IETF Logo Mail Archive

Re: [tcpm] Exceeding value in MSS option?

Joseph Touch <touch@strayalpha.com> Mon, 19 October 2020 22:15 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FE393A0CB0 for <tcpm@ietfa.amsl.com>; Mon, 19 Oct 2020 15:15:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.455
X-Spam-Level:
X-Spam-Status: No, score=0.455 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.652, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2rruJ6BVIQyI for <tcpm@ietfa.amsl.com>; Mon, 19 Oct 2020 15:15:38 -0700 (PDT)
Received: from server217-4.web-hosting.com (server217-4.web-hosting.com [198.54.116.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D31FE3A0CA0 for <tcpm@ietf.org>; Mon, 19 Oct 2020 15:15:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Us2ooXnXUzlK7QklanQxaqZ0gZZKhKu9FRtPdlFqKFM=; b=R77Mtkw3c8ZJzXE9D18TOVhHT DR+d0I0TvCmAqRnhE/BV05fll/I73B8A1ndefKN9CU31Z0W9UxV05vTI4X7G0sRyggPvoahEnrExf FXBvHk7Z2Gwla97g0g+OVsrf1/jq1XEadZ0dcPjGUSc5mLAHPd4+QcG7YnR0mObaZ++xEuzkBe8PO 62gxhImLV/1pf1zmIHqIQt+rXzB0nmE2YJLe/nQYGDW/hWv3V0ieQdBQUEjJdzDBQxbneeO3EFb75 eVUgTh9XhYKf8S0B1BuYifrV7QDmQGfvWTg26mle9D5cBGv+19qPxzZtjtGLEwBtMU1R0TPhgIAAY d5cdrRQbA==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:58283 helo=[192.168.1.14]) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <touch@strayalpha.com>) id 1kUdRF-003eGG-RN; Mon, 19 Oct 2020 18:15:38 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_2CF3765F-3167-4E27-A132-AA513FEF1350"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
From: Joseph Touch <touch@strayalpha.com>
In-Reply-To: <CAM4esxTTvZbBqD1-0rbB+XrbTRFuh4Mi7O2e1DOLPMccGhsigQ@mail.gmail.com>
Date: Mon, 19 Oct 2020 15:15:33 -0700
Cc: "tcpm@ietf.org Extensions" <tcpm@ietf.org>
Message-Id: <328DB0B6-4612-4737-A36D-FB26724EA4E5@strayalpha.com>
References: <CAM4esxQzydPBTjVQvtp3766mCH5L65LdRSkFzQkdeKgUfhKacA@mail.gmail.com> <0572D865-F831-4B3A-9A8B-6A9C4D154859@strayalpha.com> <719D9BE6-3C5F-4121-B362-BD21FEDC941A@strayalpha.com> <CAM4esxTTvZbBqD1-0rbB+XrbTRFuh4Mi7O2e1DOLPMccGhsigQ@mail.gmail.com>
To: Martin Duke <martin.h.duke@gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/UqrTRM7QPy1dXU4kw4Rm8UF0nWU>
Subject: Re: [tcpm] Exceeding value in MSS option?
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2020 22:15:41 -0000

Hi, Martin,

> On Oct 19, 2020, at 1:50 PM, Martin Duke <martin.h.duke@gmail.com> wrote:
> 
> Hi Joe,
> 
> I may have phrased it ambiguously but I understand the intent of 1122/6691 as you describe it.

RFC6691 was written to clear up the ambiguity and conflicting info in other docs.

> IOAM does add IPv6 options at times, although it should scrub them before it leaves the domain. 

That is NOT OK. 

I don’t know why its not very clear that this is incorrect, but just to be clear:

	No subdomain should increase the size of a packet UNLESS it can GUARANTEE that it supports *all types of* MTUs that are equivalently LARGER than the minimums required as well as those reported outside the domain.

I.e., let’s say the domain adds 20 bytes. Then it CANNOT use equipment that supports only 1280B path MTUs and 1500B reassembly MTUs; it needs to have equipment throughout that supports at least 1300B path MTUs and 1520B reassembly MTUs.

Unless the subdomain has those guarantees, it can’t increase packet sizes. Even then, it’s playing with space the endpoints “own” (e.g., of the limits of IPv4 or TCP option space), and NO subdomain mods can make the increased packet size work.

Overall, this is a VERY BAD IDEA and should NOT be endorsed by the IETF in any way, shape, or form - including experimentally.

Joe

> 
> Thanks
> Martin
> 
> On Mon, Oct 19, 2020 at 12:44 PM Joseph Touch <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
> To be more clear:
> 
> The MSS value in the TCP option reflects the FIXED headers only.
> 
> The sending side uses that value, together with its knowledge of options it adds, to reduce the size of the data sent to fit.
> 
> Second guessing that information is problematic; sure, when something gets through you can always try something smaller but that’s not specific to TCP or anything else.
> 
> Middleboxes should never make a packet larger under any circumstances.
> 
> Joe
> 
>> On Oct 19, 2020, at 12:37 PM, Joseph Touch <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
>> 
>> See RFC 6691.
>> 
>> Only the fixed headers are considered, NOT the options.
>> 
>> Joe
>> 
>>> On Oct 19, 2020, at 12:22 PM, Martin Duke <martin.h.duke@gmail.com <mailto:martin.h.duke@gmail.com>> wrote:
>>> 
>>> Hello tcpm,
>>> 
>>> Section 4.2.2.6 of RFC 1122 <https://datatracker.ietf.org/doc/html/rfc1122#page-85> is pretty clear that the TCP sender MUST consider all IP and TCP options when sizing payloads with respect to the advertised MSS option.
>>> 
>>> I'm reviewing a document <https://datatracker.ietf.org/doc/html/draft-ietf-lwig-tcp-constrained-node-networks-11#section-4.1.1> that advises that some endpoints may want to reduce their advertised MSS on IPv6 connections in case the peer isn't respecting that guidance. Is noncompliance with this provision a problem in the internet? Are there middleboxes injecting options that cause PMTU drops or fragmentation?
>>> 
>>> I have not heard of such problems, but thought I'd check with the community to see if this precaution makes any sense at all.
>>> 
>>> Thanks,
>>> Martin
>>> 
>>> 
>>> _______________________________________________
>>> tcpm mailing list
>>> tcpm@ietf.org <mailto:tcpm@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/tcpm <https://www.ietf.org/mailman/listinfo/tcpm>
>> 
> 
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email