ICMPv6 rate limits breaking PMTUD (and traceroute) [Re: Comcast enables 6to4 relays]

Pekka Savola pekkas at netcore.fi
Thu Sep 2 05:57:20 UTC 2010

On Wed, 1 Sep 2010, Simon Leinen wrote:
> Note that the same rate-limit will also cause stars in IPv6 traceroutes
> through popular routers if the default setting is used.
> Anybody knows which defaults are used by other devices/vendors?

I've noticed 6to4 relay rate-limiter blackholes before (e.g. in 
Your.org relay in AMS, got quickly fixed once I reported it).

FWIW, Linux default is 1000pps and BSD has 100pps which is too low for 
a popular relay.  In our relays we've used 1000-3000pps.

The majority of ICMPv6's is caused by windows boxes testing the 
relay's liveness.

Depending on the MTU configuration of the relay's tunnel interface 
(there isn't a BCP on this I think), you will also get more issues if 
you run the relay at MTU=1280 rather than (say) 1480.  But using 1480 
may result in an IPv4 blackhole if you source packets from an anycast 
address and your destination is e.g. behind PPPoE, so...

Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

More information about the NANOG mailing list