NIST and SP800-119

Steven Bellovin smb at cs.columbia.edu
Tue Feb 15 16:22:20 UTC 2011


On Feb 15, 2011, at 10:36 54AM, William Herrin wrote:

> On Tue, Feb 15, 2011 at 10:09 AM, Joe Abley <jabley at hopcount.ca> wrote:
>> On 2011-02-14, at 21:41, William Herrin wrote:
>>> On Mon, Feb 14, 2011 at 7:24 PM, TR Shaw <tshaw at oitc.com> wrote:
>>>> Just wondering what this community thinks of NIST in
>>>> general and their SP800-119 (
>>>> http://csrc.nist.gov/publications/nistpubs/800-119/sp800-119.pdf )
>>>> writeup about IPv6 in particular.
>>> 
>>> Well, according to this document IPv4 path MTU discovery is,
>>> "optional, not widely used."
>> 
>> Optional seems right. Have there been any recent studies on how widely pMTUd is actually used in v4?
> 
> Hi Joe,
> 
> Are you aware of a TCP implementation in an OS that shipped within the
> last decade but doesn't enable IPv4 pMTUd by default? Each version of
> Windows and all the major unixes use it on every TCP connection unless
> you explicitly turn it off.
> 
All modern TCPs support it; many firewalls are configured to block the necessary ICMPs.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb









More information about the NANOG mailing list