Re: [tcpm] WG Last Call for ICMP Attacks

To: Joe Touch <touch at ISI.EDU>
Subject: Re: [tcpm] WG Last Call for ICMP Attacks
From: Carlos Pignataro <cpignata at cisco.com>
Date: Wed, 09 Sep 2009 11:12:15 -0400
Cc: "Smith, Donald" <Donald.Smith at qwest.com>, 'tcpm Extensions WG' <tcpm at ietf.org>, 'David Borman' <david.borman at windriver.com>, Fernando Gont <fernando at gont.com.ar>
Delivered-to: tcpm at core3.amsl.com
In-reply-to: <4AA7C32B.3020606 at isi.edu>
List-archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-help: <mailto:tcpm-request@ietf.org?subject=help>
List-id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-post: <mailto:tcpm@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
Organization: cisco Systems, Inc.
References: <F1534040-EA0D-44E4-98F7-67C24CD12CCF at windriver.com> <B01905DA0C7CDC478F42870679DF0F1005B64E383D at qtdenexmbm24.AD.QINTRA.COM> <4A9F4AB1.6070605 at gont.com.ar> <4AA6E2CC.2000905 at isi.edu> <4AA73910.7080002 at gont.com.ar> <4AA74639.4000500 at isi.edu> <4AA7B738.10400 at cisco.com> <4AA7B930.10300 at isi.edu> <4AA7BFE4.5050209 at cisco.com> <4AA7C32B.3020606 at isi.edu>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Thunderbird/2.0.0.23 Mnenhy/0.7.6.0

On 9/9/2009 11:00 AM, Joe Touch wrote:
> 
> 
> Carlos Pignataro wrote:
> ...
>> The document says the following; would s/discarded/discarded or delayed/
>> cover it?
> 
>>    It is important to note that ICMP error messages are unreliable, and
>>    may be discarded due to data corruption, network congestion or rate-
>>    limiting.  Thus, while they provide useful information, upper layer
>>    protocols cannot depend on ICMP for correct operation.
> 
> That would help there, but it is also useful in other places to indicate
> what happens when a legitimate ICMP is delayed, i.e., how that affects
> what your algorithm would do.
> 
> It's OK to qualify it with "this is unlikely", but IMO it needs to be
> discussed with more than a single word in a single paragraph.

I think that "this is unlikely" or "this is highly unlikely" would still
be understating the probability (I am curious to see any experienced
example of ICMP being delayed minutes). Redundancy architectures of
routers typically cover the planned upgrade (or even unexpected reload)
scenarios you presented.

Perhaps a separate sentence in that paragraph before the "Thus, " with
some variation of "rate-limiting can delay ICMPs, and some other highly
unlikely theoretical scenarios can compound the delay"?

Thanks,

-- Carlos.

> 
> Joe

Follow-Ups:
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Joe Touch

References:
- [tcpm] WG Last Call for ICMP Attacks
  - From: David Borman
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Smith, Donald
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Fernando Gont
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Fernando Gont
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Carlos Pignataro
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Carlos Pignataro
- Re: [tcpm] WG Last Call for ICMP Attacks
  - From: Joe Touch

Prev by Date: Re: [tcpm] WG Last Call for ICMP Attacks
Next by Date: Re: [tcpm] WG Last Call for ICMP Attacks
Previous by thread: Re: [tcpm] WG Last Call for ICMP Attacks
Next by thread: Re: [tcpm] WG Last Call for ICMP Attacks
Index(es):
- Date
- Thread

Re: [tcpm] WG Last Call for ICMP Attacks

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.