Re: FWD:: Re: [e2e] Re: Question on "identification" field of IP
Mark Allman <mallman@grc.nasa.gov> Thu, 19 December 2002 04:33 UTC
Message-Id: <200212190433.gBJ4XoJg040392@thoth.ir.bbn.com>
To: tcp-impl@grc.nasa.gov
From: Mark Allman <mallman@grc.nasa.gov>
Reply-To: tcp-impl@grc.nasa.gov
Subject: Re: FWD:: Re: [e2e] Re: Question on "identification" field of IP
Organization: BBN Technologies/NASA GRC
Song-of-the-Day: Not Fade Away
Date: Wed, 18 Dec 2002 23:33:50 -0500
Sender: owner-tcp-impl@grc.nasa.gov
Precedence: bulk
Status: RO
Content-Length: 2238
Lines: 56
------- Forwarded Message From: Richard Wendland <richard@starburst.demon.co.uk> Subject: Re: FWD:: Re: [e2e] Re: Question on "identification" field of IP To: touch@ISI.EDU (Joe Touch) Date: Thu, 19 Dec 2002 01:22:44 +0000 (GMT) Cc: mallman@grc.nasa.gov, tcp-impl@grc.nasa.gov > > I'd be very careful fixing the IP ID - I have been told by one major > > "interconnect" vendor that some of their products have ways to allow > > the customer (at customers persistent request) to cause the devices to > > ignore and clear the DF bit... > > That would be a violation of the STDs (1812, 791), which could cause > problems that would be very difficult to debug (e.g., path MTU, etc.) > > I.e., you're worried about changing the IP ID field because vendors who > violate standards will break? Go right ahead, IMO. > > Laws for the lawless are a waste of effort (shades of NAT). An admirable attitude, but even Linux backtracked on this IP ID issue when faced with practical connectivity problems. Linux for a time used to set IP ID zero if DF was set, but went back to setting changing IP IDs for TCP with DF. I'm not a Linux kernel developer, but I think that change back is related to the comment in the kernel include/net/ip.h: /* This is only to work around buggy Windows95/2000 * VJ compression implementations. If the ID field * does not change, they drop every other packet in * a TCP stream using header compression. */ I believe that comment and associated code setting IP ID was added in Linux 2.4.4. I also think I have observed a middlebox clearing DF; circumstantial evidence not proof though. It appeared to me, from remote observation, that a HTTP load balancing device was clearing DF on TCP segments en-route from HTTP servers to clients. I presume this is because the load balancer's developers could not be bothered to "route" ICMP fragmentation needed back to the appropriate HTTP server. If this is correct, and the load balancer isn't cleverly changing the IP ID, there could be problems if TCP stacks don't set a real IP ID. It's horrid, and wrong. But it is a problem for practical connectivity. Richard - -- Richard Wendland richard@codeburst.co.uk ------- End of Forwarded Message
- Re: FWD:: Re: [e2e] Re: Question on "identificati… Joe Touch
- Re: FWD:: Re: [e2e] Re: Question on "identificati… Mark Allman
- Re: FWD:: Re: [e2e] Re: Question on "identificati… Alan Cox
- Re: FWD:: Re: [e2e] Re: Question on "identificati… Joe Touch
- Re: FWD:: Re: [e2e] Re: Question on "identificati… Mark Allman
- Re: FWD:: Re: [e2e] Re: Question on "identificati… Alan Cox