[dns-operations] v6, fragmentation, DNS

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Sun May 23 17:23:56 UTC 2010

On Sun, May 23, 2010 at 04:47:06PM +0200, Joe Abley wrote:
> On 2010-05-22, at 22:10, bmanning at vacation.karoshi.com wrote:
> > 	er... with VPNs in place, the effective MTU for IPv6 is 1220, not 1280.
> > 	last I heard, both G and B run with that "fix" in play -- at least for 
> > 	the moment.
> I've heard you say this before Bill, but I still think the specification is pretty clear. Any link layer that can't carry 1280-byte IPv6 datagrams is supposed to do link-layer fragmentation and reassembly such that the *IPv6* interface really does have a 1280-byte MTU.
> I realise that it's not exactly unusual for people to bend the spec and see what they can get away with. However, someone who chooses to build an IPv6 interface with an MTU lower than 1280 and notices that some things break really only has themselves to blame.
> Joe
> [from RFC 2460]
> 5. Packet Size Issues
>    IPv6 requires that every link in the internet have an MTU of 1280
>    octets or greater.  On any link that cannot convey a 1280-octet
>    packet in one piece, link-specific fragmentation and reassembly must
>    be provided at a layer below IPv6.

	Yup, thats the spec.  pragmaticially, in real life, when you put IPv6 inside
	a VPN, a tunnel, or other encaps,  the "wrapper" takes about 60 bytes - so
	you end up with 1220.  Real Life Implementations don't always follow the spec.
	When we can do away with VPNs - then I'm comfortable with your take on following
	the spec.


More information about the dns-operations mailing list