[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: End System PMTUD behavior question
- To: Pekka Savola <pekkas@netcore.fi>, "Peter.Hunt@nokia.com" <Peter.Hunt@nokia.com>
- Subject: RE: End System PMTUD behavior question
- From: "Dunn, Jeffrey H." <jdunn@mitre.org>
- Date: Fri, 23 Jan 2009 09:36:01 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
- Cc: "shemant@cisco.com" <shemant@cisco.com>, "Huang, Frank" <fhuang@mitre.org>, "Sherman, Kurt T." <ksherman@mitre.org>, "ipv6@ietf.org" <ipv6@ietf.org>, "Liou, Chern" <csliou@mitre.org>, "steve_eiserman@uscourts.gov" <steve_eiserman@uscourts.gov>, "ipv6@ietf.org" <ipv6@ietf.org>, "v6ops@ops.ietf.org" <v6ops@ops.ietf.org>, "Grayeli, Parisa" <pgrayeli@mitre.org>, "Dunn, Jeffrey H." <jdunn@mitre.org>
- In-reply-to: <alpine.LRH.2.00.0901230751120.4544@netcore.fi>
- References: <3C6F21684E7C954193E6C7C4573B762701D3DD67DA@IMCMBX1.MITRE.ORG><B00EDD615E3C5344B0FFCBA910CF7E1D0632C176@xmb-rtp-20e.amer.cisco.com><3C6F21684E7C954193E6C7C4573B762701D3DD69E6@IMCMBX1.MITRE.ORG> <B00EDD615E3C5344B0FFCBA910CF7E1D0632C194@xmb-rtp-20e.amer.cisco.com> <808F2ECE7425024994976AC3D44BDCF4C8B900@vaebe108.NOE.Nokia.com> <alpine.LRH.2.00.0901230751120.4544@netcore.fi>
Pekka,
Good point. We use Wireshark to capture the send/receive sequence on the host. In addition, we reboot the machine between tests to ensure the PMTU cache is cleared, since we have show that, once learned, the host will immediately send fragmented ICMPv6 echo requests within the PMTU size.
Best Regards,
Jeffrey Dunn
Info Systems Eng., Lead
MITRE Corporation.
(301) 448-6965 (mobile)
-----Original Message-----
From: Pekka Savola [mailto:pekkas@netcore.fi]
Sent: Friday, January 23, 2009 1:03 AM
To: Peter.Hunt@nokia.com
Cc: shemant@cisco.com; Dunn, Jeffrey H.; Huang, Frank; Sherman, Kurt T.; ipv6@ietf.org; Liou, Chern; steve_eiserman@uscourts.gov; ipv6@ietf.org; v6ops@ops.ietf.org; Grayeli, Parisa
Subject: RE: End System PMTUD behavior question
On Fri, 23 Jan 2009, Peter.Hunt@nokia.com wrote:
> For example, if a user does a "ping -s 1500" to a destination whose PMTU is 1280, the only way to avoid IP fragmentation is for the ping
> application to split the data into multiple messages, or for IPCMPv6 to do so. Either way, you have to introduce some way to identify them
> as "ping fragments" and reassemble them in order. That will require changes to the ICMPv6 protocol, I think. Furthermore, you're no longer
> really doing a "ping 1500", but two pings of 1280 and 220 bytes, respectively.
FWIW, what Remi said, different ping programs probably do this
differently. And good ones allow you to do exactly what you want
(this is from Linux)
-M hint
Select Path MTU Discovery strategy. hint may be either _do_ (prohibit fragmentation, even local one), _want_ (do PMTU
discovery, fragment locally when packet size is large), or _dont_ (do not set DF flag).
When I use ping to figure out Path MTU issue, I usually have to run
tcpdump on the side to be 100% sure how ping is actually behaving,
because additionally, there's also PMTU caching on the local host.
Some older versions also didn't support '-M do' properly for IPv6.
So there are quite a few things that could lead to non-deterministic
behaviour.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings