Packetization Layer Path Maximum Transmission Unit Discovery (PLPMTUD) For IPsec Tunnels
draft-spiriyath-ipsecme-dynamic-ipsec-pmtu-01

Document Type Expired Internet-Draft (individual)
Last updated 2018-09-02 (latest revision 2018-03-01)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-spiriyath-ipsecme-dynamic-ipsec-pmtu-01.txt

Abstract

This document describes Packetization Layer PMTU Discovery (PLPMTUD) procedures for IPSec tunnels. In these procedures, the encrypting node discovers and maintains a running estimate of the tunnel MTU. In order to do this, the encrypting nodes sends Probe Packets of various size through the IPSec tunnel. If the size of Probe Packet exceeds the tunnel MTU, a downstream node discards the packet and sends an ICMP PTB message to the encrypting node. The encrypting node ignores the ICMP PTB message. If the size of the Probe Packet does not exceed the tunnel MTU and the decrypting node receives the Probe Packet, the decrypting node sends an Acknowledgement Packet to encrypting node through the IPSec tunnel. The Acknowledgement Packet indicates the size of the Probe Packet. The procedures described in this document are applicable to IPSec tunnels that are signaled by IKEv2 and provide authentication services.

Authors

Shibu Piriyath (spiriyath@juniper.net)
Umesh Mangla (umangla@juniper.net)
Nagavenkata Melam (nmelam@juniper.net)
Ron Bonica (rbonica@juniper.net)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)