Re: ICMP6

From: Zhenlei Huang <zlei_at_FreeBSD.org>
Date: Wed, 26 Jun 2024 08:11:07 UTC

> On Jun 26, 2024, at 2:24 PM, Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> wrote:
> 
> W dniu 26.06.2024 o 06:55, Zhenlei Huang pisze:
>> 
>>  The MFC is Done !
>> 
>> Marek has extensive testing with them. I did stress testing on my dev machine. No known issues so far.
> Thank you very much for the MFC of the commits set I suggested. I have been testing these changes for several weeks on 10+ various hosts, including servers and routers, and I only see positive changes. I hope that no important commit was omitted in selecting the set for this MFC and there will be no complaints. 
> 
> The only thing I would suggest is to change in future the default value of net.inet6.icmp6.errppslimit to 200. It will be the same value as defaults for net.inet.icmp.icmplim. In my case it was required to silence spurious warnings on two web servers and BGP router. 
> 
The value 100 of tunable `net.inet6.icmp6.errppslimit` dates back to 2000, the first time it was introduced [1].

I do not find any RFCs that has recommendation value for it. RFC 4443 section 2.4 (f) [2] has an example default of 10 that
is much smaller ( for small/mid-size devices ).

I expect the default value of net.inet6.icmp6.errppslimit will stay 100 for much longer time  ;)


1. https://cgit.freebsd.org/src/commit/sys/netinet6/in6_proto.c?h=stable/7&id=686cdd19b1b182f2257bc158116e78c5fef84980 
2. https://www.rfc-editor.org/rfc/rfc4443.html#section-2.4

Best regards,
Zhenlei
> With best regards,
> 
> -- 
> Marek Zarychta