From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 108CEC47080 for ; Mon, 31 May 2021 11:20:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E804B6135C for ; Mon, 31 May 2021 11:20:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231426AbhEaLWV (ORCPT ); Mon, 31 May 2021 07:22:21 -0400 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:55441 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230521AbhEaLWR (ORCPT ); Mon, 31 May 2021 07:22:17 -0400 Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id 14VBJfc3009627; Mon, 31 May 2021 13:19:41 +0200 Date: Mon, 31 May 2021 13:19:40 +0200 From: Willy Tarreau To: David Laight Cc: "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" , David Miller , Jakub Kicinski , Alexey Kuznetsov , Hideaki YOSHIFUJI , Amit Klein , Eric Dumazet Subject: Re: [PATCH net-next] ipv6: use prandom_u32() for ID generation Message-ID: <20210531111940.GA9609@1wt.eu> References: <20210529110746.6796-1-w@1wt.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Mon, May 31, 2021 at 10:41:18AM +0000, David Laight wrote: > The problem is that, on average, 1 in 2^32 packets will use > the same id as the previous one. > If a fragment of such a pair gets lost horrid things are > likely to happen. > Note that this is different from an ID being reused after a > count of packets or after a time delay. I'm well aware of this, as this is something we discussed already for IPv4 and which I objected to for the same reason (except that it's 1/2^16 there). With that said, the differences with IPv4 are significant here, because you won't fragment below 1280 bytes per packet, which means the issue could happen every 5 terabytes of fragmented losses (or reorders). I'd say that in the worst case you're using load-balanced links with some funny LB algorithm that ensures that every second fragment is sent on the same link as the previous packet's first fragment. This is the case where you could provoke a failure every 5 TB. But then you're still subject to UDP's 16-bit checksumm so in practice you're seeing a failure every 320 PB. Finally it's the same probability as getting both TCP csum + Ethernet CRC correct on a failure, except that here it applies only to large fragments while with TCP/eth it applies to any packet. > So you still need something to ensure IDs aren't reused immediately. That's what I initially did for IPv4 but Amit could exploit this specific property. For example it makes it easier to count flows behind NAT when there is a guaranteed distance :-/ We even tried with a smooth, non-linear distribution, but that made no difference, it remained observable. Another idea we had in mind was to keep small increments for local networks and use full randoms only over routers (since fragments are rare and terribly unreliable on the net), but that would involve quite significant changes for very little benefit compared to the current option in the end. Regards, Willy