIB6dZ3xjLEu9NzSj3dNKNujtUksaExxT07BuMrcHyvMP3FPYiWOFSVxVnXOgGw87XnCL9hM9X31cN9G1w/n8yQVWBMSzPGe2hju+ShHiZXIBZkdXVn0qF47zOYke3fk7dWz/PwBlSNwaa
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: ee2035a6-9b1b-4e99-a345-08d58441a883
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BLUPR0501MB2019;
x-ms-traffictypediagnostic: BLUPR0501MB2019:
x-microsoft-antispam-prvs: <BLUPR0501MB201977702CA26892B72911F7AED80@BLUPR0501MB2019.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(138986009662008);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(10201501046)(3002001)(3231220)(944501244)(52105095)(93006095)(93001095)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:BLUPR0501MB2019; BCL:0; PCL:0; RULEID:; SRVR:BLUPR0501MB2019;
x-forefront-prvs: 0604AFA86B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39380400002)(366004)(39860400002)(346002)(376002)(396003)(199004)(13464003)(189003)(6506007)(7696005)(6246003)(53936002)(59450400001)(53546011)(105586002)(97736004)(99286004)(186003)(6436002)(2950100002)(2900100001)(316002)(102836004)(93886005)(76176011)(55016002)(9686003)(33656002)(26005)(74316002)(14454004)(7736002)(305945005)(6116002)(5660300001)(106356001)(25786009)(478600001)(3846002)(4326008)(3280700002)(229853002)(2906002)(5250100002)(81166006)(110136005)(54906003)(66066001)(68736007)(86362001)(8936002)(3660700001)(8676002)(81156014); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR0501MB2019; H:BLUPR0501MB2051.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: G45XwjshWm6bh4cvnlo+lEdw/9//jCPf3Yf4VuWk6p5JY6VVSWUavnF856E+wyZiP7oKhDn5oS5dGjuK2DIqma+qfKjXhytXSNfLOyK/nJmFACJTW+UZvCMcNh7SdOsEhVEdNzlEIAYgGHJpg6kegCpx3X0fAvZCBSVkkQ14FOpzMMvf5BFjzH01mFBhAbvOF60tEkUcRbUepvA6JnFx/N1+pYdGzr3W+p89gRGxmJh/5cmTAhXduMmwLnNDRaHnW24FEwioVXN+oJQ3lZCKhiohitQjxRffxoZ4FIl4qikaMCFAJIQT2MOcwFDhsfy6knlvgfiYG6XVnTq5rU+y0A==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: ee2035a6-9b1b-4e99-a345-08d58441a883
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Mar 2018 15:39:47.7264 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0501MB2019
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-07_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803070181
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/2usr3ArCU7VyxSCnjt__At-Yckg>
Subject: Re: [Int-area] draft-bonica-intarea-frag-fragile-01
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 15:40:01 -0000

Joe,

Your "Two Truths" are in line with the recommendations in Section 7 of draft-bonica-intarea-frag-fragile-01. The draft recommends that upper-layer protocols avoid doing things that cause fragmentation. It does not recommend the deprecation of fragmentation.

                                                                                   Ron

.
> -----Original Message-----
> From: Joe Touch [mailto:touch@strayalpha.com]
> Sent: Tuesday, March 6, 2018 9:57 PM
> To: Ole Troan <otroan@employees.org>
> Cc: Tom Herbert <tom@herbertland.com>; Ron Bonica
> <rbonica@juniper.net>; int-area@ietf.org
> Subject: Re: [Int-area] draft-bonica-intarea-frag-fragile-01
> 
> 
> 
> > On Mar 6, 2018, at 11:16 AM, Ole Troan <otroan@employees.org> wrote:
> >
> > Joe,
> >
> >> Agreed but note that draft tunnels will update that RFC in some important
> ways.
> >
> > With other concerns than those raised in e.g. 4459 and 7597?
> 
> draft-tunnels corrects an error in 4459 that deals with the details, not the
> overall recommendation (AFAIR, at least).
> 
> > Unfortunately there are cases where there are no other choice than to do
> fragmentation/reassembly on tunnel endpoints, but still the
> recommendation holds.
> > It is so problematic, that it is strongly recommended to engineer the
> network to avoid that happening.
> 
> IMO, there are two truths:
> 
> 1) use of IP fragmentation SHOULD be avoided where possible, largely
> because it has reliability issues (ICMP blocking, NATs won’t tunnel frags and
> fail to [as required if they act on transport info] reassemble, etc.)
> 
> 2) support for IP fragmentation MUST remain required, as MUST (IMO) NAT
> reassembly before transport rewriting
> 
> Yeah, I know a lot of devices fail the MUSTs in #2, but the requirements
> ought to set the goal, not describe the (sorry) current state.
> 
> #2 has to persist until we deprecate IP-in-IP tunneling (including tunnel-
> mode IPsec), as well as any IP-in-X*-in-IP for zero or more intermediate
> layers X where no layer supports fragmentation and reassembly
> 
> I’ve been working to fix the need for IP frag by developing support for that in
> UDP, but it doesn’t mean we should be ready to outlaw it.
> 
> I’m not sure what this doc does to add to this scene, though - it might be
> useful if the authors could explain how it affects 1 and 2 above and what else
> it adds in a *brief* post.
> 
> Joe

v2.23.0 | Report a Bug | By Email