Re: [Int-area] I-D Action: draft-ietf-intarea-frag-fragile-06.txt
Joe Touch <touch@strayalpha.com> Fri, 01 February 2019 15:45 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8963C130E25 for <int-area@ietfa.amsl.com>; Fri, 1 Feb 2019 07:45:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.219
X-Spam-Level:
X-Spam-Status: No, score=-1.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z7UssRldBEB7 for <int-area@ietfa.amsl.com>; Fri, 1 Feb 2019 07:44:58 -0800 (PST)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B171130E00 for <int-area@ietf.org>; Fri, 1 Feb 2019 07:44:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=dEXqjvQxKLB5OLBOs80TVtjmoSPv67b4YyajlzFA0rQ=; b=tQ16rt/4HaFxxERilKqWPAK0U ZZ9dB/ghuoM87qhgKuWcABty2I/Cdw4g+QvXKqAVQyJvrYx+u+LJ5xBLHS5i18iYVBQmAOXWQCyXS Lefn2BFxomE9sQEF8NhKBDRBuJLrGCHjh0sEX0z6J+i57+oZ3IpCZRrjLLQdukXMW+vNaQLHetMVb FUC8i2Oc8PPsZPS9zUCbOLOSma2U+qOR8Ph3koh4SGlF01slW73uElUjuQ7vE794L3OwjVYBaGPZF 7rdUzD1Yq8LLBUGDYABzNJI3tt/nFqESUK2PeRstA7fMp57cWHE+ihYq8VL7HdqH6+O8u4aw5u0uO 2C0MwT0IQ==;
Received: from cpe-172-250-240-132.socal.res.rr.com ([172.250.240.132]:53599 helo=[192.168.1.77]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <touch@strayalpha.com>) id 1gpazr-000qmf-ML; Fri, 01 Feb 2019 10:44:56 -0500
Content-Type: multipart/alternative; boundary="Apple-Mail=_E87AD168-BC73-49BD-BEA2-8E2A464D46DE"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <2479C8A9-6574-4A80-B156-BC64CB9130EF@employees.org>
Date: Fri, 01 Feb 2019 07:44:50 -0800
Cc: Tom Herbert <tom@herbertland.com>, Ron Bonica <rbonica@juniper.net>, int-area <int-area@ietf.org>
Message-Id: <801FDF87-4D18-4F08-A5AE-71393F3C2487@strayalpha.com>
References: <BYAPR05MB424584AA4D0D11D7D0098B81AE900@BYAPR05MB4245.namprd05.prod.outlook.com> <CALx6S35-F_8L+QCcwN6--3TrrRdE5OG3vUACTEH03AmKYerLSw@mail.gmail.com> <BYAPR05MB4245604C8E234D72F42E0D8CAE910@BYAPR05MB4245.namprd05.prod.outlook.com> <10861CAC-3650-4B69-A8B0-437C2A3494CA@strayalpha.com> <CALx6S35XMV+7uXoGatsFEg7Bh+ueuHGVDZrXa8o4cSQKdON7iA@mail.gmail.com> <eb0cd9a4bd898310122ea77e0fade3f9@strayalpha.com> <CALx6S3708uQN2cey8ZDWUKsRR0KUH_uEPk6JwUu4eY4h0Op6xA@mail.gmail.com> <75e840b19c2e439ab3ff13d7c105ce8f@boeing.com> <CALx6S35tKRUDuMQmpiA7dVJV7D9ijXAWD-exGe7-3xZT-k9XVw@mail.gmail.com> <2479C8A9-6574-4A80-B156-BC64CB9130EF@employees.org>
To: Ole Troan <otroan@employees.org>
X-Mailer: Apple Mail (2.3445.9.1)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/FtqQQrMG1Fe6HNIaKJviZZE6fvI>
Subject: Re: [Int-area] I-D Action: draft-ietf-intarea-frag-fragile-06.txt
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Feb 2019 15:45:01 -0000
Virtual reassembly means “forwards *as if* reassembled”, without actually reassembling. It’s actually not all that much different from the way NATs or unidirectional firewalls work for TCP. On Feb 1, 2019, at 12:42 AM, Ole Troan <otroan@employees.org> wrote: > > if first fragment in chain > found = lookup 4 tuple in reassenbly cache > if found > forward buffered packets > else > create session state entry in reassembly cache > forward packet > else > found = lookup 4 tuple in reassembly cache > if found > forward packet > else > buffer packet The only addition to the pseudocode above is to timeout the cache entries based on the “expected reordering” (see RFC 6864). That timeout performs the same function as the TCP cache entry timeout in those NATS/firewalls. For TCP, a FIN-ack or ack after FIN (depending on who closes the connection) can flush the entry before a timeout. For fragment reassembly, the middle box CAN keep track of the fragments seen and flush the entry when a complete “virtually reassembled” packet is seen, but that’s probably overkill vs. a simple timer (actually, a packet count can suffice). Joe
- [Int-area] I-D Action: draft-ietf-intarea-frag-fr… internet-drafts
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Brian E Carpenter
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Ron Bonica
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Ron Bonica
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Brian E Carpenter
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Ron Bonica
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Templin (US), Fred L
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Ole Troan
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Templin (US), Fred L
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Templin (US), Fred L
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-fra… Templin (US), Fred L