[74729] in North American Network Operators' Group
Re: I-D on operational MTU/fragmentation issues in tunneling
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Wed Oct 13 07:20:46 2004
In-Reply-To: <Pine.LNX.4.44.0410111104020.30360-100000@netcore.fi>
Cc: nanog@nanog.org
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Wed, 13 Oct 2004 13:17:06 +0200
To: Pekka Savola <pekkas@netcore.fi>
Errors-To: owner-nanog-outgoing@merit.edu
On 11-okt-04, at 10:12, Pekka Savola wrote:
> The document is about to be IETF Last Called for Informational RFC,
> but prior to that, I'd like to solicit comments/feedback/review from
> the people here because I'm 100% sure a lot of people have been faced
> with these issues (we certainly have..).
Well, tunnels suck. No news there.
It is interesting to note that at least one implementation provides a
special knob to fragment the inner packet prior to encapsulation even
if the DF bit has been set -- this is non-compliant behaviour, but
possibly has been required in certain tightly controlled passive
monitoring scenarios. Such a setup wouldn't work for packets which
have already been fragmented if they needed to be fragmented again,
though.
Why would it be impossible to refragment fragments???
I have a setup with dial-up over L2TP that doesn't support an MTU
bigger than 576 (which is completely unnecessary of course, but try
telling the people at the other end of the L2TP thingy that) so I clear
the DF bit for all incoming packets that have to go through the
PPP/L2TP tunnel. Works like a charm. (Surprisingly, all users seem to
have systems that are capable of reassembling 1.5 kB packets now.)
But I don't understand why anyone would want to use tunnels in the
backbone. That's what VLANs are for. And if you don't use ether, you
aren't bound by yester-millennium's 1500 byte MTU anyway.
In IPv6 there is the interesting problem that there are already many
tunnels all over the place that often have a 1280 byte MTU, so
tunneling over that can't be done because of the mandatory minimum MTU
of 1280 bytes.
