On 08/02/2017 09:32, otroan(_at_)employees(_dot_)org wrote:
Joe,
Thanks!
I appreciate that you want to not point at PLPMTUD because it's not
widely supported, but **for the same reason** this doc should not hold
up this solution without pointing out very clearly that it basically
isn't going to be work.
Would something like this help?
(borrowed from https://en.wikipedia.org/wiki/Path_MTU_Discovery)
"Many network security devices block all ICMP messages for perceived
security benefits, including the errors that are necessary for the proper
operation of PMTUD. This can result in connections that complete the
TCP three-way handshake correctly, but then hang when data is transferred.
This state is referred to as a black hole connection."
Yes. What we are asked to do for Internet Standard is show that a protocol
is widely deployed and is interoperable. That's undoubtedly true of RFC1981.
The fact that it also has an important failure mode should certainly be
documented, but I suspect that every Internet Standard has at least
one important failure mode.
This is not the document in which to fight the battle of interfering firewalls.
Brian