IETF Logo Mail Archive

Re: [Softwires] [Int-area] Is it feasible to perform fragmentation on UDP encapsulated packets.

Tom Herbert <tom@herbertland.com> Mon, 30 May 2016 16:30 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0283112D168 for <softwires@ietfa.amsl.com>; Mon, 30 May 2016 09:30:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MFM_x2wfQ8Po for <softwires@ietfa.amsl.com>; Mon, 30 May 2016 09:30:43 -0700 (PDT)
Received: from mail-io0-x230.google.com (mail-io0-x230.google.com [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF76012D0AF for <softwires@ietf.org>; Mon, 30 May 2016 09:30:39 -0700 (PDT)
Received: by mail-io0-x230.google.com with SMTP id p64so69275113ioi.2 for <softwires@ietf.org>; Mon, 30 May 2016 09:30:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-transfer-encoding; bh=IfmfM6F+cvtrwo8y6f0tgqY45f+dLhR+PewvYYkJTKk=; b=ErZq519hAeRArI0TaxB2yUC4SPLXKSfZaDSgYcVyH+7ryQpTnyX5LRlZjJJiChzdkC cNTxtmVWiVivwlddeMiLpLDFO1D8PNNU7TfCLIKYMAUuVMT1OCbWyqo6Qd6eGEfYGx61 q2V4Hq/MzN7kkVKqdRG8uqmqmykE/F0S4NQObVtqnClkFLf1Vo/GJHfYEZ6XSHwvyDUf tWAPTuzCZFZEtdJ1xPd3jIdpt7X+P+iJLx4nnhUKrmHL6E6lBnProGboY/RW1rEAbyzK 2LD2JadCTih1+SHopY34Y6jtV5YKfVx2wH8zE0onyc/j0kEXflt3FmOkZkEq47/buZLU TkBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-transfer-encoding; bh=IfmfM6F+cvtrwo8y6f0tgqY45f+dLhR+PewvYYkJTKk=; b=ZkYt5ktxRXqV8z87lIWdHswBGdljlUQBqKyEYRX8rPuFiPJqbDEkX0TM0k14TY+uoC Ch5AWBN0Vsc1KcgJuQqJ1GLtQv46sJzkKQj+UqOTuY/rpM2XrDtT27FaQtKTSyDUsRuz kMoBRB/oGljb4wiqHED4BsDz3UTbmEPKV8NOkKIf3uyabMb7g2JqV2o1f73Vdt8p0GSD btiqztSJatRniTmOrKss2cIkO4tnPoGE6bzDgy6OUdG297lscW/gJrOYFrUdBxCJ9VQD ucsFEJ6Lg862Eth0g2W3bhnr199VyWaUD0NMD0su9DEbEw50v7lyqr2NYWidZjJbqa+K Bk9w==
X-Gm-Message-State: ALyK8tIlcn68WTeMNnws+3Nyd7floOKM84zgbNaLmxVA7it38rk4X81GvIlsMgnU4DxRc05Hc00ejMSmDrGPxw==
MIME-Version: 1.0
X-Received: by 10.107.162.131 with SMTP id l125mr22871497ioe.84.1464625838977; Mon, 30 May 2016 09:30:38 -0700 (PDT)
Received: by 10.107.44.203 with HTTP; Mon, 30 May 2016 09:30:38 -0700 (PDT)
In-Reply-To: <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D559AC0@NKGEML515-MBS.china.huawei.com>
References: <E83B905A-FF6D-4996-B71A-7921DE4B133B@ericsson.com> <BFC09F5C-D6DF-4B6B-AA95-03919B9F09FB@cisco.com> <573E2A0E.1060609@isi.edu> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D54EB60@NKGEML515-MBX.china.huawei.com> <573F453C.5060908@isi.edu> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D554B73@NKGEML515-MBS.china.huawei.com> <5743303C.5040109@isi.edu> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D55514C@NKGEML515-MBS.china.huawei.com> <5743DD16.3050506@isi.edu> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D555482@NKGEML515-MBS.china.huawei.com> <57448C14.2060203@isi.edu> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D5557DE@NKGEML515-MBS.china.huawei.com> <9c462520-eb8e-fcd0-0a08-228f80fbc779@isi.edu> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D5596E0@NKGEML515-MBS.china.huawei.com> <CALx6S37-oA22ZKjF5MxsTPaR9nRS-b1JuVidWmPYjNkqQtWNBg@mail.gmail.com> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE0D559AC0@NKGEML515-MBS.china.huawei.com>
Date: Mon, 30 May 2016 09:30:38 -0700
Message-ID: <CALx6S34uHJuTPk6Yq3m_9QKwzdvAAbv7_JCdd1QwWB3pBmRmwA@mail.gmail.com>
From: Tom Herbert <tom@herbertland.com>
To: Xuxiaohu <xuxiaohu@huawei.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/softwires/X87ZQ_-HqBlaz37rxgZLch5NFJg>
Cc: Softwires WG <softwires@ietf.org>, "nvo3@ietf.org" <nvo3@ietf.org>, "int-area@ietf.org" <int-area@ietf.org>, "lisp@ietf.org" <lisp@ietf.org>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Subject: Re: [Softwires] [Int-area] Is it feasible to perform fragmentation on UDP encapsulated packets.
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 May 2016 16:30:47 -0000
X-List-Received-Date: Mon, 30 May 2016 16:30:47 -0000

On Fri, May 27, 2016 at 7:59 PM, Xuxiaohu <xuxiaohu@huawei.com> wrote:
> Hi Tom,
>
>> -----Original Message-----
>> From: Tom Herbert [mailto:tom@herbertland.com]
>> Sent: Friday, May 27, 2016 11:06 PM
>> To: Xuxiaohu
>> Cc: int-area@ietf.org; Softwires WG; nvo3@ietf.org; lisp@ietf.org;
>> tsvwg@ietf.org
>> Subject: Re: [Int-area] Is it feasible to perform fragmentation on UDP
>> encapsulated packets.
>>
>> > The possible side-effect of performing fragmentation on UDP encapsulated
>> packets is to worsen the reassembly burden on tunnel egress since fragments of
>> UDP encapsulated packets are more likely to be forwarded across different
>> paths towards the tunnel egress than those of IP or GRE encapsulated packets.
>> >
>>
>> Xiaohu,
>>
>> I don't understand why UDP encapsulation would make things worse than other
>> encapsulations. Fragmentation would be needed at tunnel ingress when packet
>
> When performing fragmentation after UDP encapsulation (a.k.a., outer fragmentation), the first fragment (still a UDP packet) and the subsequent fragments (not a UDP packet anymore) of a given UDP encapsulated packet are more likely to be routed over different paths in contrast to IP or GRE encapsulated packets. As a result, the reordering issue on the tunnel egress which is required to do reassembly would become even worse.
>
Presumably you are referring to ECMP and devices that parse the
transport header to use port information in the hash. There are two
ways this can be "fixed" in devices that do ECMP. 1) If the packet is
a fragment don't parse the transport header. This way all fragments
will be ECMP routed based on just L3 information so they all take the
same path. 2) Use non-zero IPv6 flow label and don't parse L4 header
to do ECMP. This means all fragments and all non-fragments of a flow
will follow the same path. The flow label approach also works with
protocols other than TCP and UDP as well as any arbitrary list of
extension headers. Both of these techniques have been implement in
Linux stack.

>> size exceeds MTU of the tunnel. RFC4459 describes the issues and general
>> solutions that apply to the different techniques of IP tunneling.
>
> Partially agree. The use of UDP as a tunneling protocol was not popular at the time when RFC4459 was published. Otherwise, the worse recording issue associated with the outer fragmentation of UDP encapsulated packets may need more attention in that RFC.
>
Yes, but UDP was popular long before it was used for tunneling and the
problems with it of fragmentation/reassembly were well known.
Considering tunneling with UDP doesn't really change anything, the
same solutions (like those listed in RFC4459) still apply.

> By the way, RFC4459 has illustrated the risk of performing [outer] fragmentation on tunneled packets clearly and said clearly that "...   So, if reassembly could be made to work sufficiently reliably, this would be one acceptable fallback solution but only for IPv6." However, I just occasionally noticed that in section 3.3.2.1 (Tunneling GRE over IPv4) of RFC7588, it said "By default, the GRE ingress node does not fragment delivery packets. However, the GRE ingress node includes a configuration option that allows delivery packet fragmentation." Does it mean there is a conflict between those two RFCs regarding whether outer fragmentation is needed for GRE over IPv4?
>
>> > It seems that most X-over-UDP proposals choose to prohibit the tunnel ingress
>> from performing fragmentation on UDP encapsulated packets. See the following
>> quoted text regarding fragmentation from those X-over-UDP drafts:
>> >
>> Please look a draft-herbert-gue-fragmentation-02. This is a method where the
>> fragmentation/reassembly is performed in the encapsulation layer instead of
>> (outer or inner) IP layer.
>
> It's an interesting idea. However, since it needs a dedicated fragmentation field in the GUE header, it seems that this approach is not suitable for the compressed GUE packet (a.k.a., in the same format of IP-in-UDP) where the fragmentation field and even the whole GUE header is gone.
>
Different header formats can be used for different packets in the same
flow. The outer UDP header and flow label are sufficient for ECMP, as
long devices aren't parsing into the GUE payload to do ECMP then all
packets for a flow (fragmented or not) should follow the same path.

Tom

> Best regards,
> Xiaohu
>
>> Tom

v2.23.0 | Report a Bug | By Email