nanog mailing list archives

Re: IP Fragmentation

From: Colin Alston <karnaugh () karnaugh za net>
Date: Wed, 20 Aug 2008 20:57:21 +0200

On 2008/08/20 08:04 PM Valdis.Kletnieks () vt edu wrote:

On Wed, 20 Aug 2008 21:43:44 +0530, Glen Kent said:

Do transit routers in the wild actually get to do IP fragmentation
these days? I was wondering if routers actually do it or not, because
the source usually discovers the path MTU and sends its data with the
least supported MTU. Is this true?


Hypothetically true.  Unfortunately, enough places do bozo firewalling and drop
the ICMP Frag Needed packets to severely limit the utility of PMTU Discovery.

Well obviously, ICMP is only used by hackers to DDoS you. Everyoneknows that, especially all the banks. It's even more important toobliterate PMTU discovery when you're using HTTPS - for security, youknow.

Sorry, I spent the better part of today bashing my head against thewall trying to fix MSS and PMTU issues somewhere which was beingaggravated by the tragic programming of Linux l2tpns package...

Current thread:

Re: IP Fragmentation, (continued)
- - - Re: IP Fragmentation Iljitsch van Beijnum (Aug 29)
    - Re: IP Fragmentation Valdis . Kletnieks (Aug 29)
- Re: IP Fragmentation Leo Bicknell (Aug 20)
  - Re: IP Fragmentation Jim Shankland (Aug 20)
- Re: IP Fragmentation Valdis . Kletnieks (Aug 20)
  - Re: IP Fragmentation Iljitsch van Beijnum (Aug 20)
    - Re: IP Fragmentation Sam Stickland (Aug 20)
    - Re: IP Fragmentation Fernando Gont (Aug 25)
    - Re: IP Fragmentation Iljitsch van Beijnum (Aug 25)
    - Re: IP Fragmentation Simon Leinen (Aug 26)
  - Re: IP Fragmentation Colin Alston (Aug 20)
- RE: IP Fragmentation John Lee (Aug 20)
  - RE: IP Fragmentation Tim Sanderson (Aug 20)