IETF Logo Mail Archive

Re: [Int-area] Stateless devices and IP fragmentation

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 16 November 2018 03:44 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE8A0130E5C for <int-area@ietfa.amsl.com>; Thu, 15 Nov 2018 19:44:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bunT8DdV1h3x for <int-area@ietfa.amsl.com>; Thu, 15 Nov 2018 19:44:27 -0800 (PST)
Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D17301298C5 for <int-area@ietf.org>; Thu, 15 Nov 2018 19:44:27 -0800 (PST)
Received: by mail-pg1-x533.google.com with SMTP id n10-v6so9963323pgv.10 for <int-area@ietf.org>; Thu, 15 Nov 2018 19:44:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=C25lekYMIInFAMgKQhc0MUjttgBgE4bEpYMU7YQr0Ws=; b=UeQDbaK99+q7m9cnyL8kuOGz7fgg9lBKnGxqzgXKWVvJchpe61yyHsZIXHLGuV1muh KGNUlbvPhXY1XwWqlVxPJWfON4LEfpXnRUnqT1TB6jDdf5aPCxRhbdn9Cs+hgv7KN+IB q7wfbF6G/fP4eAJJ99/8FE3MOb0noUC24s/nOih4Y33DyYBDm5Nw2z6UZjqNFsGU8XuA zwlb89iRR09JAbC/MEnphc8q5A8VxzKWwkBvW/MEQGgEB9ME/CaFxkbZphAXcAyhqSiC hnyg/wNwEmGNYR9QO/HDyVe0L9AaAtC75e/1XcoikJK0pfiYi+Kvv0GN4XvYwr/sIDQq RJnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=C25lekYMIInFAMgKQhc0MUjttgBgE4bEpYMU7YQr0Ws=; b=DJhCXq5pODn59S2/jP7Q6NGGxyfIgCs0p/1la9Kfu6uVZ1+TC76zrPQBYErHv7xsgF /reKXADPI9XuDNksbar3B2z4FAwU21Q4n/soFtKLS8v0sMlx3Oy7cfixqaZJAenIuK2g ySw03GjzY3GQlFjoYr77ssZJ0fJNPhMDslK4DQEpWpLMAYgy1MatZqRFyzUlPcWQaXhn JIkIrcellWmah9nrGw433gI0dUu+nXZKhvLAIvhNixaZw1AZ9RsV1gKR9mhznKNewiuY Xu9xaNHxTsvhaxRuifFDuzShWI9PkkAD6xdDx2VHh5YGNE6N8cgGabh5JMG8wtuDYC6j 4GsA==
X-Gm-Message-State: AGRZ1gJrZHf7Kfz5AU/sV1k/JiQCYrBRm9cv+fgFN/PfDbC0cO2XYFBo t4MvKSMKw6kTHx64d6b4Hx9yXiVx
X-Google-Smtp-Source: AJdET5dgJGufbKUBjdoqpNZ96jAB5KxFIgw169gB6uBcpZRb4DTysv7XiJcozNL+BUsrO9G4YP2Lew==
X-Received: by 2002:a65:6447:: with SMTP id s7mr8392823pgv.226.1542339867141; Thu, 15 Nov 2018 19:44:27 -0800 (PST)
Received: from [192.168.178.30] ([118.148.76.40]) by smtp.gmail.com with ESMTPSA id g65sm53624950pfa.63.2018.11.15.19.44.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Nov 2018 19:44:26 -0800 (PST)
To: Ron Bonica <rbonica@juniper.net>, Tom Herbert <tom@herbertland.com>, Joe Touch <touch@strayalpha.com>
Cc: int-area <int-area@ietf.org>
References: <CALx6S37r9yeniZcrUcdrqjDuQXYAB2AoamJTJPDVe4GNOFbbLw@mail.gmail.com> <E7F84F7C-0AB9-4BD3-8650-487DC6A51B01@employees.org> <F8A549E4-1803-4502-AAEC-DF72B7167C84@strayalpha.com> <80BCE3A0-3F44-4200-BA5D-C59409F1A51B@employees.org> <85B9F5BE-E978-4946-86B8-3138D1742659@strayalpha.com> <BYAPR05MB4245F80B69226ED92E07F740AEC10@BYAPR05MB4245.namprd05.prod.outlook.com> <CALx6S36y80VbqzJF0obuRE3enu176=-y2tXyatC6D5GAsN+8Qg@mail.gmail.com> <BYAPR05MB4245A3105639AC55D753405DAEC10@BYAPR05MB4245.namprd05.prod.outlook.com> <BYAPR05MB42459E4BE7EBC8F76BCB17FAAEC30@BYAPR05MB4245.namprd05.prod.outlook.com> <CALx6S35Htt62PTRi+Yi0YdEkj-_k6_F7fy3UD+pafaD5-Rhn7A@mail.gmail.com> <BYAPR05MB42453EF690EF271C0E5E868BAEC30@BYAPR05MB4245.namprd05.prod.outlook.com> <CALx6S36EsvBSA8Q6B2KDJFHH5GOETOa2fBt+akOX0Q2pFKDtRg@mail.gmail.com> <BYAPR05MB42450FE554E36F855FF7BCF3AEC30@BYAPR05MB4245.namprd05.prod.outlook.com> <BYAPR05MB42459E26264B24E62CBC9A8EAEDC0@BYAPR05MB4245.namprd05.prod.outlook.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <97d780c6-a4e8-ca31-6679-bef2265a7985@gmail.com>
Date: Fri, 16 Nov 2018 16:44:20 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <BYAPR05MB42459E26264B24E62CBC9A8EAEDC0@BYAPR05MB4245.namprd05.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/t6NfbZnZjJZuwyi2sPtH7QW_N_c>
Subject: Re: [Int-area] Stateless devices and IP fragmentation
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Nov 2018 03:44:30 -0000

>  These stateless middle boxes may perform
> sub-optimally or process IP fragments in a manner that is not compliant with
> RFC 791 or RFC 8200.

That seems to skirt round the real concern. Middleboxes don't exist in
the world assumed by RFC 791 or 8200, so those RFCs don't place any
compliance requirements on middleboxes. It's simply implicit that datagrams
get delivered whether fragmented or not. RFC 1812 doesn't seem to mention
that routers MUST forward fragments, presumably because it's blindingly
obvious. Same for draft-ietf-6man-rfc6434-bis and draft-v6ops-ipv6rtr-reqs.

So at least can we say:

These stateless middle boxes may perform
sub-optimally, process IP fragments in a manner that is not compliant with
RFC 791 or RFC 8200, or even discard IP fragments completely.

Regards
   Brian

On 2018-11-16 10:35, Ron Bonica wrote:
> Tom, Joe, Brian,
> 
> I haven't seen a response to this message. Can I assume that you are OK with this text?
> 
>                                      Ron
> 
> 
>> -----Original Message-----
>> From: Ron Bonica
>> Sent: Wednesday, November 14, 2018 4:35 PM
>> To: Tom Herbert <tom@herbertland.com>
>> Cc: int-area <int-area@ietf.org>; Joe Touch <touch@strayalpha.com>
>> Subject: RE: [Int-area] Stateless devices and IP fragmentation
>>
>> Folks,
>>
>> We thrashing over the example. Can everybody agree to the following text?
>>
>>                                                Ron
>>
>> 7.3.  For Middle Box Developers
>>
>> Middle boxes SHOULD process IP fragments in a manner that is compliant with
>> RFC 791 and RFC 8200. In many cases, middle boxes must maintain state in
>> order to achieve this goal.
>>
>> Price and performance considerations frequently motivate network operators
>> to deploy stateless middle boxes. These stateless middle boxes may perform
>> sub-optimally or process IP fragments in a manner that is not compliant with
>> RFC 791 or RFC 8200. Providers of such middle boxes MUST document
>> product's their behavior.
>>
>> The behaviors exhibited by the above-mentioned devices are not desirable.
>> However, one behavior may be acceptable to one network operator while
>> another behavior is acceptable to another network operator. Middle box
>> vendors MUST provide network operators with all of the information required
>> to  make intelligent middle box deployment decisions.

v2.23.0 | Report a Bug | By Email