On Tue, 14 Oct 2003, David Stevens wrote:
> I was trying out 6to4 and noticed that the v4 encapsulating header has DF
> set, which RFC3056 says should not be set.
>
> Because ICMPv4 won't, in general, include enough packet to determine the
> original v6 sender, end-to-end PMTU won't work. The possible use I could
> see is if the tunnel MTU is modified based on the PTMU (I didn't check),
> but that's probably not a good idea for any tunnels that have "any" as
> the remote v4 address. Doing that would force all MTU's to the lowest of
> any v4 destination's path.
>
> So, I think it's appropriate to always clear IP DF in the IPv4 header
> generated by SIT, but I thought I'd see if anyone else has a comment on
> that before I submit the trivial patch. :-)
>
> Any thoughts?
Seems like a good idea. The only thing I'm worried about is when someone
is attached to a network of at least 1500 MTU (at IPv6 level), and uses
6to4 -- then basically every IPv6 packet over 1480 bytes will be
fragmented in the network, even though it could potentially be chopped to
smaller pieces already in the end-nodes.
Just wondering how our 6to4 implementation handles this case at the
moment..
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
|