RE: "Deprecate"
"C. M. Heard" <heard@pobox.com> Tue, 30 July 2013 22:40 UTC
Return-Path: <heard@pobox.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FA8421E80B4 for <ipv6@ietfa.amsl.com>; Tue, 30 Jul 2013 15:40:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cS49bPHgAIrw for <ipv6@ietfa.amsl.com>; Tue, 30 Jul 2013 15:40:19 -0700 (PDT)
Received: from shell4.bayarea.net (shell4.bayarea.net [209.128.82.1]) by ietfa.amsl.com (Postfix) with ESMTP id C348C11E80E2 for <ipv6@ietf.org>; Tue, 30 Jul 2013 15:40:18 -0700 (PDT)
Received: (qmail 29517 invoked from network); 30 Jul 2013 15:40:14 -0700
Received: from shell4.bayarea.net (209.128.82.1) by shell4.bayarea.net with (DHE-RSA-AES256-SHA encrypted) SMTP; 30 Jul 2013 15:40:14 -0700
Date: Tue, 30 Jul 2013 15:40:14 -0700
From: "C. M. Heard" <heard@pobox.com>
X-X-Sender: heard@shell4.bayarea.net
To: IPv6 <ipv6@ietf.org>
Subject: RE: "Deprecate"
In-Reply-To: <2CF4CB03E2AA464BA0982EC92A02CE251271361B@BY2PRD0511MB428.namprd05.prod.outlook.com>
Message-ID: <Pine.LNX.4.64.1307301439030.24674@shell4.bayarea.net>
References: <8C48B86A895913448548E6D15DA7553B963A9D@xmb-rcd-x09.cisco.com> <m2fvuwspja.wl%randy@psg.com> <33F639DD-2CD8-4580-A0C8-F63068497BEA@gmail.com> <m238qwsfna.wl%randy@psg.com> <2CF4CB03E2AA464BA0982EC92A02CE2512713455@BY2PRD0511MB428.namprd05.prod.outlook.com> <8C48B86A895913448548E6D15DA7553B965346@xmb-rcd-x09.cisco.com> <2CF4CB03E2AA464BA0982EC92A02CE251271361B@BY2PRD0511MB428.namprd05.prod.outlook.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 22:40:28 -0000
On Tue, 30 Jul 2013, Ronald Bonica wrote: > Thinking a little more about it, RTP and UDP aren't the real > culprits. The culprits are the applications that run over them. > So, we should limit our statement to applications, and not > "applications and transport layer protocols". I don't agree, at least not if the principal reason why IP fragments get dropped is that they lack the L4 header (or at least that the non-initial fragments do) and thereby break stateless ACLs. The problem is that UDP and its kin such as UDP-lite and DCCP lack transport-layer segmentation, such as is present in TCP, and are thereby force their clients to rely on IP fragmentation to provide this service. So yes, these transport protocols are the culprits. The idea that immediately comes to mind is to design _replacements_ transport protocols for UDP and kin that contain a transport layer segmentation mechanism. These would be for use by applications that can't get by without such a mechanism; existing applications that don't need to rely on IP fragmentation can continue to use UDP and kin. The replacement for UDP might have a header that looks something like this: 0 15 16 31 +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ | Length | Segment Offset |Res|M| +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ | Identification | +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ | Checksum | +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ | data octets ... +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-| ... (Other and perhaps better possibilities exist, of course.) Having said that, I immediately imagine screaming that such a thing could not possibly be deployed, because operators will filter anything that they don't know or have an immediate use for, and so it would never get any traction. Well, maybe so, but something has to give. The operations folks have complained that IP fragmentation is awful, they have to filter fragments because it defeats their stateless ACLs. OK; let's agree that's a defect that needs to be fixed. But if you don't want the fix to break other important stuff (e.g., DNSSEC, as metioned in Section 3.1 of draft-bonica-6man-frag-deprecate-02), you need a replacement for IP fragmentation (or an augmentation, such as in http://www.ietf.org/mail-archive/web/ipv6/current/msg18389.html by Mark Andrews). Maybe I just lack imagination, but I can't see any fix that does not involve SOME change in operator behavior. //cmh
- Re: "Deprecate" Bob Hinden
- Re: "Deprecate" Randy Bush
- "Deprecate" Fred Baker (fred)
- Re: "Deprecate" Randy Bush
- RE: "Deprecate" Ronald Bonica
- Re: "Deprecate" Fernando Gont
- Re: "Deprecate" Fred Baker (fred)
- Re: "Deprecate" Fernando Gont
- RE: "Deprecate" Ronald Bonica
- RE: "Deprecate" Ronald Bonica
- Re: "Deprecate" Randy Bush
- RE: "Deprecate" Templin, Fred L
- Re: "Deprecate" Bob Hinden
- RE: "Deprecate" Templin, Fred L
- Re: "Deprecate" james woodyatt
- RE: "Deprecate" Ronald Bonica
- Re: "Deprecate" Brian E Carpenter
- RE: "Deprecate" Ronald Bonica
- RE: "Deprecate" C. M. Heard
- Re: "Deprecate" Doug Barton
- Re: "Deprecate" james woodyatt
- Re: "Deprecate" Mark Andrews
- Re: "Deprecate" Randy Bush
- UDP+Fragmentation (was: "Deprecate") Ronald Bonica
- Re: "Deprecate" RJ Atkinson
- Re: "Deprecate" RJ Atkinson
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- Re: UDP+Fragmentation (was: "Deprecate") Bob Hinden
- Re: "Deprecate" Mark Andrews
- RE: "Deprecate" Ronald Bonica
- Re: "Deprecate" Havard Eidnes
- Re: "Deprecate" Arturo Servin
- Re: "Deprecate" Randy Bush
- Re: "Deprecate" RJ Atkinson
- Re: "Deprecate" Ole Troan
- Re: "Deprecate" RJ Atkinson
- Re: "Deprecate" Ole Troan
- Re: "Deprecate" RJ Atkinson
- RE: "Deprecate" Templin, Fred L
- Re: "Deprecate" RJ Atkinson
- RE: "Deprecate" Templin, Fred L