Re: Broken PMTU (was: Who does source address validation? (wasRe:what's that smell?))

[Iljitsch van Beijnum]

On Wed, 9 Oct 2002, Stephen J. Wilcox wrote:

> On a related issue (pMTU) I recently discovered that using a link with MTU <
> 1500 breaks a massive chunk of the net - specifically mail and webservers who
> block all inbound icmp.. the servers assume 1500, send out the packets with DF
> set, they hit the link generating an icmp frag, icmp is filtered and data
> stops. Culprits included several major ISP/Telcos ... I'd love to tell the
> customer the link is fine its the rest of the Internet at fault but in the end I
> just forced the DF bit clear as a temp workaround before finally swapping out to
> MTU 1500!

I'm not going to say what I think of these people in order to avoid
another semi-flame fest, but limit my comments to:

You can also get around this by making the first hop the one with the
lowest MTU. This is no fun for ethernet-connected stuff, but for dial-up
this is easy. Then this box will announce a smaller TCP MSS when the
connection is established and there aren't any problems.