On Fri, Dec 26, 2025 at 8:07 AM Marco Moock via NANOG <nanog@lists.nanog.org> wrote:
Am 26.12.2025 um 17:47:14 Uhr schrieb Saku Ytti:
You're saying you've never seen an ISP adjust TCP MSS here? I must have misread, because I've never seen an ISP not adjust here.
If that fixes the problem, PMTU discovery (mandatory for IPv6 and IPv4 with DF bit) is broken and that means UDP, IPsec, GRE etc. all fail.
Correct: PMTUD on the Internet is broken. ISPs work around this by engineering a clean 1500 byte path everywhere they can and clamping the MSS the few places that they can't. There's a reason we haven't moved up to 9kb ethernet frames on the server and eyeball LANs. This is that reason.
The ISPs I used emit ICMP packet too big messages.
Everybody emits them. Too many don't make it to the destination. Regards, Bill Herrin -- For hire. https://bill.herrin.us/resume/