Fwd: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages
Rémi Després <remi.despres@free.fr> Mon, 08 March 2010 17:26 UTC
Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0A8663A69D3 for <ietfarch-v6ops-archive@core3.amsl.com>; Mon, 8 Mar 2010 09:26:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.084
X-Spam-Level:
X-Spam-Status: No, score=-1.084 tagged_above=-999 required=5 tests=[AWL=-0.686, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l8rjJlFiewfe for <ietfarch-v6ops-archive@core3.amsl.com>; Mon, 8 Mar 2010 09:26:30 -0800 (PST)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D6F0D3A6AD4 for <v6ops-archive@lists.ietf.org>; Mon, 8 Mar 2010 09:26:28 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1Nogch-000InW-7h for v6ops-data0@psg.com; Mon, 08 Mar 2010 17:20:07 +0000
Received: from [212.27.42.6] (helo=smtp6-g21.free.fr) by psg.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <remi.despres@free.fr>) id 1Nogcd-000ImO-Rt for v6ops@ops.ietf.org; Mon, 08 Mar 2010 17:20:04 +0000
Received: from smtp6-g21.free.fr (localhost [127.0.0.1]) by smtp6-g21.free.fr (Postfix) with ESMTP id E31FFE08092 for <v6ops@ops.ietf.org>; Mon, 8 Mar 2010 18:19:58 +0100 (CET)
Received: from [192.168.0.10] (per92-10-88-166-221-144.fbx.proxad.net [88.166.221.144]) by smtp6-g21.free.fr (Postfix) with ESMTP id E6F18E080EB for <v6ops@ops.ietf.org>; Mon, 8 Mar 2010 18:19:50 +0100 (CET)
From: Rémi Després <remi.despres@free.fr>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: Fwd: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages
Date: Mon, 08 Mar 2010 18:19:50 +0100
References: <E4D58FF5-3728-46CD-9E20-F28EADC4D174@free.fr>
To: IPv6 v6ops <v6ops@ops.ietf.org>
Message-Id: <7A4FF316-2F67-4DDF-B6BF-91E5D7A7E079@free.fr>
Mime-Version: 1.0 (Apple Message framework v1077)
X-Mailer: Apple Mail (2.1077)
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>
Retransmission to the list (omitted by mistake). Début du message réexpédié : > De : Rémi Després <remi.despres@free.fr> > Date : 8 mars 2010 09:22:38 HNEC > À : james woodyatt <jhw@apple.com> > Cc : Brian E Carpenter <brian.e.carpenter@gmail.com> > Objet : Rép : I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages > > James, > > Sorry to come so late on this tread. > But the point below is IMHO important. > > In the draft, the only REC-n concerning ICMP is so far: > "REC-16: If a gateway forwards a UDP exchange, it MUST also forward ICMP Destination Unreachable messages containing UDP headers that match the exchange state record." > > In my understanding, what is needed is, for each of the transport protocols: > "REC-n: If a gateway forwards a NNN exchange, it MUST also forward, in both directions, ICMP Error messages containing UDP headers that match the exchange state record." > > - Forwarded error messages must be also for TCP, DCCP, etc., and must be more general than just Destination Unreachable: they must include in particular Packet Too Big notifications which are essential for IPv6 path-MTU discovery. > - Reliable PMTUD is much more important in IPv6 than in IPv4. > While IPv4 packets can be fragmented within the network where they are too long for the local MTU, IPv6 fragmentation is only end to end. > Thus, as long as PMTUD cannot be considered reliable, all IPv6 MTUs must remain clamped to 1280 octets. > This is not really dramatic, but is significantly less than optimum in many environments. Furthermore, in dual-stack hosts that apply the same MTU to IPv4 and IPv6, and also to on-link and off-link packets, this limitation spreads out to on-link IPv4 packets, which is also less dramatic than losing connectivity, but is unfortunate. > > I have added Brian as destination because of the point he made, in Softwire, that in IPv6-PMTUD was unreliable. > > Regards, > > RD > > > >> everyone-- >> >> Once again, I'd like to ask for some discussion and feedback on this draft. Is there any reason this revision of the draft should not proceed to Working Group Last Call at this time? >> >> >> -- >> james woodyatt <jhw@apple.com> >> member of technical staff, communications engineering >> >> >> >
- I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Baugher
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Fred Baker
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Fred Baker
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Baugher
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Baugher
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Baugher
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Ole Troan
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Baugher
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Baugher
- RE: I-D.ietf-v6ops-cpe-simple-security-09 STARK, BARBARA H (ATTLABS)
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Fwd: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP… Rémi Després
- Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP … james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP … Rémi Després
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Brian E Carpenter
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Smith
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Brian E Carpenter
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Brian E Carpenter
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Fred Baker
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Fred Baker
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Fred Baker
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Shane Amante
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Smith
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Cameron Byrne
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Smith
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Gert Doering
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Brian E Carpenter
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Smith
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Brian E Carpenter
- Re: I-D.ietf-v6ops-cpe-simple-security-09 james woodyatt
- Status of RFC 4864 (was Re: I-D.ietf-v6ops-cpe-si… Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Smith
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Mark Townsley
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Ole Troan
- Re: I-D.ietf-v6ops-cpe-simple-security-09 Brian E Carpenter