IETF Logo Mail Archive

Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile

Christian Huitema <huitema@huitema.net> Fri, 31 August 2018 02:56 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FB5C130DFC for <int-area@ietfa.amsl.com>; Thu, 30 Aug 2018 19:56:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XcGVEctcUaN6 for <int-area@ietfa.amsl.com>; Thu, 30 Aug 2018 19:56:46 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D84E12DD85 for <int-area@ietf.org>; Thu, 30 Aug 2018 19:56:46 -0700 (PDT)
Received: from xsmtp05.mail2web.com ([168.144.250.245]) by mx64.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1fvZbl-000CGw-FN for int-area@ietf.org; Fri, 31 Aug 2018 04:56:44 +0200
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp05.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1fvZbf-0005Yi-BZ for int-area@ietf.org; Thu, 30 Aug 2018 22:56:23 -0400
Received: (qmail 9881 invoked from network); 31 Aug 2018 02:56:15 -0000
Received: from unknown (HELO [192.168.1.105]) (Authenticated-user:_huitema@huitema.net@[172.56.42.28]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <intarea-chairs@ietf.org>; 31 Aug 2018 02:56:15 -0000
To: Joe Touch <touch@strayalpha.com>
Cc: Tom Herbert <tom@herbertland.com>, Toerless Eckert <tte@cs.fau.de>, int-area <int-area@ietf.org>, intarea-chairs@ietf.org
References: <CAF493D3-37A2-4A89-BA88-81567E5B88F1@huitema.net> <810cea0d-809f-040d-bc79-7c7413cd99f2@strayalpha.com> <20180827023513.2bxjrk335al2lbvz@faui48f.informatik.uni-erlangen.de> <E02F3C36-ECE6-419E-A219-08A15AD98D13@strayalpha.com> <20180828220915.fpx5hi7nhl46ou6r@faui48f.informatik.uni-erlangen.de> <CALx6S35vbtYOiEx2opqSh1uq9rfgG5QHEQcb+ccWLMcwWZA-uQ@mail.gmail.com> <20180829002430.fojlqonvnqdrhw4z@faui48f.informatik.uni-erlangen.de> <af424b4b449c4a1459b69ed01a984e48@strayalpha.com> <CALx6S3563g___ZP03dD5+sV++ZH7U5yudqRX0Bf2744BbBxGgQ@mail.gmail.com> <2b6dd7006cca65525ac6240a8edffabb@strayalpha.com> <CALx6S37EiFo8C4K7fO=O0hNpStoaS6wBvM8jVowmJTQHW2=DHw@mail.gmail.com> <b40ed6c3fc32909e2df677cd999550dd@strayalpha.com> <CALx6S34WW4tj=UVmUBpREdeQ9Wshv=ZdTs3RLQLG9+nOr6ArjQ@mail.gmail.com> <11b0cc8e660ae288b283b6fb82f45b3b@strayalpha.com> <472d83e1-ea8f-2ac5-d0fb-fb1c0301f07d@huitema.net> <046561A5-8B54-4E8B-B8D6-52E5F2784A9C@strayalpha.com>
From: Christian Huitema <huitema@huitema.net>
Openpgp: preference=signencrypt
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= xsBNBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAHNJ0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PsLAeQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1bOwE0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAcLBfgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <769450f2-1102-b17b-182a-a22cf74bca10@huitema.net>
Date: Thu, 30 Aug 2018 19:56:15 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <046561A5-8B54-4E8B-B8D6-52E5F2784A9C@strayalpha.com>
Content-Type: multipart/alternative; boundary="------------EACC1666938F00CD8CB9A7F1"
Content-Language: en-US
X-Originating-IP: 168.144.250.245
X-AntiSpamCloud-Domain: xsmtpout.mail2web.com
X-AntiSpamCloud-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.32)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5p5JCQBjdqUtgQ86wr63mxF602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO3NBQ8jcSCSHwUCPl9o/grPBFCAKYcLuPfWMLWK7DDnqQZvCthenVLLUMz97Xd8cHyTg 127TqHZDxA/kZB41Rh901iU5yAsBk1OyzGhUzELB1+Eqy6GxbJLo+41hTzZK/zSkkFlQZz6yFr2K mBj9WjaK54YNgBMK/cTYPsBEoX179aHqbsOLz4EkKfELCxwJIuCuRipgeuVjmv1s/D+SPSrFkCxZ 25wl+SuGnaEIRu161qkK742y4wCes8FTZAV12aOHsLIgU6CxRwTS/pCI4IAd4WM/pHSp5vEtSzeE iAXwP8biGVaHxdIhJpX2SF/frT/TpQy8kTfRo7YlxVS4t1aI+8ftzFe2XyLppMxgk9v7VqJR6J2i W088Nl7RXq3VxAIPbR6iF0Io2IR6cFULTLnHEgV4HBy01ru1y7iS4JNj78/Vv7ggS7iHB0mlJNSa 0Pvg7iEFLP+SSY+Av5+AiC4U9HUzCRh7sjHuKmFzuIFMddqC5NBecFSg6igUOhkzZTrmzbO1tNtB tZsXQJKH1k+eMNnfXgg9myaSPB/HPOOqfJlbZZh01urflxdd2g4lVBsXybHsG54cmqy4G6ri+/v3 Y80OmAux3oN13+ztUzneIwZuJjLyvvT8W8HWXgSXZtr9ZdPSjq7LLQXOTkb//f15aYBfe6kHG0Yx Y3bKwkOVC04MkG3TILuMKqlTnJ1NAlFfEoXm0/FPF8PR0w363ln2vwxpYOJbUV/+bJKKFZGLlmhe IH9HXev4oX8pIaUucYu1gPmxmMWQMERQ8LpknpsXvJkDol3Ip3RHdLeq+fnq3jR5NeVaJQBh0uaw l0Cg8sKH0lJP3SQ3Hl0AH0QpMBIkYAzMcdhZar+1dDSXmWgfeWn7/ueLrlp+ZPRlQaamlokd2x35 zAiBFPp64JaIysDeBo8dSr9xryLrvIVUMlnB
X-Report-Abuse-To: spam@quarantine6.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/s9nqDI_iWWI47EnRZAt1i2MM16g>
Subject: Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Aug 2018 02:56:49 -0000


On 8/30/2018 5:26 PM, Joe Touch wrote:
>
>
>> On Aug 29, 2018, at 11:19 PM, Christian Huitema <huitema@huitema.net
>> <mailto:huitema@huitema.net>> wrote:
>>
>>> Regardless, middleboxes shouldn't be avoiding their own effort by
>>> creating work for others. A corollary to the Postal Principle should
>>> be "you make the mess, you clean it up". 
>>
>> Joe's stubborn adherence to the letter of the RFC would be very nice
>> if the protocol police could somehow punish the merchants of NATs…
>
> My concerns are pragmatic - merely not supporting something does not
> make it unnecessary.
>
> There was a time when Internet service in hotels would regularly block
> all except basically DNS and HTTP/HTTPS; that’s becoming much less the
> case. There was a time when devices didn’t support IPv6 at all because
> it was considered merely an unnecessary expense; that’s becoming much
> less the case too.
>
> In this case, we have two problems 
> 1) NATs/firewalls as currently implemented do not support fragments
> 2) our current protocols, in many cases, require fragments (IPsec
> tunnel mode) and in other cases (tunnels in general) would benefit
> from IP fragmentation support
> 3) we DO NOT HAVE an alternative (there are some piece-wise proposals
> for various aspects, but none support IPsec tunnel mode and none are
> otherwise universal
>
> Yes, something needs to be done, but I argue that *until we have a
> worked alternative*, we need to keep restating the fact -
> NATs/firewalls MUST reassemble to work properly; where they don’t, the
> error is on them - not the rest of the Internet for using fragments.
>
>> The whole discussion reminds me of Martin Thomson's draft, "use it or
>> lose it" (draft-thomson-use-it-or-lose-it-02). Martin is describing
>> how extension mechanisms that are not actually used get ossified away
>> by the deployment of middle-boxes. The same happened long ago with IP
>> segmentation. With NATs, applications cannot assume that reassembly
>> will work. With Firewalls, transports cannot assume that ICMP will work. 
>
> Yes, that’s the tension:
> a) identify bugs and fix them
> b) accept bugs as de-facto protocol evolution
>
> The problem with (b) is that it is not guided by what Internet users
> need; it’s guided by what is profitable for individual vendors. That
> path is hazardous - there’s no reason to believe that the result will
> be a useful Internet. So until we know it’s safe to do (b), we need to
> stick with (a).

Shouting from the hilltops is not sufficient. We can very well do it,
but our voice is not very loud, and our hill is not very tall. Fixes
happen when there is some customer pressure, as in "your bug blocks some
application that many customers love." I just don't see any application
putting pressure on NATs and firewalls to support fragmentation. HTTP,
email, or Web RTC seem to be working just fine. It may be that IPSEC and
some tunnels do not work in theory, but VPNs do work in practice. It may
be that protocol stacks could clean up some of their kludges if
fragmentation worked, but the market does not care a whole lot about
that. And without such pressure, the protocol police is not going to be
very effective.

By the way, the biggest issue is not so much fragmentation as
black-holing. One thing is for a NAT to not support reassembly. Another
is to get a fragment and just drop it without telling anything to
anyone. Or even worse, forward an initial-but-incomplete fragment and
drop the other fragments, all that without telling anything to anyone.
Strategically, that may well be where to put the pressure. Reassembly
requires state and memory, but sending an ICMP at most requires some
form of rate control. That should not be too hard.

Of course, then we will have to convince firewalls to not drop these
ICMP packets. But there the dynamics are manageable, because the
firewalls dropping the ICMP and the servers that could benefit from them
are often managed by the same folks. So maybe there is some hope after all.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email