+1 You have no way of knowing how many tunnels are being traversed.
There is no packet size that *guarantees* you have avoided fragmentation somewhere along an Internet path. Joe > On Sep 10, 2019, at 6:29 AM, Templin (US), Fred L <fred.l.temp...@boeing.com> > wrote: > > Fernando, > >> -----Original Message----- >> From: Int-area [mailto:int-area-boun...@ietf.org] On Behalf Of Fernando Gont >> Sent: Monday, September 09, 2019 1:47 PM >> To: Joe Touch <to...@strayalpha.com>; Bob Hinden <bob.hin...@gmail.com> >> Cc: draft-ietf-intarea-frag-frag...@ietf.org; int-area@ietf.org; IESG >> <i...@ietf.org>; Suresh Krishnan <sur...@kaloom.com> >> Subject: Re: [Int-area] Discussion about Section 6.1 in >> draft-ietf-intarea-frag-fragile >> >> Hi, Joe, >> >> Just one nit: >> >> On 7/9/19 20:35, Joe Touch wrote: >>> FWIW, in general: >>> >>> With all the concern not detecting when frag fails, I’d like to point out >>> that it’s equally impossible to detect when it works, e.g., when >> it happens on tunnels that start more than one hop away or more than one >> layer of intermediate headers. >>> >>> E.g, PLPMTUD turns of frag *on the connected interface*. There’s no way to >>> disable source fragmentation that happens later in the >> network (as it would at tunnel ingresses) or deeper in the stack (when what >> you think is your interface is locally tunneled over a layer >> you don’t even know about). >>> >>> So *all* systems that try to backoff and use smaller MTUs are actually >>> *already* testing whether fragmentation already works in >> those cases. Even if your app sends a 1-byte packet you have no idea that >> some set of layers inflates the headers (e.g., with >> signatures or key exchanges) beyond the MTU somewhere. >> >> This would seem to be incorrect. IP has a minimum MTU of 68 bytes, and >> IPv6 has a minimum MTU of 1280. Hence if you send packets smaller than >> or equal to the minimum MTU, the packets should go through. > > Even if the original source uses the IPv6 minimum MTU of 1280, a tunnel > somewhere > further down the path could add encapsulations that would cause the > (encapsulated) > packet to exceed 1280 bytes. The tunnel therefore has to apply fragmentation. > > Fred > >> -- >> Fernando Gont >> SI6 Networks >> e-mail: fg...@si6networks.com >> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 >> >> >> >> >> _______________________________________________ >> Int-area mailing list >> Int-area@ietf.org >> https://www.ietf.org/mailman/listinfo/int-area _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
