Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS))

[Dennis Lubert <plasmahh () informatik uni-bremen de>]

At 00:09 20.07.2005, Fernando Gont wrote:

> The IPv4 minimum MTU is 68, and not 576. If you blindly send packets 
> larger than 68 with the DF bit set, in the case there's an intermmediate 
> with an MTU lower that 576, the connection will stall.
>
> 576 is the minimum reassembly buffer size. That is the minimum packet size 
> every *end-system* should be able to reassemble, and NOT the minimum 
> packet size that can get to destination without fragmentation.

To be completely correct
<quote RFC 791>
Every internet module must be able to forward a datagram of 68 octets 
without further fragmentation. This is because an internet header my be up 
to 60 octets, and the minimum fragment is 8 octets.
Every internet destination must be able to receive a datagram of 576 octets 
either in one piece or in fragments to be reassembled.
</quote>

So 576 is the minimum packet size you can get to a destination without 
fragmentation


Carpe quod tibi datum est