On Oct 31, 2022, at 11:07 AM, Daniel Migault <mglt.i...@gmail.com> wrote:
>
>> - the tunnel has two DIFFERENT relevant MTUs
>> the egress reassembly MTU (EMTU_R), which is the only thing
>> that should drive the “tunnel MTU”
>>
>> the tunnel MTU, which the ingress needs to know for source
>> fragmentation, but is NOT relevant to the
>> origin MTU upstream of the ingress
>>
> Will read the draft - but we believe that is better to generate one IPsec
> packet for every inner IP packet as opposed to two. This is why we are
> proposing to adjust the MTU so the outer packet matches the limit of the
> EMTU_R - and fragmentation be avoided.
That doc explains why this is effort isn’t useful. As I noted to Tero, there’s
no ICMP message that says “bigger than I’d like”. PTB means “packets larger
than this will be dropped”. That’s not what’s going on here, so it’s the wrong
message to support.
There is no message that supports what you’re trying to do - perhaps because
there can’t and shouldn’t be.
Joe
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
