Vernon Schryver wrote:
>
> > From: Joe Touch <touch@ISI.EDU>
> > To: Erik Nordmark <Erik.Nordmark@eng.sun.com>
>
> > > This doesn't list what I thought was an obvious issue.
> > > If multiple nodes are originating packets with the same source
> > > IP address it will be rather hard for them to ensure the required
> > > uniqueness on the IP ID field (unique for the combination
> > > of source IP, destination IP and protocol).
> > >
> > > I suspect that most of boxes that play these games don't worry about
> > > IP ID which might cause garbage reassembly should the same
> > > IP ID be used when multiple such boxes are sending to the same IP address.
> >
> >
> > Good point.
> >
> > I suspect they ignore the issue because of how they demux to multiple
> > boxes;
> > if the demux is by a hash of source IP address, then there's no need for
> > coordination thereafter.
>
> That's ok for the redirected ISP customers and the box itself, but
> what about the distant server that is getting less than half of the
> (addr, port, addr, port) 4-tuple? I thought the point was that
> the distant SMTP or HTTP server would be getting second or later
> IP fragments with colliding IP ID's, identical source (proxy's)
> and destination (server's) IP addresses, and so with no clue which
> IP fragments belong to which stream.
I was describing a (easy) case where the demux is by source IP only; in
that case, IP IDs can be reused by the different servers, because there
is no potential collision of the tuples.
There are certainly cases where the demux is not by source IP, in which
case the different servers (or clients) sharing an IP address need to
coordinate IP IDs.
> > I'll certainly add that to the list. There's a corrolary at the TCP
> > level, of port reuse, etc.
>
> Is that a sign of good things happening to the document?
> I've been hoping to see some activity in the WREC list about either
> hijacking--uh--redirecting proxy hazards documement or the document
> NECP Is something happening behind the scenes? If so, please forget
> I asked.
Thus far I haven't seen enough feedback to determine.
I'm looking for direction:
- (preferred) separate hazards ID
- roll into known problems
(I've discussed with others why I think this
is outside 'known probs' - in the sense that
I feel KP is about unintended non-compliance,
not deliberate extension/augmentation with new
mechanism)
I don't know what 'hijacking' would mean - I'm in WREC, so I'd be glad
to have it run through that group (that's what I was expecting, in
fact).
I would assume it would be cited/referred by an update to NECP, but not
rolled-in per se.
Any other thoughts?
Joe
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:28 MST