Hi Brian,
The draft mitigates a known problem with communication paths that
do not include nested tunnels requiring nested fragmentation,
where the nested tunnel has to deal with an MTU <1280 *and* where
the nested tunnel goes through a firewall that wants to analyse
the complete header chain of the innermost packet.
I want to say one more word on this. You seem to be indicating that
you see what I have been explaining as a corner case. But, I believe
that in order to fix the tunnel MTU issue we will need SEAL or
something very much like it.
SEAL uses fragmentation on the first few packets regardless of the
path MTU to ensure that "middle sized" packets between 1280-1500
get through. It then turns off the fragmentation using a probing
scheme in the spirit of RFC4821. So, those first few packets that
could contain a header chain that spills over into the second
fragment are what concerns me. And, this will not be a corner
case when SEAL is used in wider deployment.
Thanks - Fred
fred(_dot_)l(_dot_)templin(_at_)boeing(_dot_)com