IPv6 day and tunnels

Templin, Fred L Fred.L.Templin at boeing.com
Mon Jun 4 14:39:58 UTC 2012


Hi,

There was quite a bit discussion on IPv6 PMTUD on the v6ops
list within the past couple of weeks. Studies have shown
that PTB messages can be dropped due to filtering even for
ICMPv6. There was also concern for the one (or more) RTTs
required for PMTUD to work, and for dealing with bogus
PTB messages.

The concerns were explicitly linked to IPv6 tunnels, so
I drafted a proposed solution:

https://datatracker.ietf.org/doc/draft-generic-v6ops-tunmtu/

In this proposal the tunnel ingress performs the following
treatment of packets of various sizes:

1) For IPv6 packets no larger than 1280, admit the packet
   into the tunnel w/o fragmentation. Assumption is that
   all IPv6 links have to support a 1280 MinMTU, so the
   packet will get through.

2) For IPv6 packets larger than 1500, admit the packet
   into the tunnel w/o fragmentation. Assumption is that
   the sender would only send a 1501+ packet if it has
   some way of policing the PMTU on its own, e.g. through
   the use of RC4821.

3) For IPv6 packets between 1281-1500, break the packet
   into two (roughly) equal-sized pieces and admit each
   piece into the tunnel. (In other words, intentionally
   violate the IPv6 deprecation of router fragmentation.)
   Assumption is that the final destination can reassemble
   at least 1500, and that the 32-bit Identification value
   inserted by the tunnel provides sufficient assurance
   against reassembly mis-associations.

I presume no one here would object to clauses 1) and 2).
Clause 3) is obviously a bit more controversial - but,
what harm would it cause from an operational standpoint?

Thanks - Fred
fred.l.templin at boeing.com




More information about the NANOG mailing list