Re: WIndows Updates Fail Via IPv6 - Update!

[Mark Andrews <marka () isc org>]

> On 6 Mar 2019, at 1:30 pm, Fernando Gont <fgont () si6networks com> wrote:
>
> On 3/3/19 18:04, Mark Andrews wrote:
> > There are lots of IDIOTS out there that BLOCK ALL ICMP.  That blocks PTB getting
> > back to the TCP servers.  There are also IDIOTS that deploy load balancers that
> > DO NOT LOOK INSIDE ICMP messages for redirecting ICMP messages to the correct
> > back end.  There are also IDOITS that rate limit PTB generation to ridiculously
> > low rates.  One should be able to generate PTB at line rate.
> >
> > Everyone that has configured mss-fix-up has contributed to misunderstanding that
> > you can block ICMP.  It is time we had a flag day to REMOVE mss-fix-up from all
> > the boxes you control.  We need to get PTB working and unfortunately that means
> > that we need to stop pandering to admins who don’t know how IP is supposed to
> > work.  ICMP is NOT optional.
>
> It would seem IETF's intention is to actually move away from
> ICMPv6-based PMTUD, to the extent that is possible. (RFC4821).

Which is not a reason to not fix broken equipment and misconfigured firewalls.
The workarounds are basically there because people deploy broken equipment.
Additionally everything isn’t TCP.

> Thanks,
> -- 
> Fernando Gont
> SI6 Networks
> e-mail: fgont () si6networks com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka () isc org