From: Vlad Yasevich <vladislav.yasevich@hp.com>
To: Gerrit Renker <gerrit@erg.abdn.ac.uk>,
Herbert Xu <herbert@gondor.apana.org.au>,
David Miller <davem@davemloft.net>,
vladislav.yasevich@hp.com, netdev@vger.kernel.org
Subject: Re: [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant?
Date: Mon, 28 Jul 2008 09:14:34 -0400 [thread overview]
Message-ID: <488DC63A.3070309@hp.com> (raw)
In-Reply-To: <20080728112527.GB7589@gerrit.erg.abdn.ac.uk>
Ok, I seem to be confused here.
Gerrit Renker wrote:
> Thank you for the input. To sum up,
> * removing the per-protocol "ICMP payload too short" test and error counter
> increment as initially suggested does not seem right;
> * there are protocols such as IPComp which have a header length less than
> 8 bytes(and for these the test in the ICMP handler may be too much);
How so. Either 8 bytes will be there or not. If the 8 bytes aren't there,
we won't event make to the error handlers as it stands right now. As is, if
the ICMP packet doesn't contain the 8 bytes, it's too short according to ICMP spec.
> * there are protocols such as DCCP which need more than 8 bytes (at least 12)
> to interpret the ICMP message in a meaningful way;
If you need more then 8 bytes, that protocol needs to have a check for the extra
space. 8 byte are mandatory.
> * the requirement of having at least 8 bytes of transport-layer data available
> is stringent (afaik) only for ICMPv4, but not ICMPv6;
Splitting hairs here, but ICMPv6 is much more stringent. It forces you send as
close to 1280 byte error messages as possible.
> * only TCP/SCTP seem to have a proper per-protocol "payload too short" test;
Hm.. In the standard case, these do seem to be redundant since 8 bytes are required
by ICMP spec.
> * for DCCP, the work is actually doubled since
> - first the ICMP handler tests for minimally 8 bytes,
> - then the DCCP error handler tests for required minimum of 12 bytes.
DCCP and any other protocol that requires more error data should check for it in
its own handler. 8 bytes should be guaranteed to such handler.
What am I missing?
Thanks
-vlad
>
> Thus the patch at the begginning of this thread should be disregarded.
> It might be worth to consider per-protocol handlers.
>
> Gerrit
>
next prev parent reply other threads:[~2008-07-28 13:14 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-25 15:20 [RFC] sctp/tcp: Question -- ICMPv4 length check (not) redundant? Gerrit Renker
2008-07-26 2:15 ` Vlad Yasevich
2008-07-26 4:38 ` David Miller
2008-07-26 7:03 ` Gerrit Renker
2008-07-26 7:36 ` David Miller
2008-07-26 8:10 ` Gerrit Renker
2008-07-27 4:48 ` Herbert Xu
2008-07-27 4:51 ` Herbert Xu
2008-07-28 11:25 ` Gerrit Renker
2008-07-28 13:08 ` Herbert Xu
2008-07-28 13:14 ` Vlad Yasevich [this message]
2008-07-28 17:08 ` Gerrit Renker
2008-07-28 17:27 ` Vlad Yasevich
2008-07-28 17:44 ` Gerrit Renker
2008-07-28 18:09 ` Vlad Yasevich
2008-07-30 10:19 ` David Miller
2008-07-30 12:49 ` Vlad Yasevich
2008-07-29 1:56 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=488DC63A.3070309@hp.com \
--to=vladislav.yasevich@hp.com \
--cc=davem@davemloft.net \
--cc=gerrit@erg.abdn.ac.uk \
--cc=herbert@gondor.apana.org.au \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.