option 212 for 6RD

Ivan Pepelnjak ipepelnjak at gmail.com
Fri Jan 18 11:55:55 CET 2013

> That said, if you read between the lines of the original question, it
> suggests:  I have no control over my subscribers' CPEs . Which makes the
> LAN MTU solution extremely impractical to deploy. In that situation, the
> solution that is the most likely to yield the best effect, would be to
> enable TCP MSS clamping for 6RD traffic on the BR (or somewhere else in
> the ISP's core network). IMHO.

Can 6rd BRs do MSS clamping in forwarding hardware? Matching the TCP SYN packets is easy, modifying them less so (and then there's the case of SYN packets already having MSS option).

If the MSS clamping is done in software, we'd just open another avenue for DoS attacks.


More information about the ipv6-ops mailing list