IETF Logo Mail Archive

Re: [tcpm] ICMP attacks draft (issue 1): hard errors -> soft errors (in synchronized states)

Ted Faber <faber@ISI.EDU> Fri, 23 September 2005 16:51 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EIqld-00049l-5Z; Fri, 23 Sep 2005 12:51:21 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EIqlb-000496-94 for tcpm@megatron.ietf.org; Fri, 23 Sep 2005 12:51:19 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA24876 for <tcpm@ietf.org>; Fri, 23 Sep 2005 12:51:16 -0400 (EDT)
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EIqs2-00034u-JD for tcpm@ietf.org; Fri, 23 Sep 2005 12:58:01 -0400
Received: from pun.isi.edu (pun.isi.edu [128.9.160.150]) by boreas.isi.edu (8.11.6p2+0917/8.11.2) with ESMTP id j8NGoHn03284; Fri, 23 Sep 2005 09:50:17 -0700 (PDT)
Received: (from faber@localhost) by pun.isi.edu (8.13.4/8.13.4/Submit) id j8NGoHKt014413; Fri, 23 Sep 2005 09:50:17 -0700 (PDT) (envelope-from faber)
Date: Fri, 23 Sep 2005 09:50:17 -0700
From: Ted Faber <faber@ISI.EDU>
To: Fernando Gont <fernando@gont.com.ar>
Subject: Re: [tcpm] ICMP attacks draft (issue 1): hard errors -> soft errors (in synchronized states)
Message-ID: <20050923165017.GD10959@pun.isi.edu>
References: <6.2.0.14.0.20050923075214.0428faa8@pop.frh.utn.edu.ar> <433411E2.3020005@isi.edu> <6.2.0.14.0.20050923125332.04320008@pop.frh.utn.edu.ar>
Mime-Version: 1.0
In-Reply-To: <6.2.0.14.0.20050923125332.04320008@pop.frh.utn.edu.ar>
User-Agent: Mutt/1.4.2.1i
X-url: http://www.isi.edu/~faber
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: faber@pun.isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f60d0f7806b0c40781eee6b9cd0b2135
Cc: tcpm@ietf.org, Joe Touch <touch@ISI.EDU>
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0992464299=="
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

On Fri, Sep 23, 2005 at 12:57:40PM -0300, Fernando Gont wrote:
> At 11:32 a.m. 23/09/2005, Joe Touch wrote:
> 
> >> Issue 1 is: When a so-called ICMP "hard error" is received for a
> >> connection in any of the synchronized states (ESTABLISHED and so on),
> >> treat the error message as a soft error (i.e., do NOT abort the
> >> corresponding connection).
> >
> >WHY? Such an error could occur due to a reboot. It is legitimate operation.
> 
> In that case you should receive an RST, not an ICMP message.

Joe's not laying out his case completely.  Let me try to fill in the
blanks and he can tell me where I've misinterpreted what he's
suggesting.

Imagine a host that speaks IPv4 and TCP.  You connect to it.  The host
goes down and reboots (fairly quickly), but it's flag day, and the host
now no longer supports IPv4 at all, or no longer supports TCP at all.
You can work your imagination for other reasons that TCP might fail to
come up - a firewall (mis-?)configured to send the ICMP for application
protocols that have been outlawed, an embedded TCP stack with an
initialization/configuration error, TCP in an LKM with the wrong kernel
version...  There are a few whack-O cases out there that are unlikely
but well within the range of the possible.  None of those behaviors
(with the possible exception of the firewall) breaks a spec that I
can think of.

The point is that for whatever reason, all the host can do is send a
Protocol Not Supported ICMP, because the TCP stack will not be reached
(the postulate is that the host has stopped speaking either TCP or
IPv4).  Because the packet can't get to the TCP stack (which may not be
running at all), the host can't generate an RST.

Of course, if no ICMP is generated or gets through, the ESTABLISHED TCP
will eventually have a UTO and abort the connection.

Yes, this is a pretty bizarre case, but it is a valid hard error in an
ESTABLISHED state, and one where aborting the connection is the most
sensible thing to do.

-- 
Ted Faber
http://www.isi.edu/~faber           PGP: http://www.isi.edu/~faber/pubkeys.asc
Unexpected attachment on this mail? See http://www.isi.edu/~faber/FAQ.html#SIG

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email