> That may help, but only in limited cases. > > E.g., let’s say you run IPsec tunnel mode for IPv6, which eats the majority > of that space. Now that traffic runs over a second IPsec tunnel that you > don’t know about. > > That’s the problem - and why MTU (i.e., having a max in the first place) is > itself the problem.
Yep, definitely true. But one should use IPsec tunnel mode sparingly. It just costs too much. And having 2 levels would be regarded as execessive. Having said that, products may do this because security trumps all. But you make another point which is pretty fundamental and foundational. Should data links be MTU-less, so to speak? And can they really do that. I won't hold my breath. Dino _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
