Internet Engineering Task Force G. Fairhurst
Internet-Draft T. Jones
Intended status: Standards Track University of Aberdeen
Expires: July 24, 2018 M. Tuexen
I. Ruengeler
Muenster University of Applied Sciences
January 22, 2018
Packetization Layer Path MTU Discovery for Datagram Transports
draft-ietf-tsvwg-datagram-plpmtud-00
Abstract
This document describes a robust method for Path MTU Discovery
(PMTUD) for datagram Packetization layers. The method allows a
Packetization layer (or a datagram application that uses it) to probe
an network path with progressively larger packets to determine a
maximum packet size. The document describes as an extension to RFC
1191 and RFC 8201, which specify ICMP-based Path MTU Discovery for
IPv4 and IPv6. This provides functionally for datagram transports
that is equivalent to the Packetization layer PMTUD specification for
TCP, specified in RFC4821.
When published, this specification updates RFC4821.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 24, 2018.
Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 1]
Internet-Draft Datagram PLPMTUD January 2018
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (http://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Features required to provide Datagram PLPMTUD . . . . . . . . 6
3.1. PMTU Probe Packets . . . . . . . . . . . . . . . . . . . . 8
3.2. Validation of the current effective PMTU . . . . . . . . . 9
3.3. Reduction of the effective PMTU . . . . . . . . . . . . . 10
4. Datagram Packetization Layer PMTUD . . . . . . . . . . . . . . 10
4.1. Probing . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.2. Selecting the Size of a Probe Message . . . . . . . . . . 11
4.3. Verification and use of PTB messages . . . . . . . . . . . 11
4.4. Timers . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.5. Constants . . . . . . . . . . . . . . . . . . . . . . . . 12
4.6. Variables . . . . . . . . . . . . . . . . . . . . . . . . 13
4.7. Selecting Probe Size . . . . . . . . . . . . . . . . . . . 13
4.8. State Machine . . . . . . . . . . . . . . . . . . . . . . 14
5. Specification of Protocol-Specific Methods . . . . . . . . . . 16
5.1. DPLPMTUD for UDP and UDP-Lite . . . . . . . . . . . . . . 16
5.1.1. UDP Options . . . . . . . . . . . . . . . . . . . . . 16
5.1.2. UDP Options required for PLPMTUD . . . . . . . . . . . 16
5.1.2.1. Echo Request Option . . . . . . . . . . . . . . . 16
5.1.2.2. Echo Response Option . . . . . . . . . . . . . . . 17
5.1.3. Sending UDP-Option Probe Packets . . . . . . . . . . . 17
5.1.4. Validating the Path with UDP Options . . . . . . . . . 17
5.1.5. Handling of PTB Messages by UDP . . . . . . . . . . . 17
5.2. DPLPMTUD for SCTP . . . . . . . . . . . . . . . . . . . . 17
5.2.1. SCTP/IP4 and SCTP/IPv6 . . . . . . . . . . . . . . . . 18
5.2.1.1. Sending SCTP Probe Packets . . . . . . . . . . . . 18
5.2.1.2. Validating the Path with SCTP . . . . . . . . . . 18
5.2.1.3. PTB Message Handling by SCTP . . . . . . . . . . . 18
5.2.2. DPLPMTUD for SCTP/UDP . . . . . . . . . . . . . . . . 19
5.2.2.1. Sending SCTP/UDP Probe Packets . . . . . . . . . . 19
5.2.2.2. Validating the Path with SCTP/UDP . . . . . . . . 19
5.2.2.3. Handling of PTB Messages by SCTP/UDP . . . . . . . 19
5.2.3. DPLPMTUD for SCTP/DTLS . . . . . . . . . . . . . . . . 19
5.2.3.1. Sending SCTP/DTLS Probe Packets . . . . . . . . . 19
5.2.3.2. Validating the Path with SCTP/DTLS . . . . . . . . 19
5.2.3.3. Handling of PTB Messages by SCTP/DTLS . . . . . . 19
5.3. Other IETF Transports . . . . . . . . . . . . . . . . . . 20
5.4. DPLPMTUD by Applications . . . . . . . . . . . . . . . . . 20
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 20
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20
8. Security Considerations . . . . . . . . . . . . . . . . . . . 20
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 2]
Internet-Draft Datagram PLPMTUD January 2018
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
9.1. Normative References . . . . . . . . . . . . . . . . . . . 21
9.2. Informative References . . . . . . . . . . . . . . . . . . 22
Appendix A. Event-driven state changes . . . . . . . . . . . . . . 23
Appendix B. Revision Notes . . . . . . . . . . . . . . . . . . . . 25
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26
1. Introduction
The IETF has specified datagram transport using UDP, SCTP, and DCCP,
as well as protocols layered on top of these transports (e.g., SCTP/
UDP, DCCP/UDP).
Classical Path Maximum Transmission Unit Discovery (PMTUD) can be
used with any transport that is able to process ICMP Packet Too Big
(PTB) messages (e.g., [RFC1191] and [RFC8201]). The term PTB message
is applied to both IPv4 ICMP Unreachable messages (type 3) that carry
the error Fragmentation Needed (Type 3, Code 4) and ICMPv6 packet too
big messages (Type 2). The sender adjusts the effective Path MTU
(PMTU), based on reception of ICMP PTB messages to decrease the PMTU
when a packet is sent with a size larger than the value reported as
the Link MTU in the PTB message, and a method that from time-to-time
increases the packet size in attempt to discover an increase in the
supported PMTU.
However, Classical PMTUD is subject to protocol failures. One
failure arises when traffic using a packet size larger than the
actual supported PMTU is black-holed (all datagrams sent with this
size are silently discarded). This could continue to happen when ICMP
PTB messages are not delivered back to the sender for some reason
[RFC2923]). For example, ICMP messages are increasingly filtered by
middleboxes (including firewalls) [RFC4890], and in some cases are
not correctly processed by tunnel endpoints.
Another failure could result if a system not on the network path
sends a PTB that attempts to force the sender to change the effective
PMTU [RFC8201]. A sender can protect itself from reacting to such
messages by utilising the quoted packet within the PTB message
payload to verify that the received PTB message was generated in
response to a packet that had actually been sent. However, there are
situations where a sender is unable to provide this verification
(e.g., when the PTB message does not include sufficient information,
often the case for IPv4; or where the information corresponds to an
encrypted packet). Most routers implement RFC792 [RFC0792], which
requires them to return only the first 64 bits of the IP payload of
the packet, whereas RFC1812 [RFC1812] requires routers to return the
full packet if possible.
Even when the PTB message includes sufficient bytes of the quoted
packet, the network layer could lack sufficient context to perform
verification, because this depends on information about the active
transport flows at an endpoint node (e.g., the socket/address pairs
being used, and other protocol header information).
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 3]
Internet-Draft Datagram PLPMTUD January 2018
The term Packetization Layer (PL) has been introduced to describe the
layer that is responsible for placing data blocks into the payload of
packets and selecting an appropriate maximum packet size. This
function is often performed by a transport protocol, but can also be
performed by other encapsulation methods working above the transport.
PTB verification is more straight forward at the PL or at a higher
layer.
In contrast to PMTUD, Packetization Layer Path MTU Discovery
(PLPMTUD) [RFC4821] does not rely upon reception and verification of
PTB messages. It is therefore more robust than Classical PMTUD. This
has become the recommended approach for implementing PMTU discovery
with TCP. It uses a general strategy where the PL searches for an
appropriate PMTU by sending probe packets along the network path with
a progressively larger packet size. If a probe packet is
successfully delivered (as determined by the PL), then the effective
Path MTU is raised to the size of the successful probe.
PLPMTUD introduces flexibility in the implementation of PMTU
discovery. At one extreme, it can be configured to only perform PTB
black hole detection and recovery to increase the robustness of
Classical PMTUD, or at the other extreme, all PTB processing can be
disabled and PLPMTUD can completely replace Classical PMTUD. PLPMTUD
can also include additional consistency checks without increasing the
risk of increased blackholing.
The UDP-Guidelines [RFC8085] state "an application SHOULD either use
the path MTU information provided by the IP layer or implement Path
MTU Discovery (PMTUD)", but does not provide a mechanism for
discovering the largest size of unfragmented datagram than can be
used on a path. PLPMTUD has not currently been specified for UDP,
while Section 10.2 of [RFC4821] recommends a PLPMTUD probing method
for SCTP that utilises heartbeat messages as probe packets, but does
not provide a complete specification. This document provides the
details to complete that specification. Similarly, the method
defined in this specification could be used with the Datagram
Congestion Control Protocol (DCCP) [RFC4340] requires implementations
to support Classical PMTUD and states that a DCCP sender "MUST
maintain the maximum packet size (MPS) allowed for each active DCCP
session". It also defines the current congestion control maximum
packet size (CCMPS) supported by a path. This recommends use of
PMTUD, and suggests use of control packets (DCCP-Sync) as path probe
packets, because they do not risk application data loss.
Section 4 of this document presents a set of algorithms for datagram
protocols to discover a maximum size for the effective PMTU across a
path. The methods described rely on features of the PL Section 3 and
apply to transport protocols over IPv4 and IPv6. It does not require
cooperation from the lower layers (except that they are consistent
about which packet sizes are acceptable). A method can utilise ICMP
PTB messages when received messages are made available to the PL.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 4]
Internet-Draft Datagram PLPMTUD January 2018
Finally, Section 5 specifies the method for a set of transports, and
provides information to enables the implementation of PLPMTUD with
other datagram transports and applications that use datagram
transports.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Other terminology is directly copied from [RFC4821], and the
definitions in [RFC1122].
Black-Holed: When the sender is unaware that packets are not
delivered to the destination endpoint (e.g., when the sender
transmits packets of a particular size with a previously known
PMTU, but is unaware of a change to the path that resulted in a
smaller PMTU).
Classical Path MTU Discovery: Classical PMTUD is a process described
in [RFC1191] and [RFC8201], in which nodes rely on PTB messages to
learn the largest size of unfragmented datagram than can be used
across a path.
Datagram: A datagram is a transport-layer protocol data unit,
transmitted in the payload of an IP packet.
Effective PMTU: The current estimated value for PMTU that is used by
a Packetization Layer.
EMTU_S: The Effective MTU for sending (EMTU_S) is defined in
[RFC1122] as "the maximum IP datagram size that may be sent, for a
particular combination of IP source and destination addresses...".
EMTU_R: The Effective MTU for receiving (EMTU_R) is designated in
[RFC1122] as the largest datagram size that can be reassembled by
EMTU_R ("Effective MTU to receive").
Link: A communication facility or medium over which nodes can
communicate at the link layer, i.e., a layer below the IP layer.
Examples are Ethernet LANs and Internet (or higher) layer and
tunnels.
Link MTU: The Maximum Transmission Unit (MTU) is the size in bytes of
the largest IP packet, including the IP header and payload, that
can be transmitted over a link. Note that this could more
properly be called the IP MTU, to be consistent with how other
standards organizations use the acronym MTU. This includes the IP
header, but excludes link layer headers and other framing that is
not part of IP or the IP payload. Other standards organizations
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 5]
Internet-Draft Datagram PLPMTUD January 2018
generally define link MTU to include the link layer headers.
MPS: The Maximum Packet Size (MPS), the largest size of application
data block that can be sent unfragmented across a path. In
PLPMTUD this quantity is derived from Effective PMTU by taking
into consideration the size of the application and lower protocol
layer headers, and can be limited by the application protocol.
Packet: An IP header plus the IP payload.
Packetization Layer (PL): The layer of the network stack that places
data into packets and performs transport protocol functions.
Path: The set of link and routers traversed by a packet between a
source node and a destination node.
Path MTU (PMTU): The minimum of the link MTU of all the links forming
a path between a source node and a destination node.
PLPMTUD: Packetization Layer Path MTU Discovery, the method described
in this document for datagram PLs, which is an extension to
Classical PMTU Discovery.
Probe packet: A datagram sent with a purposely chosen size (typically
larger than the current Effective PMTU or MPS) to detect if
messages of this size can be successfully sent along the end-to-
end path.
3. Features required to provide Datagram PLPMTUD
TCP PLPMTUD has been defined using standard TCP protocol mechanisms.
All of the requirements in [RFC4821] also apply to use of the
technique with a datagram PL. Unlike TCP, some datagram PLs require
additional mechanisms to implement PLPMTUD.
There are nine requirements for performing the datagram PLPMTUD
method described in this specification:
1. PMTU parameters: A PLPMTUD sender is REQUIRED to provide
information about the maximum size of packet that can be
transmitted by the sender on the local link (the Link MTU and MAY
utilize similar information about the receiver when this is
supplied (note this could be less than EMTU_R). Some applications
also have a maximum transport protocol data unit (PDU) size, in
which case there is no benefit from probing for a size larger
than this (unless a transport allows multiplexing multiple
applications PDUs into the same datagram).
2. Effective PMTU: A datagram application MUST be able to choose the
size of datagrams sent to the network, up to the effective PMTU,
or a smaller value (such as the MPS) derived from this. This
value is managed by the PMTUD method. The effective PMTU
(specified in Section 1 of [RFC1191]) is equivalent to the EMTU_S
(specified in [RFC1122]).
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 6]
Internet-Draft Datagram PLPMTUD January 2018
3. Probe packets: On request, a PLPMTUD sender is REQUIRED to be
able to transmit a packet larger than the current effective PMTU
(but always with a total size less than the link MTU). The method
can use this as a probe packet. In IPv4, a probe packet is
always sent with the Don't Fragment (DF) bit set and without
network layer endpoint fragmentation. In IPv6, a probe packet is
always sent without source fragmentation (as specified in section
5.4 of [RFC8201]).
4. Processing PTB messages: A PLPMTUD sender MAY optionally utilize
PTB messages received from the network layer to help identify
when a path does not support the current size of packet probe.
Any received PTB message SHOULD/MUST be verified before it is
used to update the PMTU discovery information [RFC8201]. This
verification confirms that the PTB message was sent in response
to a packet originating by the sender, and needs to be performed
before the PMTU discovery method reacts to the PTB message. When
the router link MTU is indicated in the PTB message this MAY be
used by datagram PLPMTUD to reduce the size of a probe, but MUST
NOT be used increase the effective PMTU ([RFC8201]).
5. Reception feedback: The destination PL endpoint is REQUIRED to
provide a feedback method that indicates when a probe packet has
been received by the destination endpoint. The local PL endpoint
at the sending node is REQUIRED to pass this feedback to the
sender-side PLPMTUD method.
6. Probing and congestion control: The isolated loss of a probe
packet SHOULD NOT be treated as an indication of congestion and
its loss does not directly trigger a congestion control reaction
[RFC4821].
7. Probe loss recovery: If the data block carried by a probe message
needs to be sent reliably, the PL (or layers above) MUST arrange
retransmission/repair of any resulting loss. This method MUST be
robust in the case where probe packets are lost due to other
reasons (including link transmission error, congestion). The
PLPMTUD method treats isolated loss of a probe packet (with or
without an PTB message) as a potential indication of a PMTU limit
on the path. The PL MAY retransmit any data included in a lost
probe packet without adjusting its congestion window [RFC4821].
8. Cached effective PMTU: The sender MUST cache the effective PMTU
value used by an instance of the PL between probes and needs also
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 7]
Internet-Draft Datagram PLPMTUD January 2018
to consider the disruption that could be incurred by an
unsuccessful probe - both upon the flow that incurs a probe loss,
and other flows that experience the effect of additional probe
traffic.
9. Shared effective PMTU state: The PMTU value could also be stored
with the corresponding entry in the destination cache and used by
other PL instances. The specification of PLPMTUD [RFC4821]
states: "If PLPMTUD updates the MTU for a particular path, all
Packetization Layer sessions that share the path representation
(as described in Section 5.2 of [RFC4821]) SHOULD be notified to
make use of the new MTU and make the required congestion control
adjustments". Such methods need to robust to the wide variety of
underlying network forwarding behaviours. Section 5.2 of
[RFC8201] provides guidance on the caching of PMTU information
and also the relation to IPv6 flow labels.
In addition the following design principles are stated:
o Suitable MPS: The PLPMTUD method SHOULD avoid forcing an
application to use an arbitrary small MPS (effective PMTU) for
transmission while the method is searching for the currently
supported PMTU. Datagram PLs do not necessarily support
fragmentation of PDUs larger than the PMTU. A reduced MPS can
adversely impact the performance of a datagram application.
o Path validation: The PLPMTUD method MUST be robust to path changes
that could have occurred since the path characteristics were last
confirmed.
o Datagram reordering: A method MUST be robust to the possibility
that a flow encounters reordering, or has the traffic (including
probe packets) is divided over more than one network path.
o When to probe: The PLPMTUD method SHOULD determine whether the
path capacity has increased since it last measured the path. This
determines when the path should again be probed.
3.1. PMTU Probe Packets
PMTU discovery relies upon the sender being able to generate probe
messages with a specific size. TCP is able to generate probe packets
by choosing to appropriately segment data being sent [RFC4821].
In contrast, a datagram PL that needs to construct a probe packet has
to either request an application to send a data block that is larger
than that generated by an application, or to utilise padding
functions to extend a datagram beyond the size of the application
data block. Protocols that permit exchange of control messages
(without an application data block) could alternatively prefer to
generate a probe packet by extending a control message with padding
data.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 8]
Internet-Draft Datagram PLPMTUD January 2018
When the method fails to validate the PMTU for the path, it may be
required to send a probe packet with a size less than the size of the
data block generated by an application. In this case, the PL could
provide a way to fragment a datagram at the PL, or could instead
utilise a control packet with padding.
A receiver needs to be able to distinguish an in-band data block from
any added padding. This is needed to ensure that any added padding
is not passed on to an application at the receiver.
This results in three possible ways that a sender can create a probe
packet:
Probing using appication data: A probe packet that contains a data
block supplied by an application that matches the size required
for the probe. This method requests the application to issue a
data block of the desired probe size. If the application/
transport needs protection from the loss of an unsuccessful probe
packet, the application/transport needs then to perform transport-
layer retransmission/repair of the data block (e.g., by
retransmission after loss is detected or by duplicating the data
block in a datagram without the padding).
Probing using appication data and padding data: A probe packet that
contains a data block supplied by an application that is combined
with padding to inflate the length of the datagram to the size
required for the probe. If the application/transport needs
protection from the loss of this probe packet, the application/
transport may perform transport-layer retransmission/repair of the
data block (e.g., by retransmission after loss is detected or by
duplicating the data block in a datagram without the padding
data).
Probing using padding data: A probe packet that contains only control
information together with any padding needed to inflate the packet
to the size required for the probe. Since these probe packets do
not carry an application-supplied data block,they do not typically
require retransmission, although they do still consume network
capacity and incur endpoint processing.
A datagram PLPMTUD MAY choose to use only one of these methods to
simplify the implementation.
3.2. Validation of the current effective PMTU
The PL needs a method to determine when probe packets have been
successfully received end-to-end across a network path.
Transport protocols can include end-to-end methods that detect and
report reception of specific datagrams that they send (e.g., DCCP and
SCTP provide keep-alive/heartbeat features). When supported, this
mechanism SHOULD also be used by PLPMTUD to acknowledge reception of
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 9]
Internet-Draft Datagram PLPMTUD January 2018
a probe packet.
A PL that does not acknowledge data reception (e.g., UDP and UDP-
Lite) is unable to detect when the packets it sends are discarded
because their size is greater than the actual PMTUD. These PLs need
to either rely on an application protocol to detect this, or make use
of an additional transport method such as UDP-Options [I-D.ietf-
tsvwg-udp-options]. In addition, they might need to send
reachability probes (e.g., periodically solicit a response from the
destination) to determine whether the current effective PMTU is still
supported by the network path.
Section Section 4 specifies this function for a set of IETF-specified
protocols.
3.3. Reduction of the effective PMTU
When the current effective PMTU is no longer supported by the network
path, the transport needs to detect this and reduce the effective
PMTU.
o A PL that sends a datagram larger than the actual PMTU that
includes no application data block, or one that does not attempt
to provide any retransmission, can send a new probe packet with an
updated probe size.
o A PL that wishes to resend the application data block, could then
need to re-fragment the data block to a smaller packet size that
is expected to traverse the end-to-end path. This could utilise
network-layer or PL fragmentation when these are available. A
fragmented datagram MUST NOT be used as a probe packet (see
[RFC8201]).
A method can additionally utilise PTB messages to detect when the
actual PMTU supported by a network path is less than the current size
of datagrams (or probe messages) that are being sent.
4. Datagram Packetization Layer PMTUD
This section specifies Datagram PLPMTUD.
The central idea of PLPMTU discovery is probing by a sender. Probe
packets of increasing size are sent to find out the maximum size of a
user message that is completely transferred across the network path
from the sender to the destination.
4.1. Probing
The PLPMTUD method utilises a timer to trigger the generation of
probe packets. The probe_timer is started each time a probe packet
is sent to the destination and is cancelled when receipt of the probe
packet is acknowledged.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 10]
Internet-Draft Datagram PLPMTUD January 2018
The PROBE_COUNT is initialised to zero when a probe packet is first
sent with a particular size. Each time the probe_timer expires, the
PROBE_COUNT is incremented, and a probe packet of the same size is
retransmitted. The maximum number of retransmissions per probing
size is configured (MAX_PROBES). If the value of the PROBE_COUNT
reaches MAX_PROBES, probing will be stopped and the last successfully
probed PMTU is set as the effective PMTU.
Once probing is completed, the sender continues to use the effective
PMTU until either a PTB message is received or the PMTU_RAISE_TIMER
expires. If the PL is unable to verify reachability to the
destination endpoint after probing has completed, the method uses a
REACHABILITY_TIMER to periodically repeat a probe packet for the
current effective PMTU size, while the PMTU_RAISE_TIMER is running.
If the resulting probe packet is not acknowledged (i.e. the
PROBE_TIMER expires), the method re-starts probing for the PMTU.
4.2. Selecting the Size of a Probe Message
Path probing relies on generation of probe packets with a specific
size. This section decribes how the algorithm selects the size of
the next probe message.
XXX Details may be specified in later revisions of this document- the
next list is for information XXX
There are serveral things to consider, these include:
step granularity (i.e., it could be unecessary to probe for each
possible PMTU, and probes could be at a courser elvel - every 16B?
every 128B? )
There are various algorithms that could be used to arrive at a set
of suitable probe sizes. Should the value be derived from a table
of probe sizes or via a search algorithm (e.g. a binary search),
or is a hybrid approach at different times to be preferred?
Should one method be specified?.
How much overhead is present in the probe packet? to map from a
probe payload to the size of the probe on the wire (does this
matter in selection of the probe size?
4.3. Verification and use of PTB messages
XXX A decision on SHOULD/MUST needs to be made on how to verify
messages XXX
This section describes processing for both IPv4 ICMP Unreachable
messages (type 3) and ICMPv6 packet too big messages.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 11]
Internet-Draft Datagram PLPMTUD January 2018
A node that receives a PTB message from a router or middlebox, SHOULD
/MUST verify the PTB message. The node checks the protocol
information in the quoted payload to verify that the message
originated from the sending node. The node also checks that the
reported MTU size is less than the size used by packet probes. PTB
messages are discarded if they fail to pass these checks, or where
there is insufficient ICMP payload to perform these checks. The
checks are intended to provide protection from packets that originate
from a node that is not on the network path or a node that attempts
to report a larger MTU than the current probe size.
PTB messages that have been verified can be utilised by the DPLPMTUD
algorithm. A method that utilises these PTB messages can improve
performance compared to one that relies solely on probing.
XXX Specification needed of how to utilise the reported Link MTU size
to generate a probe, and how to account for encapuslations that may
be present at the point where the PTB message was generated. XXX
4.4. Timers
This method utilises three timers:
PROBE_TIMER: Configured to expire after a period longer than the
maximum time to receive an acknowledgment to a probe packet. This
value MUST be larger than 1 second, and SHOULD be larger than 15
seconds. Guidance on selection of the timer value are provide in
section 3.1.1 of the UDP Usage Guidelines [RFC8085].
PMTU_RAISE_TIMER: Configured to the period a sender ought to continue
use the current effective PMTU, after which it re-commences
probing for a higher PMTU. This timer has a period of 600 secs, as
recommended by PLPMTUD [RFC4821].
REACHABILITY_TIMER: Configured to the period a sender ought to wait
before confirming the current effective PMTU is still supported.
This is less than the PMTU_RAISE_TIMER.
An application that needs to employ keep-alive messages to deliver
useful service over UDP SHOULD NOT transmit them more frequently
than once every 15 seconds and SHOULD use longer intervals when
possible. DPLPMTUD ought to suspend reachability probes when no
application data has been sent since the previous probe packet.
Guidance on selection of the timer value are provide in section
3.1.1 of the UDP Usage Guidelines[RFC8085].
An implementation could implement the various timers using a single
timer process.
4.5. Constants
The following constants are defined:
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 12]
Internet-Draft Datagram PLPMTUD January 2018
MAX_PROBES: The maximum value of the PROBE_ERROR_COUNTER. The default
value of MAX_PROBES is 10.
MIN_PMTU: The smallest allowed probe packet size. This value is 1280
bytes, as specified in [RFC2460]. For IPv4, the minimum value is
68 bytes. (An IPv4 routed is required to be able to forward a
datagram of 68 octets without further fragmentation. This is the
combined size of an IPv4 header and the minimum fragment size of 8
octets.)
BASE_PMTU: The BASE_PMTU is a considered a size that ought to work in
most cases. The size is equal to or larger than the minimum
permitted and smaller than the maximum allowed. In the case of
IPv6, this value is 1280 bytes [RFC2460]. When using IPv4, a size
of 1200 is RECOMMENDED.
MAX_PMTU: The MAX_PMTU is the largest size of PMTU that is probed.
This has to be less than or equal to the minimum of the local MTU
of the outgoing interface and the destination effective MTU for
receiving. An application or PL may reduce this when it knows
there is no need to send packets above a specific size.
4.6. Variables
This method utilises a set of variables:
effective PMTU: The effective PMTU is the maximum size of datagram
that the method has currently determined can be supported along
the entire path.
PROBED_SIZE: The PROBED_SIZE is the size of the current probe packet.
This is a tentative value for the effective PMTU, which is
awaiting confirmation by an acknowledgment.
PROBE_COUNT: This is a count of the number of unsuccessful probe
packets that have been sent with size PROBED_SIZE. The value is
initialised to zero when a particular size of PROBED_SIZE is first
attempted.
PTB_SIZE: The PTB_Size is value returned by a verified PTB message
indicating the local MTU size of a router along the path.
4.7. Selecting Probe Size
XXX There are serveral things to consider when selecting the size to
probe, some of which may be specified in later revisions of this
document XXX
Issues include:
step granularity (i.e., it could be unecessary to probe for each
possible PMTU, and probes could be at a courser elvel - every 16B?
every 128B? )
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 13]
Internet-Draft Datagram PLPMTUD January 2018
There are various algorithms that could be used to arrive at a set
of suitable probe sizes. Should the value be derived from a table
of probe sizes or via a search algorithm, or is a hybrid approach
at different times to be preferred? Should one method be
specified?.
How much overhead is present in the probe packet? to map from a
probe payload to the size of the probe on the wire (does this
matter in selection of the probe size?
4.8. State Machine
A state machine for Datagram PLPMTUD is depicted in Figure 1. If
multihoming is supported, a state machine is needed for each active
path.
PROBE_TIMER expiry
(PROBE_COUNT = MAX_PROBES)
+-------------+ +--------------+
=->| PROBE_START |--------------->|PROBE_DISABLED|
PROBE_TIMER expiry | +-------------+ +--------------+
(PROBE_COUNT = | | |
MAX_PROBES) ------- | Connectivity confirmed
v
----------- +------------+ -- PROBE_TIMER expiry
MAX_PMTU acked or | | PROBE_BASE | | (PROBE_COUNT <
PTB (>= BASE_PMTU)| -----> +------------+ <- MAX_PROBES)
---------------- | /\ | |
| | | | | PTB
| PMTU_RAISE_TIMER| | | | (PTB_SIZE < BASE_PMTU)
| or reachability | | | | or
| (PROBE_COUNT | | | | PROBE_TIMER expiry
| = MAX_PROBES) | | | | (PROBE_COUNT = MAX_PROBES)
| ------------- | | \
| | PTB | | \
| | (< PROBED_SIZE)| | \
| | | | ----------------
| | | | |
| | | | Probe |
| | | | acked |
v | | v v
+------------+ +--------------+ Probe +-------------+
| PROBE_DONE |<-------------- | PROBE_SEARCH |<-------| PROBE_ERROR |
+------------+ MAX_PMTU acked +--------------+ acked +-------------+
/\ | or /\ |
| | PROBE_TIMER expiry | |
| |(PROBE_COUNT = MAX_PROBES) | |
| | | |
------ --------
Reachability probe acked PROBE_TIMER expiry
or PROBE_TIMER expiry (PROBE_COUNT < MAX_PROBES)
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 14]
Internet-Draft Datagram PLPMTUD January 2018
(PROBE_COUNT < MAX_PROBES) or
Probe acked
XXX State machine to be updated for PTB messages - to probe for PTB
size XXX
The following states are defined to reflect the probing process:
PROBE_START: The PROBE_START state is the initial state before
probing has started. PLPMTUD is not performed in this state. The
state transitions to PROBE_BASE, when a path has been confirmed,
i.e. when a sent packet has been acknowledged on this path. The
effective PMTU is set to the BASE_PMTU size. Probing ought to
start immediately after connection setup to prevent the loss of
user data.
PROBE_BASE: The PROBE_BASE state is the starting point for probing
with datagram PLPMTUD. It is used to confirm whether the BASE_PMTU
size is supported by the network path. On entry, the PROBED_SIZE
is set to the BASE_PMTU size and the PROBE_COUNT is set to zero.
A probe packet is sent, and the PROBE_TIMER is started. The state
is left when the PROBE_COUNT reaches MAX_PROBES; a PTB message is
verified, or a probe packet is acknowledged.
PROBE_SEARCH: The PROBE_SEARCH state is the main probing state. This
state is entered either when probing for the BASE_PMTU was
successful or when there is a successful reachability test in the
PROBE_ERROR state. On entry, the effective PMTU is set to the
last acknowledged PROBED_SIZE.
On the first probe packet for each probed size, the PROBE_COUNT is
set to zero. Each time a probe packet is acknowledged, the
effective PMTU is set to the PROBED_SIZE, and then the PROBED_SIZE
is increased. When a probe packet is not acknowledged within the
period of the PROBE_TIMER, the PROBE_COUNT is incremented and the
probe packet is retransmitted. The state is exited when the
PROBE_COUNT reaches MAX_PROBES; a PTB message is verified; or a
probe of size PMTU_MAX is acknowledged.
PROBE_ERROR: The PROBE_ERROR state represents the case where the
network path is not known to support an effective PMTU of at least
the BASE_PMTU size. It is entered when either a probe of size
BASE_PMTU has not been acknowledged or a verified PTB message
indicates a smaller link MTU than the BASE_PMTU. On entry, the
PROBE_COUNT is set to zero and the PROBED_SIZE is set to the
MIN_PMTU size, and the effective PMTU is reset to MIN_PMTU size.
In this state, a probe packet is sent, and the PROBE_TIMER is
started. The state transitions to the PROBE_SEARCH state when a
probe packet is acknowledged.
PROBE_DONE: The PROBE_DONE state indicates a successful end to a
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 15]
Internet-Draft Datagram PLPMTUD January 2018
probing phase. Datagram PLPMTUD remains in this state until
either the PMTU_RAISE_TIMER expires or a PTB message is verified.
When PLPMTUD uses an unacknowledged PL and is in the PROBE_DONE
state, a REACHABILITY_TIMER periodically resets the PROBE_COUNT
and schedules a probe packet with the size of the effective PMTU.
If the probe packet fails to be acknowledged after MAX_PROBES
attempts, the method enters the PROBE_BASE state. When used with
an acknowledged PL (e.g., SCTP), DPLPMTUD SHOULD NOT continue to
probe in this state.
PROBE_DISABLED: The PROBE_DISABLED state indicates that connectivity
could not be established. DPLPMTUD MUST NOT probe in this state.
Appendix Appendix A contains an informative description of key
events.
5. Specification of Protocol-Specific Methods
This section specifies protocol-specific details for datagram PLPMTUD
for IETF-specified transports.
5.1. DPLPMTUD for UDP and UDP-Lite
The current specifications of UDP [RFC0768] and UDP-LIte [RFC3828] do
not define a method in the RFC-series that supports PLPMTUD. In
particular, these transports do not provide the transport layer
features needed to implement datagram PLPMTUD, and any support for
Datagram PLPMTUD would therefore need to rely on higher-layer
protocol features [RFC8085].
5.1.1. UDP Options
UDP-Options [I-D.ietf-tsvwg-udp-options] supply the additional
functionality required to implement datagram PLPMTUD. This enables
padding to be added to UDP datagrams and can be used to provide
feedback acknowledgement of received probe packets.
5.1.2. UDP Options required for PLPMTUD
This subsection proposes two new UDP-Options that add support for
requesting a datagram response be sent and to mark this datagram as a
response to a request.
XXX << Future versions of the spec may define a parameter in an
Option to indicate the EMTU_R to the peer.>>
5.1.2.1. Echo Request Option
The Echo Request Option allows a sending endpoint to solicit a
response from a destination endpoint.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 16]
Internet-Draft Datagram PLPMTUD January 2018
The Echo Request carries a four byte token set by the sender. This
token can be set to a value that is likely to be known only to the
sender (and becomes known to nodes along the end-to-end path). The
sender can then check the value returned in the response to provide
additional protection from off-path insertion of data [RFC8085].
+---------+--------+-----------------+
| Kind=9 | Len=6 | Token |
+---------+--------+-----------------+
1 byte 1 byte 4 bytes
5.1.2.2. Echo Response Option
The Echo Response Option is generated by the PL in response to
reception of a previously received Echo Request. The Token field
associates the response with the Token value carried in the most
recently-received Echo Request. The rate of generation of UDP
packets carrying an Echo Response Option MAY be rate-limited.
+---------+--------+-----------------+
| Kind=10 | Len=6 | Token |
+---------+--------+-----------------+
1 byte 1 byte 4 bytes
5.1.3. Sending UDP-Option Probe Packets
This method specifies a probe packet that does not carry an
application data block. The probe packet consists of a UDP datagram
header followed by a UDP Option containing the ECHOREQ option, which
is followed by NOP Options to pad the remainder of the datagram
payload to the probe size. NOP padding is used to control the length
of the probe packet.
A UDP Option carrying the ECHORES option is used to provide feedback
when a probe packet is received at the destination endpoint.
5.1.4. Validating the Path with UDP Options
Since UDP is an unacknowledged PL, a sender that does not have
higher-layer information confirming correct delivery of datagrams
SHOULD implement the REACHABILITY_TIMER to periodically send probe
packets while in the PROBE_DONE state.
5.1.5. Handling of PTB Messages by UDP
Normal ICMP verification MUST be performed as specified in Section
5.2 of [RFC8085]. This requires that the PL verifies each received
PTB messages to verify these are received in response to transmitted
traffic and that the reported LInk MTU is less than the current probe
size. A verified PTB message MAY be used as input to the PLPMTUD
algorithm.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 17]
Internet-Draft Datagram PLPMTUD January 2018
5.2. DPLPMTUD for SCTP
Section 10.2 of [RFC4821] specifies a recommended PLPMTUD probing
method for SCTP. It recommends the use of the PAD chunk, defined in
[RFC4820] to be attached to a minimum length HEARTBEAT chunk to build
a probe packet. This enables probing without affecting the transfer
of user messages and without interfering with congestion control.
This is preferred to using DATA chunks (with padding as required) as
path probes.
XXX << Future versions of this specification might define a parameter
contained in the INIT and INIT ACK chunk to indicate the MTU to the
peer. However, multihoming makes this a bit complex, so it might not
be worth doing.>>
5.2.1. SCTP/IP4 and SCTP/IPv6
The base protocol is specified in [RFC4960].
5.2.1.1. Sending SCTP Probe Packets
Probe packets consist of an SCTP common header followed by a
HEARTBEAT chunk and a PAD chunk. The PAD chunk is used to control
the length of the probe packet. The HEARTBEAT chunk is used to
trigger the sending of a HEARTBEAT ACK chunk. The reception of the
HEARTBEAT ACK chunk acknowledges reception of a successful probe.
The HEARTBEAT chunk carries a Heartbeat Information parameter which
should include, besides the information suggested in [RFC4960], the
probing size, which is the MTU size the complete datagram will add up
to. The size of the PAD chunk is therefore computed by reducing the
probing size by the IPv4 or IPv6 header size, the SCTP common header,
the HEARTBEAT request and the PAD chunk header. The payload of the
PAD chunk contains arbitrary data.
To avoid fragmentation of retransmitted data, probing starts right
after the handshake, before data is sent. Assuming normal behaviour
(i.e., the PMTU is smaller than or equal to the interface MTU), this
process will take a few round trip time periods depending on the
number of PMTU sizes probed. The Heartbeat timer can be used to
implement the PROBE_TIMER.
5.2.1.2. Validating the Path with SCTP
Since SCTP provides an acknowledged PL, a sender does MUST NOT
implement the REACHABILITY_TIMER while in the PROBE_DONE state.
5.2.1.3. PTB Message Handling by SCTP
Normal ICMP verification MUST be performed as specified in Appendix C
of [RFC4960]. This requires that the first 8 bytes of the SCTP
common header are quoted in the payload of the PTB message, which can
be the case for ICMPv4 and is normally the case for ICMPv6.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 18]
Internet-Draft Datagram PLPMTUD January 2018
When a PTB message has been verified, the router Link MTU indicated
in the PTB message SHOULD be used with the PLPMTUD algorithm,
providing that the reported Link MTU is less than the current probe
size.
5.2.2. DPLPMTUD for SCTP/UDP
The UDP encapsulation of SCTP is specified in [RFC6951].
5.2.2.1. Sending SCTP/UDP Probe Packets
Packet probing can be performed as specified in Section 5.2.1.1. The
maximum payload is reduced by 8 bytes, which has to be considered
when filling the PAD chunk.
5.2.2.2. Validating the Path with SCTP/UDP
Since SCTP provides an acknowledged PL, a sender does MUST NOT
implement the REACHABILITY_TIMER while in the PROBE_DONE state.
5.2.2.3. Handling of PTB Messages by SCTP/UDP
Normal ICMP verification MUST be performed for PTB messages as
specified in Appendix C of [RFC4960]. This requires that the first 8
bytes of the SCTP common header are contained in the PTB message,
which can be the case for ICMPv4 (but note the UDP header also
consumes a part of the quoted packet header) and is normally the case
for ICMPv6. When the verification is completed, the router Link MTU
size indicated in the PTB message SHOULD be used with the PLPMTUD
algorithm providing that the reported LInk MTU is less than the
current probe size.
5.2.3. DPLPMTUD for SCTP/DTLS
The Datagram Transport Layer Security (DTLS) encapsulation of SCTP is
specified in [I-D.ietf-tsvwg-sctp-dtls-encaps]. It is used for data
channels in WebRTC implementations.
5.2.3.1. Sending SCTP/DTLS Probe Packets
Packet probing can be done as specified in Section 5.2.1.1.
5.2.3.2. Validating the Path with SCTP/DTLS
Since SCTP provides an acknowledged PL, a sender does MUST NOT
implement the REACHABILITY_TIMER while in the PROBE_DONE state.
5.2.3.3. Handling of PTB Messages by SCTP/DTLS
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 19]
Internet-Draft Datagram PLPMTUD January 2018
It is not possible to perform normal ICMP verification as specified
in [RFC4960], since even if the ICMP message payload contains
sufficient information, the reflected SCTP common header would be
encrypted. Therefore it is not possible to process PTB messages at
the PL.
5.3. Other IETF Transports
Quick UDP Internet Connection (QUIC) is a UDP-based transport that
provides reception feedback [I-D.ietf-quic-transport].
XXX << This section will be completed in a future revision of this ID
>>
5.4. DPLPMTUD by Applications
Applications that use the Datagram API (e.g., applications built
directly or indirectly on UDP) can implement DPLPMTUD. Some
primitives used by DPLPMTUD might not be available via this interface
(e.g., the ability to access the PMTU cache, or interpret received
ICMP PTB messages).
In addition, it is important that PMTUD is not performed by multiple
protocol layers.
XXX << This section will be completed in a future revision of this ID
>>
6. Acknowledgements
This work was partially funded by the European Union's Horizon 2020
research and innovation programme under grant agreement No. 644334
(NEAT). The views expressed are solely those of the author(s).
7. IANA Considerations
This memo includes no request to IANA.
XXX << If new UDP Options are specified in this document, a request
to IANA will be included here.>>
If there are no requirements for IANA, the section will be removed
during conversion into an RFC by the RFC Editor.
8. Security Considerations
The security considerations for the use of UDP and SCTP are provided
in the references RFCs. Security guidance for applications using UDP
is provided in the UDP-Guidelines [RFC8085].
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 20]
Internet-Draft Datagram PLPMTUD January 2018
PTB messages could potentially be used to cause a node to
inappropriately reduce the effective PMTU. A node supporting PLPMTUD
SHOULD/MUST appropriately verify the payload of PTB messages to
ensure these are received in response to transmitted traffic (i.e., a
reported error condition that corresponds to a datagram actually sent
by the path layer.
XXX Determine if parallel forwarding paths needs to be considered XXX
A node performing PLPMTUD could experience conflicting information
about the size of supported probe packets. This could occur when
there are multiple paths are concurrently in use and these exhibit a
different PMTU. If not considered, this could result in data being
blackholed when the effective PMTU is larger than the smallest PMTU
across the current paths.
9. References
9.1. Normative References
[I-D.ietf-quic-transport]
Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed
and Secure Transport", Internet-Draft draft-ietf-quic-
transport-04, June 2017.
[I-D.ietf-tsvwg-sctp-dtls-encaps]
Tuexen, M., Stewart, R., Jesup, R. and S. Loreto, "DTLS
Encapsulation of SCTP Packets", Internet-Draft draft-ietf-
tsvwg-sctp-dtls-encaps-09, January 2015.
[I-D.ietf-tsvwg-udp-options]
Touch, J., "Transport Options for UDP", Internet-Draft
draft-ietf-tsvwg-udp-options-01, June 2017.
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, DOI
10.17487/RFC0768, August 1980, <http://www.rfc-editor.org/
info/rfc768>.
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5,
RFC 792, DOI 10.17487/RFC0792, September 1981, <https://
www.rfc-editor.org/info/rfc792>.
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122, DOI 10.17487/
RFC1122, October 1989, <http://www.rfc-editor.org/info/
rfc1122>.
[RFC1812] Baker, F., Ed., "Requirements for IP Version 4 Routers",
RFC 1812, DOI 10.17487/RFC1812, June 1995, <https://www
.rfc-editor.org/info/rfc1812>.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 21]
Internet-Draft Datagram PLPMTUD January 2018
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/
RFC2119, March 1997, <http://www.rfc-editor.org/info/
rfc2119>.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460,
December 1998, <http://www.rfc-editor.org/info/rfc2460>.
[RFC3828] Larzon, L-A., Degermark, M., Pink, S., Jonsson, L-E.Ed.,
and G. Fairhurst, Ed., "The Lightweight User Datagram
Protocol (UDP-Lite)", RFC 3828, DOI 10.17487/RFC3828, July
2004, <http://www.rfc-editor.org/info/rfc3828>.
[RFC4820] Tuexen, M., Stewart, R. and P. Lei, "Padding Chunk and
Parameter for the Stream Control Transmission Protocol
(SCTP)", RFC 4820, DOI 10.17487/RFC4820, March 2007,
<https://www.rfc-editor.org/info/rfc4820>.
[RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol",
RFC 4960, DOI 10.17487/RFC4960, September 2007, <https://
www.rfc-editor.org/info/rfc4960>.
[RFC6951] Tuexen, M. and R. Stewart, "UDP Encapsulation of Stream
Control Transmission Protocol (SCTP) Packets for End-Host
to End-Host Communication", RFC 6951, DOI 10.17487/
RFC6951, May 2013, <https://www.rfc-editor.org/info/
rfc6951>.
[RFC8085] Eggert, L., Fairhurst, G. and G. Shepherd, "UDP Usage
Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085,
March 2017, <http://www.rfc-editor.org/info/rfc8085>.
[RFC8201] McCann, J., Deering, S., Mogul, J. and R. Hinden, Ed.,
"Path MTU Discovery for IP version 6", STD 87, RFC 8201,
DOI 10.17487/RFC8201, July 2017, <https://www.rfc-
editor.org/info/rfc8201>.
9.2. Informative References
[RFC1191] Mogul, J.C. and S.E. Deering, "Path MTU discovery", RFC
1191, DOI 10.17487/RFC1191, November 1990, <http://www
.rfc-editor.org/info/rfc1191>.
[RFC2923] Lahey, K., "TCP Problems with Path MTU Discovery", RFC
2923, DOI 10.17487/RFC2923, September 2000, <https://www
.rfc-editor.org/info/rfc2923>.
[RFC4340] Kohler, E., Handley, M. and S. Floyd, "Datagram Congestion
Control Protocol (DCCP)", RFC 4340, DOI 10.17487/RFC4340,
March 2006, <https://www.rfc-editor.org/info/rfc4340>.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 22]
Internet-Draft Datagram PLPMTUD January 2018
[RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU
Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007,
<http://www.rfc-editor.org/info/rfc4821>.
[RFC4890] Davies, E. and J. Mohacsi, "Recommendations for Filtering
ICMPv6 Messages in Firewalls", RFC 4890, DOI 10.17487/
RFC4890, May 2007, <http://www.rfc-editor.org/info/
rfc4890>.
Appendix A. Event-driven state changes
This appendix contains an informative description of key events:
Path Setup: When a new path is initiated, the state is set to
PROBE_START. As soon as the path is confirmed, the state changes
to PROBE_BASE and the probing mechanism for this path is started.
A probe packet with the size of the BASE_PMTU is sent.
Arrival of an Acknowledgment: Depending on the probing state, the
reaction differs according to Figure 4, which is just a
simplification of Figure 1 focusing on this event.
+--------------+ +----------------+
| PROBE_START | --3------------------------------->| PROBE_DISABLED |
+--------------+ --4-----------\ +----------------+
\
+--------------+ \
| PROBE_ERROR | --------------- \
+--------------+ \ \
\ \
+--------------+ \ \ +--------------+
| PROBE_BASE | --1---------- \ ------------> | PROBE_BASE |
+--------------+ --2----- \ \ +--------------+
\ \ \
+--------------+ \ \ ------------> +--------------+
| PROBE_SEARCH | --2--- \ -----------------> | PROBE_SEARCH |
+--------------+ --1---\----\---------------------> +--------------+
\ \
+--------------+ \ \ +--------------+
| PROBE_DONE | \ -------------------> | PROBE_DONE |
+--------------+ -----------------------> +--------------+
Condition 1: The maximum PMTU size has not yet been reached.
Condition 2: The maximum PMTU size has been reached. Conition 3:
Probe Timer expires and PROBE_COUNT = MAX_PROBEs. Condition 4:
PROBE_ACK received.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 23]
Internet-Draft Datagram PLPMTUD January 2018
Probing timeout: The PROBE_COUNT is initialised to zero each time the
value of PROBED_SIZE is changed. The PROBE_TIMER is started each
time a probe packet is sent. It is stopped when an acknowledgment
arrives that confirms delivery of a probe packet. If the probe
packet is not acknowledged before,the PROBE_TIMER expires, the
PROBE_ERROR_COUNTER is incremented. When the PROBE_COUNT equals
the value MAX_PROBES, the state is changed, otherwise a new probe
packet of the same size (PROBED_SIZE) is resent. The state
transitions are illustrated in Figure 5. This shows a
simplification of Figure 1 with a focus only on this event.
+--------------+ +----------------+
| PROBE_START |----------------------------------->| PROBE_DISABLED |
+--------------+ +----------------+
+--------------+ +--------------+
| PROBE_ERROR | -----------------> | PROBE_ERROR |
+--------------+ / +--------------+
/
+--------------+ --2----------/ +--------------+
| PROBE_BASE | --1------------------------------> | PROBE_BASE |
+--------------+ +--------------+
+--------------+ +--------------+
| PROBE_SEARCH | --1------------------------------> | PROBE_SEARCH |
+--------------+ --2--------- +--------------+
\
+--------------+ \ +--------------+
| PROBE_DONE | -------------------> | PROBE_DONE |
+--------------+ +--------------+
Condition 1: The maximum number of probe packets has not been
reached. Condition 2: The maximum number of probe packets has been
reached.
PMTU raise timer timeout: The path through the network can change
over time. It impossible to discover whether a path change has
increased in the actual PMTU by exchanging packets less than or
equal to the effective PMTU. This requires PLPMTUD to periodically
send a probe packet to detect whether a larger PMTU is possible.
This probe packet is generated by the PMTU_RAISE_TIMER. When the
timer expires, probing is restarted with the BASE_PMTU and the
state is changed to PROBE_BASE.
Arrival of an ICMP message: The active probing of the path can be
supported by the arrival of PTB messages sent by routers or
middleboxes with a link MTU that is smaller than the probe packet
size. If the PTB message includes the router link MTU, three
cases can be distinguished:
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 24]
Internet-Draft Datagram PLPMTUD January 2018
1. The indicated link MTU in the PTB message is between the
already probed and effective MTU and the probe that triggered
the PTB message.
2. The indicated link MTU in the PTB message is smaller than the
effective PMTU.
3. The indicated link MTU in the PTB message is equal to the
BASE_PMTU.
In first case, the PROBE_BASE state transitions to the PROBE_ERROR
state. In the PROBE_SEARCH state, a new probe packet is sent with
the sized reported by the PTB message. Its result is handled
according to the former events.
The second case could be a result of a network re-configuration.
If the reported link MTU in the PTB message is greater than the
BASE_MTU, the probing starts again with a value of PROBE_BASE.
Otherwise, the method enters the state PROBE_ERROR.
In the third case, the maximum possible PMTU has been reached.
This is probed again, because there could be a link further along
the path with a still smaller MTU.
Note: Not all routers include the link MTU size when they send a
PTB message. If the PTB message does not indicate the link MTU,
the probe is handled in the same way as condition 2 of Figure 5.
Appendix B. Revision Notes
Note to RFC-Editor: please remove this entire section prior to
publication.
Individual draft -00:
o Comments and corrections are welcome directly to the authors or
via the IETF TSVWG working group mailing list.
o This update is proposed for WG comments.
Individual draft -01:
o Contains the first representation of the algorithm, showing the
states and timers
o This update is proposed for WG comments.
Individual draft -02:
o Contains updated representation of the algorithm, and textual
corrections.
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 25]
Internet-Draft Datagram PLPMTUD January 2018
o The text describing when to set the effective PMTU has not yet
been verified by the authors
o To determine security to off-path-attacks: We need to decide
whether a received PTB message SHOULD/MUST be verified? The text
on how to handle a PTB message indicating a link MTU larger than
the probe has yet not been verified by the authors
o No text currently describes how to handle inconsistent results
from arbitrary re-routing along different parallel paths
o This update is proposed for WG comments.
Working Group draft -00:
o This draft follows a successful adoption call for TSVWG
o There is still work to complete, please comment on this draft.
o Sections marked XXX indicate areas that are expected to change in
the next revision.
Authors' Addresses
Godred Fairhurst
University of Aberdeen
School of Engineering
Fraser Noble Building
Aberdeen, AB24 3U
UK
Email: gorry@erg.abdn.ac.uk
Tom Jones
University of Aberdeen
School of Engineering
Fraser Noble Building
Aberdeen, AB24 3U
UK
Email: tom@erg.abdn.ac.uk
Michael Tuexen
Muenster University of Applied Sciences
Stegerwaldstrasse 39
Stein fart, 48565
DE
Email: tuexen@fh-muenster.de
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 26]
Internet-Draft Datagram PLPMTUD January 2018
Irene Ruengeler
Muenster University of Applied Sciences
Stegerwaldstrasse 39
Stein fart, 48565
DE
Email: i.ruengeler@fh-muenster.de
Fairhurst, Jones, Tuexen ExpireseJuly 24, 2018 [Page 27]