IPv6 Fragment Retransmission
"Templin (US), Fred L" <Fred.L.Templin@boeing.com> Tue, 09 November 2021 18:42 UTC
Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 500313A0FBF for <ipv6@ietfa.amsl.com>; Tue, 9 Nov 2021 10:42:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=boeing.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xjnfIsXL0AtE for <ipv6@ietfa.amsl.com>; Tue, 9 Nov 2021 10:42:23 -0800 (PST)
Received: from clt-mbsout-02.mbs.boeing.net (clt-mbsout-02.mbs.boeing.net [130.76.144.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A01913A0FC3 for <ipv6@ietf.org>; Tue, 9 Nov 2021 10:42:22 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/DOWNSTREAM_MBSOUT) with SMTP id 1A9IgK9w013453; Tue, 9 Nov 2021 13:42:21 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boeing.com; s=boeing-s1912; t=1636483341; bh=JbnKqfCyNwYYgvDcpnhZBPosK5pFagyuLU5wsfLUCoA=; h=From:To:Subject:Date:From; b=gnyV+ir9hDTvHKHt5QsbdxnOc+HfQjJj6VhjUUygmsRa7vw51KGZaSL8J0QW/uXHw kuofIgZFqF6Ddiakz+wWAHZ/l6lVeqz+82dcrhUQZ0WhR19aQJFjdvaaqMZDHtTAJ8 ZGBCL1De6Ul6vuaIiZB35Wb9ele+1Ktfh8xms35kbhG2m1sqCzWNyBBckYo36F0HVE SCpj0wF/t8lJ/fJAulDxziLYhMUjDdFanxVCTMV+DotuRDcq+sLB1mpk7LETksfid9 vh3A6hng5p5aWPZd+PLYKkubm+T8nDlKj5Pd7YHnpC0FDMvsOY4Pt1Kc/372R/RllZ 64JWDHCNBH6Hw==
Received: from XCH16-07-07.nos.boeing.com (xch16-07-07.nos.boeing.com [144.115.66.109]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/8.15.2/UPSTREAM_MBSOUT) with ESMTPS id 1A9IgGx8013398 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <ipv6@ietf.org>; Tue, 9 Nov 2021 13:42:16 -0500
Received: from XCH16-07-10.nos.boeing.com (144.115.66.112) by XCH16-07-07.nos.boeing.com (144.115.66.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.14; Tue, 9 Nov 2021 10:42:15 -0800
Received: from XCH16-07-10.nos.boeing.com ([fe80::1522:f068:5766:53b5]) by XCH16-07-10.nos.boeing.com ([fe80::1522:f068:5766:53b5%2]) with mapi id 15.01.2308.014; Tue, 9 Nov 2021 10:42:15 -0800
From: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>
To: "ipv6@ietf.org" <ipv6@ietf.org>
Subject: IPv6 Fragment Retransmission
Thread-Topic: IPv6 Fragment Retransmission
Thread-Index: AdfVk0QbTfuyxweFQ26dDODitlbaNw==
Date: Tue, 09 Nov 2021 18:42:15 +0000
Message-ID: <41b677c4a8ac413eae74a5b162e7225d@boeing.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [137.137.12.6]
x-tm-snts-smtp: 75487A50E251D97610C3F0956B12EE53AE68A35D3B4CF033E2C522CD682E37AF2000:8
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/HpMBE_0Z5LY9QpH1tZGw4whiCk0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Nov 2021 18:42:28 -0000
Hi, there were many questions and concerns on the chat during my talk at today's 6man session and I think most/all can be directly addressed. First and foremost - it is a truth that some applications will see greater performance by sending IP packets larger than the path MTU while invoking IP fragmentation and reassembly. This has been known since 1986 when Sun Microsystems came out with their Network File System (NFS) and delivered their code to the DEC Ultrix team where I was working at the time. This would have been with IPv4, but iperf3 clearly shows that the same truth holds for IPv6 today. The Sun/Solaris workstations were well equipped to handle the performance, but the DEC VAXstations of the time had inadequate network gear and fragment bursts under the largest NFS/UDP/IP packet size caused the NIC to crash. This was a big deal; people took note of it and made darned sure to design their future networking gear to handle fragmentation and reassembly at high data rates. And, what we have today is a very capable set of devices that would be asked to engage in fragmentation and reassembly. That said, fragmentation and reassembly does not belong everywhere - you might not want it on a high-speed core router or on a low end IoT device. But, by locating the fragmentation and reassembly functions on key nodes in the network everything gets more efficient and sees improved performance. I will offer that AERO/OMNI give full discussion of the role of IP fragmentation/reassembly in a truly advanced networking solution and I would recommend folks to have a look. Many of the comments on chat got down in the weeds about security, and they can be addressed very simply. First and foremost, a node should only accept a fragment if it has some way of verifying data origin - but, even that is not 100% necessary if the reassembly cache is instrumented to quickly flush bogus reassemblies rather than hold onto all fragments for a full MSL. And, modern reassembly implementations are designed to do exactly that. So the whole purpose of data origin authentication is really just to keep garbage out of the reassembly cache to keep things working smoothly. Again, you can read about all this in AERO/OMNI but this draft is intended for general IPv6 operations and not just for AERO/OMNI. So, the next draft version will have a brief and crisp security considerations section. I would like to now invite a discussion of any other comments/questions/concerns anyone might have here on the list. The draft can be found here: https://datatracker.ietf.org/doc/draft-templin-6man-fragrep/ Thanks - Fred
- IPv6 Fragment Retransmission Templin (US), Fred L
- RE: IPv6 Fragment Retransmission Templin (US), Fred L
- Re: IPv6 Fragment Retransmission Bob Hinden
- Re: IPv6 Fragment Retransmission Bless, Roland (TM)
- Re: IPv6 Fragment Retransmission Templin (US), Fred L