IETF Logo Mail Archive

Re: [tcpm] Exceeding value in MSS option?

Michael Tuexen <Michael.Tuexen@lurchi.franken.de> Mon, 26 October 2020 09:34 UTC

Return-Path: <Michael.Tuexen@lurchi.franken.de>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C44F63A1A05 for <tcpm@ietfa.amsl.com>; Mon, 26 Oct 2020 02:34:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.613
X-Spam-Level:
X-Spam-Status: No, score=-1.613 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.275, SPF_NONE=0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n1lhHGkKEEXH for <tcpm@ietfa.amsl.com>; Mon, 26 Oct 2020 02:34:47 -0700 (PDT)
Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C9EC3A1A03 for <tcpm@ietf.org>; Mon, 26 Oct 2020 02:34:46 -0700 (PDT)
Received: from [IPv6:2a02:8109:1140:c3d:a026:2f8:6534:ca25] (unknown [IPv6:2a02:8109:1140:c3d:a026:2f8:6534:ca25]) (Authenticated sender: lurchi) by mail-n.franken.de (Postfix) with ESMTPSA id 77E207799D350; Mon, 26 Oct 2020 10:34:42 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
In-Reply-To: <f19023d2-7f69-7ed8-c213-0ae53cf74437@tele.no>
Date: Mon, 26 Oct 2020 10:34:41 +0100
Cc: Joseph Touch <touch@strayalpha.com>, "tcpm@ietf.org Extensions" <tcpm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9C8105AE-483B-463F-8EBC-D00199974976@lurchi.franken.de>
References: <BB0640E4-C7A9-4E1C-9F29-BD373A220BAB@ericsson.com> <247D753D-DA2C-47EF-9C38-C2B5E274FD8F@erg.abdn.ac.uk> <f3ca83de-6962-56c4-e1d2-839bf074dbca@tele.no> <246C6457-BF65-4B66-970A-FD6C95A98772@strayalpha.com> <f19023d2-7f69-7ed8-c213-0ae53cf74437@tele.no>
To: Frode Kileng <frodek@tele.no>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/N6aIUIwrVJz1s0g598jQswWaH5w>
Subject: Re: [tcpm] Exceeding value in MSS option?
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Oct 2020 09:34:50 -0000

> On 26. Oct 2020, at 08:52, Frode Kileng <frodek@tele.no> wrote:
> 
> 
> 
> On 23/10/2020 17:11, Joseph Touch wrote:
>>> On Oct 23, 2020, at 1:37 AM, Frode Kileng <frodek@tele.no <mailto:frodek@tele.no>> wrote:
>>> 
>>> Although maybe not  a "general problem",  a study of MSS middlebox manipluation in  23 European and Asian mobile networks did reveal some issues:
>>> 
>>> - 20 of 23 networks always inserts MSS.
>> 
>> That IS a general problem, FWIW.
>> 
>> Besides being published, it should also be reported to the operators of those networks as violating TCP specs.
> 
> Do you mean as in "layering violation" or is it explicitly stated in an RFC that MSS clamping is not allowed.
I think we should differentiate two issues:
(a) a middlebox which reduces the MSS already in an SYN/SYN-ACK segement.
(b) a middlebox which adds an MSS option, which wasn't there in the SYN/SYN-ACK segment.

(a) is the typical MSS clamping you are referring to and it is used to mitigate MTU issues.
(b) is a problem in my view and referred to in the statement 'always inserts'.

Best regards
Michael
> 
> Anyway, since stopping this practice is likely to cause extensive fragmentation of TCP segments, mobile networks will continue this despite "violating TCP specs". At least until the networks fully support jumbo frames.
> 
> (The motivation for MSS clamping is the tunneling overhead in the mobile core of the networks. Within the core, the MSS is clamped to take into consideration the size of the  GTP-U header and potential additional ipsec headers. The GTP-U header is variable size and is at least 40 bytes for IPv4 and 60 for IPv6. In addition it may include vendor or mobile operator specific extension headers. I do not now why networks don't reduce the MTU size instead. My understanding of the 3GPP specs is that this is suggested but could not find out how this is provisioned to the terminals for IPv4. I've only seen one mobile network that provisioned the terminals with a MTU lower than 1500 bytes. But their MTU size of 1464 for for IPv4 and IPv6 did not seem reflect the GTP-U tunnel.)
> 
> 
> Regards
> 
> Frode Kileng
> 
> 
> 
> 
> 
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email