-----Original Message-----
From: Mikael Abrahamsson [mailto:swmike@swm.pp.se]
Sent: Saturday, June 23, 2001 4:16 PM
To: 'nanog@merit.edu'
Subject: RE: DDOS anecdotes



On Sat, 23 Jun 2001, Tim Devries wrote:

> FYI beware of service pack 2.  It sets the DF bit so packets cannot
> fragment.  Particularily offensive if your server is on the other side of a
> tunnel (due to the overhead).  The solution is to reduce the MTU on the box.
> Or use a different OS :)

>I thought this was standard behaviour of Microsoft OSes since at least
>Win95. I know NT does this as standard, so does Win95 and 98. Win2k does
>this standard out of the box (at least last time I checked).


I have tested it with sp1 and this behaviour does not occur.
I have not tested it without any serverice packs so you may be correct in that regard.

Tim Devries
Technical Trainer
Q9 Networks
100% Uptime