We all understand that many current NAT devices and their deployments are not compatible with IP fragmentation (v4 or v6).
That leaves us with two options: 1. change IP, but that leaves us with problems for which we have no solution (encrypted payloads, other DPI devices that look further in, etc.) 2. change NATs and how they’re deployed (to require reassembly or its equivalent before processing, to not be deployed except where they can act as the host they proxy for) Both cost money and will have an impact. #2 involves changing less devices AND has the benefit that we know it will work. I see no good reason to continue to try #1 in the meantime. Joe _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area