WIndows Updates Fail Via IPv6 - Update!
Mark Tinka
mark.tinka at seacom.mu
Sun Mar 3 21:10:13 UTC 2019
On 3/Mar/19 23:04, Mark Andrews wrote:
> There are lots of IDIOTS out there that BLOCK ALL ICMP. That blocks PTB getting
> back to the TCP servers. There are also IDIOTS that deploy load balancers that
> DO NOT LOOK INSIDE ICMP messages for redirecting ICMP messages to the correct
> back end. There are also IDOITS that rate limit PTB generation to ridiculously
> low rates. One should be able to generate PTB at line rate.
>
> Everyone that has configured mss-fix-up has contributed to misunderstanding that
> you can block ICMP. It is time we had a flag day to REMOVE mss-fix-up from all
> the boxes you control. We need to get PTB working and unfortunately that means
> that we need to stop pandering to admins who don’t know how IP is supposed to
> work. ICMP is NOT optional.
>
> If you don’t want to do PMTUD then DO NOT SEND packet bigger than the network
> MTU. For IPv6 set IPV6_USE_MIN_MTU 1 on the socket. On a properly written
> IP stack this will result in TCP MSS negotiation to the same value. Yes, it is
> a requirement of TCP to pay attention to this as it becomes the effective MTU
> of the outgoing interface even if it wasn’t explicitly written into the RFC
> that defined IPV6_USE_MIN_MTU.
You're most welcome to my choir group, good sir.
Mark.
More information about the NANOG
mailing list