[Openswan Users] Re: UDP fragmentation in Linux

mcr at xelerance.com mcr at xelerance.com
Fri Mar 4 14:49:58 CET 2005 

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Marcus" == Marcus Leech <mleech at nortel.com> writes:
    Marcus> After my fiasco of last night (trying to use 2048-bit certs
    Marcus> and having them utterly fail to make across the network),
    Marcus> I've started looking into Linux UDP fragmentation grossness.

  Right.
  That's why in-line certificates suck :-)
  Please visit PKI4IPSEC WG.

    Marcus> But with UDP packets (NOT JUST PLUTO--I wrote some test
    Marcus> code), the stack simply emits a single packet with the "more
    Marcus> fragments" flag bit set in the IP header, the UDP length
    Marcus> field set to the UDP length, and the IP length set to the
    Marcus> MTU.  But the trailing fragment(s) never get emitted--just

  Right. Exactly. With DF set, you have to fragment.

  The local stack enforces this. With 2.6 there is an option to turn off
DF on a per-socket basis.  I wrote some for pluto, but I didn't get a
chance to test that.
  You can also just turn DF off for all UDP.

    Marcus> Another observation.  When I was testing this stuff
    Marcus> purely-locally (on the same IP subnet), I could use long
    Marcus> certificates, and nothing bad happened.  I can only assume
    Marcus> that the Linux stack detects the "local subnettedness" and
    Marcus> uses jumbograms--I don't have the patience/energy to go back
    Marcus> and set it up again to run a tcpdump.

  Maybe... doubtful to me.

    Marcus> I can't believe people put up with this.  It's so horribly,
    Marcus> outrageously broken.  Now, I know that there are those that

  Nobody uses UDP out there for anything other than DNS.
  And the DNS folks went to great lengths to make sure that
fragmentation wouldn't occur unless all ends were agreeable (EDNS0).

    Marcus> In the absence of app-layer fragmentation in IKE, how am I
    Marcus> supposed to support larger (2048-bit) certificates?

  Visit PKI4IPSEC.
  Do not send in-line certificates. Get them from HTTP or LDAP.
     (even if the HTTP is running on the client's computer...)

  I've suggested application layer fragmentation for IKEv2.

- -- 
] Michael Richardson          Xelerance Corporation, Ottawa, ON |  firewalls  [
] mcr @ xelerance.com           Now doing IPsec training, see   |net architect[
] http://www.sandelman.ca/mcr/    www.xelerance.com/training/   |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQii75IqHRg3pndX9AQFfRgP/U+b1FbA+1Q2iBAibIL4UP4sCmFvnSiDs
sUy8z4IimbA73risxtHzFU1aLdp/nzOpYQfOi2X33aDn4DyOhGifHsFm4kplRSIP
GYMv/OdTgpP7ektkcEqO7kl0yGpFlK4O/9IotZQmvFUni1USaBU8D6aGlehceBK3
mGYrtUwXt34=
=lk5G
-----END PGP SIGNATURE-----

More information about the Users mailing list