And also: When the router generates the ICMP by punting the packet to its CPU and such traffic is - legitimately - rate-limited to avoir crashing the router. When the ICMP is sourced by a private IP on the router for various legitimate reasons (not enough public IPv4 addresses, from within a VRF, or whatever), while packets from private IPs are legitimately filtered when entering the target network.
Le 19 janv. 2018 à 15:05, Mikael Abrahamsson <swmike@swm.pp.se> a écrit :
On Fri, 19 Jan 2018, Mike Hammett wrote:
Other than people improperly blocking ICMP, when does PMTUD not work? Honest question, not troll.
Mismatch of MTU interface settings between interfaces, mismatch of MTU between L3 devices and intermediate L2 devices, anycast services, ECMP based services where the ICMP error is delivered to the wrong node.
So yes, there are plenty reasons that PMTUD doesn't work without anyone doing it because of ill will or incompetence.