On Dec 26, 2025, at 11:05 AM, Marco Moock via NANOG <nanog@lists.nanog.org> wrote:
Am 26.12.2025 um 10:52:48 Uhr schrieb Tom Beecher:
Packet comes in with DF set. Egress interface MTU is too small. ICMP Frag Needed generated, source address is RFC1918 loopback from the router control plane. On the return trip, packet crosses network that (correctly) drops all RFC1918 sourced traffic.
Can't you use NAT (the Cisco ISR devices support nat inside on lo too IIRC) or configure the source address for outgoing router traffic?
Some devices you can configure this, but it varies and gets even more interesting when you have a device that may not even have an IPv4 address but is processing IPv4 packets. Eg: https://www.juniper.net/documentation/us/en/software/junos/cli-reference/top... I think as the scope of IPv4 public continues to narrow we will see more of this as time goes on. This was already a challenge for IPv6 over a 6PE network, but this is just the flip side of that. - Jared