Re: [tcpm] comments on draft-ietf-tcpm-icmp-attacks-05

Florian Weimer <fw@deneb.enyo.de> Sun, 14 June 2009 13:37 UTC

Return-Path: <fw@deneb.enyo.de>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 49E4428C0E1 for <tcpm@core3.amsl.com>; Sun, 14 Jun 2009 06:37:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.705
X-Spam-Level:
X-Spam-Status: No, score=-1.705 tagged_above=-999 required=5 tests=[AWL=0.544, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MWxv80vsAffi for <tcpm@core3.amsl.com>; Sun, 14 Jun 2009 06:37:44 -0700 (PDT)
Received: from mail.enyo.de (mail.enyo.de [212.9.189.167]) by core3.amsl.com (Postfix) with ESMTP id 8C6B728C0DD for <tcpm@ietf.org>; Sun, 14 Jun 2009 06:37:44 -0700 (PDT)
Received: from deneb.vpn.enyo.de ([212.9.189.177] helo=deneb.enyo.de) by mail.enyo.de with esmtp id 1MFpu9-0001b7-Pt; Sun, 14 Jun 2009 15:37:49 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.69) (envelope-from <fw@deneb.enyo.de>) id 1MFpu9-0005Os-4q; Sun, 14 Jun 2009 15:37:49 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Fernando Gont <fernando@gont.com.ar>
References: <C304DB494AC0C04C87C6A6E2FF5603DB221796D53C@NDJSSCC01.ndc.nasa.gov> <C304DB494AC0C04C87C6A6E2FF5603DB221796D53E@NDJSSCC01.ndc.nasa.gov> <4A30C093.5060408@gont.com.ar>
Date: Sun, 14 Jun 2009 15:37:49 +0200
In-Reply-To: <4A30C093.5060408@gont.com.ar> (Fernando Gont's message of "Thu, 11 Jun 2009 05:30:11 -0300")
Message-ID: <87hbyjey1e.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: "tcpm@ietf.org" <tcpm@ietf.org>, Fernando Gont <fernando.gont@gmail.com>
Subject: Re: [tcpm] comments on draft-ietf-tcpm-icmp-attacks-05
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jun 2009 13:37:45 -0000

* Fernando Gont:

>> For instance, I'm not certain that setting the DF bit is only
>> possible for hosts that support PMTUD ... is there a reference for
>> that?
>
> What's the reason for setting the DF flag for IP packets carrying TCP
> segments if you don't implement PMTUD?

You don't have to put randomness into the IP ID field (at least in
theory; in practice, DF=1 packets get fragmented, too).