[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] Two IKEv2 issues from the IESG
Michael:
> Russ> I suggest the addition of the following text:
>
> Russ> "All IKEv2 implementations MUST be able to receive and
> Russ> process packets that are up to 1280 bytes long, and they
> Russ> SHOULD be able to receive and process packets that are up to
> Russ> 3000 bytes long."
>
> (Sorry to be pedantic here, but I think it is important)
>
> I think that the word "packet" is wrong here.
>
> I think that you mean "datagram" -- seeing as a 3000 byte datagram would
>exceed common MTU, it must have been fragmented into multiple frames to
>have been received.
>
> The above (corrected) statement also implies to me that an IKEv2 and
>host must be prepared to re-assemble at least 3000 bytes bytes worth of
>fragment.
I see your point. If we take this approach, then we need to remove the IP
header and UDP header sizes from the mandatory-to-support size.
Russ
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec