[Int-area] draft-bonica-intarea-frag-fragile-01
"C. M. Heard" <heard@pobox.com> Sat, 17 March 2018 21:40 UTC
Return-Path: <heard@pobox.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D936712D87B; Sat, 17 Mar 2018 14:40:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com; domainkeys=pass (1024-bit key) header.from=heard@pobox.com header.d=pobox.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GkucBfHSjaLK; Sat, 17 Mar 2018 14:40:36 -0700 (PDT)
Received: from pb-smtp1.pobox.com (pb-smtp1.pobox.com [64.147.108.70]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6525612D87C; Sat, 17 Mar 2018 14:40:36 -0700 (PDT)
Received: from pb-smtp1.pobox.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 75385D5A60; Sat, 17 Mar 2018 17:40:35 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=mime-version :from:date:message-id:subject:to:cc:content-type; s=sasl; bh=put KfHBAYRpUBL3YpEbYLLaKCGg=; b=bwrXGSguElWwKFa5lntkjA5kBM0PiE2uMO7 aBun5Yn4FvgQVpwkh4j+fgGj2tgCP7/WHvMPU0NM3FQkf1A6TWQzgAg6yjbr+PZ2 GrQv+C49yrpiBfMwbBfrsGQAagwOtgVXRcx5TpsOoYA0RqXzI5dmLs5PcemRIHoL bqSFfudI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=mime-version :from:date:message-id:subject:to:cc:content-type; q=dns; s=sasl; b= gMd1yaJ/DMq5mXAk2eKu4atoFRv9w/IVcHeVJm4W/eb4uXDPpeTd7KeOo3IfgXeL 6fH1YJetMUNtmgSuHLHlre62V4tYbC+pdPCP60w0zMQBnPWcBzbRzFHtYP5r1DRw fmMK1ixvnIwgRwDjvYR9k7LkhyF/CjTk5y0IyI64aJQ=
Received: from pb-smtp1.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 6D071D5A5F; Sat, 17 Mar 2018 17:40:35 -0400 (EDT)
Received: from mail-ot0-f180.google.com (unknown [74.125.82.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp1.pobox.com (Postfix) with ESMTPSA id 069F5D5A5E; Sat, 17 Mar 2018 17:40:35 -0400 (EDT)
Received: by mail-ot0-f180.google.com with SMTP id 108-v6so13821768otv.3; Sat, 17 Mar 2018 14:40:35 -0700 (PDT)
X-Gm-Message-State: AElRT7EtNDD+m5wFFi/cMz+iPa8YhwhFP8FkNL9yz3x4Jy086SW9+AH5 uowF7LrD6p4kZ3DoLn3Ii47CPeKwnVJh6HMw5WY=
X-Google-Smtp-Source: AG47ELsr0uFyE5h41/RTEgJxmyEdneyFvVO9IqGMNKE++ATrc4bPap4oyLX9b7T1uOY+VPPcSVhMoUxZ/EoOkKiKMjU=
X-Received: by 2002:a9d:5b10:: with SMTP id x16-v6mr4703040oth.53.1521322834451; Sat, 17 Mar 2018 14:40:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.198.133 with HTTP; Sat, 17 Mar 2018 14:40:14 -0700 (PDT)
From: "C. M. Heard" <heard@pobox.com>
Date: Sat, 17 Mar 2018 14:40:14 -0700
X-Gmail-Original-Message-ID: <CACL_3VE8A-fEHDR0Bz=EhG0QVfvBqwfHeFgkOXbPXTAvjn75fg@mail.gmail.com>
Message-ID: <CACL_3VE8A-fEHDR0Bz=EhG0QVfvBqwfHeFgkOXbPXTAvjn75fg@mail.gmail.com>
To: draft-intarea-frag authors <draft-bonica-intarea-frag-fragile@ietf.org>
Cc: int-area <int-area@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000022e37b0567a293bd"
X-Pobox-Relay-ID: D337F5A6-2A2B-11E8-BA49-44CE1968708C-06080547!pb-smtp1.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/P6rMQqaR2GeHE54b_7r7C8k9NgA>
Subject: [Int-area] draft-bonica-intarea-frag-fragile-01
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Mar 2018 21:40:38 -0000
Draft authors,
Thanks for putting this draft together.
*Major comments*:
In Section 5.1, Transport Layer Solutions, please note that there is work
in progress on fragmentation at the UDP layer and cite
draft-ietf-tsvwg-udp-options
<https://tools.ietf.org/html/draft-ietf-tsvwg-udp-options>.
In Section 6.1, DNS, please note that draft-ietf-tsvwg-udp-options
<https://tools.ietf.org/html/draft-ietf-tsvwg-udp-options> may offer
an *incrementally
deployable* solution to the problem of oversize DNS responses. As far as I
know, this specific use case is not yet documented in any I-D, but the
basic idea is that a client would indicate its willingness to accept a
UDP-fragmented response by including in its (unfragmented) request a UDP
options trailer with the FRAG option as specified on page-15
<https://tools.ietf.org/html/draft-ietf-tsvwg-udp-options-02#page-15>
of draft-ietf-tsvwg-udp-options.
A server that does not implemented UDP options would ignore the options
trailer and use IP-layer fragmentation for large responses; a server that
implements UDP options would use UDP-layer fragmentation for large
responses.
*Minor Comments*:
Section 2.2, Upper-layer Protocols, says:
Upper-layer protocols can operate in the following modes:
o Do not rely on IP fragmentation.
o Rely on IP source fragmentation only (i.e., fragmentation at the
source node).
o Rely on IP source fragmentation and downstream fragmentation
(i.e., fragmentation at any node along the path).
Upper-layer protocols running over IPv4 can operate in the first and
third modes (above). Upper-layer protocols running over IPv6 can
operate in the first and second modes (above).
The first sentence of the last paragraph above is incorrect. In fact upper
layer protocols running over IPv4 can operate in the second mode by
instructing the IP layer to do source fragmentation and set the DF bit on
outgoing packets. I won't argue if you point out that most APIs don't
support this mode, but the fact is that the protocol allows for it.
Section 4.4, Security Vulnerabilities: please cite RFC 3828 in addition to
RFC 1858 in both places where the latter is cited.
I have (belatedly) read the comments on the int-area list and I think that
both Joe Touch and Mikael Abrahamsson make some very good points.
Again, thanks for putting the draft together.
Mike Heard
- Re: [Int-area] draft-bonica-intarea-frag-fragile-… Joe Touch
- [Int-area] draft-bonica-intarea-frag-fragile-01 C. M. Heard
- Re: [Int-area] draft-bonica-intarea-frag-fragile-… Joe Touch
- Re: [Int-area] draft-bonica-intarea-frag-fragile-… Ron Bonica
- Re: [Int-area] draft-bonica-intarea-frag-fragile-… C. M. Heard
- Re: [Int-area] draft-bonica-intarea-frag-fragile-… Ron Bonica