So to clarify, the draft is mostly carrying the necessary information so the gateway can deal with fragmentation in its network using whatever means is needed. The use of ICMP PTB was only a suggestion, other mechanisms may be used. The definition of such a mechanism is outside of ipsec and the draft. Our understanding is that unless there is no such mechanism the draft has some value.
Yours, Daniel On Mon, Oct 31, 2022 at 11:59 AM Joe Touch <to...@strayalpha.com> wrote: > +1 > > > On Oct 31, 2022, at 8:37 AM, Michael Richardson <mcr+i...@sandelman.ca> > wrote: > > > > > > Tero Kivinen <kivi...@iki.fi> wrote: > >> My understanding is that this draft (which I have not yet properly > >> read) is solving the situation where the tunnel does not get ICMP PTB > >> messages as they are forwarding packets with DF bit set to 0, and then > >> the receiving end will see extra fragmentation happening for the > >> packets. Then the receiving end will simulate the ICMP PTB by sending > >> authenticated IKEv2 notification that tells the sending end that his > >> packets got fragmented. > > > > While I think that the authors think they are solving this problem, I > think > > that what they have created is a protocol for dealing with fragmentation > > beyond the far gateway. > > > > -- > > Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works > > -= IPv6 IoT consulting =- > > > > > > > > _______________________________________________ > > IPsec mailing list > > IPsec@ietf.org > > https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec