IETF Logo Mail Archive

Re: [dnsext] draft-andrews-dnsext-ipv6-fragmentation

Mark Andrews <marka@isc.org> Mon, 05 December 2011 05:25 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 785DD1F0C3F; Sun, 4 Dec 2011 21:25:03 -0800 (PST)
X-Quarantine-ID: <FCdmdKFfjkdO>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "Cc"
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FCdmdKFfjkdO; Sun, 4 Dec 2011 21:25:03 -0800 (PST)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) by ietfa.amsl.com (Postfix) with ESMTP id CD5071F0C36; Sun, 4 Dec 2011 21:24:59 -0800 (PST)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "bikeshed.isc.org", Issuer "ISC CA" (verified OK)) by mx.ams1.isc.org (Postfix) with ESMTPS id 50CD15F9906; Mon, 5 Dec 2011 05:24:41 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (unknown [IPv6:2001:470:1f00:820:fce5:1941:667f:5022]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id B6787216C6B; Mon, 5 Dec 2011 05:24:39 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (Postfix) with ESMTP id C4DA81913544; Mon, 5 Dec 2011 16:24:36 +1100 (EST)
To: Stephan Lagerholm <stephan.lagerholm@secure64.com>
From: Mark Andrews <marka@isc.org>
References: <20111204074710.64552.qmail@joyce.lan> <4EDBEA1D.4040806@ogud.com><AA039D53-2F83-40D2-9251-C88D3362F144@vpnc.org> <20111204230152.BF424190D6B3@drugs.dv.isc.org> <DD056A31A84CFC4AB501BD56D1E14BBBB5C0E2@exchange.secure64.com>
In-reply-to: Your message of "Sun, 04 Dec 2011 21:49:30 PDT." <DD056A31A84CFC4AB501BD56D1E14BBBB5C0E2@exchange.secure64.com>
Date: Mon, 05 Dec 2011 16:24:36 +1100
Message-Id: <20111205052436.C4DA81913544@drugs.dv.isc.org>
Cc: 6man@ietf.org, dnsext@ietf.org
Subject: Re: [dnsext] draft-andrews-dnsext-ipv6-fragmentation
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2011 05:25:03 -0000

In message <DD056A31A84CFC4AB501BD56D1E14BBBB5C0E2@exchange.secure64.com>, "Ste
phan Lagerholm" writes:
> Hi Mark,
> 
> You can get blocked ICMP 'packet too big' even if you have the MTU set
> to 1280.=20
> 
> RFC 2460:
> In response to an IPv6 packet that is sent to an IPv4 destination (i.e.,
> a packet that undergoes translation from IPv6=20
> to IPv4), the originating IPv6 node may receive an ICMP Packet Too Big
> message reporting a Next-Hop MTU less than 1280.=20
> In that case, the IPv6 node is not required to reduce the size of
> subsequent packets to less than 1280, but must include=20
> a Fragment header in those packets so that the IPv6-to-IPv4 translating
> router can obtain a suitable Identification=20
> value to use in resulting IPv4 fragments. Note that this means the
> payload may have to be reduced to 1232 octets (1280=20
> minus 40 for the IPv6 header and 8 for the Fragment header), and smaller
> still if additional extension headers are used.

Which just mean that 6man needs to extend the IPv6 socket API so
that the insertion of a fragment header can be signaled.  Or
IPV6_USE_MIN_MTU=1 needs to imply that a fragment header needs to
be added to packets that are not fragmented.  Currently IPV6_USE_MIN_MTU
doesn't quite fully disable PMTUD.

RFC 3542 allows you to turn off adding the adding of Fragment headr
by there is no mechanism to force the adding of a Fragment header.

> /Stephan
> 
> > -----Original Message-----
> > From: dnsext-bounces@ietf.org [mailto:dnsext-bounces@ietf.org] On
> > Behalf Of Mark Andrews
> > Sent: Sunday, December 04, 2011 6:02 PM
> > To: Paul Hoffman
> > Cc: dnsext@ietf.org; Olafur Gudmundsson
> > Subject: Re: [dnsext] draft-levine-dnsextlang-02
> >=20
> > On a similar matter I was in the process of submitting the following.
> > I just needed to address internal comments.  I also think my EDNS
> > expire option still needs to be addressed though I suspect I'll do
> that
> > as a individual submission.
> >=20
> > Mark
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org

v2.30.2 | Report a Bug | By Email | System Status