IETF Logo Mail Archive

Re: [tsvwg] Remaining issues for draft-ietf-tsvwg-udp-options-22

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Sun, 02 July 2023 08:12 UTC

Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 063BAC1524A3 for <tsvwg@ietfa.amsl.com>; Sun, 2 Jul 2023 01:12:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.898
X-Spam-Level:
X-Spam-Status: No, score=-6.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g6PH5WoDuwGf for <tsvwg@ietfa.amsl.com>; Sun, 2 Jul 2023 01:12:01 -0700 (PDT)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [IPv6:2001:630:42:150::2]) by ietfa.amsl.com (Postfix) with ESMTP id 756EDC151073 for <tsvwg@ietf.org>; Sun, 2 Jul 2023 01:12:00 -0700 (PDT)
Received: from [192.168.1.130] (fgrpf.plus.com [212.159.18.54]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPSA id B0E1A1B0009C; Sun, 2 Jul 2023 09:11:55 +0100 (BST)
Message-ID: <8a7a4eb6-aaf2-edb6-8684-09d11f172dd0@erg.abdn.ac.uk>
Date: Sun, 02 Jul 2023 09:11:55 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.12.0
To: "C. M. Heard" <heard@pobox.com>, Erik Auerswald <auerswal@unix-ag.uni-kl.de>
Cc: TSVWG <tsvwg@ietf.org>, Joe Touch <touch@strayalpha.com>
References: <79CA7F65-335D-4A93-8BBE-9E4FAFCC6D2C@gmx.de> <FA4064D9-D37D-4590-BB77-2F2C37421BDC@strayalpha.com> <6E04EE05-2E36-4B3A-ABB4-A4E22B233B50@gmx.de> <CACL_3VFNHVLc89BO_n12gKid6p0Y2tJ+-ThB0x_wGkMCMnSESA@mail.gmail.com> <14F6EC62-311B-46B3-8B80-7263345BCB80@gmx.de> <CACL_3VH4Zw_vVudO5WiFrD7AC5JhHXiSWfhW5Wu5O7W_rBYfMA@mail.gmail.com> <026B4018-4F96-49B4-B73A-E7F33FEE8A15@gmx.de> <CACL_3VEw4koyJSX3xA3UJ1Vikg+F9PPw1G030jQPHhZdoOETSA@mail.gmail.com> <d34aa821-207d-78eb-ead2-e2d918939dcf@erg.abdn.ac.uk> <20230629162807.GA8600@unix-ag.uni-kl.de> <20230701204510.GA29872@unix-ag.uni-kl.de> <CACL_3VG_c-+zqoEhufyLvDqCV1ZkUoS9ZoknxJWwvH2RddOD=A@mail.gmail.com>
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Organization: UNIVERSITY OF ABERDEEN
In-Reply-To: <CACL_3VG_c-+zqoEhufyLvDqCV1ZkUoS9ZoknxJWwvH2RddOD=A@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/McP551bcHRAYHCBtV8K7OdicYTw>
Subject: Re: [tsvwg] Remaining issues for draft-ietf-tsvwg-udp-options-22
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Jul 2023 08:12:06 -0000

On 01/07/2023 22:39, C. M. Heard wrote:
> On Sat, Jul 1, 2023 at 1:45 PM Erik Auerswald wrote:
> > On Thu, Jun 29, 2023 at 06:28:07PM +0200, Erik Auerswald wrote:
> > > On Mon, Jun 26, 2023 at 10:03:00AM +0100, Gorry Fairhurst wrote:
> > > * Section 22: The second to last paragraph on page 35 states that
> > >   "no options (including ECHO) ever initiate UDP responses in the
> > >   absence of user transmission."  I think "ECHO" means "REQ", but
> > >   draft-ietf-tsvwg-udp-options-dplpmtud-08 allows for REQ to create
> > >   responses without use data, specifically when DPLPMTUD is 
> implemented
> > >   inside the "Packetization Layer of UDP Options". This seems to be
> > >   inconsistent.
> >
> > The description of REQ and RES in section 9.7 does not mention that the
> > RES option is only to be sent if some other data is to be sent anyway.
> > To the contrary, the description
> >
> >   "The echo request (REQ, Kind=6) and echo response (RES, Kind=7)
> >    options provide a means for UDP options to be used to provide UDP
> >    packet-level acknowledgements."
> >
> > seems to suggest that RES is sent as an acknowledgement when there would
> > be none otherwise.  Today, request-response protocols use the receipt
> > of the response as acknowledgement for the receipt of the request by
> > the receiver (e.g., DNS and RADIUS do this).  The additional capability
> > REQ and RES options could provide would be to elicit a response when
> > there would be none otherwise.  This is definitely the assumption made
> > for DPLPMTUD implemented in the "UDP Options Packetization Layer" (as
> > opposed to the application) in draft-ietf-tsvwg-udp-options-dplpmtud-09.
>
> Good catch.
>
> I did actually flag the issue with the Security Considerations in
> https://mailarchive.ietf.org/arch/msg/tsvwg/ocDWz4jWZdqVP6CTuAhsBXer2Bc/:
>
> =======================================================================
> In draft-ietf-tsvwg-udp-options-22 Section 22, 3rd paragraph, we see:
>
>    UDP options create new potential opportunities for DDOS attacks,
>    notably through the use of fragmentation. Except when enabled, UDP
>    options cause no additional work at the receiver. At most, the
>    required options (if enabled) result in a responding option in the
>    next transmitted packet, but no options (including ECHO) ever
>    initiate UDP responses in the absence of user transmission.
>
> Corrected:
>
>    UDP options create new potential opportunities for DDOS attacks,
>    notably through the use of fragmentation. When enabled, UDP options
>    may cause some additional work at the receiver; however, of the
>    must-support options, only REQ (when used on a DLPMTUD probe [Fa22])
>    will initiate a UDP response in the absence of a user transmission.
>
> Note that [Fa22] needs to be updated to [Fa23].
>
> This comment was made originally against -19 on 27-Jan-2023 but was not
> addressed.
> =======================================================================
>
> However, I didn't mention the need to bring this up in Section 9.7
>
> Perhaps a reference to the last paragraph in Section 6 of
> draft-ietf-tsvwg-udp-options-dplpmtud would help. See
>
> https://datatracker.ietf.org/doc/html/draft-ietf-tsvwg-udp-options-dplpmtud#name-examples-with-different-rec
>
> I think this applies no matter whether DLPMTUD is implemented within
> the UDP transport service or by an upper layer protocol or application.
>
> Mike Heard

I wonder if it may be better to explain this as when "explicitly" enabled:

NEW:

    UDP options create new potential opportunities for DDOS attacks,
    notably through the use of fragmentation. When enabled, UDP options
    may cause some additional work at the receiver; however, of the
    must-support options, only REQ (when explicitly enabled

    for a DLPMTUD probe (Section 6 of [Fa22])
    will initiate a UDP response in the absence of a user transmission.

---

Gorry

v2.23.0 | Report a Bug | By Email