2000-07-14-15:39:00 Gary E. Miller:
Yo Bennet!
Hi!
Sounds like circular reasoning:
Circular reasoning is certainly easy to create, thanks for this nice specimen.
Path MTU discovery is broken beacuse poeple use RFC1918 addresses in routers.
That's not my claim. Path MTU discovery is rarely needed. That's an observation in practice, not a claim about how things are supposed to be or anything. In those rare occasions when it's needed, it often works. But when people have a setup that leaves them with a path that bottlenecks in the middle to less than normal ethernet MTU, and thus and would frag for many or most connection, they do tend to find a few sites that they cannot visit, because the sites have servers with Path MTU discovery left enabled behind firewalls (or load balancers, or other gizmos) that break it by not correctly forwarding the ICMP Must Frag error packets back.
Since Path MTU discovery is broken then there is no need to follow RFC1918.
Well, that's not my claim either, I don't know where you come up with this argument, should we put your name on it? I claim rather that most routers _never_ have an operational need to talk directly to random strangers, i.e. to have their interface addresses leak. So sure, honor RFC 1918 strictly and utterly and to the letter: put egress filters for the addrs that would guarantee that anyone who tried to traceroute through you would see timeouts as the replies were blocked. If that makes whingers happier, groove on it. If your router doesn't have any different-MTU interfaces that it routes between, then there's no harm in using RFC 1918 addresses on the endpoints of inter-router links. -Bennett