nanog mailing list archives

Re: NIST and SP800-119

From: Mohacsi Janos <mohacsi () niif hu>
Date: Tue, 15 Feb 2011 17:46:01 +0100 (CET)




On Tue, 15 Feb 2011, Steven Bellovin wrote:


On Feb 15, 2011, at 10:36 54AM, William Herrin wrote:

On Tue, Feb 15, 2011 at 10:09 AM, Joe Abley <jabley () hopcount ca> wrote:

On 2011-02-14, at 21:41, William Herrin wrote:

On Mon, Feb 14, 2011 at 7:24 PM, TR Shaw <tshaw () oitc com> wrote:

Just wondering what this community thinks of NIST in
general and their SP800-119 (
http://csrc.nist.gov/publications/nistpubs/800-119/sp800-119.pdf )
writeup about IPv6 in particular.


Well, according to this document IPv4 path MTU discovery is,
"optional, not widely used."


Optional seems right. Have there been any recent studies on how widely pMTUd is actually used in v4?


Hi Joe,

Are you aware of a TCP implementation in an OS that shipped within the
last decade but doesn't enable IPv4 pMTUd by default? Each version of
Windows and all the major unixes use it on every TCP connection unless
you explicitly turn it off.

All modern TCPs support it; many firewalls are configured to block the necessary ICMPs.


Then probably blackholing themselves the firewall operators....
Best Regards,
                Janos Mohacsi

Current thread:

NIST and SP800-119 TR Shaw (Feb 14)
- Re: NIST and SP800-119 William Herrin (Feb 14)
  - Re: NIST and SP800-119 Joe Abley (Feb 15)
    - Re: NIST and SP800-119 William Herrin (Feb 15)
    - Re: NIST and SP800-119 Joe Abley (Feb 15)
    - Re: NIST and SP800-119 Steven Bellovin (Feb 15)
    - Re: NIST and SP800-119 Mohacsi Janos (Feb 15)
    - Re: NIST and SP800-119 Mans Nilsson (Feb 15)
    - Re: NIST and SP800-119 Jared Mauch (Feb 15)
    - Re: NIST and SP800-119 Douglas Otis (Feb 15)
    - Re: NIST and SP800-119 Joe Abley (Feb 16)
    - Re: NIST and SP800-119 Douglas Otis (Feb 16)
- Re: NIST and SP800-119 Rafael Rodriguez (Feb 15)