Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile

Joe Touch <touch@strayalpha.com> Sun, 29 July 2018 15:27 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82D01130E4C for <int-area@ietfa.amsl.com>; Sun, 29 Jul 2018 08:27:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.78
X-Spam-Level:
X-Spam-Status: No, score=-1.78 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, T_DKIM_INVALID=0.01, T_SPF_PERMERROR=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (body has been altered)" header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4SoJr2VyLADW for <int-area@ietfa.amsl.com>; Sun, 29 Jul 2018 08:27:19 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0DF52130E46 for <int-area@ietf.org>; Sun, 29 Jul 2018 08:27:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id: Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version: Content-Type:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=uz4k6wJuZh0uKkGVanxvwJ8lsrkMJtq5qIfTN60ADF8=; b=CDZPK64YGAdu7qNdroiWoyr+N 7eclY/gclXU2cyifZfIk5sozpEt/hVfz56RQwUfkg07DF44h1o870J6qPXF9zTcXCOLbWPc/MIXNn 7Fw76gnLtnCEPFqdOxWwfUA30nogEORzNO0Ow/mO5HACRvTOvWbE8yHhau07IDAEqnVodqedpVX6c 8pOgmqIUwk0uJXEhsQJ/J8UOMqC2Nw+FKSittmPFUah4XuhkirHZd9VHvqks4cUYI8etAI0ymVMV+ KnnxxqVNYp7er/mwPER0q+zeXh7F8C8VxEk/jiE/a447n4GNch5wppXJYumrkVFjqdK479Hxsp4QJ G3QDxyidg==;
Received: from cpe-172-250-240-132.socal.res.rr.com ([172.250.240.132]:54606 helo=[192.168.1.77]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <touch@strayalpha.com>) id 1fjnbJ-001aEg-39; Sun, 29 Jul 2018 11:27:17 -0400
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <alpine.DEB.2.20.1807290822250.14354@uplift.swm.pp.se>
Date: Sun, 29 Jul 2018 08:27:16 -0700
Cc: "internet-area@ietf.org" <int-area@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9168D506-E734-45E4-A9C2-09A64BCE179C@strayalpha.com>
References: <F227637E-B12D-45AA-AD69-74C947409012@ericsson.com> <0466770D-C8CA-49BB-AC10-5805CFDFB165@strayalpha.com> <6EDF0F79-C8F3-4F05-8442-FF55576ADDD0@employees.org> <alpine.DEB.2.20.1807271530280.14354@uplift.swm.pp.se> <CALx6S35LthDLRry7k-pF8KSoX4BXBA8kyArOpDUAcJMDCoLQpQ@mail.gmail.com> <alpine.DEB.2.20.1807280811540.14354@uplift.swm.pp.se> <8640DCF6-A525-4CF7-A89D-2DEDBF0FADC8@strayalpha.com> <alpine.DEB.2.20.1807290822250.14354@uplift.swm.pp.se>
To: Mikael Abrahamsson <swmike@swm.pp.se>
X-Mailer: Apple Mail (2.3445.9.1)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/H8fL6ocDCgW3R6HZLPVZ27Aygks>
Subject: Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Jul 2018 15:27:21 -0000


> On Jul 28, 2018, at 11:24 PM, Mikael Abrahamsson <swmike@swm.pp.se> wrote:
> 
> On Sat, 28 Jul 2018, Joe Touch wrote:
> 
>> because DPI and NAT devices don’t reassemble. And they don’t because it’s cheaper to sell devices that say they run at 1 Gbps (e.g.) that don’t bother to reassemble.
> 
> Keeping lots of state is always more expensive than not keeping state, and customers like lower cost devices.

Yes, but they need to be told that their device is “hobbled”.

>> So pushing this to another layer will never solve it. What will solve it will only be a compliance requirement for #6 - which could be done right now, and has to be done for ANY solution to work.
> 
> Where is that Internet Protocol Police when you need it? I appreciate your struggle, but I don't see how you will succeed in your struggle, in reality.
> 
> So I prefer to recommend not to rely on IP level fragmentation, and fragment at higher layers. It works better in reality.


Until it doesn’t, for exactly the same reason it isn’t working at IP.

You’re engaging in a game of escalation - whatever layer you add fragmentation will end up being a layer that a vendor puts a device that does DPI that fails.

Joe