On Dec 5, 2007, at 4:59 PM, Templin, Fred L wrote:
IP fragmentation and reassembly doesn't work very well when there is no IP source address, which is the case the DHCP-AUTH stuff was looking at.
True.
It also doesn't work very well for UDP applications that sit behind IPv4 NATs and/or firewalls; especially when those devices fail to pass non-initial IPv4 fragments.
The idea of relaying DHCP through NAT makes my teeth itch.
Hmm; several folks told me that relay agents only need to support 576?
It depends on what you mean by "need to." If they are BOOTP relay agents that only know about RFC951, then you could indeed make this argument. But at this late date, anything that's in a device that does DHCP relay is really a DHCP relay agent, not a BOOTP relay agent. And the DHCP protocol explicitly allows packets larger than 576 bytes.
Admittedly it does not require them, but in practice any relay agent that doesn't support them is breaking DHCP functionality that's specified in the protocol. So while technically you could say that it's not noncompliant, since there is a significant piece of the DHCP protocol that doesn't work with that device, it's pretty clearly broken.
But when the path doesn't support the packet size, and the application can't reduce the size of the packet, then it has to do what needs to be done to get the packet through.
E.g., get a firmware update for the broken device! :') _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
