nanog mailing list archives
Re: Broken PMTU (was: Who does source address validation? (was Re:what's that smell?))
From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Thu, 10 Oct 2002 11:56:28 +0100 (BST)
On Thu, 10 Oct 2002 Valdis.Kletnieks () vt edu wrote:
On Thu, 10 Oct 2002 00:55:24 +0200, Iljitsch van Beijnum said:You can also get around this by making the first hop the one with the lowest MTU. This is no fun for ethernet-connected stuff, but for dial-up this is easy. Then this box will announce a smaller TCP MSS when the connection is established and there aren't any problems.Or equivalently, just nail the MSS size for off-site connections down to 512, and accept that you have to send 3 times as many packets as you probably should. As far as I can tell from when pMTU *does* work because all parties concerned actually use reasonable addresses and don't filter 'icmp frag needed', you end up with one of 3 results most of the time: 1) You get a clear 1500 end-to-end. 2) You get an MTU of 1460 because of tunneling. 3) You end up racheted down to 576 because of some ancient IP stack someplace (older versions of end-user SLIP/PPP are famous for this)
Ah but what if the traffic is coming into you ie originating elsewhere coming into you.. seems in that case the originator blocks the necessary icmps and they then fail to send data into you.. my example where I saw this recently was for inbound SMTP traffic. Steve
Current thread:
- Re: Who does source address validation? (was Re: what's that smell?), (continued)
- Re: Who does source address validation? (was Re: what's that smell?) Joe Abley (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) David Schwartz (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) Stephen Stuart (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) alex (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) David Schwartz (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) alex (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) Joe Abley (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) Sean Donelan (Oct 09)
- Re: Who does source address validation? (was Re: what's that smell?) Stephen J. Wilcox (Oct 09)
- Re: Broken PMTU (was: Who does source address validation? (was Re:what's that smell?)) Iljitsch van Beijnum (Oct 09)
- Re: Broken PMTU (was: Who does source address validation? (was Re:what's that smell?)) Valdis . Kletnieks (Oct 09)
- Re: Broken PMTU (was: Who does source address validation? (was Re:what's that smell?)) Stephen J. Wilcox (Oct 10)
- Re: Broken PMTU (was: Who does source address validation? (was Re:what's that smell?)) Tony Rall (Oct 10)
- Re: Who does source address validation? (was Re: what's that smell?) Valdis . Kletnieks (Oct 09)
- Re: Who does source address validation? (was Re: what's that smel l?) Steve Francis (Oct 09)
- Re: Who does source address validation? (was Re: what's that smel l?) Valdis . Kletnieks (Oct 09)
- Re: Who does source address validation? (was Re: what's that smel l?) Hank Nussbacher (Oct 10)
- Re: Who does source address validation? (was Re: what's that smell?) Richard A Steenbergen (Oct 10)
- Re: Who does source address validation? (was Re: what's that smell?) Iljitsch van Beijnum (Oct 10)
- Re: Who does source address validation? (was Re: what's that smell?) Jared Mauch (Oct 10)
- Re: Who does source address validation? (was Re: what's that smell?) Iljitsch van Beijnum (Oct 12)