[129291] in North American Network Operators' Group
Re: ICMPv6 rate limits breaking PMTUD (and traceroute) [Re: Comcast
daemon@ATHENA.MIT.EDU (Pekka Savola)
Thu Sep 2 01:59:50 2010
Date: Thu, 2 Sep 2010 08:57:20 +0300 (EEST)
From: Pekka Savola <pekkas@netcore.fi>
To: Simon Leinen <simon.leinen@switch.ch>
In-Reply-To: <aa1v9d88n4.fsf_-_@switch.ch>
Cc: John Jason Brzozowski <john_brzozowski@cable.comcast.com>,
NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 1 Sep 2010, Simon Leinen wrote:
> Note that the same rate-limit will also cause stars in IPv6 traceroutes
> through popular routers if the default setting is used.
...
> Anybody knows which defaults are used by other devices/vendors?
I've noticed 6to4 relay rate-limiter blackholes before (e.g. in
Your.org relay in AMS, got quickly fixed once I reported it).
FWIW, Linux default is 1000pps and BSD has 100pps which is too low for
a popular relay. In our relays we've used 1000-3000pps.
The majority of ICMPv6's is caused by windows boxes testing the
relay's liveness.
Depending on the MTU configuration of the relay's tunnel interface
(there isn't a BCP on this I think), you will also get more issues if
you run the relay at MTU=1280 rather than (say) 1480. But using 1480
may result in an IPv4 blackhole if you source packets from an anycast
address and your destination is e.g. behind PPPoE, so...
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
