IETF Logo Mail Archive

Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-options-07

Joe Touch <touch@strayalpha.com> Tue, 12 March 2019 22:53 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 179E61224E8 for <tsvwg@ietfa.amsl.com>; Tue, 12 Mar 2019 15:53:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.22
X-Spam-Level:
X-Spam-Status: No, score=-1.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EJYwQdAqaxVa for <tsvwg@ietfa.amsl.com>; Tue, 12 Mar 2019 15:53:38 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9B6F12426E for <tsvwg@ietf.org>; Tue, 12 Mar 2019 15:53:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=Message-ID:References:In-Reply-To:Subject:Cc: To:From:Date:Content-Type:MIME-Version:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=mhHEfV5GnFiagVfJEZbT1D0Yqf/OUvl42F4lKYCu0dY=; b=pe0obscrKEKT/wap7+u3bxlKR oA9GFSIAYDTM2ixPA9lQX+aDScqZb+/TgT8SdSIAfEq24iYBpbQoRtHgrd+jVcYC8TrheviDLwByf OyjJ2Eu8yNmQly8KupFUw2WAGIK0L7Ov2MO/fhguXbS2pBHna/O1M6/o4U8udrAGpuyNgilh5R9OE spNr76wCDedVTx1jY8l4swMaIGCzv33o/01Qssl2K+JGG7zxTfDtXbm8m6VNmAEoJXerwjeSw1eMz KKIjB2xLIPKTa+zNReo5WqMqOuFdfwhWobGDGxW253oplo7m74uV57p9mQk6IvoYfEom9jofBotp8 9sVvbFOhg==;
Received: from [::1] (port=40686 helo=server217.web-hosting.com) by server217.web-hosting.com with esmtpa (Exim 4.91) (envelope-from <touch@strayalpha.com>) id 1h3qH9-000QBp-Ay; Tue, 12 Mar 2019 18:53:36 -0400
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_b18f03f0f6025dbfbaa5cf4860dab32c"
Date: Tue, 12 Mar 2019 15:53:35 -0700
From: Joe Touch <touch@strayalpha.com>
To: Raffaele Zullo <raffaele@erg.abdn.ac.uk>
Cc: "C. M. Heard" <heard@pobox.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, tsvwg <tsvwg@ietf.org>
In-Reply-To: <fd5a4cd7983862c376f1db9f324f4ea1@erg.abdn.ac.uk>
References: <CACL_3VFg-EWCYHZ4+kYV30vjNzPs90ysAu5SCdLNb+9OPxE+3g@mail.gmail.com> <B1D19ABC-428B-42D8-AE97-BF3B967B1140@strayalpha.com> <fd5a4cd7983862c376f1db9f324f4ea1@erg.abdn.ac.uk>
Message-ID: <b25fcf12e33d8093b0a44d88f5c9dda1@strayalpha.com>
X-Sender: touch@strayalpha.com
User-Agent: Roundcube Webmail/1.3.3
X-OutGoing-Spam-Status: No, score=-0.5
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/8AXoIpEyndBnmn6BDMN6ZhTtUTg>
Subject: Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-options-07
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 22:53:40 -0000

Yes, when UDP CS=0 we don't cover length or ports. 

Length isn't an issue unless the reassembly checksum is also zero, in
which case we're doing the right thing - leaving it alone. 

As to ports when the frag checksum is NOT zero, I'm much less concerned
given how devices happily recompute that along packet paths for their
own convenience. 

Joe

On 2019-03-12 05:10, Raffaele Zullo wrote:

> On 2019-03-09 19:28, Joe Touch wrote: 
> 
>> 3. we have to deal with LITE/LITE+FRAG
>> we *can* use UDP CS=0, but that also may involve overriding the
>> user's desires here (i.e., the user API says "use UDP CS" and we're
>> not doing that)
>> which means we have a choice:
>> (d) override so that things work, i.e., force UDP CS=0 and then
>> (d.1) do OCS as a check on our stuff only
>> OR
>> (d.2) disallow the use of OCS (if CS=0, what's the point?)
>> OR
>> (d.3) use OCS=0 (this seems like a waste)
>> OR
>> (e) ignore the user setting of CS, then:
>> (e.1) always do OCS as a check
>> OR
>> (e.2) if UDP CS=0, omit OCS (save space), basically like d.2
>> OR
>> (e.3) if UDP CS=0, use OCS=0 (basically like e.2
>> 
>> If we do any of the (e) variants, we could either:
>> (f.1) require users to disable UDP CS to use OCS
>> OR
>> (f.2) ignore the user UDP CS setting
>> 
>> So which is it?
>> 
>> I don't like assuming user correct configuration (f.1).
>> 
>> So to me it's (f.2) and (d.1).
>> 
>> Thoughts?
> 
> Maybe I'm missing something but there could be
> two other problems when using CS=0 with LITE+FRAG
> 
> 1) We lose coverage of UDP Length
> If the UDP Length due to an error becomes 8 < UDP Length <= IPPayloadLength
> Options will probably become not parsable
> but part of the Options is delivered as UDP Payload to the user.
> 
> 2) We lose coverage of Source and Dest Ports
> If there are several UDP connections ongoing between two hosts (or two NATs)
> an error on Source/Dest Port can make the packet be delivered to the wrong connection.
> This issue is very limited since LITE+FRAG carries an identifier.
> 
> Raffaele Zullo

v2.23.0 | Report a Bug | By Email