Brian E Carpenter <brian.e.carpen...@gmail.com> wrote:
>> Brian E Carpenter <brian.e.carpen...@gmail.com> wrote:
>> > (1) Flooding (M_FLOOD) messages. These are UDP multicasts, so in effect
>> > all nodes must agree on the same maximum size. To send messages above
>> > the present limit, the maximum flood message size would have to be
>> > increased everywhere in the autonomic network. That is trivial if
> we
>> > allow operator configuration, but since an AN should be self-creating,
>> > we want to avoid operator configuration. Therefore, we need GRASP
> to be
>> > able to self-configure this.
>>
>> For the flooded messages over UDP, it seems unwise to ever assume we can
>> reliably get more than 1280 through. In production, this goes over
IPsec ESP tunnels.
> Why would that break IPv6 fragmentation? We can assume a well-defined
> MTU within an autonomic network, I think. These are all link-local
> addressed packets, so there is no PMTUD problem.
But, it's not over link-local.
It's over a mesh of point to point IPsec ESP tunnels.
Choices are:
1) fragment before encrypt. Reassemble after decrypt.
2) encrypt and then fragment the ESP.
Depends upon ESP assembly buffer being big enough.
Both tend to work, up to some ill-defined limit which is not always 64K.
(1) is likely easier to fix if it's broken, since re-assembly happens in the
control plane CPU, rather than, possibly, in some IPsec hardware.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
