Re: [Int-area] draft-bonica-intarea-frag-fragile-01

Joe Touch <touch@strayalpha.com> Wed, 07 March 2018 02:57 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6719B124BE8 for <int-area@ietfa.amsl.com>; Tue, 6 Mar 2018 18:57:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level:
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AaCp3quBaxI6 for <int-area@ietfa.amsl.com>; Tue, 6 Mar 2018 18:57:39 -0800 (PST)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD981126B72 for <int-area@ietf.org>; Tue, 6 Mar 2018 18:57:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id: Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version: Content-Type:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=0F1837mbKkerDD3mQyO3qmmN4xcZcMr9Yx+raWPX2/g=; b=K608OAP0g+K0Tkj0KCH/jn+fV LkeSg7Ai3ckhJmI3gKub7Tb5dTIlHD3X/mNkUJKaTXDHIdqksUnnBvlbqRyGz6iJoFMvbKk3XWcn7 ei5ByE2ivUAId+tXqDfTI9bM+/iYgqBIOnmQMDKhL+9bXlnE7yTHevu4raqstgxzvh9KBsCc4q9NW qzutSseySDBGjwMp6RfNEJbQUod6Uuz/e0qrsED2gl7CJCbHiE+pygcgLGLWQwKkgTfVSDzmHrO3T 6U/YMa9u7eZ2vF+xg2CISWASn51adaLjOtfeLkLl1YMrOFN77PchTibtDbd1nAroOenN299OQiku+ vX5EU/cpg==;
Received: from cpe-172-250-240-132.socal.res.rr.com ([172.250.240.132]:54469 helo=[192.168.1.87]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from <touch@strayalpha.com>) id 1etPGk-000VWS-5O; Tue, 06 Mar 2018 21:57:33 -0500
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <FA95FB35-C4C4-45E9-A604-8E96367BFE00@employees.org>
Date: Tue, 06 Mar 2018 18:57:23 -0800
Cc: Tom Herbert <tom@herbertland.com>, Ron Bonica <rbonica@juniper.net>, "int-area@ietf.org" <int-area@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3C9B7F16-CC90-4E4F-9BBE-C20236DA6553@strayalpha.com>
References: <BLUPR0501MB2051C0DCCE28384FCD08F7C4AEDA0@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S37q8zLQidnyFRBnQSkzFv6ZegohpCTSRnARjikbNSa_yw@mail.gmail.com> <3B1D63EF-36E4-4AA5-B51D-36CC7614A7D9@strayalpha.com> <FA95FB35-C4C4-45E9-A604-8E96367BFE00@employees.org>
To: Ole Troan <otroan@employees.org>
X-Mailer: Apple Mail (2.3445.5.20)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/lyYNnVr7k7D_DVn0TbVurLqznzs>
Subject: Re: [Int-area] draft-bonica-intarea-frag-fragile-01
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 02:57:41 -0000


> On Mar 6, 2018, at 11:16 AM, Ole Troan <otroan@employees.org> wrote:
> 
> Joe,
> 
>> Agreed but note that draft tunnels will update that RFC in some important ways.
> 
> With other concerns than those raised in e.g. 4459 and 7597?

draft-tunnels corrects an error in 4459 that deals with the details, not the overall recommendation (AFAIR, at least).

> Unfortunately there are cases where there are no other choice than to do fragmentation/reassembly on tunnel endpoints, but still the recommendation holds.
> It is so problematic, that it is strongly recommended to engineer the network to avoid that happening.

IMO, there are two truths:

1) use of IP fragmentation SHOULD be avoided where possible, largely because it has reliability issues (ICMP blocking, NATs won’t tunnel frags and fail to [as required if they act on transport info] reassemble, etc.)

2) support for IP fragmentation MUST remain required, as MUST (IMO) NAT reassembly before transport rewriting

Yeah, I know a lot of devices fail the MUSTs in #2, but the requirements ought to set the goal, not describe the (sorry) current state.

#2 has to persist until we deprecate IP-in-IP tunneling (including tunnel-mode IPsec), as well as any IP-in-X*-in-IP for zero or more intermediate layers X where no layer supports fragmentation and reassembly

I’ve been working to fix the need for IP frag by developing support for that in UDP, but it doesn’t mean we should be ready to outlaw it.

I’m not sure what this doc does to add to this scene, though - it might be useful if the authors could explain how it affects 1 and 2 above and what else it adds in a *brief* post.

Joe