nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IP Fragmentation - Not reliable over the Internet?

From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Fri, 30 Aug 2013 15:39:39 +0900
Mark Andrews wrote:


Ensure that the firealls at both ends pass ICMP/ICMPv6 PTB.  Only
idiots block all ICMP/ICMPv6.  Yes there are a lot of idiots in the
world.


The worst idiots are people who designed ICMPv6 [RFC2463] as:

         (e.2) a packet destined to an IPv6 multicast address (there are
               two exceptions to this rule: (1) the Packet Too Big
               Message - Section 3.2 - to allow Path MTU discovery to
               work for IPv6 multicast, and (2) the Parameter Problem
               Message, Code 2 - Section 3.4 - reporting an unrecognized
               IPv6 option that has the Option Type highest-order two
               bits set to 10), or

which makes it necessary, unless you are idiots, to filter ICMPv6
PTB against certain packets, including but not limited to,
multicast ones.

                                                Masataka Ohta
Previous By Date Next
Previous By Thread Next

Current thread: