Re: Last Call: <draft-ietf-intarea-gre-mtu-02.txt> (A Widely-Deployed Solution To The Generic Routing Encapsulation (GRE) Fragmentation Problem) to Informational RFC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



As the draft says;

   o  When the GRE ingress node receives a non-fragmentable packet with
      length greater than the GMTU, it discards the packet and send an
      ICMP PTB message to the packet's source.

the draft should clearly state that, if GMTU<1280B, it is a violation
of the following requirement of RFC2460:

   IPv6 requires that every link in the internet have an MTU of 1280
   octets or greater.  On any link that cannot convey a 1280-octet
   packet in one piece, link-specific fragmentation and reassembly must
   be provided at a layer below IPv6.

and that 1280B IPv6 packets can not be carried over IPv6 with the
default GRE configuration.

It is especially so, because, according to the draft:

   Typically, GRE ingress nodes further refine their GMTU estimate by
   executing PMTUD procedures.  However, if an implementation supports
   PMTUD for GRE tunnels, it also includes a configuration option that
   disables PMTUD.  This configuration option is required to mitigate
   certain denial of service attacks (see Section 5).

PMTUD is often turned off and, then, RFC2460 requires GMTU<1280B.

Also, I think the paragraph above is not very honest on the reason
why PMTUD is often turned off.

						Masataka Ohta





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]