IETF Logo Mail Archive

Re: [Int-area] FW: Last Call: 'Fragmentation Considered Very Harmful' to Informational RFC (draft-heffner-frag-harmful)

Joe Touch <touch@ISI.EDU> Fri, 13 October 2006 22:56 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYVwk-0000hA-Go; Fri, 13 Oct 2006 18:56:06 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GYVwj-0000eK-0T for int-area@ietf.org; Fri, 13 Oct 2006 18:56:05 -0400
Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GYVwh-0006GA-F8 for int-area@ietf.org; Fri, 13 Oct 2006 18:56:04 -0400
Received: from [128.9.168.63] (bet.isi.edu [128.9.168.63]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id k9DMtW87017296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 13 Oct 2006 15:55:34 -0700 (PDT)
Message-ID: <453019DE.9040001@isi.edu>
Date: Fri, 13 Oct 2006 15:57:34 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: Matt Mathis <mathis@psc.edu>
Subject: Re: [Int-area] FW: Last Call: 'Fragmentation Considered Very Harmful' to Informational RFC (draft-heffner-frag-harmful)
References: <E1GXMkr-00060i-VM@stiedprstage1.ietf.org> <452C71DA.60708@piuha.net> <452CFDC7.4010003@isi.edu> <Pine.LNX.4.58.0610131613520.2581@tesla.psc.edu>
In-Reply-To: <Pine.LNX.4.58.0610131613520.2581@tesla.psc.edu>
X-Enigmail-Version: 0.94.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8
Cc: int-area@ietf.org
X-BeenThere: int-area@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/int-area>
List-Post: <mailto:int-area@lists.ietf.org>
List-Help: <mailto:int-area-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=subscribe>
Errors-To: int-area-bounces@lists.ietf.org


Matt Mathis wrote:
> On Wed, 11 Oct 2006, Joe Touch wrote:
> 
>> The document fails to note that some implementations set the
>> Identification field to 0. IMO, this is incorrect operation, since there
>> are no reserved values for that field (including 0).
>>
>> E.g.:
>> http://archive.cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00184.html
>> Some cases are claimed to be corrected, but that message indicates a
>> remaining, deliberate case (if anyone has a handy Linux kernel, it'd be
>> useful to check).
>>
>> Some issues with IPID=0 came up last August on the int-area list,
>> notably regarding the ROHC review. See also draft-ietf-rohc-tcp-13.txt,
>> sec 3.2, the Oct 6, 2006 draft (!). I *still* do not consider that
>> compliant behavior, and it's worth referring to here, IMO>
> 
> When working on a much earlier version of this document (before we removed all
> prescriptive language) I advocated that we encourage people to set the IP ID
> to zero, because implementations that hard fail when IP ID is zero are
> (*mostly) statistically failing today.  Put another way, given that the IP ID
> field is not large enough, all values of IP ID are approximately zero anyhow,
> and any protection is only an illusion.
> 
> (*mostly, because the other route is to strictly enforce the IP ID wrap time
> and fragment lifetimes.)

I'd prefer that approach to deliberately encourage breaking fragmentation.

> BTW, We removed the prescriptive language because there are a huge number of
> partial solutions, each of which has lots of baggage in the form of
> preconditions and caveats.  We started to write them down, but the solution
> space (and document) become fractal.  The only complete solution is to use a
> really robust method to get the correct MTU, and then don't fragment.
> 
> (Ok one caveat: tunnels can also work if they greatly strengthen the IP ID
> and/or do their own fragmentation).

This is the bigger issue. Tunnels supposed to honor the DF bit, but
basically cannot. There are two alternatives:

- clear DF in the outer header and take your chances

- set the DF bit in the outer header but allow the head of a tunnel to
fragment

	this is close to what Fred suggests, but IMO a lot simpler.
	here's the idea:

	- tunnel head MAY fragment even if arriving packet has DF set

	- tunnel MUST set DF in all segments emitted (no further
	fragmentation, which appears to be otherwise possible if DF
	is clear)

	- tunnel 'remembers' an MTU for each outgoing link
	(it can be the min of all outgoing link MTUSs)

	- when tunnel receives ICMP too-big, it recalibrates the
	MTU accordingly and fragments subsequent packets accordingly

This method uses conventional PMTU, i.e., sends large packets and resets
the MTU down when ICMP NACKs are received, vs. Fred's draft which
involves probes. It has disadvantages (susceptible to blackholing) but
doesn't involve a new header either, and might be worth noting.

This makes a tunnel act just like a link (which it *IS*!); links like
ATM do this routinely; when they fragment, they take responsibility for
monitoring the fragments.

FWIW, this differs from what 2003 and 2401/4301 say regarding DF; they
lump whether you can fragment and how to set/clear the DF bit in the
same bin. It'd be much more useful to separate the two.

(Fred - consider this input to your doc ;-)

Joe
		


_______________________________________________
Int-area mailing list
Int-area@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/int-area

v2.23.0 | Report a Bug | By Email