[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ICMP must fragment and IPsec
> > One way might be to have an ICMP or TCP option that requests the
> > other end to provide a response, giving the size of the largest
> > fragment received. This would be enclosed in the SA that the TCP data
> > is flowing in. This is in some sense a variation of the TCP MSS option.
> What is this "other end"?
> If talking to the other end of a TCP connection were enough, then the
> MSS negotiation would be enough ...
No, I think he meant for one end to tell the other what was the size
of the largest IP packet-or-fragment it has actually received. It
can't rightly be a TCP option, because TCP wouldn't know this. And
besides, it becomes pretty hairy at any level when you try to find
out what was the largest packet received "lately." Ugh.