nanog mailing list archives

Re: mtu mis-match

From: Rich Kulawiec <rsk () gsp org>
Date: Thu, 20 Mar 2008 06:38:00 -0400


On Wed, Mar 19, 2008 at 12:05:19PM -0700, ann kok wrote:

Some DSL clients, some are working fine.
(browsing...ping ...)

Some DSL clients have this problem
they can't browse the sites.
they can ssh the host but couldn't run the command in
the shell prompt
ping packet are working fine (no packet lost)

Why?
but I still don't know why mtu can cause this problem


Path MTU discovery failures are one of the possible causes for 
what you're seeing.  (For example, you can establish an ssh
connection to a host, because none of the packets exceed the
path MTU.  But as soon as you run a command that generates a
substantial amount of output, the connection will appear to hang
because the remote host is repeatedly retrying to send the same
data because it doesn't see an ack while the local host is
never seeing the data because it exceeds the MTU).

This is often caused by overly-aggressive filtering of ICMP.
I recommend taking a look at

        http://www.znep.com/~marcs/mtu/

as well as

        http://www.cymru.com/Documents/icmp-messages.html

and then checking the configurations of network devices to
make sure that ICMP type 3 code 4 traffic isn't being blocked.

---Rsk

Current thread:

mtu mis-match ann kok (Mar 19)
- Re: mtu mis-match Jon R. Kibler (Mar 19)
- Re: mtu mis-match Justin M. Streiner (Mar 19)
- Re: mtu mis-match Pekka Savola (Mar 20)
- Re: mtu mis-match Greg VILLAIN (Mar 20)
- Re: mtu mis-match Rich Kulawiec (Mar 20)
- Re: mtu mis-match Michael Holstein (Mar 20)