nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NANOG] Microsoft.com PMTUD black hole?

From: "Tomas L. Byrnes" <tomb () byrneit net>
Date: Wed, 7 May 2008 13:43:35 -0700
Some Edumacation on the topic is here:

http://www.netheaven.com/pmtu.html
 


-----Original Message-----
From: Iljitsch van Beijnum [mailto:iljitsch () muada com] 
Sent: Wednesday, May 07, 2008 1:35 PM
To: Michael Sinatra
Cc: nanog () merit edu
Subject: Re: [NANOG] Microsoft.com PMTUD black hole?

On 7 mei 2008, at 21:46, Michael Sinatra wrote:


MS does in fact block _all_ ICMP
at the edge of their network, that they are aware that 

this will in 

fact break PMTUD, and that they have no current plans to 

change this 

practice which they have implemented in the interest of security.



Perhaps
they should also block _all_ TCP and UDP as well, and then 

we can move 

on.



I agree with Iljitsch that it happens frequently, but I think I am 
justified in expecting more than that from Microsoft.  

Anything less 

would be unprofessional.


Right.

Now Microsoft is also the company that built the OS that 
could be crashed by a maliciously crafted fragmented IP 
packet, so maybe there's something to this security policy. 
(One hopes that this bug and others like it are now fixed.)

However, in that case the only workable course of action 
would be TO DISABLE PATH MTU DISCOVERY!

You can't have your cake and eat it too.

_______________________________________________
NANOG mailing list
NANOG () nanog org
http://mailman.nanog.org/mailman/listinfo/nanog



_______________________________________________
NANOG mailing list
NANOG () nanog org
http://mailman.nanog.org/mailman/listinfo/nanog
Previous By Date Next
Previous By Thread Next

Current thread: