On 08/02/2017 09:32, otroan@xxxxxxxxxxxxx wrote: > Joe, > > Thanks! > >> I appreciate that you want to not point at PLPMTUD because it's not >> widely supported, but **for the same reason** this doc should not hold >> up this solution without pointing out very clearly that it basically >> isn't going to be work. > > Would something like this help? > (borrowed from https://en.wikipedia.org/wiki/Path_MTU_Discovery) > > "Many network security devices block all ICMP messages for perceived > security benefits, including the errors that are necessary for the proper > operation of PMTUD. This can result in connections that complete the > TCP three-way handshake correctly, but then hang when data is transferred. > This state is referred to as a black hole connection." Yes. What we are asked to do for Internet Standard is show that a protocol is widely deployed and is interoperable. That's undoubtedly true of RFC1981. The fact that it also has an important failure mode should certainly be documented, but I suspect that every Internet Standard has at least one important failure mode. This is not the document in which to fight the battle of interfering firewalls. Brian