generic v6 tunneling

IPSix Developer IPSix Developer" <ip6mails@rediffmail.com
6 Feb 2002 10:50:11 -0000

Previous message: generic v6 tunneling
Next message: IPv6 video streamer
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The looping i'm refering  to section 7.1(a) of RFC 2473,
occurs when the ipv6 packet size is checked against the
min. link MTU always- which is always 1280 (or PathMTU ???)

I'm not refering to errors on errors loop.



On Wed, 06 Feb 2002 Francis Dupont wrote :
>  In your previous mail you wrote:
> 
>    1)With ref to section 3.3 of RFC 2473 :
>    
>    "The tunnel exit-point node, which decapsulates the 
> tunnel packets,
>    and the destination node, which receives the 
> resulting original
>    packets can be the same node".
>    
>    Does it mean tunnel exit-point IPv6 address and 
> original packets
>    destination IPv6 address are same?
> 
> => "can be" but usually they are configured to be 
> different because:
>  - this can too easily mess the routing system
>  - there is no reason to encapsulate such packets (they 
> can be sent
>   directly).
> 
>    If they are same, how do we configure the route for 
> the destination
>    V6 address at the tunnel entry point?
>    
> => there is already a route to the exit-point, not 
> using the tunnel.
> 
> If you try to misconfigure a tunnel with a route to the 
> exit-point
> through the tunnel, good systems will detect the error 
> and won't crash
> trying infinite encapsulation. But this is harder if 
> the loop is distributed
> between different nodes so section 4 describes this 
> kind of problems
> and some solutions (note that 4.1.2 check detects your 
> problem).
> 
>    2)With ref to section 7.1(a) of RFC 2473:
>    
>    When the IPv6 packet size is larger than IPv6 min 
> link MTU, the
>    ICMPv6 pkt too big msg is sent with MTU as 
> max(tunnel MTU, IPv6 min
>    link MTU) .
>    
>    If the furthur received packets' size is larger than 
> IPv6 min link
>    MTU, again TOO BIG message will be sent
> 
> => yes, ICMPv6 are sent on errors but are rate limited.
> 
>    and a looping will occur?
> 
> => I believe your loop is errors on errors. There are 
> two counter-measures:
> (draft-ietf-ipngwg-icmp-v3-02.txt section 2.4)
>  - (c) Every ICMPv6 er
   IPv6 offending (invoking) packet (the packet that 
> caused the
>    error) as will fit without making the error message 
> packet
>    exceed the minimum IPv6 MTU.
>  - (e.1) An ICMPv6 error message MUST NOT be sent as a 
> result of
>    receiving an ICMPv6 error message.
> (don't forget (f) aka rate limitation too).
> 
>    how to avoid this?
>    
> => understand and implement carefully the specs (:-)!
> 
> Regards
> 
> Francis.Dupont@enst-bretagne.fr

Previous message: generic v6 tunneling
Next message: IPv6 video streamer
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]