On 2/9/2016 5:14 PM, Phillip Hallam-Baker wrote: > Tunneling, encapsulation, VPNs, IP-in-IP are all network activities. Tunneling is an end system activity. Nodes that encap or decap are acting as sources or sinks, not relays. This is true regardless of the protocol you use for tunneling. If you use a protocol layer other than IP, you have just moved the deck chairs. And if you don't support this at IP, you have to build a network that can transit messages far larger than you will typically use just so you can have the headroom for encapsulation. So either way you're over-engineering - either by building to an MTU you won't typically use or by supporting fragmentation. However, once you support fragmentation you're done. There's no way to enforce overbuilt MTUs. Joe