IETF Logo Mail Archive

RE: New Version Notification for draft-bonica-6man-frag-deprecate-00.txt

"Tony Hain" <alh-ietf@tndh.net> Wed, 26 June 2013 00:57 UTC

Return-Path: <alh-ietf@tndh.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3925811E8185 for <ipv6@ietfa.amsl.com>; Tue, 25 Jun 2013 17:57:34 -0700 (PDT)
X-Quarantine-ID: <ouAA4gPOoqRT>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Improper folded header field made up entirely of whitespace (char 20 hex): X-Spam-Report: ...that system for details.\n \n Content previ[...]
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ouAA4gPOoqRT for <ipv6@ietfa.amsl.com>; Tue, 25 Jun 2013 17:57:33 -0700 (PDT)
Received: from express.tndh.net (express.tndh.net [IPv6:2001:470:e930:1240:20d:56ff:fe04:4c0a]) by ietfa.amsl.com (Postfix) with ESMTP id 8013821F9D15 for <ipv6@ietf.org>; Tue, 25 Jun 2013 17:57:33 -0700 (PDT)
Received: from express.tndh.local ([2001:470:e930:1240:20d:56ff:fe04:4c0a] helo=eaglet) by express.tndh.net with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <alh-ietf@tndh.net>) id 1Ure2j-000Af0-1K; Tue, 25 Jun 2013 17:57:10 -0700
From: Tony Hain <alh-ietf@tndh.net>
To: 'Mark Andrews' <marka@isc.org>
References: <2CF4CB03E2AA464BA0982EC92A02CE2509F85151@BY2PRD0512MB653.namprd05.prod.outlook.com> <51C56E60.5040009@fud.no> <8C48B86A895913448548E6D15DA7553B9237F3@xmb-rcd-x09.cisco.com> <CAKr6gn17O+B78HJofr-z7Nsgv-y8+w4hgKy+YPicgNS126qwXA@mail.gmail.com> <2CF4CB03E2AA464BA0982EC92A02CE2509F870FC@BY2PRD0512MB653.namprd05.prod.outlook.com> <CAKr6gn2zu2n-pJMirG-seN5WX=Evyquu9EqqLOV-zf-RKQ9eYg@mail.gmail.com> <20130625015317.6B256363BD8F@drugs.dv.isc.org> <2CF4CB03E2AA464BA0982EC92A02CE2509F878B0@BY2PRD0512MB653.namprd05.prod.outlook.com> <20130625040207.1CCA7363C42A@drugs.dv.isc.org> <CAKr6gn1cnGfktfKraQegHNP_kjHyzNKGzw3ZDe1cZ__Czsu_kw@mail.gmail.com> <51C98103.4050008@fud.no> <010f01ce71e3$7f43aea0$7dcb0be0$@tndh.net> <20130625233717.618C53642429@drugs.dv.isc.org>
In-Reply-To: <20130625233717.618C53642429@drugs.dv.isc.org>
Subject: RE: New Version Notification for draft-bonica-6man-frag-deprecate-00.txt
Date: Tue, 25 Jun 2013 17:57:05 -0700
Message-ID: <014201ce7208$1378c5f0$3a6a51d0$@tndh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQFPmzyGg3SBeEPNIeSj1WaAnqHbKQGRFuihAQgjLW0B2P4/0wGC2zy+AgQy54sC+zKFhgIGAa8jAZL3LQUBgMkG5gKeeubQAoS/2kUCfvxRdZmHUcGw
Content-Language: en-us
X-SA-Exim-Connect-IP: 2001:470:e930:1240:20d:56ff:fe04:4c0a
X-SA-Exim-Mail-From: alh-ietf@tndh.net
X-SA-Exim-Scanned: No (on express.tndh.net); SAEximRunCond expanded to false
Cc: 'Tore Anderson' <tore@fud.no>, ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2013 00:57:34 -0000

Mark Andrews wrote:
> One needs to get the L4 information the firewall/loadbalancer uses in
*each*
> fragment.

This is a manufactured requirement to allow devices that can't do a full
reassembly to operate in under a policy of 'verify the entire packet'.
Unfortunately, it doesn't even do that since it doesn't actually detect
overlapping fragments if it is just verifying that the L4 information is the
same. 

Load balancers just need to get over it, and use something more/other than
the L4 in the hash. The FL was intended to provide a consistent value over
the life of an L4 session, so why not use that instead of developing yet
another new option? Wait,,, that doesn't exist in IPv4, so it can't be used
because that would require learning something different...

> For UDP this is the source and destination ports.  Create a new skipable
hop-
> by-hop option that contains a copy of these values and add it along with a
> fragment header when fragmenting UDP packets.

I have no problem with that concept, but why when there are other ways of
accomplishing the task? Simply to mirror IPv4 is not a valid reason...

> 
> For TCP ensure that the IP layer informs the TCP layer if it would have to
> fragment the packet. i.e. don't send fragmented TCP packets.

So TCP is never allowed to have a long-lived session ... Or routes are not
allowed to flap. Which is it? You either tear down tcp and renegotiate mss
every time routes flap to a path with a lower mtu, or you send fragments. It
is easy to say the core is >=1500 now, but what happens with a mix of
1500/4k/9k/32k/... over the life of IPv6? Are routes never allowed to flap
with larger MTUs? Do you require every TCP implementation to do dynamic MSS,
and try to get that deployed within a decade to two?

> 
> For ICMPv6 ???
> 
> For IPv4 if DF=0 fragment the Ipv4 packet to fit in inside 1280 IPv6
packets
> destination reassembles.
> For IPv4 if DF=1 return IPv4 PTB
> 
> For XXX ????

v2.23.0 | Report a Bug | By Email