On 18 mei 2009, at 23:17, Joe Touch wrote:
Not necessarily. PMTUD for tunnels is just an optimization. There
is no
reason why you couldn't take full size inner packets and encapsulate
them in an outer packet that is then fragmented.
You wouldn't know to do that unless you had a different idea of the
MTU
at the endpoint. Or are you suggesting that ROHC do this (I don't
think
it would)...
Suppose the MTU is 1500, IPsec takes 50 bytes and ROHC may add 4 bytes
worst case but saves 32 bytes on average (completely made up numbers).
Now:
- packets smaller than 1500 - 50 - 4 = 1446 bytes can always be
carried without trouble, so nothing special happens
- packets larger than 1500 - 50 + 32 = 1482 bytes can never be carried
without fragmentation, so send a too big message.
- packets between 1446 and 1482 bytes will usually compress to
something that can be carried without fragmentation, so we don't send
a too big message. However, they may not compress, in which case the
resulting packet is larger than 1500 bytes. We then fragment the
packet upon sending and reassemble before detunneling.
The whole thing can be made dynamic so in the range 1446 - 1482 we
don't always fragment but rather when we see that we fragment too
much, we lower the MTU value reported back to sources until the level
of fragmentation is within reason.
