IETF Logo Mail Archive

Re: [tcpm] PLPMTUD for all protocols

William Herrin <bill@herrin.us> Fri, 30 March 2018 12:45 UTC

Return-Path: <bill@herrin.us>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3B7312D7F3 for <tcpm@ietfa.amsl.com>; Fri, 30 Mar 2018 05:45:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QdwehZ3rfPO5 for <tcpm@ietfa.amsl.com>; Fri, 30 Mar 2018 05:45:13 -0700 (PDT)
Received: from magic.dirtside.com (magics.dirtside.com [199.33.225.25]) by ietfa.amsl.com (Postfix) with ESMTP id 8CAC5126DFF for <tcpm@ietf.org>; Fri, 30 Mar 2018 05:45:13 -0700 (PDT)
Received: from minoc.dirtside.com (minoc.dirtside.com [70.184.240.82]) by magic.dirtside.com (8.14.3/) with ESMTP id w2UCj8fC027603 for <tcpm@ietf.org>; Fri, 30 Mar 2018 08:45:08 -0400
X-Really-To: <tcpm@ietf.org>
Received: from mail-it0-f43.google.com (mail-it0-f43.google.com [209.85.214.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by minoc.dirtside.com (Postfix) with ESMTPSA id 306DFEBDB2 for <tcpm@ietf.org>; Fri, 30 Mar 2018 08:45:08 -0400 (EDT)
Received: by mail-it0-f43.google.com with SMTP id b5-v6so855996itj.1 for <tcpm@ietf.org>; Fri, 30 Mar 2018 05:45:08 -0700 (PDT)
X-Gm-Message-State: ALQs6tAp1yozXCt4MKSP7s0yBEKB9ZmjPHUEndqqNs3aHQB2WQgTKb1Z 3gZ1D5Cs5sQ9SxsxACsdzEeSAWikv1GakI0fk6g=
X-Google-Smtp-Source: AIpwx487v8LTIcsrRz68vFX4GgUeg92MeNXqCSXe+wDWQcPp4n2d0xpJ4R65/59kkrBtE/zmhWQgVjSEfSc7vWCRt9o=
X-Received: by 2002:a24:2551:: with SMTP id g78-v6mr2962073itg.76.1522413907524; Fri, 30 Mar 2018 05:45:07 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.199.205 with HTTP; Fri, 30 Mar 2018 05:44:46 -0700 (PDT)
In-Reply-To: <20180329174920.GV30215@faui40p.informatik.uni-erlangen.de>
References: <alpine.DEB.2.20.1803281034310.20609@uplift.swm.pp.se> <CAP-guGVEcnk09yi8sz+fmghpeb91Y8tQb+LsEmSF+0e+f6oGhw@mail.gmail.com> <alpine.DEB.2.20.1803281747020.20609@uplift.swm.pp.se> <B323BA47-32DF-498B-9D1F-5A378E7ABB98@strayalpha.com> <CAP-guGXfds60dwJXgnSYdbtQ-qOCJGpiw1kcYUkJR8L3jwsFSA@mail.gmail.com> <alpine.DEB.2.20.1803291727100.20609@uplift.swm.pp.se> <CAP-guGWhyS0UW9YwsQyA10iN_M=yc4H8NqKAgWH=zPBFhscJxQ@mail.gmail.com> <20180329174920.GV30215@faui40p.informatik.uni-erlangen.de>
From: William Herrin <bill@herrin.us>
Date: Fri, 30 Mar 2018 08:44:46 -0400
X-Gmail-Original-Message-ID: <CAP-guGVGp8k37b__hb6ve5V9h3QyYAivpA+X8iqJB_vskBnc=g@mail.gmail.com>
Message-ID: <CAP-guGVGp8k37b__hb6ve5V9h3QyYAivpA+X8iqJB_vskBnc=g@mail.gmail.com>
To: Toerless Eckert <tte@cs.fau.de>
Cc: Mikael Abrahamsson <swmike@swm.pp.se>, tcpm@ietf.org, Joe Touch <touch@strayalpha.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Checker: magic.dirtside.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/K66pulzM_8yaO2165EUo-YkNyNQ>
Subject: Re: [tcpm] PLPMTUD for all protocols
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2018 12:45:15 -0000

On Thu, Mar 29, 2018 at 1:49 PM, Toerless Eckert <tte@cs.fau.de> wrote:
> So, whats the summary ?

Howdy,

My thoughts run this direction:

1. Recommend that router implementations "SHOULD" provide the option
to generate ICMPv4 type 3 code 4 (fragmentation needed) messages and
ICMPv6 type 2 (packet too big) messages from an address different than
the source interface address. They Dan't today, creating lots of cases
where the operator has to sacrifice PMTUD.

2. Recommend that firewall implementations "SHOULD NOT" filter ICMPv4
type 3 code 4 (fragmentation needed) messages or ICMPv6 type 2 (packet
too big) messages unless explicitly configured to do so. In other
words, the instruction to filter all ICMP will not result in dropping
fragmentation needed messages but the explicit instruction to drop
fragmentation needed messages specifically will. Today's firewall
tools make it too easy to accidentally kill PMTUD.

Let's maximize the chance of PMTUD working as designed and then build
something optimized for the residual cases where it still doesn't.

> Write rfc4821bis with recommendations for an additional,
> simplified procedure dropping to 1280/576 and use most simple upspeeding
> option ?

That is #3. And I'd like to be smart about fallback at the expense of
efficiency in the black hole case. Send the 1280 packet. If it works,
send another full size packet to confirm it still fails before
accepting 1280 as the path mtu. If the 1280 and 576 packets don't work
either, don't try the fallback again: it's not path mtu. Maybe the RFC
is already smart about this; I didn't read closely enough.

4. Go back to the ground truths and reconsider whether we have
satisfactory information at layer 3 to make reliable decisions about
path mtu. Because of the fate sharing issue, I think PMTUD wants to be
a layer 4 problem implemented independently in each layer 4 protocol
with layer 3 offering hints from ICMP when available. Maybe this is
something that should be kicked over to the IRTF for investigation.

Regards,
Bill Herrin


-- 
William Herrin ................ herrin@dirtside.com  bill@herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

v2.23.0 | Report a Bug | By Email