Fwd: L2 devices can break PMTUD

[Jason Fesler]

It was suggested I also forward this here.

For those of you on both lists, my apologies.


---------- Forwarded message ----------
From: Jason Fesler <jfesler at gigo.com>
Date: Fri, Feb 27, 2015 at 9:56 AM
Subject: L2 devices can break PMTUD
To: "nanog at nanog.org" <nanog at nanog.org>


I've come across two service providers in the last couple of weeks
that have had issues with L2 devices eating IPv6 PMTUD packets.  I am
allowed to share some of the information from one of those service
providers here.

$ISP contacted me to ask more about why PMTUD was being reported as
broken on Android, Linux, Mac - but not being reported on Windows.
After some back and forth I was able to get $ISP to prove that ICMPv6
Packet Too Big messages were not making it to the client.  Windows
just happens to work around this issue.

Ultimately, they narrowed it down to be the access switch.  They
set one up in a lab, and sure enough, they could reproduce the problem
and actually capture packets upstream and downstream of it.

Device in question:  Calix E7-2 and E7-20.

To the vendor's credit, Calix started investigating immediately.  Within a
business week they were able to confirm it was a bug and told the $ISP
 that the next maintenance release should have the fix.

Last comment from $ISP:

"I’m not sure if I shared with you that the issue did not occur if the
VLAN was configured as a “TLAN” (transparent LAN).  Of course, in the
VLAN per service model (1:N) that isn’t set because you don’t’ want
everyone flooding their broadcast and multicast traffic to everyone
else."


-- 
 Jason Fesler, email/jabber <jfesler at gigo.com> resume: http://jfesler.com
 "Give a man fire, and he'll be warm for a day;
 set a man on fire, and he'll be warm for the rest of his life."