[145187] in North American Network Operators' Group
RE: Cisco 7600 PFC3B(XL) and IPv6 packets with fragmentation header
daemon@ATHENA.MIT.EDU (Vinny_Abello@Dell.com)
Fri Sep 30 11:55:03 2011
From: <Vinny_Abello@Dell.com>
To: <saku@ytti.fi>, <nanog@nanog.org>
Date: Fri, 30 Sep 2011 15:53:19 +0000
In-Reply-To: <20110930142639.GA30986@pob.ytti.fi>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Path MTU discovery would also break... oh wait, that's usually broken anywa=
y.
-Vinny
-----Original Message-----
From: Saku Ytti [mailto:saku@ytti.fi]=20
Sent: Friday, September 30, 2011 10:27 AM
To: nanog@nanog.org
Subject: Re: Cisco 7600 PFC3B(XL) and IPv6 packets with fragmentation heade=
r
On (2011-09-30 10:09 -0400), Christopher Morrow wrote:
> a switch to be used that stops processing this sort of thing, in an
> internet core (and honestly most enterprise core) routers, all I want
> is packet-in/packet-out. there's no need for anything else, stop
> trying to send line-rate packets to the cpu.
This would break e.g. RSVP. For some instances dropping all of them in hard=
ware
is an option, for other instances ignoring and forwarding without understan=
ding
is ok but some situation you simply must punt.
> no. all you need is a default 'do not process these, just fwd them'
> switch. (or, a switch at any rate that the operator can select one way
> or the other, they SHOULD know what is the best for their deployment).
It would also break L4 ACL under certain situations, as well as RSVP as alr=
eady
explained. And probably issues I'm not aware of. Unsure if blind forwarding=
is
best option. But I'm all for giving operator options, but calling it stupid
that vendors punt something is misguided.
> I really think zero limit is the right limit... (for a large number of
> deployments)
Traceroute would also break. Unpoliced punting certainly is extremely unwis=
e,
but punting to a level that does not introduce significant CPU load, should=
be
safest default.
--=20
++ytti
