Paul Wouters <[email protected]> wrote: >> > Or use IPTFS and set your own max packet size sufficiently low? >> >> I think that this is the killer app for IPTFS. >>
> But of course this means either IPTFS should be able to auto-tune this,
> or else we end up with hardcoded configs that might stop working or
> cause future problems.
I think that the ESPping mechanism is the right way to do "PLPMTUD" for IPTFS.
(for the outer MTU)
>> > I'm not convinced doing this between IPsec peers will solve any real
>> > use cases.
>>
>> I am also skeptical, but I don't object to the work getting
>> standardized.
>>
>> In particular, for networks where there are MTU constraints on the far
>> side of the far gateway, telling the sending gateway about the MTU has
>> a far higher chance of working than anything else. The sending
>> gateway probably can send PTB ICMPs with better results.
> There would need to be dynamic updating, kernel <-> userland
> communications, etc. Just hardcoding this in an ikev2 configuration
> would be pretty bad.
yeah, I don't know exactly how to do the userland communication.
How specific does it need to be is my question? How express that.
Looking at mtu-dect, I'm unclear how the LMAP and and PTB describe the flow
which has the MTU concern. It's mostly clear when it appears along with TSx
that it applies to that traffic, but not for the other notifications.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
