RFC: fragmentation code experiment

Todd (todd@unm.edu)
Sat, 23 Oct 1999 17:31:13 -0600 (MDT)


hi,

i am working on a project related to the linux networking code and wanted
comments both on the project, in general, and on methodology.

here is the general set of premises:

1) the code related to fragmentation and (especially) reassembly and
(especially) out-of-order reassembly is some of the more complicated and
difficult-to-get-right code in the IP portion of the networking code.
this code has, over the course of the past year or two, also been
responsible for security (denial of service) and other problems.

2) modern networks almost never produce out-of-order fragments for packets
that are eventually accepted (this is a premise--needs to be tested).

3) workstations and server that do no fragment reassembly or at least no
out-of-order fragment reassembly would have simpler (and
better-performing) network code.

4) if fragment reassembly (out-of-order or not) needs to be done, it
should be done by border routers (where people are increasingly willing to
do computationally intensive stuff like filter and reassemble fragments).

so the general plan is to test some of these premises in the following
ways.

add a sysctl (i haven't yet figured out how to do that) to log the
entry into the sections of code that i am interested in: fragments being
reassembled, fragments out-of-order being reassembled, packets being
dropped.

create a log-processing script that correlates and counts the above kinds
of events. in particular, count how many packets are received as
out-of-order fragments but are eventually accepted (which i am assuming
will almost never happen, but need to test).

i would be interested in suggestions about how to best implement this
(including any guidance for adding a sysctl; i have read the documentation
and some of the code, but i don't understand it yet; also interesting
questions: does anyone agree with my premises about the state of the
fragment code or have other perspectives). i'd also be interested in
other general thoughts about the project.

thanks, in advance for comments on this,

todd underwood
todd@unm.edu

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/