[LAC-TF] Protocolos a full Std (Fwd: Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard)
Fernando Gont
fgont at si6networks.com
Thu Feb 9 22:55:21 BRST 2017
Estimados,
Un heads-up: estamos moviendo a full standard protocolos que se sabe que
funcionan mal en Internet.
En algun momento alguien les va a decir que "este es un protocolo
maduro", a lo que la comunidad deberia responder "pero no funciona" :-)
Saludos,
Fernando
-------- Forwarded Message --------
Subject: Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU
Discovery for IP version 6) to Internet Standard
Date: Fri, 10 Feb 2017 13:23:46 +1300
From: Brian E Carpenter <brian.e.carpenter at gmail.com>
Organization: University of Auckland
To: otroan at employees.org, Randy Bush <randy at psg.com>
CC: ietf at ietf.org
On 09/02/2017 20:39, otroan at employees.org wrote:
>>>>>> "Many network security devices block all ICMP messages for perceived
>>>>>> security benefits, including the errors that are necessary for the proper
>>>>>> operation of PMTUD. This can result in connections that complete the
>>>>>> TCP three-way handshake correctly, but then hang when data is transferred.
>>>>>> This state is referred to as a black hole connection."
>>>>>
>>>>> Yes. What we are asked to do for Internet Standard is show that a protocol
>>>>> is widely deployed and is interoperable. That's undoubtedly true of RFC1981.
>>>>> The fact that it also has an important failure mode should certainly be
>>>>> documented, but I suspect that every Internet Standard has at least
>>>>> one important failure mode.
>>>>
>>>> the problem is that this particular failure mode is essentially "does
>>>> not work on the real internet." perhaps documenting that is useful.
>>>> but i guess this is ipv6.
>>>
>>> I fully agree that it should be documented, but the details are already
>>> documented elsewhere. In this document it can be quite short.
>>
>> i have no problem with terse :)
>>
>> "Unfortunately, this protocol does not actually work on the real
>> internet, see \cite{elsewhere}," seems fine to me.
>
> In the discussion with Joe, we came up with something along the lines of:
>
> "Many network security devices block all ICMP messages for perceived
> security benefits, including the errors that are necessary for the proper
> operation of PMTUD. This can result in connections that complete the
> TCP three-way handshake correctly, but then hang when data is transferred.
> This state is referred to as a black hole connection. This is one significant
> example of how PMTUD is broken on the Internet."
wfm, subject to Randy's language nit.
Brian
More information about the LACTF
mailing list