On 06/21/2013 01:52 PM, Brian E Carpenter wrote:
On 22/06/2013 07:53, Ronald Bonica wrote:
I don't 100% agree. In the case that PMTUD is broken, there'd be
nothing to stop a current DNSSEC implementation from always assuming a
default path MTU of 1280, without awaiting confirmation from PMTUD, and
fragmenting the UDP packet pre-emptively [assuming fragmentation was
not equally broken along the path as ICMP PTB was].
Do any implementations actually do this?
If they do, how well are they working, today?
Does it matter? Since we know that fragmentation is broken on some
paths due to broken firewalls, and that other paths have tunnels
on them, and that MSS negotiation fails on some paths, today's
sad reality is that the only safe link MTU for all times and places
is 1280.
I'm not yet convinced that deprecating fragmentation is sufficient
to fix this problem. In this case, not being sufficient might
also mean not necessary, so I'd like to see much more thorough
analysis across the IETF as a whole before reaching a conclusion.
(Thanks to the authors for coming out and saying it, though.)
Given that larger and faster pipes are becoming more common, and given
that we know that larger packet sizes make for more efficient
utilization of those pipes, IMO it's a really bad idea to "give up the
fight" at this early stage in IPv6 deployment.
Until there is dramatic evidence to the contrary it seems to me that
it's still worthwhile to push for making the protocol work as designed.
Doug
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
