option 212 for 6RD
tore at fud.no
Tue Jan 15 09:26:52 CET 2013
* Mikael Abrahamsson
>> TCP MSS clamping, on the other hand, could be done by the 6RD BR,
>> and yield beneficial results for all the subscribers (regardless of
>> their HGWs implementing the RA LAN MTU trick or not).
> Well, that is a problem because some of the best 6RD platforms are
> completely stateless and don't do MSS rewrite. You have to look into
> every packet to do this, consuming resources.
The 6RD BR does not need to maintain state to determine whether or not a
packet is TCP SYN, it only has to look into the layer 4 header. And if
you're doing any stateless ACLs such as dropping 25/tcp or 137/tcp and
so on, it's doing that already anyway.
It would appear to me that asking your 6RD BR vendor to implement TCP
MSS clamping is likely a much easier way to accomplish the goal, than
asking every HGW manufacturers on the planet to lower the LAN MTU (or
implement IPv6 TCP MSS clamping for that matter) is. After all, you
won't have many different BR vendors to deal with. Compare that to the
gazillion of HGW manufacturers out there.
Take it from me, I attempted to persuade several HGW manufacturers to
stop doing 6to4...it's simply not worth the effort to be honest, and in
those cases something was actually done, the already shipped units are
still out there and will likely never be upgraded to a fixed version.
More information about the ipv6-ops