Broken and misconfigured network elements will always exist. We needn't create solutions for everyone's problems that should be addressed otherwise.
Jared Mauch On Jan 3, 2012, at 8:23 PM, "Dan Wing" <dw...@cisco.com> wrote: >> -----Original Message----- >> From: Eric Vyncke (evyncke) [mailto:evyn...@cisco.com] >> Sent: Tuesday, January 03, 2012 1:53 PM >> To: Dan Wing (dwing) >> Cc: ipv6@ietf.org >> Subject: RE: Fragmentation-related security issues >> >>> -----Original Message----- >>> From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf >> Of Dan >>> Wing (dwing) >> >>> So, I don't think we can just wish away packet-too-big < 1280. >> >> Rather than dropping those ICMP PTB, let's accept them but let the OS >> decide which is the minimum size path MTU that it can >> accept/tolerate... >> - For a server, this min path MTU should be large (to avoid DoS) >> - For a host, this min path MTU could be small >> >> Of course, if the path is symmetric, the path MTU will be the same on >> both direction (assuming everything is well configured). >> >> OTOH, as written by Jared, let's fail it hard so it is noticeable by >> the user is another technique... but with a dual-stack and happy eye- >> ball, the end-user will notice nothing and will stay happy with IPv4. > > Happy Eyeballs, is spec'd and as implemented by Chrome and Firefox, > and I think also as implemented by Apple, will _not_ fail nicely > on Path MTU Discovery problems. It will only fail nicely if > connectivity fails (that is, unable to establish the TCP > connection). > > -d > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
