Hi,
-----Original Message-----
From: ietf [mailto:ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of Masataka
Ohta
Sent: Friday, April 10, 2015 5:26 AM
To: ietf(_at_)ietf(_dot_)org
Cc: int-area(_at_)ietf(_dot_)org
Subject: Re: Last Call: <draft-ietf-intarea-gre-mtu-02.txt> (A
Widely-Deployed Solution To The Generic Routing Encapsulation (GRE)
Fragmentation Problem) to Informational RFC
As the draft says;
o When the GRE ingress node receives a non-fragmentable packet with
length greater than the GMTU, it discards the packet and send an
ICMP PTB message to the packet's source.
the draft should clearly state that, if GMTU<1280B, it is a violation
of the following requirement of RFC2460:
IPv6 requires that every link in the internet have an MTU of 1280
octets or greater. On any link that cannot convey a 1280-octet
packet in one piece, link-specific fragmentation and reassembly must
be provided at a layer below IPv6.
and that 1280B IPv6 packets can not be carried over IPv6 with the
default GRE configuration.
We have been through this already. They want to say that widely deployed
implementations already ignore this requirement and so they want to
document the behavior to make it all OK. The non-robustness principle
in action.
Thanks - Fred
fred(_dot_)l(_dot_)templin(_at_)boeing(_dot_)com
It is especially so, because, according to the draft:
Typically, GRE ingress nodes further refine their GMTU estimate by
executing PMTUD procedures. However, if an implementation supports
PMTUD for GRE tunnels, it also includes a configuration option that
disables PMTUD. This configuration option is required to mitigate
certain denial of service attacks (see Section 5).
PMTUD is often turned off and, then, RFC2460 requires GMTU<1280B.
Also, I think the paragraph above is not very honest on the reason
why PMTUD is often turned off.
Masataka Ohta