Re: [tcpm] comments on draft-ietf-tcpm-icmp-attacks-05

"Eddy, Wesley M. (GRC-MS00)[Verizon]" <> Sat, 13 June 2009 15:42 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 59C5028C0DF for <>; Sat, 13 Jun 2009 08:42:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.512
X-Spam-Status: No, score=-6.512 tagged_above=-999 required=5 tests=[AWL=0.087, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id J4Aa9+QgS9fR for <>; Sat, 13 Jun 2009 08:42:10 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 5C5B428C0DC for <>; Sat, 13 Jun 2009 08:42:10 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 087923280C7; Sat, 13 Jun 2009 10:42:19 -0500 (CDT)
Received: from ( []) by (8.14.3/8.14.3) with ESMTP id n5DFgI7i025088; Sat, 13 Jun 2009 10:42:18 -0500
Received: from ([]) by ([]) with mapi; Sat, 13 Jun 2009 10:42:19 -0500
From: "Eddy, Wesley M. (GRC-MS00)[Verizon]" <>
To: Fernando Gont <>
Date: Sat, 13 Jun 2009 10:42:26 -0500
Thread-Topic: comments on draft-ietf-tcpm-icmp-attacks-05
Thread-Index: AcnqbtvMta3haP3uS+WiqVnJlgQglABzNapg
Message-ID: <>
References: <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.7400:2.4.4, 1.2.40, 4.0.166 definitions=2009-06-13_02:2009-06-01, 2009-06-13, 2009-06-12 signatures=0
Cc: "" <>, Fernando Gont <>
Subject: Re: [tcpm] comments on draft-ietf-tcpm-icmp-attacks-05
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 13 Jun 2009 15:42:11 -0000

>-----Original Message-----
>From: Fernando Gont [] On
>Behalf Of Fernando Gont
>Sent: Thursday, June 11, 2009 4:30 AM
>Hello, Wes,
>> As both a WG-participant and co-chair, I think that the
>> Appendix A explanations of which ICMPs need to be paid
>> attention to because some of them say things that I'm
>> not sure are totally supported by prior RFCs.
>Any specific issues?

I'll go one-by-one through them and follow up with any in
addition to the one we already started talking about:

>> For
>> instance, I'm not certain that setting the DF bit is
>> only possible for hosts that support PMTUD ... is there
>> a reference for that?
>What's the reason for setting the DF flag for IP packets carrying TCP
>segments if you don't implement PMTUD?

I know of a number of embedded OS kernels and real-time systems
that either don't implement IP reassembly or disable it.  Some
of the stacks geared towards real-time will also set DF on the
packets that they send as the frag/reassembly is presumed to be
an impediment to guaranteeing their delay bounds.

>> Further, it discusses ambiguity
>> in 1122, that we should be clarifying in the main text
>> rather than an appendix, I think ... what does the rest
>> of the WG think?
>The appendix was at some point part of the main text. I moved the text
>into an appendix probably on request of somebody, but not because I
>thought the text should be there. So I have no problem moving the
>entirre appendix (or part of it) back into the main part of the

Oh, I didn't realize we'd already juggled it around :).
It makes sense to me to analyze the different message
types this way as motivation for the recommendations on
how to treat them, which is why I expected it to be in
the body, but if there was already consensus to have it
as an appendix, then that's fine too.

Wes Eddy
Network & Systems Architect
Verizon FNS / NASA GRC
Office: (216) 433-6682