Re: [tsvwg] draft-ietf-tsvwg-udp-options-13: Comments concerning Fragments
"touch@strayalpha.com" <touch@strayalpha.com> Tue, 31 August 2021 17:59 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF6113A0766 for <tsvwg@ietfa.amsl.com>; Tue, 31 Aug 2021 10:59:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FrdpemUqmtVs for <tsvwg@ietfa.amsl.com>; Tue, 31 Aug 2021 10:59:28 -0700 (PDT)
Received: from server217-5.web-hosting.com (server217-5.web-hosting.com [198.54.116.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 727483A0128 for <tsvwg@ietf.org>; Tue, 31 Aug 2021 10:59:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=zqfIZ3y/tu9cPk38CZpVJlVtZfG3SY3dsVlkfa61PpQ=; b=ne23Jqgq9Wirzh6nWuwnVX1skE NiD4HOH+BTGnu3lJeoWTOjlKcR5KHhavwHd07/hlCQJ2pugMA7x1psJ14Ot3opnR3xYMOQK0WcBCG 9kuh8jthxpdDrzlGKwVgdQ2VImH0F/lNEzDT9rTlddr42JkpwNW+GsIl0/LORQUsc1ZCoymZ36/l+ KTXmC+hqPp6LBodSa60cZsGfCEyq6xmjx5ptOKF6JHEyybS3Vso/EL8AdTxE91KTlvJrmUGTc8hW3 A2hr7n+VA6qYOslG+zIakxlp0DYVCGf2B0Teaop3HYHLDXdzJC3dWkASCUa4owyeDUqI9CFnyzd4f x8EBW6Qw==;
Received: from cpe-172-114-237-88.socal.res.rr.com ([172.114.237.88]:62220 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <touch@strayalpha.com>) id 1mL82c-00BgWH-0m; Tue, 31 Aug 2021 13:59:27 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_337FD50C-D72B-496B-A2E1-52BEBB96FE70"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <3e9a51f4-1520-b730-39a1-84fdda2cd881@erg.abdn.ac.uk>
Date: Tue, 31 Aug 2021 10:59:17 -0700
Cc: "tsvwg@ietf.org" <tsvwg@ietf.org>
Message-Id: <7BDAB803-E170-40AB-B88B-B5ABAC34F7D4@strayalpha.com>
References: <3e9a51f4-1520-b730-39a1-84fdda2cd881@erg.abdn.ac.uk>
To: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/MWaOg3A3cqAFyfne4EwT8NnzZjA>
Subject: Re: [tsvwg] draft-ietf-tsvwg-udp-options-13: Comments concerning Fragments
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Aug 2021 17:59:35 -0000
More responses… — Joe Touch, temporal epistemologist www.strayalpha.com > On Aug 31, 2021, at 3:17 AM, Gorry Fairhurst <gorry@erg.abdn.ac.uk> wrote: > > I have the following questions relating to the text about Fragments. > > Best wishes, > > Gorry > > (as an individual) > > === > In section 5.3: Frag: > > “ Legacy receivers interpret FRAG messages as zero-length payload > packets (i.e., UDP Length field is 8, the length of just the UDP > header), which would not affect the receiver unless the presence of > the packet itself were a signal.” > - can you supply a reference here? (If no other then sect 5 of RFC8085). Thanks - I didn’t know that existed. Will do. > === > > Concerning Frag: > > “ This allows either pre-reassembly or post-reassembly > UDP option effects.” > - I think I understand a use case and it would be nice to have an example of using both per-fragment and per-datagram options: could this be used with fragments req/res options to determine a suitable PMTU, and the time options used per reassembled datagram (since in many case this needs to measure the time across the reassembled end-to-end datagram path). OK. > === > > Concerning Frag: > > >> UDP reassembly space limits SHOULD NOT be implemented as an > aggregate, to avoid cross-socketpair DOS attacks. > - Please explain “aggregate” (is this across multiple socket-pairs?) Yes; will do. > === > > Concerning Frag: > > Any additional UDP options, if used, follow the FRAG option in the > final fragment and would be included in the reassembled packet. > - I don’t like the word “additional” here, can you find a better word (per-datagram?) Yes. > === > In 5.7: Maximum Reassembled Segment Size (MRSS) > - I’m going to make a suggestion here, that was earlier brought up by Tom Jones: Why don’t we fix the DEFAULT MRSS to 2 packets when MRSS is supported. Larger values might be supported, which would be fine, but the case of 2 might have some immediate benefit: > - A receiver can then fragment a UDP packet to tunnel of include UDP options, likely in many current cases a second fragment will be enough. > - A receiver can greatly simplify its processing if it tries to reassemble whenever it receives a second fragment of the same datagram. The simplification here mitigates some worry about attacks that target reassembly buffers or processing costs. He previously had not implemented fragment support because it was cumbersome to include in the OS he worked with. > - Thoughts? IPv6 requires reassembly to 1500B but has no frag count limit (i.e., MRSS is a size, not a number). I favor the same approach here, especially because it can be argued to serve the same purpose with the same impact and vulnerability.
- [tsvwg] draft-ietf-tsvwg-udp-options-13: Comments… Gorry Fairhurst
- Re: [tsvwg] draft-ietf-tsvwg-udp-options-13: Comm… touch@strayalpha.com
- Re: [tsvwg] draft-ietf-tsvwg-udp-options-13: Comm… Gorry Fairhurst
- Re: [tsvwg] draft-ietf-tsvwg-udp-options-13: Comm… touch@strayalpha.com