Hi, Paul, thank you for reading the draft.
I have a question about http://tools.ietf.org/html/draft-smyslov-ipsecme-ikev2-fragmentation-00#section-2.5.1 It states: 2.5.1. Fragment size When breaking content of Encrypted Payload down into parts sender SHOULD chose size of those parts so, that resulting message sizes not exceed fragmentation threshold - be small enough to avoid IP fragmentation. If sender has some knowledge about PMTU size it MAY use it. Otherwise for messages to be sent over IPv6 it is RECOMMENDED to use value 1280 bytes as a maximum message size ([RFC2460]). For messages to be sent over IPv4 it is RECOMENDED to use value 576 bytes as a maximum message size. What is "message size" here referring to? The fragmentation payload, or the total packet length? That is, is it recommended that the packet size is 576/1280 including the full IP header and ISAKMP header, or that the packet size is 576/1280 plus the IP header and ISAKMP header?
The total IP packet length (including IP header, UDP header, IKE header).
(and can the text in the next draft be clarified to indicate this better?)
Sorry for being not very precise. I'll try to clarify it in the next version.
Paul
Regards, Valery. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
