Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery f

Joe,

[...]

> > > If by "supports" you mean "doesn't work", then yes. That's why we now
> > > have PLPMTUD.
> > PLMTUD is unfortunately not a (complete) replacement of PMTUD.
> PLMTUD is a directive to protocols above the IP layer; it isn't a single 
> protocol, so it wouldn't replace anything.
>
> > > > Looking just at our specifications, we cannot state that PLMTUD can 
> > > > replace PMTUD. Take RFC2473 (IPv6 tunnelling) for example.
> > > See draft-ietf-intarea-tunnels, esp. v03 Section 5.5.2
> > >
> > > (yes, that doc has expired while we're preparing the 04 update, which
> > > should be issued shortly)
> > Is this the paragraph you are referring to?
> >
> >    PLPMTUD requires a separate,
> >    direct control channel from the egress to the ingress that provides
> >    positive feedback; the direct channel is not blocked by policy
> >    filters and the positive feedback ensures fail-safe operation if
> >    feedback messages are lost [RFC4821].
> That is nowhere near section 5.5.2.
No, but it was unfortunately all that was written about how to use PLMTUD for 
tunnels.

> 5.5.2 indicates places where RFC2473 has errors, esp. in how it interprets 
> the MTU of the tunnel as being defined by the MTU of the path within the 
> tunnel, rather than by the tunnel egress reassembly limit.
>
> > I'm very much in favour of working on better ways of doing Path MTU 
> > discovery.
> > A blanket statement of "use "PLMTUD" seems very premature though.
> The point is that this document fails to indicate the current state of PMTUD. 
> It correctly notes that:
>    An extension to Path MTU Discovery defined in this document can be
>    found in [
> RFC4821
> ].  It defines a method for Packetization Layer Path
>    MTU Discovery (PLPMTUD) designed for use over paths where delivery of
>    ICMP messages to a host is not assured.
>
>
>
> IMO, it fails to note that this case - where ICMP messages are assured along 
> a path - is effectively a unicorn except within systems maintained by a 
> single entity.
>
> > RFC1981 has 70 citations:
> >
> > http://www.arkko.com/tools/allstats/citations-rfc1981.html
> >
> >
> > Could you expand on your view of how this pertains to advancing RFC1981?
> It's called last call input. My input is that this document needs to be more 
> realistic in noting that, for all intents, ICMP-based MTU discovery isn't 
> viable and that other methods need to be *expected*, not just that they're 
> available.
Right, but if you are correct that ICMP-based MTU discovery is not viable then 
this document should not be advanced.
At the same time for many protocols we have nothing else. An operator can break 
any protocol if that's their policy. And that's the breakage we're talking 
about here, not any issues with the protocol specification.

There is a philosophical aspect of this. (Which I'm not the best person to 
represent as I skipped my University studies in philosophy and used the student 
loan to buy a motorcycle... (and only read the art of motorcycle maintenance 
years later) )
This is a tussle. The IETF specifies protocols under the assumption that 
operators treat those protocols largely as specified. The 5-10% failure of 
PMTUD messages may be caused by misconfiguration, misunderstanding or 
mis-intent... Many of our protocols are suffering from the same fate. Should 
the IETF adjust all its protocols to be as middlebox friendly as possible? You 
can make this argument about IPv6 fragments, any packet with IPv6 extension 
headers, IPv4 fragments. Or anything but TCP port 443/80 and UDP port 53 for 
that matter. Are we as the IETF going to continue standardising protocols to 
work as best as they possible can, ignoring protocol abuse, or are we going to 
bend over and do whatever it takes to make it work for those 5-10% who've 
actively broken the protocol? What about the 90-90% where the protocols work as 
expected?

Best regards,
Ole

signature.asc
Description: Message signed with OpenPGP