On Aug 1, 2023, at 12:56, Daniel Migault <[email protected]> wrote:
>
>
> Hi Ben,
> Just trying to position our understanding of the position between the ICMP
> PTB and the IKE PTB.
> If an incoming Encrypted packet is larger than the Link MTU
How can than be? You mean you received an ESP or ESPinUDP that after decrypting
was too large for the
link you need to send the decrypted packet on? That seems really odd.
> an ICMP PTB is sent, otherwise the packet is accepted. If fragments are
> received, a reassembly operation happens and the packet may be too large to
> be built or decrypted.
What is this “too large to decrypt” scenario ? Can you give more details?
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
