On Thu, Aug 3, 2023 at 9:12 AM Michael Richardson
wrote:
>
> Paul Wouters wrote:
> >> > Or use IPTFS and set your own max packet size sufficiently low?
> >>
> >> I think that this is the killer app for IPTFS.
> >>
>
> > But of course this means either IPTFS should be able to auto-tune
> this,
> > or else we end up with hardcoded configs that might stop working or
> > cause future problems.
>
> I think that the ESPping mechanism is the right way to do "PLPMTUD" for
> IPTFS.
> (for the outer MTU)
>
I also think so.
>
> >> > I'm not convinced doing this between IPsec peers will solve any
> real
> >> > use cases.
> >>
> >> I am also skeptical, but I don't object to the work getting
> >> standardized.
> >>
> >> In particular, for networks where there are MTU constraints on the
> far
> >> side of the far gateway, telling the sending gateway about the MTU
> has
> >> a far higher chance of working than anything else. The sending
> >> gateway probably can send PTB ICMPs with better results.
>
> > There would need to be dynamic updating, kernel <-> userland
> > communications, etc. Just hardcoding this in an ikev2 configuration
> > would be pretty bad.
>
> yeah, I don't know exactly how to do the userland communication.
> How specific does it need to be is my question? How express that.
> Looking at mtu-dect, I'm unclear how the LMAP and and PTB describe the flow
> which has the MTU concern. It's mostly clear when it appears along with
> TSx
> that it applies to that traffic, but not for the other notifications.
>
>
> --
> Michael Richardson. o O ( IPv6 IøT consulting )
>Sandelman Software Works Inc, Ottawa and Worldwide
>
>
>
>
> ___
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>
--
Daniel Migault
Ericsson
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
