On Thu, Aug 3, 2023 at 9:12 AM Michael Richardson <[email protected]> wrote:
> > Paul Wouters <[email protected]> wrote: > >> > Or use IPTFS and set your own max packet size sufficiently low? > >> > >> I think that this is the killer app for IPTFS. > >> > > > But of course this means either IPTFS should be able to auto-tune > this, > > or else we end up with hardcoded configs that might stop working or > > cause future problems. > > I think that the ESPping mechanism is the right way to do "PLPMTUD" for > IPTFS. > (for the outer MTU) > I also think so. > > >> > I'm not convinced doing this between IPsec peers will solve any > real > >> > use cases. > >> > >> I am also skeptical, but I don't object to the work getting > >> standardized. > >> > >> In particular, for networks where there are MTU constraints on the > far > >> side of the far gateway, telling the sending gateway about the MTU > has > >> a far higher chance of working than anything else. The sending > >> gateway probably can send PTB ICMPs with better results. > > > There would need to be dynamic updating, kernel <-> userland > > communications, etc. Just hardcoding this in an ikev2 configuration > > would be pretty bad. > > yeah, I don't know exactly how to do the userland communication. > How specific does it need to be is my question? How express that. > Looking at mtu-dect, I'm unclear how the LMAP and and PTB describe the flow > which has the MTU concern. It's mostly clear when it appears along with > TSx > that it applies to that traffic, but not for the other notifications. > > > -- > Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
