Router Fragmentation Is Gone from IPv6

In response to my Never-Ending Story of IP Fragmentation, Stojanco Cavdarov made an interesting observation: routers are not allowed to fragment IPv6 packets, they have to respond back with ICMP unreachable (effectively, routers behave as if IPv6 packets would have an implicit don't fragment bit).

To make life easier for non-TCP IPv6 applications (TCP is supposed to use Path MTU Discovery), the minimum IPv6 packet size that has to be supported on all links was increased to 1280 bytes (which, incidentally, fits very nicely into GRE+IPSec envelope transported across links with 1500-byte MTU).


  1. Are there ISPs today still have link's MTU set to something like 512 bytes?

    I remember back in the mid to late 90's ISPs were very common to have link's MTU less than 1000 bytes (remember the famous Windows Dialup MTU tweaks?). Nowadays I believe most backhual links' MTUs are at least 4096 bytes within the ISPs themselves.

    I wonder if the industry especially the router vendors should increase the default physical serial interface's MTU from the default of 1500 bytes to somthing like 2048 bytes going forward? I realize there could be potential memory issues for buffers, etc.; but for the time being 2048 bytes should be perfect to accommodate a single 1500-byte packet + IPSec + GRE header w/o fragmentation.
  2. There's a major problem? Let's say you have a link with a backup GRE tunnel. Link is 1500 bytes so MTU is 1500. Then there is a link failure. Traffic now goes over the backup GRE tunnel. However, now the MTU is smaller. The hosts have already done Path MTU Discovery at 1500, so now all traffic will necessarily drop over the backup link, since the router can no longer fragment.
  3. This is not how PMTUD works. It's a continuous process based on incoming ICMP messages, not something you'd do at the session establishment time (that's TCP MSS parameter). You'll find more details in my PMTUD article:

    Stretch also wrote a great article about it:
Add comment