ICMPv6 rate limits breaking PMTUD (and traceroute) [Re: Comcast enables 6to4 relays]

Pekka Savola pekkas at netcore.fi
Thu Sep 2 00:57:20 CDT 2010


On Wed, 1 Sep 2010, Simon Leinen wrote:
> Note that the same rate-limit will also cause stars in IPv6 traceroutes
> through popular routers if the default setting is used.
...
> Anybody knows which defaults are used by other devices/vendors?

I've noticed 6to4 relay rate-limiter blackholes before (e.g. in 
Your.org relay in AMS, got quickly fixed once I reported it).

FWIW, Linux default is 1000pps and BSD has 100pps which is too low for 
a popular relay.  In our relays we've used 1000-3000pps.

The majority of ICMPv6's is caused by windows boxes testing the 
relay's liveness.

Depending on the MTU configuration of the relay's tunnel interface 
(there isn't a BCP on this I think), you will also get more issues if 
you run the relay at MTU=1280 rather than (say) 1480.  But using 1480 
may result in an IPv4 blackhole if you source packets from an anycast 
address and your destination is e.g. behind PPPoE, so...

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings




More information about the NANOG mailing list