On Fri, Jan 19, 2018 at 8:58 AM, Jared Mauch <jared@puck.nether.net> wrote:
On Jan 18, 2018, at 8:44 PM, William Herrin <bill@herrin.us> wrote:
Which packet? Is there a specific CDN that does this? I’d be curious to see data vs speculation.
Path MTU discovery (which sets the DF bit on TCP packets) is enabled by default on -every- operating system that's shipped for decades now.
I’m not seeing this in a PCAP capture to at least one CDN, either from my host or from the CDN endpoint. PCAP: https://puck.nether.net/~jared/akamai.pcap
Hi Jared, tcpdump -v -n -nn -r akamai.pcap |more reading from file akamai.pcap, link-type EN10MB (Ethernet) 08:54:48.611321 IP (tos 0x0, ttl 64, id 12596, offset 0, flags [DF], proto TCP (6), length 60) 204.42.254.5.60262 > 23.0.51.165.80: Flags [S], cksum 0x1504 (incorrect -> 0x5a14), seq 3315894416, win 29200, options [mss 1460,sackOK,TS val 3822930236 ecr 0,nop,wscale 7], length 0 08:54:48.633286 IP (tos 0x0, ttl 58, id 0, offset 0, flags [DF], proto TCP (6), length 60) 23.0.51.165.80 > 204.42.254.5.60262: Flags [S.], cksum 0x0972 (correct), seq 3383397658, ack 3315894417, win 28960, options [mss 1460,sackOK,TS val 2906475904 ecr 3822930236,nop,wscale 5], length 0 Note: "flags [DF]" That means the don't fragment bit is set. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>