| draft-ietf-intarea-frag-fragile-02.txt | draft-ietf-intarea-frag-fragile-03.txt | |||
|---|---|---|---|---|
| Internet Area WG R. Bonica | Internet Area WG R. Bonica | |||
| Internet-Draft Juniper Networks | Internet-Draft Juniper Networks | |||
| Intended status: Best Current Practice F. Baker | Intended status: Best Current Practice F. Baker | |||
| Expires: April 21, 2019 Unaffiliated | Expires: May 25, 2019 Unaffiliated | |||
| G. Huston | G. Huston | |||
| APNIC | APNIC | |||
| R. Hinden | R. Hinden | |||
| Check Point Software | Check Point Software | |||
| O. Troan | O. Troan | |||
| Cisco | Cisco | |||
| F. Gont | F. Gont | |||
| SI6 Networks | SI6 Networks | |||
| October 18, 2018 | November 21, 2018 | |||
| IP Fragmentation Considered Fragile | IP Fragmentation Considered Fragile | |||
| draft-ietf-intarea-frag-fragile-02 | draft-ietf-intarea-frag-fragile-03 | |||
| Abstract | Abstract | |||
| This document describes IP fragmentation and explains how it reduces | This document describes IP fragmentation and explains how it reduces | |||
| the reliability of Internet communication. | the reliability of Internet communication. | |||
| This document also proposes alternatives to IP fragmentation and | This document also proposes alternatives to IP fragmentation and | |||
| provides recommendations for developers and network operators. | provides recommendations for developers and network operators. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 43 ¶ | skipping to change at page 1, line 43 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on April 21, 2019. | This Internet-Draft will expire on May 25, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 43 ¶ | skipping to change at page 2, line 43 ¶ | |||
| 4.7. Blackholing Due To Filtering . . . . . . . . . . . . . . 13 | 4.7. Blackholing Due To Filtering . . . . . . . . . . . . . . 13 | |||
| 5. Alternatives to IP Fragmentation . . . . . . . . . . . . . . 13 | 5. Alternatives to IP Fragmentation . . . . . . . . . . . . . . 13 | |||
| 5.1. Transport Layer Solutions . . . . . . . . . . . . . . . . 13 | 5.1. Transport Layer Solutions . . . . . . . . . . . . . . . . 13 | |||
| 5.2. Application Layer Solutions . . . . . . . . . . . . . . . 15 | 5.2. Application Layer Solutions . . . . . . . . . . . . . . . 15 | |||
| 6. Applications That Rely on IPv6 Fragmentation . . . . . . . . 16 | 6. Applications That Rely on IPv6 Fragmentation . . . . . . . . 16 | |||
| 6.1. DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 6.1. DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 6.2. OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . 17 | 6.2. OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 6.3. Packet-in-Packet Encapsulations . . . . . . . . . . . . . 17 | 6.3. Packet-in-Packet Encapsulations . . . . . . . . . . . . . 17 | |||
| 7. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 17 | 7. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 7.1. For Application Developers . . . . . . . . . . . . . . . 17 | 7.1. For Application Developers . . . . . . . . . . . . . . . 17 | |||
| 7.2. For System Developers . . . . . . . . . . . . . . . . . . 17 | 7.2. For System Developers . . . . . . . . . . . . . . . . . . 18 | |||
| 7.3. For Middle Box Developers . . . . . . . . . . . . . . . . 18 | 7.3. For Middle Box Developers . . . . . . . . . . . . . . . . 18 | |||
| 7.4. For Network Operators . . . . . . . . . . . . . . . . . . 18 | 7.4. For Network Operators . . . . . . . . . . . . . . . . . . 18 | |||
| 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 9. Security Considerations . . . . . . . . . . . . . . . . . . . 18 | 9. Security Considerations . . . . . . . . . . . . . . . . . . . 18 | |||
| 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 | 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 19 | 11.1. Normative References . . . . . . . . . . . . . . . . . . 19 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 20 | 11.2. Informative References . . . . . . . . . . . . . . . . . 20 | |||
| Appendix A. Contributors' Address . . . . . . . . . . . . . . . 23 | Appendix A. Contributors' Address . . . . . . . . . . . . . . . 23 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 | |||
| 1. Introduction | 1. Introduction | |||
| Operational experience [Kent] [Huston] [RFC7872] reveals that IP | Operational experience [Kent] [Huston] [RFC7872] reveals that IP | |||
| fragmentation reduces the reliability of Internet communication. | fragmentation reduces the reliability of Internet communication. | |||
| skipping to change at page 17, line 32 ¶ | skipping to change at page 17, line 32 ¶ | |||
| strategy does not rely on IP fragmentation except in one corner case. | strategy does not rely on IP fragmentation except in one corner case. | |||
| (see Section 3.3.2.2 of RFC 7588 and Section 7.1 of RFC 2473). | (see Section 3.3.2.2 of RFC 7588 and Section 7.1 of RFC 2473). | |||
| Section 3.3 of [RFC7676] further describes this corner case. | Section 3.3 of [RFC7676] further describes this corner case. | |||
| See [I-D.ietf-intarea-tunnels] for further discussion. | See [I-D.ietf-intarea-tunnels] for further discussion. | |||
| 7. Recommendations | 7. Recommendations | |||
| 7.1. For Application Developers | 7.1. For Application Developers | |||
| Application developers SHOULD NOT develop new applications that rely | Protocol developers SHOULD NOT develop new protocols that rely on IP | |||
| on IP fragmentation. | fragmentation. However, they MAY develop new protocols that rely on | |||
| IP fragmentation when no viable alternative exists. | ||||
| Application-layer protocols that depend upon IPv6 fragmentation | Legacy protocols that depend upon IP fragmentation SHOULD be updated | |||
| SHOULD be updated to break that dependency. This can be achieved by | to break that dependency. However, in some cases, there may be no | |||
| using a sufficiently small MTU (e.g. The protocol minimum link MTU), | viable alternative to IP fragmentation (e.g., IPSEC tunnel mode, IP- | |||
| disabling fragmentation, and ensuring that the transport protocol in | in-IP encapsulation). In these cases, the protocol will continue to | |||
| use adapts its segment size to that MTU. This would avoid the | rely on IP fragmentation. | |||
| problem of PMTUD failure described in Section 4.6. Another approach | ||||
| is to use PLPMTUD in a way suitable for the transport protocol in use | Some legacy protocols may be able to break their dependency upon IP | |||
| (e.g. [I-D.ietf-tsvwg-datagram-plpmtud] for UDP). | fragmentation by using a sufficiently small MTU (e.g. The protocol | |||
| minimum link MTU), disabling IP fragmentation, and ensuring that the | ||||
| transport protocol in use adapts its segment size to the MTU. Other | ||||
| legacy protocols may deploy a sufficiently reliable PMTU discovery | ||||
| mechanism (e.g., PLMPTUD). However, some legacy protocols will not | ||||
| be able to break their dependency on IP fragmentation at all. | ||||
| 7.2. For System Developers | 7.2. For System Developers | |||
| Software libraries SHOULD include provision for PLPMTUD for each | Software libraries SHOULD include provision for PLPMTUD for each | |||
| supported transport protocol. | supported transport protocol. | |||
| 7.3. For Middle Box Developers | 7.3. For Middle Box Developers | |||
| Middle box developers SHOULD implement devices that support IP | Middle boxes SHOULD process IP fragments in a manner that is | |||
| fragmentation. These boxes SHOULD not fail or cause failures when | compliant with RFC 791 and RFC 8200. In many cases, middle boxes | |||
| processing fragmented IP packets. | must maintain state in order to achieve this goal. | |||
| For example, in order to support IP fragmentation, a load balancer | ||||
| might execute the following procedure: | ||||
| o Receive a fragmented packet | ||||
| o Identify a next-hop using information drawn from the first | ||||
| fragment (i.e., the fragment containing offset 0) | ||||
| o Forward the first fragment and all subsequent fragments through | Price and performance considerations frequently motivate network | |||
| the above-mentioned next-hop | operators to deploy stateless middle boxes. These stateless middle | |||
| boxes may perform sub-optimally, process IP fragments in a manner | ||||
| that is not compliant with RFC 791 or RFC 8200, or even discard IP | ||||
| fragments completely. Such behaviors are NOT RECOMMENDED. If a | ||||
| middleboxes implements non-standard behavior with respect to IP | ||||
| fragmentation, then that behavior MUST be clearly documented. | ||||
| 7.4. For Network Operators | 7.4. For Network Operators | |||
| As per RFC 4890, network operators MUST NOT filter ICMPv6 PTB | As per RFC 4890, network operators MUST NOT filter ICMPv6 PTB | |||
| messages unless they are known to be forged or otherwise | messages unless they are known to be forged or otherwise | |||
| illegitimate. As stated in Section 4.6, filtering ICMPv6 PTB packets | illegitimate. As stated in Section 4.6, filtering ICMPv6 PTB packets | |||
| causes PMTUD to fail. Operators MUST ensure proper PMTUD operation | causes PMTUD to fail. Operators MUST ensure proper PMTUD operation | |||
| in their network, including making sure the network generates PTB | in their network, including making sure the network generates PTB | |||
| packets when dropping packets too large compared to outgoing | packets when dropping packets too large compared to outgoing | |||
| interface MTU. | interface MTU. Many upper-layer protocols rely on PMTUD. | |||
| Many upper-layer protocols rely on PMTUD. | As per RFC 8200, network operators MUST NOT deploy IPv6 links whose | |||
| MTU is less than 1280 bytes. | ||||
| Network operators SHOULD NOT filter IP fragments if they originated | ||||
| at a domain name server or are destined for a domain name server. | ||||
| 8. IANA Considerations | 8. IANA Considerations | |||
| This document makes no request of IANA. | This document makes no request of IANA. | |||
| 9. Security Considerations | 9. Security Considerations | |||
| This document mitigates some of the security considerations | This document mitigates some of the security considerations | |||
| associated with IP fragmentation by discouraging its use. It does | associated with IP fragmentation by discouraging its use. It does | |||
| not introduce any new security vulnerabilities, because it does not | not introduce any new security vulnerabilities, because it does not | |||
| introduce any new alternatives to IP fragmentation. Instead, it | introduce any new alternatives to IP fragmentation. Instead, it | |||
| recommends well-understood alternatives. | recommends well-understood alternatives. | |||
| 10. Acknowledgements | 10. Acknowledgements | |||
| Thanks to Mikael Abrahamsson, Brian Carpenter, Silambu Chelvan, | Thanks to Mikael Abrahamsson, Brian Carpenter, Silambu Chelvan, | |||
| Lorenzo Colitti, Mike Heard, Tom Herbert, Tatuya Jinmei, Paolo | Lorenzo Colitti, Mike Heard, Tom Herbert, Tatuya Jinmei, Jen Linkova, | |||
| Lucente, Manoj Nayak, Eric Nygren, and Joe Touch for their comments. | Paolo Lucente, Manoj Nayak, Eric Nygren, and Joe Touch for their | |||
| comments. | ||||
| 11. References | 11. References | |||
| 11.1. Normative References | 11.1. Normative References | |||
| [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, | [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, | |||
| DOI 10.17487/RFC0768, August 1980, | DOI 10.17487/RFC0768, August 1980, | |||
| <https://www.rfc-editor.org/info/rfc768>. | <https://www.rfc-editor.org/info/rfc768>. | |||
| [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, | [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, | |||
| skipping to change at page 20, line 36 ¶ | skipping to change at page 20, line 44 ¶ | |||
| August 2017. | August 2017. | |||
| [I-D.ietf-intarea-tunnels] | [I-D.ietf-intarea-tunnels] | |||
| Touch, J. and M. Townsley, "IP Tunnels in the Internet | Touch, J. and M. Townsley, "IP Tunnels in the Internet | |||
| Architecture", draft-ietf-intarea-tunnels-09 (work in | Architecture", draft-ietf-intarea-tunnels-09 (work in | |||
| progress), July 2018. | progress), July 2018. | |||
| [I-D.ietf-tsvwg-datagram-plpmtud] | [I-D.ietf-tsvwg-datagram-plpmtud] | |||
| Fairhurst, G., Jones, T., Tuexen, M., and I. Ruengeler, | Fairhurst, G., Jones, T., Tuexen, M., and I. Ruengeler, | |||
| "Packetization Layer Path MTU Discovery for Datagram | "Packetization Layer Path MTU Discovery for Datagram | |||
| Transports", draft-ietf-tsvwg-datagram-plpmtud-05 (work in | Transports", draft-ietf-tsvwg-datagram-plpmtud-06 (work in | |||
| progress), October 2018. | progress), November 2018. | |||
| [I-D.ietf-tsvwg-udp-options] | [I-D.ietf-tsvwg-udp-options] | |||
| Touch, J., "Transport Options for UDP", draft-ietf-tsvwg- | Touch, J., "Transport Options for UDP", draft-ietf-tsvwg- | |||
| udp-options-05 (work in progress), July 2018. | udp-options-05 (work in progress), July 2018. | |||
| [Kent] Kent, C. and J. Mogul, ""Fragmentation Considered | [Kent] Kent, C. and J. Mogul, ""Fragmentation Considered | |||
| Harmful", In Proc. SIGCOMM '87 Workshop on Frontiers in | Harmful", In Proc. SIGCOMM '87 Workshop on Frontiers in | |||
| Computer Communications Technology, DOI | Computer Communications Technology, DOI | |||
| 10.1145/55483.55524", August 1987, | 10.1145/55483.55524", August 1987, | |||
| <http://www.hpl.hp.com/techreports/Compaq-DEC/ | <http://www.hpl.hp.com/techreports/Compaq-DEC/ | |||
| End of changes. 14 change blocks. | ||||
| 35 lines changed or deleted | 43 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||