[IPsec] draft-smyslov-ipsecme-ikev2-fragmentation-00 fragmentation size question
Paul Wouters <paul@cypherpunks.ca> Fri, 08 March 2013 23:14 UTC
Return-Path: <paul@cypherpunks.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45AEE21F84EF for <ipsec@ietfa.amsl.com>; Fri, 8 Mar 2013 15:14:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.127
X-Spam-Level:
X-Spam-Status: No, score=-2.127 tagged_above=-999 required=5 tests=[AWL=0.472, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c7CodhT6N2hk for <ipsec@ietfa.amsl.com>; Fri, 8 Mar 2013 15:14:25 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) by ietfa.amsl.com (Postfix) with ESMTP id B2A4B21F84DC for <ipsec@ietf.org>; Fri, 8 Mar 2013 15:14:25 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3ZN4KT50tnz7t1; Fri, 8 Mar 2013 18:14:21 -0500 (EST)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id R13Rp_9LSYBz; Fri, 8 Mar 2013 18:14:16 -0500 (EST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) by mx.nohats.ca (Postfix) with ESMTP; Fri, 8 Mar 2013 18:14:15 -0500 (EST)
Received: by bofh.nohats.ca (Postfix, from userid 500) id A8C2180D39; Fri, 8 Mar 2013 18:14:16 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id A043F80D38; Fri, 8 Mar 2013 18:14:16 -0500 (EST)
Date: Fri, 08 Mar 2013 18:14:16 -0500
From: Paul Wouters <paul@cypherpunks.ca>
X-X-Sender: paul@bofh.nohats.ca
To: "ipsec@ietf.org WG" <ipsec@ietf.org>
Message-ID: <alpine.LFD.2.03.1303081804390.15135@nohats.ca>
User-Agent: Alpine 2.03 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Cc: svan@elvis.ru
Subject: [IPsec] draft-smyslov-ipsecme-ikev2-fragmentation-00 fragmentation size question
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2013 23:14:26 -0000
I have a question about http://tools.ietf.org/html/draft-smyslov-ipsecme-ikev2-fragmentation-00#section-2.5.1 It states: 2.5.1. Fragment size When breaking content of Encrypted Payload down into parts sender SHOULD chose size of those parts so, that resulting message sizes not exceed fragmentation threshold - be small enough to avoid IP fragmentation. If sender has some knowledge about PMTU size it MAY use it. Otherwise for messages to be sent over IPv6 it is RECOMMENDED to use value 1280 bytes as a maximum message size ([RFC2460]). For messages to be sent over IPv4 it is RECOMENDED to use value 576 bytes as a maximum message size. What is "message size" here referring to? The fragmentation payload, or the total packet length? That is, is it recommended that the packet size is 576/1280 including the full IP header and ISAKMP header, or that the packet size is 576/1280 plus the IP header and ISAKMP header? (and can the text in the next draft be clarified to indicate this better?) Paul
- [IPsec] draft-smyslov-ipsecme-ikev2-fragmentation… Paul Wouters
- Re: [IPsec] draft-smyslov-ipsecme-ikev2-fragmenta… Paul Wouters
- Re: [IPsec] draft-smyslov-ipsecme-ikev2-fragmenta… Valery Smyslov