IETF Logo Mail Archive

Re: [tcpm] Exceeding value in MSS option?

"Scharf, Michael" <Michael.Scharf@hs-esslingen.de> Tue, 20 October 2020 19:58 UTC

Return-Path: <Michael.Scharf@hs-esslingen.de>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B56793A1069 for <tcpm@ietfa.amsl.com>; Tue, 20 Oct 2020 12:58:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hs-esslingen.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1_PdViLtupA for <tcpm@ietfa.amsl.com>; Tue, 20 Oct 2020 12:58:09 -0700 (PDT)
Received: from mail.hs-esslingen.de (mail.hs-esslingen.de [134.108.32.78]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E04793A07B0 for <tcpm@ietf.org>; Tue, 20 Oct 2020 12:58:08 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.hs-esslingen.de (Postfix) with ESMTP id 08C0F25A1A; Tue, 20 Oct 2020 21:58:07 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hs-esslingen.de; s=mail; t=1603223887; bh=Q84c3xeu8rB4tyYdGyHGahuJ9Yo6k9aNXb+a30VABxs=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=VR+V5u7d+lwANkgkJ3KVLrAceSsG0ak9P6XuLHEnkYELm9AflLzXWZUrvQgHN0QCw G/Qq/90FZhKpZT9YsoYufkSMEs3W5M9kyvhNm9ZlGHmyTBeJwXGiwJ4Y7+i71rWSz2 zStiKAy4rjIgFcejvbZuXoI9MQFiEy8GjfpZzTIQ=
X-Virus-Scanned: by amavisd-new-2.7.1 (20120429) (Debian) at hs-esslingen.de
Received: from mail.hs-esslingen.de ([127.0.0.1]) by localhost (hs-esslingen.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TtcnAzQxZe-V; Tue, 20 Oct 2020 21:58:05 +0200 (CEST)
Received: from rznt8201.rznt.rzdir.fht-esslingen.de (rznt8201.hs-esslingen.de [134.108.48.164]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.hs-esslingen.de (Postfix) with ESMTPS; Tue, 20 Oct 2020 21:58:05 +0200 (CEST)
Received: from rznt8202.rznt.rzdir.fht-esslingen.de (134.108.48.165) by rznt8201.rznt.rzdir.fht-esslingen.de (134.108.48.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Tue, 20 Oct 2020 21:58:05 +0200
Received: from rznt8202.rznt.rzdir.fht-esslingen.de ([fe80::aca4:171a:3ee1:57e0]) by rznt8202.rznt.rzdir.fht-esslingen.de ([fe80::aca4:171a:3ee1:57e0%3]) with mapi id 15.01.1979.006; Tue, 20 Oct 2020 21:58:05 +0200
From: "Scharf, Michael" <Michael.Scharf@hs-esslingen.de>
To: Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
CC: "tcpm@ietf.org Extensions" <tcpm@ietf.org>
Thread-Topic: [tcpm] Exceeding value in MSS option?
Thread-Index: AQHWpk1K5yCW3VOIm02cl+MOJ34oLamgE6eAgAA/EwCAACM/gIAAZHQw
Date: Tue, 20 Oct 2020 19:58:05 +0000
Message-ID: <9d7e505786df4e9d903734a6a2ee588d@hs-esslingen.de>
References: <BB0640E4-C7A9-4E1C-9F29-BD373A220BAB@ericsson.com> <247D753D-DA2C-47EF-9C38-C2B5E274FD8F@erg.abdn.ac.uk>
In-Reply-To: <247D753D-DA2C-47EF-9C38-C2B5E274FD8F@erg.abdn.ac.uk>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [134.108.140.248]
Content-Type: multipart/alternative; boundary="_000_9d7e505786df4e9d903734a6a2ee588dhsesslingende_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/6FjQ6zeJ0eB7GZy5MilQ9jl0zXg>
Subject: Re: [tcpm] Exceeding value in MSS option?
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2020 19:58:12 -0000

Out of my head, most current router operating systems support MSS clamping, and albeit I have no measurement data, I’d be surprised if that router feature is not widely used.

If the network clamps the MSS, it may not really matter if a connection endpoint picks an MSS larger than the value enforced by the network. But I am not sure if draft-ietf-lwig-tcp-constrained-node-networks-11 should discuss MSS clamping as technique. It is not at all specific to constrained devices.

Michael


From: tcpm <tcpm-bounces@ietf.org> On Behalf Of Gorry Fairhurst
Sent: Tuesday, October 20, 2020 5:03 PM
To: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
Cc: tcpm@ietf.org Extensions <tcpm@ietf.org>
Subject: Re: [tcpm] Exceeding value in MSS option?

See below...


On 20 Oct 2020, at 13:56, Mirja Kuehlewind <mirja.kuehlewind@ericsson.com<mailto:mirja.kuehlewind@ericsson.com>> wrote:

Hi Martin, hi Gorry,

I think Gorry’s paper does indicate that at least for MSS, there are middleboxes that add this option. However, I don’t think there is evidence that there is a general problem about middlebox adding option (rather than removing them). I also reviewed the draft in tsv-art review and given that they say it’s actually not recommended and should only be done with care, I thought that text is okay. However, I guess there is room to improve the wording and explain a bit better, when and if this might be consider or not.

Mirja

Right. This approach is not great for evolution of the size in future, but this use of MSS to restrict packet size has not broken the Internet - far from it, it is probably the way connections currently avoid black holes. I suspect that any operator adding overhead will be aware of what they are doing, and that If they do MSS clamping they will adjust that if needed, or just configure a bigger MTU within their network segment.

Gorry



From: tcpm <tcpm-bounces@ietf.org<mailto:tcpm-bounces@ietf.org>> on behalf of Gorry Fairhurst <gorry@erg.abdn.ac.uk<mailto:gorry@erg.abdn.ac.uk>>
Date: Tuesday, 20. October 2020 at 11:13
To: Martin Duke <martin.h.duke@gmail.com<mailto:martin.h.duke@gmail.com>>, "tcpm@ietf.org Extensions<mailto:tcpm@ietf.org%20Extensions>" <tcpm@ietf.org<mailto:tcpm@ietf.org>>
Subject: Re: [tcpm] Exceeding value in MSS option?

On 19/10/2020 20:22, Martin Duke wrote:
Hello tcpm,

Section 4.2.2.6 of RFC 1122<https://datatracker.ietf.org/doc/html/rfc1122#page-85> is pretty clear that the TCP sender MUST consider all IP and TCP options when sizing payloads with respect to the advertised MSS option.

I'm reviewing a document<https://datatracker.ietf.org/doc/html/draft-ietf-lwig-tcp-constrained-node-networks-11#section-4.1.1> that advises that some endpoints may want to reduce their advertised MSS on IPv6 connections in case the peer isn't respecting that guidance. Is noncompliance with this provision a problem in the internet? Are there middleboxes injecting options that cause PMTU drops or fragmentation?

I have not heard of such problems, but thought I'd check with the community to see if this precaution makes any sense at all.

Thanks,
Martin





_______________________________________________

tcpm mailing list

tcpm@ietf.org<mailto:tcpm@ietf.org>

https://www.ietf.org/mailman/listinfo/tcpm

Hi Martin,

While a server advertising a restricted MSS clearly reduces the TCP packet size, it seems to me to be a rather poor solution to the problem in general, and only works for TCP.

If  it wants to say some advices, I think the IETF needs to consider current practice and the implications of this. I suspect the practice of clamping the IPv6 MSS at the server is already quite common, especially in IPv6 servers offering web content. MSS Clamping on-path is also common, but anyway I see some servers advertise an MSS much lower than permitted by the MTU. For example, see the section on MSS handling here:

https://tma.ifip.org/2018/wp-content/uploads/sites/3/2018/06/tma2018_paper57.pdf<https://protect2.fireeye.com/v1/url?k=c964a91f-97c41371-c964e984-866038973a15-4c538007322d8392&q=1&e=8b72cbc2-683a-493b-a075-c9df067b88f7&u=https%3A%2F%2Ftma.ifip.org%2F2018%2Fwp-content%2Fuploads%2Fsites%2F3%2F2018%2F06%2Ftma2018_paper57.pdf>

This might be because of the reasons for this are cited in RFC8900.

Gorry

v2.23.0 | Report a Bug | By Email