On Wed, Jul 26, 2023 at 5:18 AM Juliusz Chroboczek <[email protected]> wrote:
> > While you're absolutely right that this MUST NOT happen, in practice it > does. > > I think we're in at least partial agreement. The point I'm making is that > this configuration is not something that's supported by IP, and that VPN > implementations that cause MTU blackholes are quite simply buggy. > Agreed. (There's an argument to be made that IPv6 should support variable MTU > links. Good luck pushing this idea at the IETF, which, of late, appers > to be mostly interested in breaking the e2e principle and proxying > everything at the application layer. Sorry for the rant.) > (As a proxy enthusiast, I have thoughts :P. In my view, the e2e principle as we knew it broke when people started deploying TCP "accelerators". We brought back transport-layer e2e with QUIC thanks to e2e encryption. So in my view, QUIC is e2e but TCP, UDP, and IP are not. In that world, CONNECT-UDP allows you to maintain e2e because it allows QUIC. Sorry for the rant reply, but I couldn't resist) Of course, in practice misconfiguration happens, and so it's a good thing > to be able to be able to automatically detect misconfiguration and discard > the link. Definitely. Thanks for implementing and deploying that by the way. > It would be even better to be able to notify the network > administrator of the issue, but that would be a little more work than I'm > willing to do right now. > babeld automatically emailing sysadmins sounds like a fun time :-) (For example, we could send Hellos in a small packets, in order to > discover neighbours, and then send a small number of Ack Requests padded > to MTU to every discovered neighbour. If a neighbour never answers the > Ack Request, then it's fairly strong evidence that there's something > wrong.) > (You could even perform dichotomy there to measure the exact MTU and update the OS link MTU based on that, but I agree that's not necessarily babeld's job.) David
_______________________________________________ Babel-users mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/babel-users
