Hi Chris,
> -Original Message-
> From: Chris Woodfield [mailto:rek...@semihuman.com]
> Sent: Monday, October 29, 2012 4:40 PM
> To: Templin, Fred L
> Cc: William Herrin; Ray Soucy; NANOG list
> Subject: Re: IP tunnel MTU
>
> True, but it could be used as an alt
On 2012-10-30 11:19, Sander Steffann wrote:
> Hi,
>
Certainly fixing all the buggy host stacks, firewall and compliance
devices to realize that ICMP isn't bad won't be hard.
>>>
>>> Wait till you get started on "fixing" the "security" consultants.
>>
>> Ack. I've yet to come across a *
Hi,
>>> Certainly fixing all the buggy host stacks, firewall and compliance devices
>>> to realize that ICMP isn't bad won't be hard.
>>
>> Wait till you get started on "fixing" the "security" consultants.
>
> Ack. I've yet to come across a *device* that doesn't deal properly with
> "packet t
>> Certainly fixing all the buggy host stacks, firewall and compliance devices
>> to realize that ICMP isn't bad won't be hard.
>
> Wait till you get started on "fixing" the "security" consultants.
Ack. I've yet to come across a *device* that doesn't deal properly with
"packet too big". Lots (
Templin, Fred L wrote:
>> I wish you luck in getting your host IP stacks to work properly without
>> ICMP, especially as you deploy IPv6.
>>From what I've heard, ICMPv6 is already being filtered, including
> PTBs.
As v6 PTBs are specified to be generated even against
multicast packets, it is of
True, but it could be used as an alternative PMTUD algorithm - raise the
segment size and wait for the "I got this as fragments" option to show up...
Of course, this only works for IPv4. IPv6 users are SOL if something in the
middle is dropping ICMPv6.
-C
On Oct 29, 2012, at 4:02 PM, Templin,
Hi Bill,
> Maybe something as simple as clearing the don't fragment flag and
> adding a TCP option to report receipt of a fragmented packet along
> with the fragment sizes back to the sender so he can adjust his mss to
> avoid fragmentation.
That is in fact what SEAL is doing, but there is no gua
On Mon, Oct 29, 2012 at 10:54 AM, Ray Soucy wrote:
> The core issue here is TCP MSS. PMTUD is a dynamic process for
> adjusting MSS, but requires that ICMP be permitted to negotiate the
> connection. The realistic alternative, in a world that filters all
> ICMP traffic, is to manually rewrite the
bmann...@vacation.karoshi.com wrote:
you mean its safe to turn off the VPNs?
/bill
Quite the reverse.
Joe
so its tunnels all the way down... maybe we should just go back to
a circuit oriented network, eh?
/bill
Its not safe to turn on VPNs.
Joe
On Mon, Oct 29, 2012 at 04:44:40PM -0400, Joe Maimon wrote:
>
>
> bmann...@vacation.karoshi.com wrote:
> >On Mon, Oct 29, 2012 at 03:46:57PM -0400, Joe Maimon wrote:
> >>
> >>
> >>Templin, Fred L wrote:
> >>
> >>>Yes; I was aware of this. But, what I want to get to is
> >>>setting the tunnel MTU
Jared Mauch wrote:
ICMP is just not the way it is ever going to work.
I wish you luck in getting your host IP stacks to work properly without ICMP,
especially as you deploy IPv6.
- Jared
Precisely the state we are in. Looking for luck.
Joe
> I wish you luck in getting your host IP stacks to work properly without
> ICMP, especially as you deploy IPv6.
>From what I've heard, ICMPv6 is already being filtered, including
PTBs. I have also heard that IPv6 fragments are also being dropped
unconditionally along some paths. So, if neither IC
On Oct 29, 2012, at 4:43 PM, Joe Maimon wrote:
>
>
> Jared Mauch wrote:
>>
>> On Oct 29, 2012, at 3:46 PM, Joe Maimon wrote:
>>
>>>
>>>
>>> Templin, Fred L wrote:
>>>
Yes; I was aware of this. But, what I want to get to is
setting the tunnel MTU to infinity.
>>>
>>>
>>> Essen
bmann...@vacation.karoshi.com wrote:
On Mon, Oct 29, 2012 at 03:46:57PM -0400, Joe Maimon wrote:
Templin, Fred L wrote:
Yes; I was aware of this. But, what I want to get to is
setting the tunnel MTU to infinity.
Essentially, its time the network matured to the point where
inter-networki
Jared Mauch wrote:
On Oct 29, 2012, at 3:46 PM, Joe Maimon wrote:
Templin, Fred L wrote:
Yes; I was aware of this. But, what I want to get to is
setting the tunnel MTU to infinity.
Essentially, its time the network matured to the point where inter-networking
actually works (again),
On Mon, Oct 29, 2012 at 03:46:57PM -0400, Joe Maimon wrote:
>
>
> Templin, Fred L wrote:
>
> >Yes; I was aware of this. But, what I want to get to is
> >setting the tunnel MTU to infinity.
>
>
> Essentially, its time the network matured to the point where
> inter-networking actually works (ag
On Mon, Oct 29, 2012 at 4:01 PM, Jared Mauch wrote:
>
> On Oct 29, 2012, at 3:46 PM, Joe Maimon wrote:
>
>>
>>
>> Templin, Fred L wrote:
>>
>>> Yes; I was aware of this. But, what I want to get to is
>>> setting the tunnel MTU to infinity.
>>
>>
>> Essentially, its time the network matured to the
On Oct 29, 2012, at 3:46 PM, Joe Maimon wrote:
>
>
> Templin, Fred L wrote:
>
>> Yes; I was aware of this. But, what I want to get to is
>> setting the tunnel MTU to infinity.
>
>
> Essentially, its time the network matured to the point where inter-networking
> actually works (again), seam
Templin, Fred L wrote:
Yes; I was aware of this. But, what I want to get to is
setting the tunnel MTU to infinity.
Essentially, its time the network matured to the point where
inter-networking actually works (again), seamlessly.
I agree.
Joe
://datatracker.ietf.org/doc/draft-templin-intarea-seal/
> >
> > Thanks - Fred
> > fred.l.temp...@boeing.com
> >
> >> -Original Message-----
> >> From: Ray Soucy [mailto:r...@maine.edu]
> >> Sent: Monday, October 29, 2012 7:55 AM
> >> To: Templ
m: Ray Soucy [mailto:r...@maine.edu]
>> Sent: Monday, October 29, 2012 7:55 AM
>> To: Templin, Fred L
>> Cc: Dobbins, Roland; NANOG list
>> Subject: Re: IP tunnel MTU
>>
>> The core issue here is TCP MSS. PMTUD is a dynamic process for
>> adjusting MSS, but
, October 29, 2012 7:55 AM
> To: Templin, Fred L
> Cc: Dobbins, Roland; NANOG list
> Subject: Re: IP tunnel MTU
>
> The core issue here is TCP MSS. PMTUD is a dynamic process for
> adjusting MSS, but requires that ICMP be permitted to negotiate the
> connection. The realisti
, Templin, Fred L
wrote:
> Hi Roland,
>
>> -Original Message-
>> From: Dobbins, Roland [mailto:rdobb...@arbor.net]
>> Sent: Monday, October 22, 2012 6:49 PM
>> To: NANOG list
>> Subject: Re: IP tunnel MTU
>>
>>
>> On Oct 23, 2012, at 5
Hi Roland,
> -Original Message-
> From: Dobbins, Roland [mailto:rdobb...@arbor.net]
> Sent: Monday, October 22, 2012 6:49 PM
> To: NANOG list
> Subject: Re: IP tunnel MTU
>
>
> On Oct 23, 2012, at 5:24 AM, Templin, Fred L wrote:
>
> > Since tunnels alw
On Oct 23, 2012, at 5:24 AM, Templin, Fred L wrote:
> Since tunnels always reduce the effective MTU seen by data packets due to the
> encapsulation overhead, the only two ways to accommodate
> the tunnel MTU is either through the use of path MTU discovery or through
> fragmentation and reassemb
25 matches
Mail list logo
