nanog mailing list archives

Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms

From: Saku Ytti <saku () ytti fi>
Date: Tue, 5 Mar 2019 13:05:09 +0200

On Tue, Mar 5, 2019 at 12:09 PM Joel Jaeggli <joelja () bogus com> wrote:

Parsing the icmp payload was something we considered in  rfc7690 but wasn’t one the approaches we pursued (we 
broadcasted the ptb to all hosts on the segment(s) behind the load balancers in our original implementation).

It actually seems like it is becoming feasible to do in an Ethernet switch ASIC like tofino if that is what you want 
to burn real estate on. Being worthwhile is another matter.


It is definitely possible in all relevant existing NPUs like Trio,
Solar, FP, EZChip, Lightspeed et.al. As it is within visibility of
lookup engine and it is at fixed offset. So not only possible but also
cheap.

-- 
  ++ytti

Current thread:

Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms, (continued)
- - - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Joel Jaeggli (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Thomas Bellman (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms,Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms sthaug (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Stephen Satchell (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Bjørn Mork (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Hunter Fuller (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Fernando Gont (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Mark Andrews (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Saku Ytti (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Joel Jaeggli (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Saku Ytti (Mar 05)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Töma Gavrichenkov (Mar 08)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Saku Ytti (Mar 08)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Tarko Tikan (Mar 08)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Töma Gavrichenkov (Mar 08)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Saku Ytti (Mar 08)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Töma Gavrichenkov (Mar 08)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Saku Ytti (Mar 08)
    - RE: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms adamv0025 (Mar 12)
    - Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms Saku Ytti (Mar 12)
    - RE: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms adamv0025 (Mar 12)

(Thread continues...)