RFC5722 and network packet duplication
Dennis Ferguson <dennis.c.ferguson@gmail.com> Thu, 27 August 2015 22:27 UTC
Return-Path: <dennis.c.ferguson@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F9DB1A9088 for <ipv6@ietfa.amsl.com>; Thu, 27 Aug 2015 15:27:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EFsId00-rCfu for <ipv6@ietfa.amsl.com>; Thu, 27 Aug 2015 15:27:46 -0700 (PDT)
Received: from mail-pa0-x22f.google.com (mail-pa0-x22f.google.com [IPv6:2607:f8b0:400e:c03::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE1E11A89A8 for <ipv6@ietf.org>; Thu, 27 Aug 2015 15:27:45 -0700 (PDT)
Received: by padfo6 with SMTP id fo6so540759pad.0 for <ipv6@ietf.org>; Thu, 27 Aug 2015 15:27:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version; bh=qG9d3Sw/2UED6B4ivu6RfHHw/e1DjaTxXtE62U59cAg=; b=fLvR6nW3D0Ds42g6cJupEeuLJyyrZk3iiJrliGmaqBbjeSp/ZslswBuiuD3pzXuT80 qgPH9DylzMjaGKMugEwWg9brdeZf69U44FSUEYqkZaIYGFp55rfxrK/q3zGV/Tvpmp9K pYJV0r7cF/JvNg2m3MUxRRHzsVwhodLO+N1t2KZcezF/mxlq+C2lOvfVFh+l1tB2Jxnv 1VbF9IFtRzixXd+i3lhCyIa6OMz/76b86lF+6pBadLgkV5nYJah2yJhrncChX/OF4rFO nwhNOxbNJ2ULjF+N3lgD37UbvQJo3++AvMQg24ngeAKpB5LGlZ9r67B5s86/pWde91EW 853g==
X-Received: by 10.66.124.133 with SMTP id mi5mr10044672pab.92.1440714465704; Thu, 27 Aug 2015 15:27:45 -0700 (PDT)
Received: from [172.29.109.94] ([66.129.239.14]) by smtp.gmail.com with ESMTPSA id u10sm3516189pbs.16.2015.08.27.15.27.44 for <ipv6@ietf.org> (version=TLS1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 27 Aug 2015 15:27:44 -0700 (PDT)
From: Dennis Ferguson <dennis.c.ferguson@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: RFC5722 and network packet duplication
Message-Id: <85192077-2FA4-4917-BADD-1EB366A35362@gmail.com>
Date: Thu, 27 Aug 2015 15:27:42 -0700
To: 6man <ipv6@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/ZbPhLgAXytZw12fgP9iAQT_6mYU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 22:27:47 -0000
IP should be tolerant of packet duplication in the network since this is sometimes hard to avoid with certain link layer technologies and can apparently also be caused in others by misconfiguration (I have seen this happening without knowing the cause). RFC5722 seems to spend no text on the distinction between "overlapping fragments" and "duplicate fragment packets" even though being able to differentiate between the two is essential to keeping the fragmentation protocol robust when the network is duplicating packets (there is a reason why the basic reassembly procedures accept fragments carrying duplicate data...). I was wondering if adding a definition of "overlapping fragments" at the start of Section 2. to explicitly exclude duplicated packets would make this better, maybe like: Two fragments of the same packet having different Fragment Offsets or different lengths of data after the fragment header are overlapping fragments if the offset ranges of the fragment data they carry overlap. Duplicate fragment packets with the same Fragment Offset and length are not overlapping fragments and may be the result of packet duplication in the network rather than being intentionally constructed by the sender. This unfortunately implies that reassembly implementations might need to record the original packet boundaries, while the ones I've looked at only track the data they've received and the holes they need to fill to complete the packet. I think, however, that the latter is sufficient to avoid the attack 5722 imagines if the following rules are observed(?) - if an incoming packet fragment only carries data that has already been received discard that packet fragment but continue the reassembly. - if an incoming packet fragment includes both new data and data already received discard everything. but this would be too big a change to make to the existing text. I am assuming RFC5722 did not intend to make the fragmentation protocol intolerant of network packet duplication, but the fact that there is clearly some implementation complexity involved with this that 5722 gives no attention to is making it hard to see exactly how this is supposed to work. Dennis Ferguson
- RFC5722 and network packet duplication Dennis Ferguson
- Re: RFC5722 and network packet duplication C. M. Heard
- Re: RFC5722 and network packet duplication Bob Hinden
- Re: RFC5722 and network packet duplication Dennis Ferguson
- Re: RFC5722 and network packet duplication Fernando Gont
- Re: RFC5722 and network packet duplication Bob Hinden
- Re: RFC5722 and network packet duplication Suresh Krishnan
- Re: RFC5722 and network packet duplication Bob Hinden
- Re: RFC5722 and network packet duplication Suresh Krishnan
- Re: RFC5722 and network packet duplication Dennis Ferguson