Boeing Research & Technology

P.O. Box 3707 Seattle WA 98124 USA fltemplin@acm.org

I-D Internet-Draft The Internet Protocol, version 4 (IPv4) header includes a 16-bit Identification field in all packets, but this length is too small to ensure reassembly integrity even at moderate data rates in modern networks. Even for Internet Protocol, version 6 (IPv6), the 32-bit Identification field included when a Fragment Header is present may be smaller than desired for some intended uses. This specification addresses these limitations by defining both an IPv4 header option and a corresponding IPv6 Hop-by-Hop Option for Identification Extension.

The Internet Protocol, version 4 (IPv4) header includes a 16-bit Identification in all packets , but this length is too small to ensure reassembly integrity even at moderate data rates in modern networks . This document defines a new option for IPv4 that extends the Identification field to 32-bits (i.e., the same as for IPv6 packets that include a Fragment Header ) to support reassembly integrity at high data rates. When an IPv4 packet includes this "Identification Extension" option, the value encoded in the IPv4 header Identification field represents the 2 least-significant octets while the option encodes the 2 most-significant octets of an extended 4-octet Identification. Hosts and routers that recognize the option employ it for packet identification purposes in general and to fortify the IPv4 reassembly procedure in particular. This specification also supports a "hyper-extended" mode that extends the Identification field to 64-bits for both IPv4 and IPv6. This format may be useful for networks that operate at still higher data rates, or for other cases when Identification uniqueness assurance is critical. Together, these IP options ensure robust fragmentation and reassembly integrity as well as Identification uniqueness for the Internet.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here. This document uses the term "IP" to refer generically to either protocol version (i.e., IPv4 or IPv6), and uses the term "IP ID" to refer generically to the IP Identification field whether in simple or (hyper-)extended form. The term "Maximum Transmission Unit (MTU)" is used exactly the same as for standard Internetworking terminology. The term "Packet Too Big (PTB)" refers to either an IPv6 "Packet Too Big" or an IPv4 "Destination Unreachable - Fragmentation Needed" message.

Studies over many decades have shown that transport layer protocols often achieve greater performance by setting segment sizes that exceed the path Maximum Transmission Unit (MTU). When the segment size exceeds the path MTU, IP fragmentation at some layer is a natural consequence. However, the 16-bit IPv4 and 32-bit Identification fields may be too short to support reassembly integrity at modern and future data rates. We therefore propose fortifying the IP ID by extending its length. A recent study proved that setting segment sizes that cause IPv4 packets to exceed the path MTU (thereby invoking IPv4 fragmentation and reassembly) provides a multiplicative performance increase at high data rates in comparison with using smaller segment sizes as long as fragment loss is negligible. This contradicts decades of unfounded assertions to the contrary and proves that the original design of the Internet which included fragmentation and reassembly as a core function was the correct one. An alternative to extending the IP ID was also examined in which IPv4 packets were first encapsulated in IPv6 headers then subjected to IPv6 fragmentation where a 32-bit Identification field already exists. While this IPv4-in-IPv6 encapsulation followed by IPv6 fragmentation also showed a performance increase for larger segment sizes in comparison with using MTU-sized or smaller segments, the magnitude of increase was significantly less than for invoking IP fragmentation directly without first applying encapsulation. Widely deployed implementations also often employ a common code base for both IPv4 and IPv6 fragmentation/reassembly since their algorithms are so similar. It therefore seems reasonable to conclude that IPv4 fragmentation and reassembly can support higher data rates than IPv6 when full (uncompressed) headers are used. In addition to enabling higher data rates in the presence of fragmentation and reassembly, extending the IP ID can enable other important services. For example, an extended IP ID can support a duplicate packet detection service in which the network remembers recent IP ID values for a flow and excludes any packets that repeat recently-used values. An extended IP ID can also provide a packet sequence number that allows communicating peers to exclude any packets with IP ID values outside of a current window as potential spurious transmissions. These and other cases also hold true even if the source frequently resets its starting IP ID sequence numbers to maintain an unpredictable profile. For these reasons, it is clear that a robust IP fragmentation and reassembly service can provide a useful tool for performance maximization in the Internet and that an extended IP ID can provide greater uniqueness assurance. This document therefore presents a means to extend the IP ID to better support these services.

IP ID extension for IPv4 is achieved by introducing a new IPv4 option. This new IPv4 ID Extension (IDEXT) Option begins with an option-type octet with "copied flag" set to '1', "option class" set to '00' and "option number" set to TBD. The option-type octet is followed immediately by an option-length octet set to the constant value '4'. The option-type is then followed by a 2-octet "ID Extension" field that (when combined with the 2 least-significant octets found in the IPv4 packet header Identification field) includes the 2 most-significant octets of an extended 4-octet (32-bit) IP ID for the packet. The option format is shown in :

When an IPv4 source node (i.e., an original source or an IPv4 encapsulation ingress) wishes to supply a 4-octet extended IP ID for the packet, it includes an IDEXT option in the IPv4 packet header options area, i.e., based on the same rules as for including any IPv4 option. The source next writes the 2 least-significant octets in the IPv4 header Identification field and writes the 2 most-significant octets in the "ID Extension" field. The source then applies source fragmentation if necessary while including the extended IP ID value. The source copies the ID Extension option to each resulting fragment and sets or clears the "Don't Fragment (DF)" flag as desired. (In the limiting case, the source can set DF to disable network fragmentation and replicate the conditions experienced for IPv6.) The source then forwards each packet/fragment to the next hop, where IPv4 forwarding will direct them toward the final destination. If an IPv4 router on the path needs to apply network fragmentation, it copies the IDEXT option into each resulting fragment to provide the final destination with the correct reassembly context.

When an IPv4 source produces a sustained burst of IPv4 packets that use the same source address, destination address and protocol at extreme data rates (e.g., in excess of 1Tbps), or when the source plans to reset the IP ID starting sequence frequently or even pseudo-randomly, it can optionally "hyper-extend" the IP ID by supplying an 8-octet (64-bit) value instead of a 2/4-octet value. To apply hyper-extension, the source includes an IDEXT option with option-type set to TBD the same as above, but with option-length set to '8' instead of '4' as shown in :

The option will then include a 6-octet ID Extension, with the 6 most significant IP ID octets appearing in network byte order in the option-data and with the 2 least significant octets appearing in the IPv4 Identification field. The combined 8-octet IP ID can then fit properly within the longest word length for modern 64-bit architectures.

Techniques that improve IPv4 often also apply in a corresponding fashion for IPv6 (and vice-versa). This document therefore defines a new IPv6 ID Extension Hop-by-Hop (HBH) Option for IPv6 that (hyper-)extends the base IPv6 ID. IPv6 packets that include a Fragment Header already have a 4-octet (32-bit) IPv6 ID , while those that do not include a Fragment Header have a 0-octet (0-bit) IPv6 ID. The IPv6 ID Extension HBH Option format is shown in :

When an IPv6 packet that includes the IPv6 ID Extension HBH Option does not include a Fragment Header, the Option Data Length must be either '4' or '8', and the option body correspondingly includes the full 4-octet or 8-octet IPv6 ID for the packet in network byte order. When an IPv6 packet that includes the IPv6 ID Extension HBH Option also includes a Fragment Header, the option length must be either '0' or '4', and the option body correspondingly includes the 0 or 4 most significant IPv6 ID octets in network byte order while the Fragment Header includes the 4 least significant octets.

IPv4 routers MUST forward without dropping any packets with IPv4 option-type TBD while copying the option during (router) fragmentation, and IPv6 routers MUST forward without dropping any packets with IPv6 HBH Option Type TBD2. Destinations that recognize IPv4 option-type TBD and/or IPv6 HBH Option Type TBD2 MUST accommodate packets that include all extended and hyper-extended IP ID formats based on any 4-octet or 8-octet value included by the source. Sources MUST transmit and destinations MUST process the octets of the extended IP ID in network byte order with the base IP header Identification field containing the least significant octets and the ID (Hyper-)Extension field containing the most significant octets. When the ID (Hyper-)Extension field is absent, implementations consider its value to be 0. Implementations should therefore maintain the IP ID as an 8-octet (64-bit) integer with any most significant octets not covered by an extension set to 0. Since the option is included only by the source and reassembly is performed only by the destination, the source can test whether the path and/or destination are compliant by sending a fragmented 'ping' packet with the same IP Identification in all fragments but with two or more fragments containing different pseudo-random values in the option (hyper-)extension fields (the source can first send an ordinary 'ping' to test reachability). If the destination responds to a fragmented ping sent with mismatched (hyper-)extended IP IDs (proving that reassembly was performed without honoring the option) the source can infer that the destination and/or some router on the path does not recognize the option. Option formats supported by this specification include only the mandatory-to-implement (hyper-)extended formats which are differentiated by the option-length value for IPv4 or the Option Data Length value for IPv6. Future documents may specify additional formats with different option length values. Note: IP fragmentation can only be applied for packet lengths up to a maximum of 65535 octets. IP parcels and advanced jumbos provide a means for efficiently packaging and shipping multiple large segments or truly large singleton segments in IP packets that may exceed this size .

limits the use of the IPv4 ID field to only supporting the fragmentation and reassembly processes. When an IPv4 packet includes a TBD option, however, the source asserts that the IPv4 ID includes a well managed 4/8-octet value that can satisfy uniqueness properties useful for other purposes. This specification therefore updates by permitting use of the extended IPv4 ID for purposes other than support for fragmentation and reassembly.

specifies procedures for fragmenting and reassembling the constituent packets derived from IP parcels that have been opened somewhere along the path. Since each packet derived from the same parcel shares the same Identification value, an ancillary Index field is also necessary to differentiate the packets. The IPv6 Fragment Header includes an 8-bit Reserved field that can be re-purposed to encode an Index, but the IPv4 header does not provide sufficient space. With reference to and , this document therefore specifies the following IPv4 ID Parcel Index extension octet:

When option-length is '3', the option-data includes 2 Identification extension octets followed by the Parcel Index extension octet. When option-length is '7', the option-data instead includes 6 Identification extension octets followed by the Parcel Index extension octet. The Parcel Index octet field names and descriptions appear in .

When an IPv6 router forwards a packet that includes both an IPv6 HBH Option with type TBD2 and a Fragment Header, it applies (further) fragmentation if the next hop link MTU is insufficient. The presence of both the TBD2 HBH Option and Fragment Header therefore provides a "network fragmentation permitted" indication for IPv6 in the same spirit as for IPv4 packets that set the "Don't Fragment (DF)" flag to 0 (conversely, IPv6 routers treat all other packets as DF=1). This allows an IPv6 router to apply fragmentation on packets that already include a Fragment Header, but never to insert a Fragment Header themselves. This specification therefore updates by permitting network fragmentation for IPv6 under the above conditions.

When a node forwards an IP packet that exceeds the next hop link MTU but for which fragmentation is forbidden, it drops the packet and returns a "Packet Too Big (PTB)" message to the original source . This always results in wasted retransmissions by the source as well as all routers on the path toward the node with the restricting link. Conversely, when a packet includes an IP ID Extension option (and also a Fragment Header for IPv6) the network will perform fragmentation if necessary allowing the packet to reach the final destination without loss due to a size restriction. While the fragmentation and reassembly processes eliminate wasted retransmissions and can also support significant performance gains through transmissions of upper layer protocol segment sizes that exceed the path MTU, the processes sometimes represent pain points that should be communicated to the original source. The original source should then take measures to reduce the pain. The IPv4 PTB format includes an "unused" field while the IPv6 PTB format includes a "Code" field, with both fields set to the value "0" for ordinary PTB messages. The value "0" signifies a "classic" PTB and always denotes that the subject packet was unconditionally dropped due to a size restriction. For IP packets that include an IP ID Extension option (and also a Fragment Header for IPv6) other PTB unused/Code values are defined as follows: Sent by a router when it performs fragmentation on an IP packet that could instead have been fragmented by the original source. The router sends the PTB message subject to rate limiting while still fragmenting and forwarding the packet. The MTU field of the PTB message includes the maximum fragment size that can pass through the restricting link. This value will often be considerably smaller than the maximum packet size that can be reassembled by the final destination. The same as for value 1, except that the router drops the packet instead of fragmenting and forwarding. This message type represents a hard error. Sent by the final destination when it performs reassembly on an IP packet under periods of reassembly buffer congestion. The destination sends the PTB message subject to rate limiting while still reassembling and accepting the packet. The MTU field of the PTB message includes a reduced total packet size to ease current reassembly buffer congestion. This value will often be considerably larger than the path MTU. The same as for value 3, except that the final destination drops the packet instead of reassembling and accepting. This message type represents a hard error. Parcel Report - Sent by a router or final destination in response to an IP parcel that triggered the event (see: ). Jumbo Report - Sent by a router or final destination in response to an IP advanced jumbo that triggered the event (see: ). When the original source receives an authentic Code 1 or 2 PTB, it begins to perform source fragmentation using the fragment size indicated in the MTU field which may be smaller than the first hop link MTU. This reduces the burden on routers in the path which will no longer need to perform network fragmentation. When the original source receives a Code 3 or 4 PTB, it reduces the size of the packets it sends based on the packet size indicted in the MTU field which may be larger than the path MTU. This reduces the burden on the final destination which will no longer need to reassemble such large packets.

In progress.

IANA is requested to assign a new IPv4 Option named "IDEXT" in the 'ip-parameters' registry (registration procedures not defined). The option sets "Copy" to '1', "Class" to '00' and "Number" to TBD. IANA is further requested to assign a new IPv6 Destination Option with description "IPv6 ID Extension" in the 'ipv6-parameters' registry (registration procedures IESG Approval, IETF Review or Standards Action). The option sets "act" to '00', "chg" to '0' and "rest" to TBD2. The IANA is instructed to assign new Code values in the "ICMPv6 Code Fields: Type 2 - Packet Too Big" registry (registration procedure is Standards Action or IESG Approval). The registry should appear as follows:

(Note: this registry also defines values for the "unused" field of ICMPv4 "Destination Unreachable - Fragmentation Needed" messages.)

All aspects of IP security apply equally to this document, which does not introduce any new vulnerabilities. Moreover, when employed correctly the mechanisms in this document robustly address a known IPv4 reassembly integrity concern and also provide an advanced degree of packet uniqueness assurance.

This work was inspired by continued DTN performance studies.

<< RFC Editor - remove prior to publication >> Differences from earlier versions: First draft publication.