Re: I-D Action: draft-gont-6man-deprecate-atomfrag-generation-00.txt

[Fernando Gont <fernando@gont.com.ar>]

On 08/19/2014 07:35 PM, Philip Homburg wrote:
> In your letter dated Tue, 19 Aug 2014 17:36:50 -0300 you wrote:
>> * The translator is in a better position to generate a non-colliding
>> Fragment IDs
> 
> There are people who want to run IPv6-only datacenters and then use stateless v4-to-v6
> translation to handle v4.
> 
> Obviously, if traffic goes to a v4 host that is on path mtu less than 1300, the v4
> packets needs to be fragmented.
> 
> The translator being stateless (and probably redundant) implies that at best the IPv4 
> packet ID can be chosen at random. Giving a 1 in 64k chance that two flows with the
> same source and destination addresses will have the same ID.

FWIW, there are stateless algorithms with a lower frequency reuse rate
... e.g., check OpenBSD's Frag ID, generator, or some of the algorithms
in <http://tools.ietf.org/html/draft-ietf-6man-predictable-fragment-id>



> One big question is how many v4 hosts would be affected by this, i.e. how 
> many v4 hosts are on a path mtu less than 1300.
> 
> Another question is whether taking 16 bits out of the 32-bit fragment ID in IPv6
> actually results in something better than random.

Certainly not, particularly if the nodes use something like
per-destination counter for the frag ID -- if you were unlucky, the Frag
IDs counters of two nodes could be "synchronized".

Thanks!

Cheers,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1