Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile

Tom Herbert <> Thu, 26 July 2018 15:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 310CD1311B3 for <>; Thu, 26 Jul 2018 08:28:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id oz1mXGPUbq2e for <>; Thu, 26 Jul 2018 08:28:06 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400d:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0032A1311B1 for <>; Thu, 26 Jul 2018 08:28:05 -0700 (PDT)
Received: by with SMTP id b5-v6so1252691qkg.6 for <>; Thu, 26 Jul 2018 08:28:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=uq9Rxv4k1h0K0J5A7l64dZheRZ8DmdJIk8BXZ9O6SKY=; b=W7vfseFT0IVXgYeYYmCKVoT7TA8g5MDJ90sUMr7T3/411UUVHe3oMYjXUcEg8m8zZ3 hbIOeUYvGY10qIk+Cbk/tKLq8le8oN4UklE8JyD/znmJOR2miJilSjKdivBfulDkinDt 6Ebr97o1jD2I6lR1G5qVUG066LxXRW7zqa0uzEG67XBX+jTMKLDPz/GzshYb0zk/t+hD xFTwK6/KqHQ3KqwPyNfE0hgzMTWJhYGQ7E4yZljGPU+A9nARcj0xPvOfGFzvswAqoA4A P7KdwbRXy797TKicBdF+MMKVuQCYc8F8ZwsSO/AO3mBTddgL6rA8msPjqm3XVBvglm/5 QXtw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=uq9Rxv4k1h0K0J5A7l64dZheRZ8DmdJIk8BXZ9O6SKY=; b=GajGloq642TM7a7aOqdQT/kHgvcUnU5Vo3s0wleKzsTMFjbh6F05QYA8U6nuCzKpfb 4ZATnMo0nX5BL5Nrez82RyKImGOh7+RRwCHbxQCZgq5iwYcbnn8RhiByrahqNO71wmM/ GncOxuJMm+Dtrp9GAIfTehtmdfwgwLLYrXmqkh+ThEYNjduWOUQ6W1DKEoAiC0lfM/uK NJPqh2Cp3i2Fr+VbEeJOs0qiyWUYPtAlw6wGbvVvDKqcnLEzrUcWW2UtxTsRGTEAlq08 gOpLqpBsD2JikSoqZ/M6y5Gx3lTSH4B6TcpQwCUmITdMQ3mELWRDtSmWUl2CXvRqVwdw wtvQ==
X-Gm-Message-State: AOUpUlFy6zaCOOsAdRLMXlhfOcxvCdT3XAqyre2mHIOijdwL2QwPxOtO OX/PEAZ1bJUMHhEeQwi+y1WYSGH0qe35L+0nb/ylKg==
X-Google-Smtp-Source: AAOMgpfba8XsiXGksebGif6UN87Dbhc+mLkrq9p7sIJ7nBzT2yrku0NOtsWuAGQFy2zIIYijbshRd+Aq5xsdM4QJsEg=
X-Received: by 2002:a37:2c84:: with SMTP id s126-v6mr2092494qkh.311.1532618884768; Thu, 26 Jul 2018 08:28:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:ac8:3304:0:0:0:0:0 with HTTP; Thu, 26 Jul 2018 08:28:04 -0700 (PDT)
In-Reply-To: <>
References: <> <>
From: Tom Herbert <>
Date: Thu, 26 Jul 2018 08:28:04 -0700
Message-ID: <>
To: Joe Touch <>
Cc: Wassim Haddad <>, "" <>, "" <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF Internet Area Mailing List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 26 Jul 2018 15:28:08 -0000

On Wed, Jul 25, 2018 at 7:14 PM, Joe Touch <> wrote:
> Hi, all,
> I still think it would be useful for this doc to describe how tunnels interact with fragmentation (per draft-ietf-intarea-tunnels), which seems to be something I’ve noted several times before.
> I’m also still not thrilled with the title I’d be happier with “IP fragmentation still not supported per requirements”, and I’d have to see where this goes with final recommendations.
> But I agree *some* statement is worthwhile here. My primary concern is that if we’re not careful, endorsing the status quo will only ensure nothing changes.
> So I sincerely hope that some of the strongest recommendations here are that both direct IP devices and tunnel ingress/egress devices need to do a better job of supporting fragmentation, and that protocol/device designers SHOULD avoid mechanisms that are not compatible with fragmentation (e.g., NAT or DPI without doing reassembly first).
I agree.

Specifically, I think there should be a requrement that intermediate
devices don't rely on doing DPI into transport layer, or if they need
it then they should do some sort of pseudo reassmbly as Joe alludes
to. Note that section 4.4 describes the problem of of fragmentation
going through a load balancing (e.g. ECMP) where transport ports are
used in the algorithm. This is solved in IPv6 by using flow label in
the hash instead of transport layer ports, so I think that use of flow
label for this purpose should be recommended somewhere in section 7.


> Joe
>> On Jul 24, 2018, at 12:42 PM, Wassim Haddad <> wrote:
>> Dear all,
>> We would like to start a WG adoption call for draft-bonica-intarea-frag-fragile (“IP Fragmentation Considered Fragile”).
>> Please indicate your preferences on the mailling list. The deadline is August 10th.
>> Thanks,
>> Juan & Wassim
>> _______________________________________________
>> Int-area mailing list
> _______________________________________________
> Int-area mailing list