Re: Smallest Transit MTU

[Joe Abley <jabley () isc org>]

On 29 Dec 2004, at 13:30, Jerry Pasker wrote:

> Operational comment, question:
>
> I've learned that having an MTU smaller than 1500 bytes is  a bad 
> thing. When encountering networks with MTUs smaller than 1500 bytes, 
> path MTU discovery breaks when sites like a computer science college 
> my friend is going to .edu, a certain 'us' online bank.com, and the 
> worlds most popular auction site.com block all icmp, including the 
> icmp "fragmentation needed but DF bit set" packets.   Despite what the 
> RFCs say, the transit internet, in my opinion, generally needs to 
> accept and transit packets up to 1500 bytes without packet 
> fragmentation.
>
> Is this consistent with what everyone else's operational experiences?

I have been including "must be able to send and receive 1500-byte 
frames with no fragmentation" in CFPs for many years for this reason.

However, there are a growing throng of broadband users who have PPTP or 
other encaps between them and the world, and who are able to get along 
just fine by reducing the advertised MSS in their TCP stack. This stops 
the remote end protected by the bad firewall from attempting to send a 
TCP segment larger than the reduced MTU, and works around the broken 
pMTUd (since a "would fragment" message is never generated, and hence 
doesn't get blocked).

> Is there an RFC that clearly states: "The internet needs to transit 
> 1500 byte packets without fragmentation."??

Not to my knowledge, and since the hoardes of users mentioned above 
present a clear, deployed counter-example it seems unlikely that one 
will be written.

(This depends slightly on what you mean by "transit", which is a term 
which means surprisingly different things to different people once you 
try and nail down a definition.)


Joe