[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Comments on draft-manral-v6ops-tiny-fragments-issues-02.txt
- To: v6ops@ops.ietf.org
- Subject: Comments on draft-manral-v6ops-tiny-fragments-issues-02.txt
- From: Suresh Krishnan <suresh.krishnan@ericsson.com>
- Date: Tue, 06 Jun 2006 13:09:00 -0400
- User-agent: Mozilla Thunderbird 1.0.7 (X11/20050923)
Hi Vishwas,
I read this draft and acknowledge that the problem described in the
draft is very real. I had looked at this issue before and I could not
arrive at a reasonable solution. I will talk about each of the 4
presented solutions
a. Impose a minimum packet size for the non-last fragments. If a
fragment of a lesser size is received, the packet is treated as a
malformed packet and is discarded.
This is the most feasible solution but it is not very effective. Let's
say we arrive at a minimum non-last fragment size X (<1280 of course).
It is very possible to make fragments of 1280 octets without containing
the ULP header by filling it with useless hop by hop options and
extension headers.
b. Reassemble all the fragments of the packet, translate the header
fields and, glean out relevent information and then pass the original
fragments ahead after modifying the relevent fields.
c. Reassemble all the fragments of the packet till we have the header
fields of the upper layer , glean out relevent information and then
pass the original fragments ahead after modifying the relevent
fields.
b and c will lead to denial of service attacks since an attacker can
send enough fragments which DO NOT contain the upper layer protocol port
and make the node wait for the last one, thus exhausting memory on the
assembling node.
d. If upper layer protocol present then the header must be there in
the first fragment.
The difficult question is what to do if the ULP layer is NOT present in
the first fragment (Drop or Permit?)
Thanks
Suresh