IETF Logo Mail Archive

Re: Non-Last Small IPv6 Fragments

Tom Herbert <tom@herbertland.com> Mon, 14 January 2019 15:18 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E071C124B0C for <ipv6@ietfa.amsl.com>; Mon, 14 Jan 2019 07:18:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Level:
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FpbTOssC7Jy4 for <ipv6@ietfa.amsl.com>; Mon, 14 Jan 2019 07:18:45 -0800 (PST)
Received: from mail-qk1-x729.google.com (mail-qk1-x729.google.com [IPv6:2607:f8b0:4864:20::729]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AD5B1228B7 for <ipv6@ietf.org>; Mon, 14 Jan 2019 07:18:45 -0800 (PST)
Received: by mail-qk1-x729.google.com with SMTP id a1so10712567qkc.5 for <ipv6@ietf.org>; Mon, 14 Jan 2019 07:18:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=XYejOkexIsDCGD0IJYt5MWCJYVCptkzFSzXOACXZMHo=; b=bN7RAWEUK/MBOi+ruTcBJFyd4DTu65LAQ7SSXeT087gk3p6eOzHp7lZnHc04g/nYX7 C0WuBPM3CcyD4Rq2Hubl6BNYp/COX7F/MEvAQ7OtsMIHdu5l+AnYT9sFPEwvEH5zJfHk YZ7DXf6az7RxEYj2eJ0zgtrDkbyjFGZGIUfJGal+x45N51J8A2ZC6LDiUT9Ka+6IsS2S s4odLli1nt5zUX4+Q1KpVQzJi/+IxWuw78RhgSRcqtYGshQ0pUOZGN4A0h+2ejlRI225 TR5Js1aV3U+G9yltkY53wgpuUk+E7nlinx9tjVolRpGqdMOzhnkG5ySULxlgVT2phPEj 8Q/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=XYejOkexIsDCGD0IJYt5MWCJYVCptkzFSzXOACXZMHo=; b=We4sjEeFSseKhGrihVTqtaZ+eSRSLY1XXfEVVJPKAWOWW09y1J1ApRFbMEqX12Pk1S x5HtlIVgiP6WDtkw+4Sbkd/0+BAstoQXvDgpzaRBFHJv5wTUCJV+DaisG6JmRXShzd+2 nwTzvj/+uSDhqFC4FZXxsGo3rtjt4La6ZIKQOzNhv7uwa2DUCYTae65cdrioLSeyEyN5 2aQguKlLIgWOxFsoB0XMRuflWA9fTQBpB++bgf62ULOnVCfgweIcI9+rFWdp5nQYIy8R dE1HRs8F69z9+Yv5bJg9p+nTulBQSrtzAFQmiQJZFiE9y/+NuLhBuStbS59M0Bh4IApl H2lg==
X-Gm-Message-State: AJcUukczPUddOBfhG8TeRNXtDDAFCEAQYXuZOtBAvvmVKwZB6mxE6z0v JZbIsODA4hwxFtzc9MGll49PQRa6xbNSp0ce7Wz9Uw==
X-Google-Smtp-Source: ALg8bN61WLXeo1360U+ntKtzum8P93PrPzBMFLT97rOwY5zLiyyoL7xiqxRWXJW74kRaiSYexs/Sz8GbF8nEMERA35U=
X-Received: by 2002:a37:b482:: with SMTP id d124mr23308402qkf.168.1547479124343; Mon, 14 Jan 2019 07:18:44 -0800 (PST)
MIME-Version: 1.0
References: <CAOSSMjV0Vazum5OKztWhAhJrjLjXc5w5YGxdzHgbzi7YVSk7rg@mail.gmail.com> <CALx6S35KNhV2gFp9OdU+M1zy5WUuEAEvXkDXNDWWxi7uQ4e_cw@mail.gmail.com> <CAN-Dau0rTdiiF2SjByxcMG6nhPCEjUH2pYBCOeK_FSGJ_ucDQw@mail.gmail.com> <CALx6S34AyV9OpvnjQhQc56n5vfeVgU5Zd3kheP0g+XvsMbBV9g@mail.gmail.com> <1b2e318e-1a9f-bb5d-75a5-04444c42ef20@si6networks.com> <CALx6S37TJr++fC=pVoeS=mrO1fHc4gL_Wtu-XkVTswzs2XxXCA@mail.gmail.com> <CALx6S36V7vrVyoTP0G6+S5XeFNB3KWS5UaNnVi20xogRERdCfg@mail.gmail.com> <973A1649-55F6-4D97-A97F-CEF555A4D397@employees.org> <CALx6S34YbBe8xBod3VsWVO33TpZcdxh2uV1vaO8Z_NKnVXp66g@mail.gmail.com> <A3C3F9C0-0A07-41AF-9671-B9E486CB8246@employees.org> <AEA47E27-C0CB-4ABE-8ADE-51E9D599EF8F@gmail.com> <6aae7888-46a4-342d-1d76-10f8b50cebc4@gmail.com> <EC9CC5FE-5215-4105-8A34-B3F123D574B9@employees.org> <4c56f504-7cd7-6323-b14a-d34050d13f4e@foobar.org> <9E6D4A6E-8ABA-4BAB-BEC5-969078323C96@employees.org> <CAAedzxpdF+yhBXfnwUcaQb-HkgdaqXRU3L+S7v8sS1F0OkwM9A@mail.gmail.com> <78a8a0e0-8808-364c-41f7-f81f90362432@gont.com.ar>
In-Reply-To: <78a8a0e0-8808-364c-41f7-f81f90362432@gont.com.ar>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 14 Jan 2019 07:18:32 -0800
Message-ID: <CALx6S37YnSbOUgVoWEA46aN88a3CfERWemhQKi_GOrP_g+=rFQ@mail.gmail.com>
Subject: Re: Non-Last Small IPv6 Fragments
To: Fernando Gont <fernando@gont.com.ar>
Cc: Erik Kline <ek@loon.co>, Ole Troan <otroan@employees.org>, Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/gNgj8de9OkzddB61xer4dmtohG0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jan 2019 15:18:48 -0000

On Sun, Jan 13, 2019 at 10:25 PM Fernando Gont <fernando@gont.com.ar> wrote:
>
> Hi, Erik,
>
> On 14/1/19 02:19, Erik Kline wrote:
> >
> >     > Ole Troan wrote on 13/01/2019 20:03:
> >     >> Let’s fix path MTU discovery. There’s no fix for fragmentation.
> >     >
> >     > pmtu discovery is hard because it needs a way for an intermediate
> >     node to be able to signal a transmitting node to dynamically drop
> >     the MTU if network conditions change.  The only way to reliably work
> >     around this is to transmit at 1280 and claim implementation /
> >     operational breakage if this cannot get through.  This, however,
> >     robs the host devices of the ability to use higher MTUs.
> >
> >     “Fix” as in something different than rfc8201.
> >
> >
> > How about a version of the fragment header that:
> >
> >     (a) *always* has the L4 header (or a configurable number of bytes)
> > in every non-first fragment
> >
> > This could be documented on a per-L4+ basis how much needs to be
> > included, i.e. we could have one doc for UDP and (say) a separate doc
> > for information QUIC would need on a per-fragment basis.
>
> If you are requiring that the first frag always contains the L4 ehader,
> that's already achieved by RFC7112.
>
> If you really mean that the FH contains the L4 header, then:
>
> * There's the issue of EHs in the fragmentable part
>
> * It may be hard to enforce in the presence of tunnels, unless the
> tunnel reassembles and refragments where necesary
>
>
> Still, that doesn't solve the biggest issues with fragmention:
>
> * a stateful operation for anotherwise stateless protocol
>
Fernando,

There is no fundamental problem with fragmentation. The core problem
is that some intermediate nodes are processing headers and data beyond
the IP and Hop-by-Hop options header. That is non-conformant with
RFC8200: "Extension headers (except for the Hop-by-Hop Options header)
are not processed, inserted, or deleted by any node along a packet's
delivery path". This becomes a material interoperability problem when
intermediate nodes take invasive action, such as dropping packets or
degrading the service, when they encounter protocols they don't
understand. This problem applies not only to fragmentation, but also
other extension headers, non-TCP transport protocols, and other
protocols outside some narrow set of typically used protocols. To fix
this, either non-conformant implementations should be changed to
conform to the standard, or the standard should be changed to conform
to the implementation.

Tom


> * i'd argue that for the IPv6 case, one of the base reasons for which
> fragments are dropped is because they employ EHs
>
>
>
> > This increases the overhead in a given fragment, but also helps to
> > ensure that (eventually) intermediate systems can examine this field and
> > preemptively make a drop/no-drop decision.
>
> Then we're back on draft-gont-v6ops-ipv6-ehs-packet-drops
>
>
>
> >     (b) state clearly that every non-last packet must contain
> > $CONSENSUS_MINIMUM_BYTES of actual fragment payload
>
> In which cases do you expect this to make a substantial difference?
>
> Thanks,
> --
> Fernando Gont
> e-mail: fernando@gont.com.ar || fgont@si6networks.com
> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email