The present application relates generally to an improved data processing apparatus and method and more specifically to mechanisms for discovering path maximum transmission unit (MTU) while eliminating packet-sent/packet-too-big-message-received iterations and eliminating security concerns involving false messages that indicate a path MTU larger/smaller than reality.
Request for Comment (RFC) 1981 entitled “Path MTU Discovery for IP Version 6,” August 1996, available from the Internet Engineering Task Force (IETF) describes a technique to dynamically discover the path maximum transmission unit (PMTU) of a path. The PMTU is defined as the largest size data packet that can successfully traverse the path from a source node to a destination node without being fragmented. With the technique described in RFC 1981, a source node initially assumes that the PMTU of a path is the known MTU of the first hop in the path. If any of the packets sent on that path are too large to be forwarded by some node along the path, that node will discard them and return an Internet Control Message Protocol version 6 (ICMPv6) Packet Too Big messages. Upon receipt of such an ICMPv6 Packet Too Big message, the source node reduces its assumed PMTU for the path based on the MTU of the constricting hop as reported in the ICMPv6 Packet Too Big message.
The PMTU discovery process ends when the source node's estimate of the PMTU is less than or equal to the actual PMTU. Note that several iterations of the packet-sent/Packet-Too-Big-message-received cycle may occur before the PMTU discovery process ends, as there may be links with smaller MTUs than the assumed PMTU further along the path each time the PMTU is re-calculated. Thus, there may be considerable overhead in determining the PMTU using the technique described in the RFC 1981.
In addition, as described in section 6 of RFC 1981, entitled “Security Considerations,” the PMTU discovery technique described in the RFC 1981 makes possible two denial-of-service attacks, both of which are based on a malicious party sending false Packet Too Big messages to a node.
In a first possible denial-of-service attack, the false Packet Too Big message indicates a PMTU much smaller than reality. This will not entirely stop data flow since the victim node will not set its PMTU estimate below the IPv6 minimum link MTU. It will, however, result in sub-optimal performance.
In a second possible denial-of-service attack, the false Packet Too Big message indicates a PMTU larger than reality. If believed, this message could cause a temporary blockage as the victim node sends packets that will be dropped by a later node. Within one round-trip time, the victim node will discover its mistake, but frequent repetition of this attack may cause a large number of packets to be dropped.