dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
59
share rss forum feed

rpnc

join:2011-06-08
Markham, ON
reply to Mersault

Re: IPv6 beta

said by Mersault:

said by TSI Gabe:

you absolutely need to configure your MTU to 1486 wether you are using MLPPP or not.

Well let me rephrase that...1492 without MLPPP. 1486 with MLPPP. You cannot use 1500.

Regardless of what MTU I use, the device at 2607:f2c0:1:2110::13 should be able to handle fragmented IPv6 packets, should it not? The F5 support site (support.f5.com) fragments packets (whether this this wise on their part or not is irrelevant, they fragment) and so it's impossible to view that site without explicitly setting your MTU to be be sub-1500. If 2607:f2c0:1:2110::13 would pass the fragments at least the site should load.

IPv6 routers do not fragment packets - unlike IPv4. So if one side chooses too big of IPv6 packet then it won't make it to the other side. IPv6 is supposed to choose the lowest MTU along a path but it's better to set the lower MTU yourself.

34764170

join:2007-09-06
Etobicoke, ON
said by rpnc:

IPv6 routers do not fragment packets - unlike IPv4. So if one side chooses too big of IPv6 packet then it won't make it to the other side. IPv6 is supposed to choose the lowest MTU along a path but it's better to set the lower MTU yourself.

I'm not saying this is an issue here but a general comment..

With IPv6 it is critical for path MTU discovery to work properly. Problem is too many break path MTU discovery within the IPv4 world with wrong firewall rules never mind with IPv6 where too many people use the same set of wrong firewall rules and the pain is much much greater. Too many people foolishly block all ICMP and that is wrong. But they seemingly like having a broken network I guess.


Mersault

join:2007-10-26
Toronto, ON
reply to rpnc
said by rpnc:

IPv6 routers do not fragment packets - unlike IPv4. So if one side chooses too big of IPv6 packet then it won't make it to the other side. IPv6 is supposed to choose the lowest MTU along a path but it's better to set the lower MTU yourself.

While in a perfect world this would be true, it's not what I have observed. IPv6 was designed with the idea that it would do MTU path discovery, and that upper layer protocols would sort out payload size. DNSSEC pretty much blew that idea out of the water. DNS can't do fragments, and DNSSEC responses regularly blow past 1500 bytes. But I'm not even talking about DNSSEC. I've seen websites that fragment over IPv6.

Now I'm not saying it's correct. I'm just saying it happens. And it's one of those instances where the adage that you should be liberal in what you accept and conservative in what you transmit holds true. While I certainly would be dismayed to learn a webhost I ran was fragmenting packets improperly, I'm equally dismayed to learn that my network can't handle them correctly.

Majromax

join:2012-09-02
Dollard-Des-Ormeaux, QC

1 recommendation

said by Mersault:

said by rpnc:

IPv6 routers do not fragment packets - unlike IPv4.

While in a perfect world this would be true, it's not what I have observed. IPv6 was designed with the idea that it would do MTU path discovery, and that upper layer protocols would sort out payload size.

Rpnc is correct above. In the IPv6 specification, along-route routers must not independently fragment packets. The originating host, however, may. This is perfectly acceptable, and it is in fact required behaviour. The IPv6 specification requires hosts to allow fragment reassembly up to 1500 octets (bytes), and a host may silently drop larger reassembled packets. For best performance the upper-layer protocols shouldn't be sending packets larger than the MTU, but anything = 1500 octets is supposed to get there by specification, even if fragmentation is necessary by the IP layer.

The IPv6 behaviour here is analogous to the IPv4 behaviour when the 'Don't Fragment' bit is set. Otherwise, IPv4 routers are permitted to fragment packets en-route, and this becomes extremely complicated when routers can potentially re-fragment the fragments. Since they never manipulate fragments themselves, IPv6 routers can be dumber.