nanog mailing list archives
Re: IP Fragmentation
From: Colin Alston <karnaugh () karnaugh za net>
Date: Wed, 20 Aug 2008 20:57:21 +0200
On 2008/08/20 08:04 PM Valdis.Kletnieks () vt edu wrote:
On Wed, 20 Aug 2008 21:43:44 +0530, Glen Kent said:Do transit routers in the wild actually get to do IP fragmentation these days? I was wondering if routers actually do it or not, because the source usually discovers the path MTU and sends its data with the least supported MTU. Is this true?Hypothetically true. Unfortunately, enough places do bozo firewalling and drop the ICMP Frag Needed packets to severely limit the utility of PMTU Discovery.
Well obviously, ICMP is only used by hackers to DDoS you. Everyone knows that, especially all the banks. It's even more important to obliterate PMTU discovery when you're using HTTPS - for security, you know.
Sorry, I spent the better part of today bashing my head against the wall trying to fix MSS and PMTU issues somewhere which was being aggravated by the tragic programming of Linux l2tpns package...
Current thread:
- Re: IP Fragmentation, (continued)
- Re: IP Fragmentation Iljitsch van Beijnum (Aug 29)
- Re: IP Fragmentation Valdis . Kletnieks (Aug 29)
- Re: IP Fragmentation Leo Bicknell (Aug 20)
- Re: IP Fragmentation Jim Shankland (Aug 20)
- Re: IP Fragmentation Valdis . Kletnieks (Aug 20)
- Re: IP Fragmentation Iljitsch van Beijnum (Aug 20)
- Re: IP Fragmentation Sam Stickland (Aug 20)
- Re: IP Fragmentation Fernando Gont (Aug 25)
- Re: IP Fragmentation Iljitsch van Beijnum (Aug 25)
- Re: IP Fragmentation Simon Leinen (Aug 26)
- Re: IP Fragmentation Iljitsch van Beijnum (Aug 20)
- Re: IP Fragmentation Colin Alston (Aug 20)
- RE: IP Fragmentation Tim Sanderson (Aug 20)