From: John Heffner <[EMAIL PROTECTED]> Date: Thu, 01 Dec 2005 11:53:44 -0500
> <http://www1.ietf.org/mail-archive/web/pmtud/current/threads.html>. > > When implementing additional validity checks at a protocol above IP, > these checks are useless if it just uses a cached value from another > protocol which doesn't do any checks. A single cached value is as weak > as your weakest protocol. If you hope to do PMTUD with a stateless > protocol like UDP, there can be no veritication. Using two cache > values, a "strong" and a "weak" one, may be sufficient. A per-protocol > metric for each protocol implementing ICMP checks is another possibility. I don't like how Fernando discounts your arguments just becuase: "Many systems implement PMTUD for TCP, but not for UDP" I think he's just upset that you're stolen some of the thunder of his work. This applies to tunnels and any other manner of upper level protocols for which PMTU information is critical yet for which sanity checking is difficult or impossible. It doesn't just apply to UDP. Although SCTP, as a specific example, can verify the PMTU message and our implementation does in fact perform the sequence number checks. Simplying mentioning that "some systems don't do UDP PMTU" won't make this problem go away. :-) - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
