This doc completely overlooks the role of fragmentation in IP over IP tunneling and the reason fragmentation is critical (IP has a maximum packet size, not just a minimum).

See draft-ietf-intarea-tunnels.

As a result, IMO the recommendations and conclusions are incorrect.

Joe

I like it.

4.6. There are cases where this "misconfiguration" is due to vendor
default not being changed. I do not equate "misconfiguration" with "didn't
change default configuration". Some others might. It might also be due to
"hardware limitation". Generally, I do not like the "filtering" (I have
opposed to this in other drafts), as for me "filtering" conveys intent. If
there is no intent, there is no filtering, but instead there is "dropping"
or some other word.

4.7 Can we please have 4.7 that describes cases where ICMP PTB are never
emitted because of misconfiguration? For instance intermediate L2 switch
that has lower MTU than the L3 nodes connected to it, or mismatched
MTU/MRU on two nodes connected to each other.

5.1. Can we have some kind of strong recommendation that hosts enable
PLMTUD for TCP?

6. "IP encapsulations". Shouldn't this be "some packet-in-packet
encapsulations"? Or does "IP encapsulations" mean "anything encapsulated
in IP"? 6.3 talks about this as well, I think it's worthwile to put in a
sentence that whatever is said in this document, probably applies to all
kinds of encapsulations.

6.1. Err, last paragraph, aren't we getting ahead of ourselves here? I
guess this is because of Geoff Hustons claims? That last paragraph is in
dispute (I'd say, from talking to other people involved in DNS).

7.2. I strongly believe we need more text here. It should be something
along the lines of:

"As per RFC4890, network operators MUST assure proper operation of PMTUD
by making sure that PTB packets are emitted by all equipment when it can't
fit a packet into a smaller MTU link, and that large MTU packets are not
silently discarded due to misconfiguration. Network operators MUST NOT
filter ICMP PTB packets."

...

As a last comment, do we know documents that tell application developers
how to do what this document recommends in 5.2? If someone developers
applications that use UDP for instance, how do they know what the
operating system PMTUD is at any given time, to avoid the host stack
fragmenting the packet? I've been interacting with people who had this
specific problem, and it wasn't easy to figure out exactly how to do what
is being said in this text (which I agree should be done).

Generally, I think the IETF should strongly recommend application/protocol
developers to not rely on IP fragmentation, generally. So the ones listed
in 6 (and I imagine there are more of them), should change the way the
protocol is done. This includes DNS. So all working groups should be put
on notice to start working on this problem if they don't already have a
solution for it.

Ron,

This draft should reference RFC4459 which gives a very good
description of MTU and fragmentation problems and handling for network
tunnels.

GUE could be mentioned in the "IP encapsulations" sections. As
proposed by RFC4459, GUE extensions include a fragmentation option
within the encapsulation headers in lieu of doing IP fragmentation.
This is addresses several of the problems described for IP
fragmentation.

Tom