[GTALUG] Calling all networking and SVN gurus
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Mon Jun 10 15:34:18 EDT 2019
On Sat, Jun 08, 2019 at 05:08:54PM -0400, Jamon Camisso via talk wrote:
> True enough, but it is also easy to check and determine whether it is an
> issue. I get a ticket or two a month with remote employees who are
> connecting from strange places, or have issues with VPNs, and quite a
> few are MTU related.
>
> I'm curious about PMTUD now: my understanding is that ICMP needs to be
> unrestricted between server & client. If something is blocking that
> traffic how does it work? Also how does PTMUD handle asymmetric paths?
RFC 4890 explicitly says some types of ICMPv6 must not be filtered.
They are:
- Destination Unreachable (Type 1) - All codes
- Packet Too Big (Type 2)
- Time Exceeded (Type 3) - Code 0 only
- Parameter Problem (Type 4) - Codes 1 and 2 only
They also suggest echo request/response should be allowed.
Anyone that filters the first ones will break IPv6. Some ISPs are
unfortunately that crappy.
--
Len Sorensen
More information about the talk
mailing list