nanog mailing list archives
Re: v6 DNSSEC fail, was Buying IPv4 blocks
From: Bryce Wilson <bryce () thenetworknerds ca>
Date: Sun, 7 Oct 2018 23:09:01 -0700
On Oct 7, 2018, at 8:55 PM, Brandon Martin <lists.nanog () monmotha net> wrote: Except that, in IPv6-land, anyone with effective MTU < 1280 has the onus put on them to "make things work" i.e. come up with an adaptation layer or some sort of tunnel-layer transparent fragmentation. If you're relying on The Internet to fragment to <1280 for you, you're bound to see breakage. I'd like to think we can safely ignore this case in terms of operations. -- Brandon Martin
I am interested in what people would suggest as the best practice for dealing with any link of a nonstandard MTU lower than 1500. It’s usually fine for end users such as those with VPNs or other tunnels, but it can cause issues when it’s on an intermediary link. I am personally involved in a project that uses links with an MTU of 1410. It’s high enough that it should not be an issue for the most part, but it does cause me some concern. It’s at an internet exchange of sorts so it could, theoretically, transit data as an intermediate link with neither side of the connection being aware of its existence. Right now we don’t have much traffic so it’s fine, but it does beg the question of what we would do if we came upon an issue. We could set a “virtual” MTU of 1500 such that it will always fragment even if DF is set, but that’s out of spec so it may be a bad idea. Thanks ~ Bryce Wilson, AS202313
Current thread:
- Re: Buying IPv4 blocks, (continued)
- Re: Buying IPv4 blocks John Levine (Oct 04)
- Re: Buying IPv4 blocks Marco Davids via NANOG (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks John Levine (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Tinka (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Andrews (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Andrews (Oct 05)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 05)
- RE: v6 DNSSEC fail, was Buying IPv4 blocks Naslund, Steve (Oct 07)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 07)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Bryce Wilson (Oct 09)