Re: [NANOG] Microsoft.com PMTUD black hole?

["Tomas L. Byrnes" <tomb () byrneit net>]

I was responding to his post that blocking or disabling PMTUD was the
way to avoid the ping of death, which is False, nothing more, nothing
less.

As far as who Iljitsch is, everyone misspeaks from time to time. Even
those of us who have been at this for nearly 3 decades.



> -----Original Message-----
> From: Nathan Anderson/FSR [mailto:nathana () fsr com] 
> Sent: Wednesday, May 07, 2008 2:08 PM
> To: nanog () merit edu
> Subject: Re: [NANOG] Microsoft.com PMTUD black hole?
>
> Tomas L. Byrnes wrote:
>
> > The remedy you have below is NOT the only one, and is, in fact, a 
> > non-sequitur in this case.
>
> How so?  Iljitsch is suggesting that ICMP blockers originate 
> packets without DF set if they are going to block the ICMP 
> messages that PMTUD needs in order to work in the first 
> place.  That's what (I think) he means by "disabling path MTU 
> discovery."
>
> > The network-level solution to ping of death is to BLOCK fragmented 
> > packets, and the way to ensure this doesn't self-deny-service is to 
> > perform PMTUD and Black-Hole Router discovery.
>
> Which end are you talking about here, the servers or the 
> client?  If the servers, how do you expect them to do PMTUD 
> if they _can't hear the ICMP messages_?
>
> Also, for some reason, as I pointed out before, XP black hole 
> router discovery doesn't seem to be working for me for 
> whatever reason.  Does anybody have any clue why that might 
> be the case?
>
> --
> Nathan Anderson
> First Step Internet, LLC
> nathana () fsr com
>
> _______________________________________________
> NANOG mailing list
> NANOG () nanog org
> http://mailman.nanog.org/mailman/listinfo/nanog

_______________________________________________
NANOG mailing list
NANOG () nanog org
http://mailman.nanog.org/mailman/listinfo/nanog