Re: [Int-area] draft-bonica-intarea-frag-fragile-01

[Mikael Abrahamsson <swmike@swm.pp.se>]

On Mon, 5 Mar 2018, Ron Bonica wrote:

> Folks,
>
> Please review draft-bonica-intarea-frag-fragile-01 and provide comments. 
> The URL is 
> https://tools.ietf.org/html/draft-bonica-intarea-frag-fragile-01.

I like it.

4.6. There are cases where this "misconfiguration" is due to vendor 
default not being changed. I do not equate "misconfiguration" with "didn't 
change default configuration". Some others might. It might also be due to 
"hardware limitation". Generally, I do not like the "filtering" (I have 
opposed to this in other drafts), as for me "filtering" conveys intent. If 
there is no intent, there is no filtering, but instead there is "dropping" 
or some other word.

4.7 Can we please have 4.7 that describes cases where ICMP PTB are never 
emitted because of misconfiguration? For instance intermediate L2 switch 
that has lower MTU than the L3 nodes connected to it, or mismatched 
MTU/MRU on two nodes connected to each other.

5.1. Can we have some kind of strong recommendation that hosts enable 
PLMTUD for TCP?

6. "IP encapsulations". Shouldn't this be "some packet-in-packet 
encapsulations"? Or does "IP encapsulations" mean "anything encapsulated 
in IP"? 6.3 talks about this as well, I think it's worthwile to put in a 
sentence that whatever is said in this document, probably applies to all 
kinds of encapsulations.

6.1. Err, last paragraph, aren't we getting ahead of ourselves here? I 
guess this is because of Geoff Hustons claims? That last paragraph is in 
dispute (I'd say, from talking to other people involved in DNS).

7.2. I strongly believe we need more text here. It should be something 
along the lines of:

"As per RFC4890, network operators MUST assure proper operation of PMTUD 
by making sure that PTB packets are emitted by all equipment when it can't 
fit a packet into a smaller MTU link, and that large MTU packets are not 
silently discarded due to misconfiguration. Network operators MUST NOT 
filter ICMP PTB packets."

...

As a last comment, do we know documents that tell application developers 
how to do what this document recommends in 5.2? If someone developers 
applications that use UDP for instance, how do they know what the 
operating system PMTUD is at any given time, to avoid the host stack 
fragmenting the packet? I've been interacting with people who had this 
specific problem, and it wasn't easy to figure out exactly how to do what 
is being said in this text (which I agree should be done).

Generally, I think the IETF should strongly recommend application/protocol 
developers to not rely on IP fragmentation, generally. So the ones listed 
in 6 (and I imagine there are more of them), should change the way the 
protocol is done. This includes DNS. So all working groups should be put 
on notice to start working on this problem if they don't already have a 
solution for it.

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se