IETF Logo Mail Archive

Re: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32

"C. M. Heard" <heard@pobox.com> Fri, 05 April 2024 18:38 UTC

Return-Path: <heard@pobox.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8472DC151545; Fri, 5 Apr 2024 11:38:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nz0-4x25ihsk; Fri, 5 Apr 2024 11:38:01 -0700 (PDT)
Received: from pb-smtp21.pobox.com (pb-smtp21.pobox.com [173.228.157.53]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A402C14F610; Fri, 5 Apr 2024 11:38:00 -0700 (PDT)
Received: from pb-smtp21.pobox.com (unknown [127.0.0.1]) by pb-smtp21.pobox.com (Postfix) with ESMTP id ED23922073; Fri, 5 Apr 2024 14:37:57 -0400 (EDT) (envelope-from heard@pobox.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h= mime-version:references:in-reply-to:from:date:message-id:subject :to:cc:content-type; s=sasl; bh=DyeFbzldEw2zrlJlStXTO8LaaTYjtiR2 iF0eMhXI9Nc=; b=cdaKY5SolAHr0UJGXhrtaU2lh/ic87Gz7urXONvYtRqm/8rV q5k0DdBnIJYFfDJI6IV7Z24QPQwd05Jh3sbfeQ7YsZHKQ4oShDl6mpxezN9lrCUK e5sgafz9xt24GVzw9tUyJl/Hn3U0XOpI9ph2r552ijibGTbgrCYRDmvPK0M=
Received: from pb-smtp21.sea.icgroup.com (unknown [127.0.0.1]) by pb-smtp21.pobox.com (Postfix) with ESMTP id E687D22072; Fri, 5 Apr 2024 14:37:57 -0400 (EDT) (envelope-from heard@pobox.com)
Received: from mail-ej1-f50.google.com (unknown [209.85.218.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp21.pobox.com (Postfix) with ESMTPSA id AAE2C22071; Fri, 5 Apr 2024 14:37:54 -0400 (EDT) (envelope-from heard@pobox.com)
Received: by mail-ej1-f50.google.com with SMTP id a640c23a62f3a-a51a80b190bso60998866b.3; Fri, 05 Apr 2024 11:37:54 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCXybYTL5ST4ZL6z1YTD9KkkvXPCPi/ul9YAEXRS7QldUJG3Hq/Tf8bsJ1YEVzdiFpwybZTz+dhk1BpOPMWUEeJLeQmTIjEdbxKYNXT5t+rHEALZ1defz6g4rQ==
X-Gm-Message-State: AOJu0YyZC+CzXTToJACvCV27Cs7InWmMQymlQUPl3ObprJuKjEJG+si5 xYINGPhcJLdLIPje+RXaNoOFczMxG7YS9lok3kxGLhosn4W1pC1fmPm76+rPjKaMqlL5/0NWtZh a6cUscx6bkygYWW0Fc8mg4OuWj4w=
X-Google-Smtp-Source: AGHT+IHKgriC1piU3LvWj6SfQEJj3zmgT9jTICSx7FeAfzgjfQ7YM9IRaO1bG638oNEQIdEZ/H/5J9zxktmpjOtkW/0=
X-Received: by 2002:a50:9fe3:0:b0:56e:a76:b79a with SMTP id c90-20020a509fe3000000b0056e0a76b79amr2391871edf.7.1712342272512; Fri, 05 Apr 2024 11:37:52 -0700 (PDT)
MIME-Version: 1.0
References: <CAM4esxSpwRF5E3Xc_hotgvCSdKVe4BY_zRUKAzHvW48JEtWqTA@mail.gmail.com> <CACL_3VGOLkJU1m7pqSXRRouCKwdQ6yrbmaPwoa22Jr-N3FZNzA@mail.gmail.com> <CAM4esxSY6uTrE=ta2_rWwvDNmiocu_MVGArvCkecwWwmX4wLjg@mail.gmail.com>
In-Reply-To: <CAM4esxSY6uTrE=ta2_rWwvDNmiocu_MVGArvCkecwWwmX4wLjg@mail.gmail.com>
From: "C. M. Heard" <heard@pobox.com>
Date: Fri, 05 Apr 2024 11:37:39 -0700
X-Gmail-Original-Message-ID: <CACL_3VFzh9MkROtm21gUtYF5Y1R+fa5_wdQi8TAT+Hp_-=0juw@mail.gmail.com>
Message-ID: <CACL_3VFzh9MkROtm21gUtYF5Y1R+fa5_wdQi8TAT+Hp_-=0juw@mail.gmail.com>
To: Martin Duke <martin.h.duke@gmail.com>
Cc: tsvwg <tsvwg@ietf.org>, draft-ietf-tsvwg-udp-options.all@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e323df06155dc05c"
X-Pobox-Relay-ID: 9DB00BC4-F37B-11EE-AE5B-A19503B9AAD1-06080547!pb-smtp21.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/8JBqbYF_fZp6MBhNVzuNMSGr4as>
Subject: Re: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2024 18:38:05 -0000

On Fri, Apr 5, 2024 at 9:49 AM Martin Duke wrote:

> On Thu, Apr 4, 2024 at 2:22 PM C. M. Heard wrote:
>
>> (11.4) What if Frag. Start is inconsistent with the location of EOL?
>>>
>>
>> Do you mean when Frag. Start points past the end of the packet? It was
>> clear enough to me that this would be considered malformed and discarded,
>> but maybe that's just me being too familiar with the intent, and not
>> actually scrutinizing the text.
>>
>
> "End of the packet" is a pretty ambiguous phrasing at this point :-). What
> I mean is, what if the datagram contains zero payload, a FRAG option, a
> series of other options, EOL, some random bytes, and then the frag start?
> Is that legal? I gathered that the intent would be that Frag Start was
> immediately after EOL, but then there are alignment issues, etc. What's
> legal and what's malformed?
>


Sorry, I misunderstood. I see that the language in Section 11.1 (which
defines EOL) should have some wordsmithing to change the words "the surplus
area" to something like "the surplus area or the options area in a UDP
fragment". With that change, there should be no problem with EOL at an
offset before Frag. Start. It just means that the bytes after EOL and
before the byte pointed to by Frag. Start are ignored (cf. how EOL works in
IPv4 and TCP options). And those bytes should not be random, they should be
zero (though the implementation has no obligation to check that).

This is a good example why it's good to get people who have not read the
spec to have a look. Those of us who have been around it for a long time
have a tendency to see what we are sure it means instead of what it
actually says 😑


(11.4) "the OCS value of the original packet SHOULD be zero if each
>>> fragment will have a non-zero OCS value"
>>>
>>> I don't understand the purpose of this. First, it complicates packet
>>> processing because the full datagram has to use a different OCS
>>> verification path if it's reassembled. Second, if the fragment OCSes are
>>> sufficient, why not simply say that the original packet MUST NOT have an
>>> OCS option?
>>>
>>
>> Actually, the idea was that reassembly could be implemented as a "bump in
>> the stack" and that the handling of reassembled datagrams would not vary
>> much from how it's done for datagrams that are not received as fragments.
>> IPv4 (and under certain circumstances IPv6) allow zero UDP checksum. The
>> OCS is mandatory when UDP checksum is non-zero and recommended (but not
>> required) when the UDP checksum is non-zero. So an implementation already
>> has to deal with datagrams that have UDP CS == 0 but OCS != 0. Given that,
>> it seems (to me at least) fair to keep this as a SHOULD, as it does not
>> require any mechanisms that are not otherwise required.
>>
>
> I'm concerned about the opposite: if UDP CS != 0, then the normal
> processing path is to expect OCS != 0, but the recommendation in (11.4)
> means that OCS will be zero! So there's a special path if the packet is
> reassembled. Am I mixing this up?
>


There is no different path for reassembled packets as compared with those
that are transmitted without UDP fragmentation.

I think the confusion arises because there is no provision to transmit a
separate UDP checksum covering the UDP header and UDP payload of the
original packet (where "original" means prior to fragmentation or after
reassembly). So the recommendation in Section 11.4 is to set that field to
zero. What emerges from a "bump in the stack" implementation of UDP
fragmentation is a packet that has UDP CS == 0 and OCS equal to whatever
was received (which would be whatever was transmitted, in the absence of
errors). These cases (UDP CS == 0 with OCS either non-zero, which must be
checked, or zero, which means it's not present) already have to be handled
for an unfragmented packet. Hence no new processing path.

For fragments the usual rule applies, i.e., if UDP CS != 0 then OCS must be
non-zero; if UDP CS == 0 then OCS may or may not be zero. When each
fragment's UDP checksum is non-zero, then every fragment (and thus the
reassembled payload and surplus area) must be covered by the OCS of the
fragments, so the entire reassembled packet is protected by a checksum (and
so there is no need for a UDP checksum for the original packet). What the
draft recommends is that in this case OCS be set to zero in the original
packet since it does not provide significant additional protection. The
suggestion that "the original packet MUST NOT have an OCS option" in this
case would cause an additional processing path, since OCS is actually a
fixed field, and the way we indicate that it is omitted is to set it to
zero.

If this is not sufficiently clear, please let me know, and I'll take
another stab at it.

Mike Heard

v2.23.0 | Report a Bug | By Email