Re: [tsvwg] Alternative version of the UDP FRAG option
"C. M. Heard" <heard@pobox.com> Tue, 12 March 2019 16:36 UTC
Return-Path: <heard@pobox.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26C72126F72 for <tsvwg@ietfa.amsl.com>; Tue, 12 Mar 2019 09:36:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com; domainkeys=pass (1024-bit key) header.from=heard@pobox.com header.d=pobox.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JicoUmLzEhh1 for <tsvwg@ietfa.amsl.com>; Tue, 12 Mar 2019 09:36:20 -0700 (PDT)
Received: from pb-smtp2.pobox.com (pb-smtp2.pobox.com [64.147.108.71]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC4511279AD for <tsvwg@ietf.org>; Tue, 12 Mar 2019 09:36:19 -0700 (PDT)
Received: from pb-smtp2.pobox.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id 372C413BD9A for <tsvwg@ietf.org>; Tue, 12 Mar 2019 12:36:18 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=mime-version :references:in-reply-to:from:date:message-id:subject:to:cc :content-type; s=sasl; bh=LKvqEx1sl3HD4CzLKnQLB0MxIXs=; b=cRtbg9 phZNPM5MYrOl6lmRq/sDaCUgayzQPR28jIIg3vi2x/favvrc1VIVY9nhT3lOcfNU NBUeQSWy4eFmDPeWWhOAMhUYEe1a9VtgcsA3iIjDcaqoBGDepx3PQD1Sg7tj0BRa n0R2Sh7AzvRTTe1y0k78NxjYDZo6VQXNj3Y84=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=mime-version :references:in-reply-to:from:date:message-id:subject:to:cc :content-type; q=dns; s=sasl; b=xj4HtUYL4r3Gfdc2XvcCYXuMs75F/HFw FuDP34T+QalNeHtD6qK3Q9QnkbbCGPDsaNygnLqhZ1+l+bVT4mJ8hZ1+rkjhtxn5 HQl6oQdnu+/bCV2zPXhJm0L42XrJ4VRvgEPnjAFsxwzdHJ5aI53mzjLiJWu5PMCS UZ9Vgei0b+0=
Received: from pb-smtp2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id 2F7FE13BD99 for <tsvwg@ietf.org>; Tue, 12 Mar 2019 12:36:18 -0400 (EDT)
Received: from mail-io1-f50.google.com (unknown [209.85.166.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp2.pobox.com (Postfix) with ESMTPSA id B318313BD98 for <tsvwg@ietf.org>; Tue, 12 Mar 2019 12:36:17 -0400 (EDT)
Received: by mail-io1-f50.google.com with SMTP id f6so2673698iop.3 for <tsvwg@ietf.org>; Tue, 12 Mar 2019 09:36:17 -0700 (PDT)
X-Gm-Message-State: APjAAAUknaKn6gn1+fOLnlhngMS2aVPES387GZ9Rw9HmMUBfrZsEWTJD JrDb+LLzI1+BuykRcMQTLT39LPyv+Dsj14wG7QU=
X-Google-Smtp-Source: APXvYqx8lL2nXV3n/GqLTX2ULtKlCX3QBujf8ifMceb5V+OS2+HQkaLevsRl2wxzepEanmp4u0k4WO7O5iWlHuo8Uds=
X-Received: by 2002:a5d:8acf:: with SMTP id e15mr22428646iot.24.1552408577206; Tue, 12 Mar 2019 09:36:17 -0700 (PDT)
MIME-Version: 1.0
References: <CACL_3VE1=0OORUuOKg9GjcdVuhBNTkWhymE7PAs5WYO0ZR0DWQ@mail.gmail.com> <2C035E8C-A59F-4523-9B8D-BBA573C6DEFB@strayalpha.com> <CACL_3VGQo2ObRohJysQ=oWE4fZ1S6MCrytZQZYweuvKToJs_tw@mail.gmail.com> <36A94382-699D-4F8E-BF49-C48D7D784ACC@strayalpha.com>
In-Reply-To: <36A94382-699D-4F8E-BF49-C48D7D784ACC@strayalpha.com>
From: "C. M. Heard" <heard@pobox.com>
Date: Tue, 12 Mar 2019 09:36:04 -0700
X-Gmail-Original-Message-ID: <CACL_3VE-U=t=rg_smtLGTyEyCGjLS8X9yNbPVh-NH38MsaEtzg@mail.gmail.com>
Message-ID: <CACL_3VE-U=t=rg_smtLGTyEyCGjLS8X9yNbPVh-NH38MsaEtzg@mail.gmail.com>
To: Joe Touch <touch@strayalpha.com>
Cc: tsvwg <tsvwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
X-Pobox-Relay-ID: F5BC5336-44E4-11E9-B3DB-DF19F34BB12D-06080547!pb-smtp2.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/cS7lLh4FGEri2yJupfZLg8qxYS4>
Subject: Re: [tsvwg] Alternative version of the UDP FRAG option
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 16:36:22 -0000
On Tue, Mar 12, 2019 at 3:09 AM Joe Touch wrote: > > On Mar 12, 2019, at 2:00 AM, C. M. Heard wrote: > > Yes, but FRAG+LITE fails the deployability test. That IMHO makes it a > > non-starter. > > That is lite alone only AFAICT. I don't think that is the case. As stated in the -07 draft (and reiterated in subsequent email discussions), the fact that OCS does not cover LITE data defeats its ability to compensate for the middlebox checksum bug, whether used alone or in combination with FRAG: Note that this incorrect checksum traversal feature is defeated by the use of LITE, whether alone or with FRAG, because the LITE area is deliberately not covered by OCS. It also is defeated by the use of a zero UDP checksum (i.e., UDP checksum disabled). Unless I've missed something, the only proposal on the table that allows FRAG+LITE to traverse middleboxes with the checksum bug is to disable the UDP checksum (i.e., set it to zero), and as pointed out by Raffaele Zullo, that has its own downsides (no protection for the UDP length or the port numbers). A revised OCS (that includes the pseudo-header correction) will allow FRAG **without** LITE (as proposed in the draft) to traverse the affected middleboxes with a non-zero UDP CS, but that method has the following downsides: 1) A legacy host interprets FRAG without LITE as a complete UDP datagram 2) The same is true for an options-aware host if OCS fails 3) There is duplicate checksum coverage (UDP checksum covers each fragment, plus post-reassembly checksum contained in the terminal FRAG option) FRAG+LITE solves all three of these problems (rather elegantly IMHO) but unfortunately at the cost of poor middlebox traversal properties, a fact that was not known until the work of the CCO folks. Unlike LITE, which is a nice-to-have feature that the world has so far managed to live without, the main reason for wanting FRAG is because IP fragments have poor middlebox traversal properties (especially IPv6), and for some use cases (e.g., DNSSEC), there is no viable alternative. If IP fragmentation did not suffer from middlebox traversal issues, we would not need FRAG. So, from my perspective, FRAG is not very useful unless we can solve both middlebox traversal and at least problems 1+2 above. AFAICT, the proposal I floated at the beginning of this thread: >>> maintain the format of the FRAG option as currently defined, but instead >>> of having the option capture preceding conventional or LITE user data as >>> fragment data, insist that it appear ***last*** in the option list and >>> have it capture all remaining octets in the packet as fragment data. By >>> convention, if this option appears, OCS would cover all UDP options as >>> well as all octets in the UDP trailer that follow the FRAG option. does just that. Granted, it does not solve problem 3, but the following variant would: omit the overall checksum from terminal FRAG option and use a different option Kind instead. Require OCS to be present in all fragments whenever the user UDP CS setting specifies that the UDP checksum must be present, irrespective of the user OCS setting. AFAICT, forcing the revised OCS to cover the data in each fragment provides protection that is essentially equivalent to that provided by the proposed post-reassembly checksum. For in order to deliver the reassembled data we require all fragments to be present and fit together exactly with no overlap. ACS is available if a stronger post-reassembly checksum is wanted. > Again, we need to include fixing these errors. If we let every bug > persist, nothing would be deployable anymore. I totally agree with that. But it can be a very long game, as the recent DNS flag day (when major implementations finally turned EDNS0 workarounds off) illustrates. Mike Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Derek Fawcus
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Raffaele Zullo
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Derek Fawcus
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… C. M. Heard
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Gorry Fairhurst
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Gorry Fairhurst
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Gorry Fairhurst
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Derek Fawcus
- [tsvwg] Possible UDP-Option: Cookie Derek Fawcus
- Re: [tsvwg] Possible UDP-Option: Cookie Tom Herbert
- Re: [tsvwg] Possible UDP-Option: Cookie tjw ietf
- Re: [tsvwg] Possible UDP-Option: Cookie Derek Fawcus
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Possible UDP-Option: Cookie Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Joe Touch
- Re: [tsvwg] Alternative version of the UDP FRAG o… Tom Herbert
- Re: [tsvwg] Alternative version of the UDP FRAG o… Gorry Fairhurst