Hi Joe, > -----Original Message----- > From: Joe Touch [mailto:[email protected]] > Sent: Thursday, April 23, 2015 12:18 PM > To: Templin, Fred L; Ronald Bonica; [email protected] > Subject: Re: [Int-area] I-D Action: draft-ietf-intarea-gre-ipv6-07.txt > > > > On 4/23/2015 12:05 PM, Templin, Fred L wrote: > ... > > So, if the tunnel is working but you all of a sudden get a PTB that reports > > a size that would be too small to accommodate a 1280 byte payload packet, > > shut the tunnel down? > > Yes. > > > You had better be able to trust that the source > > of the PTB is trustworthy and not sending bogus PTBs. > > That's always been true.
Only in tightly-controlled operational environments, where there are no bad routers on the path, no ICMP PTB blockages, and no opportunity for an attacker to inject a spurious PTB. And also, only when the path from the tunnel ingress to the original source is equally well behaved (otherwise, the original source would see a black hole). Thanks - Fred [email protected] _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
