Re: [Int-area] Discussion about Section 6.1 in draft-ietf-intarea-frag-fragile

Warren Kumari <> Thu, 05 September 2019 22:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 365DE12004E for <>; Thu, 5 Sep 2019 15:52:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id WQHBVbC7WH0M for <>; Thu, 5 Sep 2019 15:52:31 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::736]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2E9731200D5 for <>; Thu, 5 Sep 2019 15:52:31 -0700 (PDT)
Received: by with SMTP id q203so3887316qke.1 for <>; Thu, 05 Sep 2019 15:52:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TDKL1M7zw75v8p6pCFVn9z5nV3gLMY7c+ayaLNsguDk=; b=l4juykc0fz0w29TBp6Rnljhk8n8Cf5umvXgudBlDwXlQXh5HDdShpsKrCJlok2PQk3 kga9U9lcm2M7GsKBFyhOFp3rQ8XIc+z/t5E0glIatLQZy03S2/qCBVUpTWoASYGEjj4b lHp0rMej+yzWG18ho4LptSinPMDn6WmS824UGeH58TMDD9nYoCl+fd4EyGM64A9H2Y3V IWEABbvJly+vYp5MRimaGitLFvSgjYcR4lXlGRrMHZV6lA1XhiE24NChcMBDGkUt7UMZ sOsmO/jBUSpFsz8QdrEvqEs3QyiFCVgOtYrJV0vMKpqt9tTRruQv3VyICx1p7iBBYhXo bZsA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TDKL1M7zw75v8p6pCFVn9z5nV3gLMY7c+ayaLNsguDk=; b=bjX1vgKkY+O4odi7Fa9NmS9Mn812CfCmAvuSfnLi79opd6bN1tu/PiRglt2oJmIH0z D6hdGsaMjtWDSd3Br5aa0yxE+V2DnF/WNWngg3mH7cxdIFxmB8hammpUqKo+sVIPqIGn MU71l7b1SUvs1BMbX+td7W96CxbLNuDLjgsIhnkQhbvkHpNYYNQnuMM74YHj14kPkQ/I UzM99sD60XVHRfQxyCMxpZsHzKILrt3Ptxdh+RScKjP3k92a0ic1dPa1N89QMZ+rkxmG b9Cqn6fModVvGQiy0kb4FqiF+/PCZcOX9Exjh7UMlM+usQR85z4mlUQWdhJOmAxrmiMB qd/g==
X-Gm-Message-State: APjAAAUSVcyd0cXeqlhTIMIb6ZBwKBtByK7JG1g+iLJnLVbJ6VtPkSHF GV3Ex7vrE5EvchLPImiq4jpvY08V+4G5y6E0ePns8g==
X-Google-Smtp-Source: APXvYqz/zd21d9cdKFyTABkz909Y/C0u4h8RXMwbP8eJBCjMh7hIBnV06H/R78liTu7leOaPaVLwiNzUboSK32CMd84=
X-Received: by 2002:a37:4ccf:: with SMTP id z198mr5796247qka.245.1567723949737; Thu, 05 Sep 2019 15:52:29 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <> <>
In-Reply-To: <>
From: Warren Kumari <>
Date: Thu, 5 Sep 2019 18:51:53 -0400
Message-ID: <>
To: Tom Herbert <>
Cc: Bob Hinden <>, "" <>, IESG <>, Joel Halpern <>, "" <>, Suresh Krishnan <>, "" <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [Int-area] Discussion about Section 6.1 in draft-ietf-intarea-frag-fragile
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Sep 2019 22:52:35 -0000

On Thu, Sep 5, 2019 at 3:53 PM Tom Herbert <> wrote:
> On Thu, Sep 5, 2019 at 11:29 AM Bob Hinden <> wrote:
> >
> > Hi,
> >
> > Based on the discussion, I would like to propose to see if this will resolve the issues raised.   It attempts to cover the issues raised.
> >
> > The full section 6.1 is included below, but only the last sentence in the second paragraph changed.
> >
> > Please review and comment.
> >
> > Thanks,
> > Bob
> >
> >
> >
> > 6.1.  For Application and Protocol Developers
> >
> >    Developers SHOULD NOT develop new protocols or applications that rely
> >    on IP fragmentation.  When a new protocol or application is deployed
> >    in an environment that does not fully support IP fragmentation, it
> >    SHOULD operate correctly, either in its default configuration or in a
> >    specified alternative configuration.
> >
> >    While there may be controlled environments where IP fragmentation
> >    works reliably, this is a deployment issue and can not be known to
> >    someone developing a new protocol or application.  It is not
> >    recommended that new protocols or applications be developed that rely
> >    on IP fragmentation.  Protocols and applications that rely on IP
> >    fragmentation will work less reliably on the Internet unless they
> >    also include mechanisms to detect that IP fragmentation isn't working
> >    reliably.
> >
> >    Legacy protocols that depend upon IP fragmentation SHOULD be updated
> >    to break that dependency.  However, in some cases, there may be no
> >    viable alternative to IP fragmentation (e.g., IPSEC tunnel mode, IP-
> >    in-IP encapsulation).  In these cases, the protocol will continue to
> >    rely on IP fragmentation but should only be used in environments
> >    where IP fragmentation is known to be supported.
> >
> Bob,
> These two paragraphs seem somewhat contradicatory. For new protocols
> the recommendation is not to use fragmentation because we can't know
> whether the deployment allows that, but for legacy protocols we're
> allowed to use fragmentation if we know the deployment allows that.
> I think it's a lot simpler to just say that if you know fragmentation
> works in your environment or to some destination then you can use it,
> if not then you'll need to do something else.

<no hats>
Advice like this always feels like a cop-out to me[0].

Let's say that I do (somehow) know that fragmentation works in my
environment -- where is the knob that I turn in [ Linux | OS X | iOS |
Android | Windows | IOS | JunOS | <etc> ] which says "These set of
prefixes are within my environment and you can fragment when sending
to them?" And how do I also configure <insert long list of protocols>
to also know this?

It is a *very* small number of cases where my environment is
sufficiently well defined, homogeneous, and not connected to the
Internet that "environment" can be properly defined, *and* where all
nodes know that they are part of it -- off the top if my head, DTN is
the only example that comes to mind...

The "you can do xxx in your environment" usually feels like / results in:
a: "I'm tired of fighting, go do whatever you want"
b: weasel words which later get abuse to justify incorrect behavior
c: additional complexity
or d: all of the above.

What we've built is an Internet -- protocols should "just work", not
only work in specific parts of it, especially if there isn't an
obvious border (e.g: L2 domain, OSPF domain, etc)


[0]: An exception to this is the standard boilerplate which BMWG
attaches to its drafts, which goes along the lines of:
" Benchmarking activities as described in this memo are limited to
   technology characterization using controlled stimuli in a laboratory
   environment, with dedicated address space and the constraints
   specified in the sections above.

   The benchmarking network topology will be an independent test setup
   and MUST NOT be connected to devices that may forward the test
   traffic into a production network or misroute traffic to the test
   management network.

   Further, benchmarking is performed on a "black-box" basis, relying
   solely on measurements observable external to the DUT or System Under
   Test (SUT).  Special capabilities SHOULD NOT exist in the DUT/SUT
   specifically for benchmarking purposes.

   Any implications for network security arising from the DUT/SUT SHOULD
   be identical in the lab and in production networks."

> This applies equally to
> legacy protocols and new protocols, on the open Internet as well as
> limited domains. For that matter the rule applies pretty much to any
> protocol that might be considered "fragile" (note, this might just be
> a rewording of Joe's proposed text).
> Tom
> >    Protocols may be able to avoid IP fragmentation by using a
> >    sufficiently small MTU (e.g.  The protocol minimum link MTU),
> >    disabling IP fragmentation, and ensuring that the transport protocol
> >    in use adapts its segment size to the MTU.  Other protocols may
> >    deploy a sufficiently reliable PMTU discovery mechanism
> >    (e.g.,PLMPTUD).
> >
> >    UDP applications SHOULD abide by the recommendations stated in
> >    Section 3.2 of [RFC8085].
> >
> > _______________________________________________
> > Int-area mailing list
> >
> >

I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.