Re: [v6ops] Happy eyeballs suggestions, was: Re: Apple and IPv6, a few clarifications

[Mark Andrews <marka@isc.org>]

In message <6ACE98FF-8609-46B2-BD35-78D413BE6F0E@muada.com>, Iljitsch van Beijn
um writes:
> On 23 Jun 2015, at 1:18, james woodyatt <jhw@nestlabs.com> wrote:
> 
> >> As such:  I'm 99.9% sure this works the same way for UDP as for 
> ICMPv6; 
> 
> > It does.
> 
> So then why would this be a problem:
> 
> > pass straight through parts of the network with PMTU=1492 without 
> generating errors and therefore never exercising any application layer 
> logic needed to deal with UDP-PMTUD, which is typically not there at all 
> because developers are well, they often dont do it.
> 
> What exactly are you objecting to? That the translated packets are too 
> small to trigger too bigs? That also happens with native IPv6 if the path 
> supports 1500 bytes. So if you want to test for paths with < 1500 PMTUs, 
> you will have to, you know, do the work to test with paths with < 1500 
> PTMUs.
> 
> If your problem is that applications don't handle incoming too bigs, then 
> be glad you're behind a NAT64 because this is indeed a problem with IPv4 
> (but easily solved by simply setting the DF bit to 0!) but it isn't for 
> IPv6, as we just agreed that with IPv6, the IP layer catches too bigs and 
> fragments subsequent packets without involvement from the application.

For named (DNS) we just set IPV6_USE_MIN_MTU=1 for *both* TCP and
UDP.  PMTUD is a problem for TCP as well as UDP (load balancers /
filters).  We also send EDNS UDP requests with various response
sizes in the requests and look at actual response sizes because
there are idiots with firewalls that think dropping fragmented
packets is a good thing to do.

Unfortunately there are stacks that don't consider IPV6_USE_MIN_MTU
when performing MSS negotiation which is really wrong because when
it is set to 1 the MTU *is* 1280.  One really shouldn't have to
spell out the relationship.

[rock:~/git/bind9.drugs] marka% grep srtt /var/named/named_dump.db | grep udpsize | grep :
;	2620:74:19::33 [srtt 379894] [flags 00006000] [edns 10/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 218]
;	2610:a1:1014::78 [srtt 129911] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 444]
;	2001:502:cbe4::33 [srtt 163948] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 218]
;	2001:503:83eb::2:31 [srtt 317999] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 333]
;	2607:f208:302::30 [srtt 126230] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 434]
;	2001:500:2c::254 [srtt 228230] [flags 00006000] [edns 4/0/0/0/0] [plain 0/0] [udpsize 1640] [ttl -116]
;	2001:67c:1010:13::53 [srtt 208027] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 437]
;	2001:500:e::1 [srtt 257600] [flags 00006000] [edns 4/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2a02:1788:0:600::c742:c805 [srtt 155908] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 444]
;	2001:500:71::30 [srtt 204866] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 1652]
;	2001:500:90:1::27 [srtt 122709] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 268]
;	2001:500:7967::2:33 [srtt 120860] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 218]
;	2606:2800:1::5 [srtt 173309] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 270]
;	2400:cb00:2049:1::adf5:3b1f [srtt 115518] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2001:dcd:5::101 [srtt 462281] [flags 00006000] [edns 4/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 428]
;	2600:1401:1::41 [srtt 235626] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 218]
;	2001:500:1b::1 [srtt 434090] [flags 00006000] [edns 3/1/1/1/1] [plain 0/0] [udpsize 512] [ttl 439]
;	2407:6e00:253:306::73 [srtt 73080] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 432]
;	2400:cb00:2049:1::c629:de1f [srtt 116161] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2001:500:94:1::20 [srtt 159376] [flags 00006000] [edns 3/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 268]
;	2001:dce:2000:2::130 [srtt 134191] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 437]
;	2600:1401:2::42 [srtt 176795] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 218]
;	2001:500:48::1 [srtt 180877] [flags 00006000] [edns 4/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2001:a10:121:1::156 [srtt 318167] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 267]
;	2001:500:90:1::20 [srtt 198783] [flags 00006000] [edns 3/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 268]
;	2a01:8840:6::1 [srtt 170706] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 1652]
;	2001:502:ad09::14 [srtt 219604] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 437]
;	2600:1802:4::1 [srtt 174653] [flags 00006000] [edns 4/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 436]
;	2620:0:150:4013::5 [srtt 298185] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 267]
;	2600:1401:2::ad [srtt 180765] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 436]
;	2001:500:94:1::34 [srtt 110366] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 269]
;	2606:2800:1::6 [srtt 116409] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 270]
;	2001:500:90::100 [srtt 215880] [flags 00006000] [edns 8/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 220]
;	2001:500:f::1 [srtt 133137] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2001:503:a83e::2:31 [srtt 262167] [flags 00006000] [edns 18/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 333]
;	2001:dce:7000:2::130 [srtt 363522] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 437]
;	2001:4868:108:1:223:8bff:fea9:dbf8 [srtt 360151] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 260]
;	2001:502:ad09::3 [srtt 217370] [flags 00006000] [edns 2/1/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2001:500:90:1::34 [srtt 118925] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 269]
;	2001:500:b::1 [srtt 146381] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 266]
;	2001:1a68:0:17::238 [srtt 496218] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 267]
;	2001:500:4431::2:30 [srtt 291357] [flags 00006000] [edns 1/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 259]
;	2001:500:60::30 [srtt 187678] [flags 00006000] [edns 2/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 1652]
;	2001:dcd:6::101 [srtt 534725] [flags 00006000] [edns 5/0/0/0/0] [plain 0/0] [udpsize 512] [ttl 428]
[rock:~/git/bind9.drugs] marka% 

> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org