[RobIII]

I'm not intimately familiar with the RFC's but you could argue that since that bit is technically `reserved` when it's set the packet is 'invalid' and thus should be dropped (by some manufacturers reasoning maybe, not mine specifically)?

Also: IIRC IP packets contain CRC's/checksums of some sort. I'm not sure if the poster corrected for that or maybe the other side does(n't) and somewhere the CRC doesn't check out and thus the packet is dropped/invalid (or maybe even somewhere along the way by at a hop that chokes on such bit)?

[barosl]

Reading RFC 791 again, it is said that the reserved bit "must be zero".[1] I'm not sure if it is reasonable to force a "reserved" flag to be a certain value, but I guess if one is following the RFC rigorously, dropping packets with the reserved bit enabled is the correct behavior?

[1] https://tools.ietf.org/html/rfc791

[LukaAl]

No. Imagine tomorrow a new RFC suggest to use the reserved bit for something meaningful. Any implementation that check that bit and drop the packet if the bit is 1 is broken immediately, even if it is not impacted.

True story, some years ago I had to design a protocol for remote configuration using text messages. We used a char to send the status in a compact format but in the first version we used only the first 3 bit and we specified that all the other bit should be zero (we have done so in order to have a predictable default in the future and also to increase the readability of the logs). After few months in the field we noticed that using an additional bit would be useful. Don't want to go into many details, not a problem if the bit is ignored but nice to have to simplify the operations. We updated the protocol, issued the new specs, the vendors develop the new version, we test the new version and surprise: the IOT between the new server and the old client was broken. Why? Because the designer the implementer of the client was to strict on the must be zero clause and decided that a packet with a one was a corrupt packet and should be dropped.

The result was a slow campaign of firmware upgrade and a 1 year delay of introduction of the new protocol. And it was a closed system where we had full control of clients and servers. Imagine what happens with open systems.

By the way, it is an application of this principle: https://en.wikipedia.org/wiki/Robustness_principle

[notatoad]

If you don't force it to be a certain value, its hardly reserved. Then it's just a free bit that anybody can use for anything. Reserved means it has to be able to be used for something else in the future, and for that to be possible it has to have a known default value.

[_yy]

He patched the IP stack, so the checksum should be correct.

[RobIII]

Agreed, but maybe the other side (or any of the hops in between) have some weird and/or incorrect implementation on which the CRC/Checksum fails because the bit is set? I'm not sure what would happen if the bit is excluded from the CRC calculation but included in the check against/with the CRC for example. Would be a nice edge-case to test and, ofcourse, shouldn't fail. But who knows, maybe it does somewhere along the line?

Also, as barosl observes (https://news.ycombinator.com/item?id=10633361): "but I guess if one is following the RFC rigorously, dropping packets with the reserved bit enabled is the correct"

[ekimekim]

I don't know about RFC reserved bits, but I believe the linux kernel's policy is to enforce that any unused bits (in say, a bit flag field) MUST be zero, because otherwise some programmer will leave them uninitialized or something and break everything when they suddenly have meaning.