IETF Logo Mail Archive

[pmtud] Improvement for the current PMTUD mechanism

Fernando Gont <fernando@gont.com.ar> Mon, 05 September 2005 16:31 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ECJsk-0003oP-Tc; Mon, 05 Sep 2005 12:31:42 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ECJsj-0003m6-Ol for pmtud@megatron.ietf.org; Mon, 05 Sep 2005 12:31:41 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA23644 for <pmtud@ietf.org>; Mon, 5 Sep 2005 12:31:30 -0400 (EDT)
Received: from [170.210.17.146] (helo=server.frh.utn.edu.ar) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ECJvK-0002F9-QK for pmtud@ietf.org; Mon, 05 Sep 2005 12:34:27 -0400
Received: (qmail 12061 invoked from network); 5 Sep 2005 01:39:48 -0000
Received: from 200-70-176-1.mrse.com.ar (HELO fgont.gont.com.ar) (gont-fernando@200.70.176.1) by server.frh.utn.edu.ar with SMTP; 5 Sep 2005 01:39:48 -0000
Message-Id: <6.2.0.14.0.20050905131637.039f4138@pop3.frh.utn.edu.ar>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.0.14
Date: Mon, 05 Sep 2005 13:24:51 -0300
To: pmtud@ietf.org
From: Fernando Gont <fernando@gont.com.ar>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Subject: [pmtud] Improvement for the current PMTUD mechanism
X-BeenThere: pmtud@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Path Maximum Transmission Unit Discovery <pmtud.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/pmtud>, <mailto:pmtud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/pmtud>
List-Post: <mailto:pmtud@ietf.org>
List-Help: <mailto:pmtud-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/pmtud>, <mailto:pmtud-request@ietf.org?subject=subscribe>
Sender: pmtud-bounces@ietf.org
Errors-To: pmtud-bounces@ietf.org

Folks,

Since August 2004 I have been woeking on an internet-draft on ICMP attacks 
against TCP. One of the attacks the draft addresses is a "blind 
performance-degrading attack" in which the traditional PMTUD is exploited 
to reduce the size of the packets used for a given connection.

We (me, and the community, including "traditional" vendors, open source 
ones, etc.) have been able to work out an improvement to the current PMTUD, 
to mitigate its security implications.

The fix just tries to address that. By no means is it an alternative to 
PLPMTUD. For instance, it does not address ICMP blackholes.

I'd like to get feedback from this WG on the PMTUD fix. I think the 
proposed mechanism could be used in some broader PMTUD such as PLPMTUD, so 
that ICMP can be used without the security implications of the traditional 
PMTUD, and thus the same convergnece time than the tradtional PMTUD could 
be achieved.

The draft will soon be available from the internet-drafts public 
repository. In the mean time, you can access it through my web site: 
http://www.gont.com.ar/drafts/draft-gont-tcpm-icmp-attacks-04.txt 
(http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html)

Kindest regards,

--
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org






_______________________________________________
pmtud mailing list
pmtud@ietf.org
https://www1.ietf.org/mailman/listinfo/pmtud

v2.23.0 | Report a Bug | By Email