Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard

Fernando Gont <> Wed, 08 February 2017 13:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6715D129A4F; Wed, 8 Feb 2017 05:36:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id tBLFKVG927mS; Wed, 8 Feb 2017 05:36:28 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 22FA9129536; Wed, 8 Feb 2017 05:36:28 -0800 (PST)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 949CC80F86; Wed, 8 Feb 2017 14:36:21 +0100 (CET)
From: Fernando Gont <>
Subject: Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard
To:, Joe Touch <>
References: <> <> <> <> <> <> <> <> <> <> <>
X-Enigmail-Draft-Status: N1110
Message-ID: <>
Date: Wed, 8 Feb 2017 10:07:02 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Archived-At: <>
Cc: 6man WG <>, "" <>, "" <>, Randy Bush <>, "" <>, "" <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 08 Feb 2017 13:36:31 -0000

On 02/07/2017 05:06 PM, wrote:
>>> Could you expand on your view of how this pertains to advancing
>>> RFC1981?
>> It's called last call input. My input is that this document needs
>> to be more realistic in noting that, for all intents, ICMP-based
>> MTU discovery isn't viable and that other methods need to be
>> *expected*, not just that they're available.
> Right, but if you are correct that ICMP-based MTU discovery is not
> viable then this document should not be advanced. At the same time
> for many protocols we have nothing else. An operator can break any
> protocol if that's their policy. And that's the breakage we're
> talking about here, not any issues with the protocol specification.
> There is a philosophical aspect of this. (Which I'm not the best
> person to represent as I skipped my University studies in philosophy
> and used the student loan to buy a motorcycle... (and only read the
> art of motorcycle maintenance years later) ) This is a tussle. The
> IETF specifies protocols under the assumption that operators treat
> those protocols largely as specified. The 5-10% failure of PMTUD
> messages may be caused by misconfiguration, misunderstanding or
> mis-intent... Many of our protocols are suffering from the same fate.
> Should the IETF adjust all its protocols to be as middlebox friendly
> as possible? You can make this argument about IPv6 fragments, any
> packet with IPv6 extension headers, IPv4 fragments. Or anything but
> TCP port 443/80 and UDP port 53 for that matter. Are we as the IETF
> going to continue standardising protocols to work as best as they
> possible can, ignoring protocol abuse, or are we going to bend over
> and do whatever it takes to make it work for those 5-10% who've
> actively broken the protocol? What about the 90-90% where the
> protocols work as expected?

There are two things to note here:

1) the folk breaking PMTUD is probably not the guy suffering from that
breakage. So the had that "bad-hevaed" nodes hurt the "well behaved"
nodes (i.e., you cannot claim "you're shooting your own foot).

2) Being an engineering group I would expect our protocols to work in
the real world -- that's the point of engineering: solving problems.  At
the end of the day, you can build stuff that works, or complain that way
too many people are doing dumb things (for some meaning of "dumb"). --
But the later will not make protocols work, nor solve problems.

In that sense, I agree with Joe, and Randy Bush here.

Fernando Gont
SI6 Networks
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492