RE: Small TCP packets == very large overhead == DoS?

["David LeBlanc" <dleblanc () mindspring com>]

> From: Darren Reed [mailto:avalon () coombs anu edu au]

> In some mail from Russ, sie said:

> I think some people are not understanding the difference between the
> TCP MSS and IP's MTU.  Either that or both you and David LeBlanc are
> grasping at straws in order to make WindowsNT look better ;)

I understand that difference. I'm not grasping at straws, I'm just wrong.
Ooops. This happens occasionally.

<struggles to get foot out of mouth...>

> MTU and Path MTU (PMTU) discovery are not the same as TCP's
> MSS but they
> can and do impact it.

Understood. I was hoping that if you turned off PMTU discovery, that it
would also ignore MSS and just send default sized packets. Unfortunately, I
don't think that's the case. Doh!

> Given all of the above, the suggestion both you and David LeBlanc made
> that Windows fixed things at a default of 576 when PMTU discovery was
> enabled is not true and I proved this in testing.

OK, OK, you win.

I'm sure you meant to write: "when PMTU discovery was DISabled"

> and so on.  Essentially, on both of those platforms all it does is
> control whether the "don't fragment" bit (0x4000) is set in the IP
> offset field.

Actually, a bit more than that - it also means that it drops the rest of the
PMTU discovery process and uses a default value, apparently unless the
client specifies something else.

<falls back, punts...>
> I get the same lack of an
> answer on how to set a minimum acceptable MSS now as I did then.

I'll see what I can come up with.