[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP must fragment and IPsec

> >   One way might be to have an ICMP or TCP option that requests the
> > other end to provide a response, giving the size of the largest
> > fragment received. This would be enclosed in the SA that the TCP data
> > is flowing in. This is in some sense a variation of the TCP MSS option.
> What is this "other end"?
> If talking to the other end of a TCP connection were enough, then the
> MSS negotiation would be enough ...

No, I think he meant for one end to tell the other what was the size
of the largest IP packet-or-fragment it has actually received.  It
can't rightly be a TCP option, because TCP wouldn't know this.  And
besides, it becomes pretty hairy at any level when you try to find
out what was the largest packet received "lately."  Ugh.

				Matt Crawford