[tsvwg] OCS option in draft-ietf-tsvwg-udp-options-07
"C. M. Heard" <heard@pobox.com> Sat, 09 March 2019 13:24 UTC
Return-Path: <heard@pobox.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1111127968 for <tsvwg@ietfa.amsl.com>; Sat, 9 Mar 2019 05:24:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com; domainkeys=pass (1024-bit key) header.from=heard@pobox.com header.d=pobox.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xVzkGNFrhCpM for <tsvwg@ietfa.amsl.com>; Sat, 9 Mar 2019 05:23:58 -0800 (PST)
Received: from pb-smtp21.pobox.com (pb-smtp21.pobox.com [173.228.157.53]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56F021276D0 for <tsvwg@ietf.org>; Sat, 9 Mar 2019 05:23:58 -0800 (PST)
Received: from pb-smtp21.pobox.com (unknown [127.0.0.1]) by pb-smtp21.pobox.com (Postfix) with ESMTP id 5C9A840145 for <tsvwg@ietf.org>; Sat, 9 Mar 2019 08:23:57 -0500 (EST) (envelope-from heard@pobox.com)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=mime-version :from:date:message-id:subject:to:cc:content-type; s=sasl; bh=H8X Af/w2O2I2PiKO8IKQ/F3j0WQ=; b=MShnMj+eRWPSlFX4uJR8mW69CNvvUrtmKVi /oUwFnJxQUCnpg2ha28BN4+fjW0K44fC2HF4t59Qq/hQTYabf18Nh2iacPGjacU0 Vg9U8fyXbuv9DEbf5KO9MfrZemI66BdzP5Ne/XH+SANsGqx0qCNg3hY2ufXIok8E UhllOPHE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=mime-version :from:date:message-id:subject:to:cc:content-type; q=dns; s=sasl; b= nInFfkEqn0lP8C5bDK/5KMIVosJSn59mN4YYxCAwNiSWcrjCpaoi4ssow21gv6+N 2ehuf2U/47i5B9q/W81Xr75ZnTpew3r4obT6278XJePgu+rSn3zKN8/xXOLyMIjN jEymMzlE93R/pFW8Pa3osUi461zb4J2xxyCVSC3LTlo=
Received: from pb-smtp21.sea.icgroup.com (unknown [127.0.0.1]) by pb-smtp21.pobox.com (Postfix) with ESMTP id 55A5F40144 for <tsvwg@ietf.org>; Sat, 9 Mar 2019 08:23:57 -0500 (EST) (envelope-from heard@pobox.com)
Received: from mail-it1-f174.google.com (unknown [209.85.166.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp21.pobox.com (Postfix) with ESMTPSA id E8E8140140 for <tsvwg@ietf.org>; Sat, 9 Mar 2019 08:23:54 -0500 (EST) (envelope-from heard@pobox.com)
Received: by mail-it1-f174.google.com with SMTP id l139so529159ita.5 for <tsvwg@ietf.org>; Sat, 09 Mar 2019 05:23:54 -0800 (PST)
X-Gm-Message-State: APjAAAXOPsG0LuqM7o3zWsaw7W0nW7Hahz33nTEnmoONMi9kW6rf1Zmg /c03Nf1PJY9DQbgdogN+1dgKksNmGIZ7d1e+f9Q=
X-Google-Smtp-Source: APXvYqwyeUWzlsPhsEzBBxgjGonZiKYVuSFh5IwyYda79+4mzvhIhk8d6twUZGRPnBLBi6zQLuBVQApv47yByqzk5WU=
X-Received: by 2002:a02:a589:: with SMTP id b9mr13431256jam.40.1552137833682; Sat, 09 Mar 2019 05:23:53 -0800 (PST)
MIME-Version: 1.0
From: "C. M. Heard" <heard@pobox.com>
Date: Sat, 09 Mar 2019 05:23:41 -0800
X-Gmail-Original-Message-ID: <CACL_3VFg-EWCYHZ4+kYV30vjNzPs90ysAu5SCdLNb+9OPxE+3g@mail.gmail.com>
Message-ID: <CACL_3VFg-EWCYHZ4+kYV30vjNzPs90ysAu5SCdLNb+9OPxE+3g@mail.gmail.com>
To: tsvwg <tsvwg@ietf.org>
Cc: Joe Touch <touch@strayalpha.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Tom Jones <tom@erg.abdn.ac.uk>, Raffaele Zullo <raffaele@erg.abdn.ac.uk>
Content-Type: multipart/alternative; boundary="000000000000381f020583a940d0"
X-Pobox-Relay-ID: 96761C4A-426E-11E9-B991-EE24A11ADF13-06080547!pb-smtp21.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/a7RvHWPjhI03bqG-IiHSi1QN4jo>
Subject: [tsvwg] OCS option in draft-ietf-tsvwg-udp-options-07
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2019 13:24:01 -0000
Greetings, In an off-list e-mail, Gorry Fairhust brought to my attention the fact that the errant middleboxes that CCO is designed to work around do not use the correct length value in their (re)computation of the UDP checksum. Quoting from draft-fairhurst-udp-options-cco-00: These middleboxes use the IP Payload Length (obtained as IP Total Length - IP Header Length) to fill UDP pseudo-header Length field and also compute the checksum over the all IP Payload bytes. The genesis of this bug is discussed in the maprg presentation given by the Tom Jones at IETF 103 ( https://datatracker.ietf.org/meeting/103/materials/slides-103-maprg-a-tale-of-two-checksums-tom-jones-00 ). So, besides compensating for the contents of the surplus area, it is also necessary to compensate for the incorrect length value in the UDP pseudo-header. The way that CCO does this is to add a 16-bit pseudo-header of its own that consists of the length of the surplus area. This pseudo-header needs to be aligned with the UDP pseudo-header in order to do its job. Aligning the checksum in the CCO option to a half-word boundary achieves this. These are the points that Rafaele Zullo was trying to make in the message at https://mailarchive.ietf.org/arch/msg/tsvwg/ikg4zLMvejJZERWh4hQTAGUrLGY that escaped both Joe and me. So, it would seem that the OCS text in draft-ietf-tsvwg-udp-options-07 needs some more editing work to take this into account. The objectives can still be achieved with an option that has kind = 2 followed by a 16-bit checksum and no length value, but the calculation has to take into account the fact that the fact that the 16-bit pseudo-header needs to be aligned with the UDP header. Rafaele Zullo's message discusses some of the options. One is to use a NOP to force half-word alignment, but there are other ways to accomplish that objective. Another point is that it is necessary either for the OCS to cover the entire surplus area or else for any padding after the UDP options to be checksum-neutral (e.g., consist of zeroes) in order to properly compensate for the middlebox behavior described above. Besides these matters of substance, there are some editorial matters that need to be attended to. In Section 4 I see: UDP options are defined using a TLV (type, length, and optional value) syntax similar to that of TCP [RFC793]. They are typically a minimum of two bytes in length as shown in Figure 4, excepting only the one byte options "No Operation" (NOP) and "End of Options List" (EOL) described below. If OCS is to have no length field (i.e., have an implicit length of 3), then some text needs to be added to that paragraph. Also, Figure 7 in Section 5.3 needs to be updated to something like this: +--------+--------+--------+ | Kind=2 | Checksum | +--------+--------+--------+ The modifications to OCS requested above would not, AFAICT, cause any significant additional complication. They would also not address the fact that errant middle box traversal for LITE or FRAG+LITE remains unaddressed, but I see those as separate issues. Mike Heard
- [tsvwg] OCS option in draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… C. M. Heard
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… C. M. Heard
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Derek Fawcus
- [tsvwg] LITE+FRAG UDP CS=0 (was Re: OCS option in… Derek Fawcus
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] LITE+FRAG UDP CS=0 (was Re: OCS optio… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… C. M. Heard
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Tom Herbert
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Raffaele Zullo
- Re: [tsvwg] OCS option in draft-ietf-tsvwg-udp-op… Tom Herbert