IETF Logo Mail Archive

Re: Non-Last Small IPv6 Fragments

Tom Herbert <tom@herbertland.com> Thu, 10 January 2019 22:19 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2864613127E for <ipv6@ietfa.amsl.com>; Thu, 10 Jan 2019 14:19:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Level:
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fv6EPKiR8Two for <ipv6@ietfa.amsl.com>; Thu, 10 Jan 2019 14:19:56 -0800 (PST)
Received: from mail-qt1-x82a.google.com (mail-qt1-x82a.google.com [IPv6:2607:f8b0:4864:20::82a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEFD1131218 for <ipv6@ietf.org>; Thu, 10 Jan 2019 14:19:55 -0800 (PST)
Received: by mail-qt1-x82a.google.com with SMTP id l11so15802283qtp.0 for <ipv6@ietf.org>; Thu, 10 Jan 2019 14:19:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=tHXrLEJ9idBfB6WzooETMbQ6bnNKWbJ+zqqaHQrchAE=; b=IhCqfZZojO0xKYPXnvgdEOJW1QZmpmvJcMzAjYGVggjorYyRaRNnKMITsrt04p3w2M zAP5OpzBs1+fIt6vuw5fvw2umyWEBBp4wJyixjoTwQYnbBSt9entN5gejZtOM8RhFZVI 6ARvf9MNzt3jwxOqQIPkGFkeaQ6SZjgsq7dQn0bsjjSWQWjMJebu2I/7o7UNoMEecUbV 9jM4/9/TkwynZM02N/slOIPDhTX9QmUtJIgE6L4jIM665Rg5nQJVcXvzEEoGiazOTai2 jQMDjV5gM7pt/JJEx/F0cmY1GXDf+dynq+3ITT39/4DRFu+1jFQwALMhTwerO98Spv/x f4Nw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=tHXrLEJ9idBfB6WzooETMbQ6bnNKWbJ+zqqaHQrchAE=; b=F8cr0iCV3+MRg6o4Stl3UZNGhvIn6sBzBVOLAoPXVYbE3ijKHdakbLfPgqAhVMxYR3 x/uItq+crg/ypZaaaL1Nak06ogMF8xNxMGLLapFrM/ml9F1bq9CNKHPw/cN+88Nc0vLs lszS995TnJSxISvx3/asEIbpbJ59G2IH7NfNncMOG5uS6Jc4enSGCToAqtsNYgkw3ESh Agq871JboVWtEX7EbyeYejvoToSEZnKo7HPqeImxNRylDV5tcSZinlEBpGRR6+V4wTjW tm6My+yy8iJDp07fiOsMcHRGVAAhl+4+Dk87jvkPWtCT504ToWp9w4BXwHfaHnYeQD4f g8ig==
X-Gm-Message-State: AJcUukdJZkzDQWZbx+FqhlSO5KOMtTzrnYblzDCzsXC+rM0CKjQUcNfb laKS0XuoFFm+haxChxqQMrh/mtozqZzhu47O6kLzWDSMSJ0=
X-Google-Smtp-Source: ALg8bN61ouVC3Gq7C4NjSxXgNfH1UXGQt39OpzDyy6qNkuOsFoY7WoX387U779ibgjO8ItIrTx3NFOVKiq5vkIR5GfI=
X-Received: by 2002:aed:38c6:: with SMTP id k64mr10813928qte.97.1547158794876; Thu, 10 Jan 2019 14:19:54 -0800 (PST)
MIME-Version: 1.0
References: <CAOSSMjV0Vazum5OKztWhAhJrjLjXc5w5YGxdzHgbzi7YVSk7rg@mail.gmail.com> <2AB3F16C-FC0E-4EF7-B1ED-1A97F2CEC69B@gmail.com> <BYAPR05MB42458F851962F26AE1E15CC4AE840@BYAPR05MB4245.namprd05.prod.outlook.com> <CAAedzxofmhokstWuq7mRWnd5PTz5WQaiDNnE8O_VHXF_PbK6nw@mail.gmail.com> <BYAPR05MB4245388FB800873A5A8ED12AAE840@BYAPR05MB4245.namprd05.prod.outlook.com> <66bf652a-2bc0-6814-6ded-a63eece7fbe2@gmail.com> <BYAPR05MB4245B9305E6EC57EDD45509FAE840@BYAPR05MB4245.namprd05.prod.outlook.com> <CALx6S35QkKhRFVV+FE0Cnb-CrNHTj96QqQGNsHqrxjQYV5qB0Q@mail.gmail.com> <0F7E883A-E31B-476F-A01B-4362F09ECAA1@thehobsons.co.uk> <CAAedzxqUAG=1CcQ1YL1tc35Ji6=yDga90Kq+WmjEwAkKZXYHaQ@mail.gmail.com> <1BFDFCDC-9165-4172-BACE-C3EAAE45827B@isc.org>
In-Reply-To: <1BFDFCDC-9165-4172-BACE-C3EAAE45827B@isc.org>
From: Tom Herbert <tom@herbertland.com>
Date: Thu, 10 Jan 2019 14:19:43 -0800
Message-ID: <CALx6S34BtQ=nAmDDGZyoAV1Jw2ZT2hBuk7ZWBxufrwYDWmiVNg@mail.gmail.com>
Subject: Re: Non-Last Small IPv6 Fragments
To: Mark Andrews <marka@isc.org>
Cc: ek@loon.co, IPv6 List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/5eNtZ1AnfxqIoN3h9bVfRCGicK4>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jan 2019 22:19:58 -0000

On Thu, Jan 10, 2019 at 1:59 PM Mark Andrews <marka@isc.org> wrote:
>
>
>
> > On 11 Jan 2019, at 8:44 am, Erik Kline <ek@loon.co> wrote:
> >
> > On Thu, 10 Jan 2019 at 13:39, Simon Hobson <linux@thehobsons.co.uk> wrote:
> >>
> >> Tom Herbert <tom@herbertland.com> wrote:
> >>
> >>> That might be reasonable, however requiring intermediate fragments to
> >>> be at least 1280 MTU in IPv6 also solves that without needing to
> >>> define some aritrary new limit.
> >>
> >> In setting a minimum payload size for a fragment, is there a risk of conflicting with some known, or future unknown, link type with a small MTU ?
> >
> > Technically that link wouldn't meet the 1280 min mtu requirement for
> > IPv6, right?
> >
> > Even with 1280 byte min fragment sizes, a reassembly engine still
> > probably needs to place some limits in practice on the resources it
> > will devote to reassembly.  An attacker and sent 1280-sized fragments
> > for an endless series of 65535-sized datagrams…
>
> approximate packet counts.
>
> 65535/1280
> 51
>
> 65535/1500
> 43
>
> or even
>
> 65535/640
> 102
>
> but a IPv6 node doesn’t have to support reassembly up to 65535
>
> If you are worried about too many fragments, count and limit the fragments
> not the fragment size.  If you get too many fragments for a packet just
> discard them all.

Mark,

I think that might lead to some odd scenarios. For instance, in Ron's
tiny fragment attack, the receiver would start reassembling fragments
up to the limit. In some sense the attack should be obvious, no
rationale implementation should be sending tiny fragments in this
manner. But once the limit is hit, then what happens? Unless the
receiver keeps some state about the failed reassembly (which would be
new complexity in the implementation), if would just restart the
reassembly of the packet on the next received fragment when further
efforts to reassmble are obviously futile.

Tom

>
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742              INTERNET: marka@isc.org
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email