option 212 for 6RD
remi.despres at free.fr
Tue Jan 15 11:59:01 CET 2013
I didn't follow all this discussion, but it reminds me of an old one (see e.g. http://www.ietf.org/mail-archive/web/v6ops/current/msg14428.html).
Facts I know:
- MSS clamping is a complete solution for TCP (and is stateless)
- It effective for intra-domain traffic only if supported in CEs
- It is useful to have it in CEs AND BRs, for both traffic directions in each. This is redundant but useful in BRs as long as some CEs don't support it.
- In a CE that supports MSS clamping, UDP still needs a complementary approach.
What each manufacturer does is of course responsibility but, as far as users are concerned, MSS clamping in both directions, and in both BRs and CEs, never hurts and eliminates in TCP some potential problems.
Le 2013-01-15 à 09:55, Mikael Abrahamsson <swmike at swm.pp.se> a écrit :
> On Tue, 15 Jan 2013, Tore Anderson wrote:
>> The 6RD BR does not need to maintain state to determine whether or not a packet is TCP SYN, it only has to look into the layer 4 header. And if you're doing any stateless ACLs such as dropping 25/tcp or 137/tcp and so on, it's doing that already anyway.
> Well, Cisco 7600 is one platform I would imagine wouldn't have this functionality. It doesn't seem to exist on the CPU platforms like 7200 either. At least the 7200 could easily do it if they wanted to.
> Mikael Abrahamsson email: swmike at swm.pp.se
More information about the ipv6-ops