IETF Logo Mail Archive

Re: RFC 8201 Packet Too Big Processing

Timothy Winters <tim@qacafe.com> Mon, 20 April 2020 16:10 UTC

Return-Path: <tim@qacafe.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73E903A0A47 for <ipv6@ietfa.amsl.com>; Mon, 20 Apr 2020 09:10:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qacafe.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xNOeK7Ov7bxl for <ipv6@ietfa.amsl.com>; Mon, 20 Apr 2020 09:10:44 -0700 (PDT)
Received: from mail-wm1-x336.google.com (mail-wm1-x336.google.com [IPv6:2a00:1450:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B427D3A0A15 for <6man@ietf.org>; Mon, 20 Apr 2020 09:10:43 -0700 (PDT)
Received: by mail-wm1-x336.google.com with SMTP id e26so117309wmk.5 for <6man@ietf.org>; Mon, 20 Apr 2020 09:10:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qacafe.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7paNplEJGhC5f5CDENUZaudU9CC6KH6Wqjx+XMO9WvM=; b=GRpKuiMxucSMRbR3OkFDml1LUV0tvL/rKEycJyENr4h+l33sACEL/BpA9JxULub0Ep HYNN/WGkwL6VgXBEFaBTnmXrDjV50P2FUA56tvwplrJ+QF2qsj9x7p8Nq7t2hd8TwAW6 3AbIycIT3tK1IM9dF1gDeMpUoVn52zFPLO7cw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7paNplEJGhC5f5CDENUZaudU9CC6KH6Wqjx+XMO9WvM=; b=fhstslZ+EUe91oqxkplwwb6UoG6Rk2TJ5qYnZwHBfOHN7gFDaRQWhErePb77jj8esm ddwlqwXv8VPwOrdsofXVlvHzrs/Fw+YYKTDb7Gxz125EjSmJ9HuBUsV0gUNqxOzdrvrH /lrsE403GGxbdK2EWZbqXZCLzA3EFteAAAy2B8LHug4Waxs4pP2j3uXhwlhdkVR86KrS xY/HbolNHrhNzlm/ENR8Qo74Yfj0CMVToI1qXb/9/cc2tNIgc53EHzm7fRbo/YEFEch3 Io9jo8vWGO2NY6RMiN7lwPqYwMdbKhz91ggyGDWVL11btXOwTuC7QSEkDfU7m2vNWgIu cqDw==
X-Gm-Message-State: AGi0Pubhk6fKEHujFUBfwAj0k/N1z9XIzn5X2D8Rv1nPPBW2/+wtjWv1 ALMdCRQkDigV6CWLJgHaLIJkVEKwSVsSHZ+mOb9ueg==
X-Google-Smtp-Source: APiQypIPPSVee4k9lbkataeC4XJ6a8rwNTkLDA+0XDOrxAhe0QsQH8AWW/oIjHttVniden7dBR4L9DeoGZ60CL1zkW4=
X-Received: by 2002:a1c:b144:: with SMTP id a65mr109431wmf.54.1587399041846; Mon, 20 Apr 2020 09:10:41 -0700 (PDT)
MIME-Version: 1.0
References: <CAB-aFv8wVjcXB73wLrBupbq3XLdmdMWE9i-8+TwHfYQE6V52_w@mail.gmail.com> <a878bb68-38a9-0c0e-0006-c7830122cdee@si6networks.com> <CAB-aFv_h=f7t7cSro+GWttzK_cWm8H0-cN0CFt_KC74rqK_SUw@mail.gmail.com> <9bbd5fa4-c00f-3be1-9e09-a7299ce2b9dc@si6networks.com> <CAB-aFv8LPw+wEBaDYSB60Fgc=8kjAyu+wV66Ps0qV9CzG2j=rA@mail.gmail.com> <8b68f065-ff5f-9444-85fe-792045eb6529@si6networks.com> <CAB-aFv9nvP_EJJvKkRPFNZ6OAQ8YHr+oz6wbph+vp4092-VoeA@mail.gmail.com> <CAB-aFv_x3TXk-H-LH3+KY-vxYuGyjQWX5RxqWOM7c=vbTs96VA@mail.gmail.com> <CAMGpriW8MR-KA8+bTKH7bDZpAQcynJyKunqTz2ya4i8-F4hocw@mail.gmail.com>
In-Reply-To: <CAMGpriW8MR-KA8+bTKH7bDZpAQcynJyKunqTz2ya4i8-F4hocw@mail.gmail.com>
From: Timothy Winters <tim@qacafe.com>
Date: Mon, 20 Apr 2020 12:10:30 -0400
Message-ID: <CAJgLMKt4cj-Tr2uT5T_2mmmnKV7tamVoUCZ3_R4jkdXvTQMz3Q@mail.gmail.com>
Subject: Re: RFC 8201 Packet Too Big Processing
To: Erik Kline <ek.ietf@gmail.com>
Cc: Timothy Carlin <tjcarlin@iol.unh.edu>, Fernando Gont <fgont@si6networks.com>, 6MAN <6man@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000001990d05a3bb2462"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/0RrlYeFmfp-Z-1QkEdxXBdJEJvk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Apr 2020 16:10:47 -0000

Hi Erik,

So I think the confusion comes from this line in 8021.

"The recommendation in the previous bullet ensures that there are
      no longer any valid reasons for ICMPv6 PTB error messages
      reporting an MTU value smaller than the minimum IPv6 MTU
      (1280 bytes).  IPv6 nodes should therefore be updated to ignore
      ICMPv6 PTB error messages reporting an MTU smaller than 1280 bytes
      as invalid."

So devices should ignore ICMPv6 PTB if smaller then 1280 based on this
reading.

~Tim

On Sat, Apr 18, 2020 at 7:38 PM Erik Kline <ek.ietf@gmail.com> wrote:

> If the host downgrades the path mtu to 1280 (and no lower), that seems
> fine to me.
> 8201 section 3:
>
> """
>    Alternatively, the node may elect to end the discovery process by
>    ceasing to send packets larger than the IPv6 minimum link MTU.
> """
>
> And later on:
>
> """
>    The node then uses the value in the MTU field in the Packet Too Big
>    message as a tentative PMTU value or the IPv6 minimum link MTU if
>    that is larger, and compares the tentative PMTU to the existing PMTU.
> """
>
> I think the "it" that is to be discarded is likely not clear.  If a node
> discards the whole packet then no new MTU information can be learned.
> Rather, the "it" is the MTU value in the PTB and discarding /that/ and
> using IPv6 MTU instead seems perfectly reasonable to me and allowed by the
> text.
>
> On Fri, Apr 10, 2020 at 1:17 PM Timothy Carlin <tjcarlin@iol.unh.edu>
> wrote:
>
>> On Fri, Apr 10, 2020 at 2:33 PM Timothy Carlin <tjcarlin@iol.unh.edu>
>> wrote:
>>
>>> On Fri, Apr 10, 2020 at 2:20 PM Fernando Gont <fgont@si6networks.com>
>>> wrote:
>>>
>>>> On 10/4/20 14:36, Timothy Carlin wrote:
>>>> > On Fri, Apr 10, 2020 at 1:27 PM Fernando Gont <fgont@si6networks.com
>>>> > <mailto:fgont@si6networks.com>> wrote:
>>>> >
>>>> >     On 10/4/20 14:19, Timothy Carlin wrote:
>>>> >      > Hi Fernando,
>>>> >      >
>>>> >      > On Fri, Apr 10, 2020 at 1:14 PM Fernando Gont
>>>> >     <fgont@si6networks.com <mailto:fgont@si6networks.com>
>>>> >      > <mailto:fgont@si6networks.com <mailto:fgont@si6networks.com>>>
>>>> wrote:
>>>> >      >
>>>> >      >     Hello, Tim,
>>>> >      >
>>>> >      >     On 10/4/20 14:07, Timothy Carlin wrote:
>>>> >      >      > Hello,
>>>> >      >      >
>>>> >      >      > We've noticed during testing for RFC 8200 and 8201 that,
>>>> >     for packets
>>>> >      >      > larger than 1280, the Linux kernel is processing invalid
>>>> >     Packet
>>>> >      >     Too Big
>>>> >      >      > messages that indicate an MTU less than 1280, and
>>>> subsequently
>>>> >      >      > fragmenting packets to a size of 1280. We've seen this
>>>> >     with 4.15
>>>> >      >     and 4.18.
>>>> >      >      >
>>>> >      >      > This is from Section 4 of RFC 8201:
>>>> >      >      >
>>>> >      >      >  >   If a node receives a Packet Too Big message
>>>> reporting a
>>>> >      >     next-hop MTU
>>>> >      >      >  >   that is less than the IPv6 minimum link MTU, it
>>>> must
>>>> >     discard it.
>>>> >      >      >
>>>> >      >      > Have others noticed this issue with Linux or other
>>>> OSes?  I'll
>>>> >      >     also note
>>>> >      >      > that it correctly does not generate an atomic fragment
>>>> if the
>>>> >      >     packet is
>>>> >      >      > less than 1280 bytes...
>>>> >      >
>>>> >      >     I'm trying to understand the scenario...
>>>> >      >
>>>> >      >     Host sends a packet of size > 1280
>>>> >      >     It receives an ICMPv6 PTB < 1280
>>>> >      >     And it retransmit the packet as a fragmented packet, where
>>>> >     none of the
>>>> >      >     fragments is larger than 1280 bytes?
>>>> >      >
>>>> >      >
>>>> >      > This is correct.  Since the ICMPv6 PTB < 1280, and invalid, we
>>>> would
>>>> >      > expect the PTB to be discarded, and subsequent packets (for
>>>> that
>>>> >      > destination) to remain unfragmented.
>>>> >
>>>> >     Agreed. Unless I'm missing something, there's no point in doing
>>>> that
>>>> >     (at
>>>> >     the end of the day, if the offending MTU was < 1280, fragmenting
>>>> >     packets
>>>> >     at 1280 will be of no use).
>>>> >
>>>> >     Can you provide the exact kernel version, so I may try to take a
>>>> >     look at
>>>> >     the kernel code and figure out what's going on?
>>>> >
>>>> >
>>>> > 4.15.0-96-generic and 4.18.0-147 both seem to have this issue.
>>>>
>>>> Have you tried with newer kernels? e.g., I'm running 5.3.0-42-generic
>>>> here.
>>>
>>>
>>>  I have not.  These were from two relatively new distributions, but
>>> apparently are lagging on the kernel version.  I'll try something newer.
>>>
>>
>> Indications are that this remains broken as of 5.3.0-050300-generic.  Let
>> me know if you want me to try another version.
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email