Re: [tcpm] [Softwires] TCP MSS clamping to try to deal with MTU issues in Dual-Stack Lite
"Yiu L. Lee" <yiu_lee@cable.comcast.com> Tue, 14 April 2009 13:04 UTC
Return-Path: <yiu_lee@cable.comcast.com>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 952F73A67E6; Tue, 14 Apr 2009 06:04:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.396
X-Spam-Level:
X-Spam-Status: No, score=-6.396 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RCVD_IN_DNSWL_HI=-8, RCVD_NUMERIC_HELO=2.067]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sJAVbAzWcQvV; Tue, 14 Apr 2009 06:04:49 -0700 (PDT)
Received: from pacdcimo01.cable.comcast.com (PacdcIMO01.cable.comcast.com [24.40.8.145]) by core3.amsl.com (Postfix) with ESMTP id EF14D3A6A37; Tue, 14 Apr 2009 06:04:48 -0700 (PDT)
Received: from ([10.52.116.30]) by pacdcimo01.cable.comcast.com with ESMTP id 5503620.33953122; Tue, 14 Apr 2009 09:02:28 -0400
Received: from PACDCEXCMB04.cable.comcast.com ([24.40.15.86]) by PAOAKEXCSMTP01.cable.comcast.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 14 Apr 2009 09:02:28 -0400
Received: from 198.137.252.126 ([198.137.252.126]) by PACDCEXCMB04.cable.comcast.com ([24.40.15.86]) via Exchange Front-End Server webmail.comcast.com ([198.137.252.76]) with Microsoft Exchange Server HTTP-DAV ; Tue, 14 Apr 2009 13:02:13 +0000
User-Agent: Microsoft-Entourage/12.15.0.081119
Date: Tue, 14 Apr 2009 09:02:07 -0400
From: "Yiu L. Lee" <yiu_lee@cable.comcast.com>
To: Joe Touch <touch@ISI.EDU>, Magnus Westerlund <magnus.westerlund@ericsson.com>
Message-ID: <C60A018F.83F0%yiu_lee@cable.comcast.com>
Thread-Topic: [Softwires] [tcpm] TCP MSS clamping to try to deal with MTU issues in Dual-Stack Lite
Thread-Index: Acm5iNT/rkjheLTqSaKKqnVN179ifQDeGHg8
In-Reply-To: <49DBD9AF.4040605@isi.edu>
Mime-version: 1.0
Content-type: text/plain; charset="ISO-8859-1"
Content-transfer-encoding: quoted-printable
X-OriginalArrivalTime: 14 Apr 2009 13:02:28.0599 (UTC) FILETIME=[43BF3070:01C9BD01]
X-Mailman-Approved-At: Tue, 14 Apr 2009 08:24:13 -0700
Cc: softwires@ietf.org, tcpm@ietf.org
Subject: Re: [tcpm] [Softwires] TCP MSS clamping to try to deal with MTU issues in Dual-Stack Lite
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Apr 2009 13:04:50 -0000
HI Joe, In RFC2385 - Section 2.0 Item 2, it says 2. the TCP header, excluding options, and assuming a checksum of zero Since TCP options are excluded, changing MSS won't affect the MD5 mechanism, will it? In draft-ietf-tpcm-tcp-auth-opt-04.txt - Section 5 Item 2, it says 2. A TCP option flag. When 0, this flag allows default operation, i.e., TCP options are included in the MAC calculation, with TCP- AO's MAC field zeroed out. When 1, all options (excluding TCP-AO) are excluded from all MAC calculations (skipped over, not simply zeroed). The option flag applies to TCP options in both directions (incoming and outgoing segments). >> The TCP option flag MUST NOT change during a TCP connection. The TCP option flag cannot change during a connection because TCP state is coordinated during connection establishment. TCP lacks a handshake for modifying that state after a connection has been established. Changing MSS could be a problem when TCP option flag is set to 0. When the flag is set to 1, changing MSS is fine, isn't it? Thanks, Yiu On 4/7/09 6:54 PM, "Joe Touch" <touch@ISI.EDU> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, all, > > The solution has a bug: if TCP traffic uses TCP MD5 or TCP-AO, then it > needs to be handled like non-TCP traffic, since MSS revision would > destroy the packet's integrity. > > IMO, this should be handled the simple way - remove the TCP case, and > handle all traffic the non-TCP way. > > Finally, if a NAT ever refuses to reassemble anything, it MUST issue an > ICMP too-big IMO. The whole idea of creating a problem (encapsulating, > decreasing the effective MSS on a path) then not cleaning it up > yourself, or deciding when to clean it up based on *current* assumptions > of network traffic is a bad idea and shouldn't be supported. > > Joe > > Magnus Westerlund wrote: >> Hi, >> >> There is a proposal to use TCP MSS clamping to deal with MTU issues that >> comes from Dual-stack lite's tunnel encapsulation. >> >> I think it would be good if TCPM could provide some feedback on this >> proposal. >> >> The relevant document and section: >> http://tools.ietf.org/html/draft-ietf-softwire-dual-stack-lite-00 >> >> 7.4. MTU >> >> >> Using an encapsulation (IP in IP or L2TP) to carry IPv4 traffic over >> IPv6 will reduce the effective MTU of the datagrams. Unfortunately, >> path MTU discovery is not a reliable method to deal with this. As >> such a combination of solutions is suggested: >> >> o For TCP traffic, let the carrier-grade NAT rewrite the MSS in the >> first SYN packet to a lower value. >> >> o For non-TCP traffic, perform fragmentation and reassembly over the >> tunnel between the home gateway and the carrier grade NAT. In >> practice, this means put the IPv4 packet into a large IPv6 packet >> and fragment/reassemble the IPv6 packet at each endpoint of the >> tunnel. There is a performance price to pay for this. >> Fragmentation is not very expensive, but reassembly can be, >> especially on the carrier-grade NAT that would have to keep track >> of a lot of flows. However, such a carrier-grade NAT would only >> have to perform reassembly for large UDP packets sourced by >> customers, not for large UDP packets received by customers. In >> other words, streaming video to a customer would not have a >> significant impact on the performance of the carrier-grade NAT, >> but will require more work on the home gateway side. >> >> Cheers >> >> Magnus Westerlund >> >> IETF Transport Area Director & TSVWG Chair >> ---------------------------------------------------------------------- >> Multimedia Technologies, Ericsson Research EAB/TVM >> ---------------------------------------------------------------------- >> Ericsson AB | Phone +46 10 7148287 >> Färögatan 6 | Mobile +46 73 0949079 >> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com >> ---------------------------------------------------------------------- >> _______________________________________________ >> tcpm mailing list >> tcpm@ietf.org >> https://www.ietf.org/mailman/listinfo/tcpm > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAknb2a8ACgkQE5f5cImnZrs0ewCg7ScElkpLrz20zSpTMnXuRApa > CPsAoIyhk9N9K2fPpEJTyShMKeZNLxD/ > =9ob2 > -----END PGP SIGNATURE----- > _______________________________________________ > Softwires mailing list > Softwires@ietf.org > https://www.ietf.org/mailman/listinfo/softwires >
- [tcpm] TCP MSS clamping to try to deal with MTU i… Magnus Westerlund
- Re: [tcpm] TCP MSS clamping to try to deal with M… Joe Touch
- Re: [tcpm] [Softwires] TCP MSS clamping to try to… Joe Touch
- Re: [tcpm] [Softwires] TCP MSS clamping to try to… Yiu L. Lee