Re: Types of packet modifications allowed for networks

["Steven M. Bellovin" <smb () cs columbia edu>]

On Sat, 31 May 2008 17:59:40 -0400
Jean-François Mezei <jfmezei () vaxination ca> wrote:

> I would like any pointers to good documents that outline what sort of
> packet modifications are allowed (in terms of Internet
> culture/policies) by networks.
>
> Notably:
>
> For a transit network (neither sending or destination IPs belong to
> the network)
>
> For the sending network (originating IP belongs to that network)
>
> For the destination network (destination IP belongs to that network).
>
>
> Obviously, every router will change/decrement the TTL (and recalculate
> the header checksum) in the IP header. Are there other fields that are
> routinely changed at every hop ?

Assorted IP options carry network state: Record Route, Loose and Strict
Source Route, Timestamp -- see RFC 791.  I wouldn't say "routinely",
but it is in the spec.  I forget the status of the flow label for IPv6.
> Would it also be correct to state that any network along the way would
> have the right to fragment a packet in two or more pieces ? Or would
> that only be the destination network needing to fragment a packet to
> fit the last mile (PPP dialup or PPPoE ) in cases where MTU
> negotiations failed ?

Note that in-flight fragmentation is only permitted for certain
packets: one without DF set for IPv4; ones with a fragmentation header
for IPv6.
> Are there sacred rules documented anywhere about not modifying
> anything else in the packets during transit ?  Or has there never
> been any formal documentation on this because it was so obvious
> nobody was allowed to modify packets in transit ?
Only the end-to-end principle...

I sometimes see suggestions that routers should be able to add IP
options or v6 extension headers.  These are known as bad ideas.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb