Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'd add one sentence about Fred's observation too:

In addition, spoofed ICMP messages can also affect the correct operation
of PMTUD.

That'd do it...

Joe


On 2/7/2017 12:32 PM, otroan@xxxxxxxxxxxxx wrote:
> Joe,
>
> Thanks!
>
>> I appreciate that you want to not point at PLPMTUD because it's not
>> widely supported, but **for the same reason** this doc should not hold
>> up this solution without pointing out very clearly that it basically
>> isn't going to be work.
> Would something like this help?
> (borrowed from https://en.wikipedia.org/wiki/Path_MTU_Discovery)
>
> "Many network security devices block all ICMP messages for perceived
>  security benefits, including the errors that are necessary for the proper
>  operation of PMTUD. This can result in connections that complete the
>  TCP three-way handshake correctly, but then hang when data is transferred.
>  This state is referred to as a black hole connection."
>
>
> Best regards,
> Ole




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]