On Mon, Apr 16, 2018 at 07:23:29AM +0200, Jason A. Donenfeld wrote:
> > See RFC4821, RFC8085 and
> > https://tools.ietf.org/html/draft-ietf-tsvwg-datagram-plpmtud-01
> > for more info about PLMTUD.
> >
> > https://datatracker.ietf.org/meeting/101/materials/slides-101-ipsecme-packetization-layer-pat
On Sun, Apr 15, 2018 at 7:51 PM, Tim Sedlmeyer wrote:
> - Which allowed-ip do you use?
> - If the allowed-ip is a network, which ip within it do you choose to ping?
> - If you are connected to a single peer with an allowed-ip of 0.0.0.0/0 what
> ip do you ping?
Yea, the actual IP discovery is a
On Sun, Apr 15, 2018 at 12:13 PM, Jason A. Donenfeld wrote:
> On Sun, Apr 15, 2018 at 6:06 PM, Tim Sedlmeyer wrote:
>> PMTUD on the Internet is often broken and increasingly becoming more
>> broken, so in my opinion introducing any level of potential security
>> concern to support it would be unw
On Sun, Apr 15, 2018 at 6:06 PM, Tim Sedlmeyer wrote:
> PMTUD on the Internet is often broken and increasingly becoming more
> broken, so in my opinion introducing any level of potential security
> concern to support it would be unwise.
I was wondering if there's actually an appropriate use case
PMTUD on the Internet is often broken and increasingly becoming more
broken, so in my opinion introducing any level of potential security
concern to support it would be unwise.
If MTU issues are regularly presenting a significant issue to
successful deployment of wireguard than in the short term I
On Sun, Apr 15, 2018 at 5:45 PM, Ryan Whelan wrote:
> I don't have an actual fix; but is something that could have a switch that
> could be configured per interface? I know knobs and controls aren't really
> desirable, but if Off by default, it would encourage those turning it on to
> understand
I don't have an actual fix; but is something that could have a switch that
could be configured per interface? I know knobs and controls aren't really
desirable, but if Off by default, it would encourage those turning it on to
understand what they're exposing.
$0.02
On Sun, Apr 15, 2018 at 10:08
Hi list,
[CC'ing Luis, who's been working on this with me.]
I've more or less figured out how to do PMTU discovery (something
along the lines of https://xn--4db.cc/WFHQzX2o/c inspired by the vti
driver). I wonder, however, if this is safe to do.
The basic idea is that if you're talking to a Wire
