Re: [v6ops] Some stats on IPv6 fragments and EH filtering on the Internet

Tim Chown <tjc@ecs.soton.ac.uk> Mon, 04 November 2013 23:27 UTC

Return-Path: <tjc@ecs.soton.ac.uk>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5DB921E8180; Mon, 4 Nov 2013 15:27:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.487
X-Spam-Level:
X-Spam-Status: No, score=-2.487 tagged_above=-999 required=5 tests=[AWL=0.113, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PpgQjMXmkhEr; Mon, 4 Nov 2013 15:27:51 -0800 (PST)
Received: from falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [IPv6:2001:630:d0:f102::25e]) by ietfa.amsl.com (Postfix) with ESMTP id C217B11E8216; Mon, 4 Nov 2013 15:27:50 -0800 (PST)
Received: from falcon.ecs.soton.ac.uk (localhost.ecs.soton.ac.uk [127.0.0.1]) by falcon.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id rA4NRiaR024399; Mon, 4 Nov 2013 23:27:44 GMT
X-DKIM: Sendmail DKIM Filter v2.8.2 falcon.ecs.soton.ac.uk rA4NRiaR024399
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=ecs.soton.ac.uk; s=201304; t=1383607664; bh=8SGFyTGc7sX1kEevSEEsTL/Yvl8=; h=Mime-Version:Subject:From:In-Reply-To:Date:References:To; b=Du2HrzdYg9aJ9hYeWImQxdAnmDcdBq1DJLD3SoSZGKUNk6TTlhU2fklRJQTq6pc4d Q4IctaJyLTfofCcEACzx+eLIu4BLblNYq1ls6dftwGWi30WV4jyO0CSCNWGtkqAdSa vxVLUXfEzNCVjmqWisWiIlkKvyCJ7J8Fjy5hcgGM=
Received: from gander.ecs.soton.ac.uk (gander.ecs.soton.ac.uk [2001:630:d0:f102::25d]) by falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [2001:630:d0:f102::25e]) envelope-from <tjc@ecs.soton.ac.uk> with ESMTP (valid=N/A) id pA3NRi0959634445PQ ret-id none; Mon, 04 Nov 2013 23:27:44 +0000
Received: from wireless-v6.meeting.ietf.org (wireless-v6.meeting.ietf.org [IPv6:2001:67c:370:160:b9a1:2be0:ee20:2896] (may be forged)) (authenticated bits=0) by gander.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id rA4NREDQ022044 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Mon, 4 Nov 2013 23:27:16 GMT
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1816\))
From: Tim Chown <tjc@ecs.soton.ac.uk>
In-Reply-To: <5278275C.50206@gont.com.ar>
Date: Mon, 4 Nov 2013 23:27:12 +0000
Content-Transfer-Encoding: quoted-printable
Message-ID: <EMEW3|dedd4c8528278c035fade0cbf2a8cb74pA3NRi03tjc|ecs.soton.ac.uk|AA811674-7409-437A-B181-B226F81C381A@ecs.soton.ac.uk>
References: <5278275C.50206@gont.com.ar> <AA811674-7409-437A-B181-B226F81C381A@ecs.soton.ac.uk>
To: "6man@ietf.org" <6man@ietf.org>, IPv6 Operations <v6ops@ietf.org>
X-Mailer: Apple Mail (2.1816)
X-ECS-MailScanner: Found to be clean, Found to be clean
X-smtpf-Report: sid=pA3NRi095963444500; tid=pA3NRi0959634445PQ; client=relay,ipv6; mail=; rcpt=; nrcpt=2:0; fails=0
X-ECS-MailScanner-Information: Please contact the ISP for more information
X-ECS-MailScanner-ID: rA4NRiaR024399
X-ECS-MailScanner-From: tjc@ecs.soton.ac.uk
Subject: Re: [v6ops] Some stats on IPv6 fragments and EH filtering on the Internet
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Nov 2013 23:27:52 -0000

Hi,

Also as per the IEPG discussion, the results I had in conjunction with a summer MSc project student can be summarised as follows. 

The headline is that he saw a 37.7% failure rate for the Fragmentation Header (alone), a bit better than Fernando’s results, but still not good.

He tested the top 1,000 IPv6-enabled Alexa sites.
He used the scapy toolkit which supports the four main extension header types (routing, fragmentation, destination and hop-by-hop)
He tested
a) valid combinations of those 4 extension headers as per RFC 2460
b) other non-valid combinations
c) duplicated extension headers
d) fragmentation header
Primarily TCP tests, doing HTTP GET requests.

For single extension headers, acceptance was
Routing header 63.9%
Frag header 62.3%
Hop by hop header 60%
Destination option header 15.8% 
When using no extension headers, success rate was 100%
When using multiple headers, the rates fall markedly, not dissimilar with Fernando’s numbers for longer headers.

About 120 sites accept all four types of extension headers. 

A small number of sites accepted illegal combinations/ordering of extension headers.

A more detailed set of results is being pushed to a conference paper.

I now have another student taking this further, and validating the above results, so feel free to contact me off-list if you’re interested.

Tim

On 4 Nov 2013, at 23:01, Fernando Gont <fernando@gont.com.ar> wrote:

> Folks,
> 
> I did a presentation on the topic at the IEPG meeting earlier this week.
> It provides some concrete data regarding IPv6 fragmentation and
> Extension Header filtering on the Internet.
> 
> The slideware is available at:
> <http://www.iepg.org/2013-11-ietf88/fgont-iepg-ietf88-ipv6-frag-and-eh.pdf>
> 
> Certainly there's *much* more work to be done in this area, but I
> thought that this could be good food sfor some of the discussions that
> we were having on the topic.
> 
> Thanks,
> -- 
> Fernando Gont
> e-mail: fernando@gont.com.ar || fgont@si6networks.com
> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
> 
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------