At 06:38 AM 10/17/98 +0000, Michael Shields wrote:
In article <Pine.BSF.4.02A.9810161946280.293-100000@localhost>, Marc Slemko <marcs@znep.com> wrote:
Note that if there is no MTU change at that point, there is no problem because there will never (well, almost never and the almost is dependent on having funky/broken routers) be any reason to be unable to fragment at that hop.
For this to be ok, you also have to be certain that whenever you add an interface to that router -- by adding a card, configuring a tunnel, or anything -- that you stop and check whether you need to renumber the 1918-using interfaces. For a dialup box, you also need to be sure it will never create a PPP session with an MTU unequal to the MTU of all the other interfaces. These things are possible, but it's more likely that PMTU will be broken because no one will think about it when adding an interface.
If we're going to argue about this, we might as well get it completely right. As long as the RFC1918 links are always on the smallest MTU pipes, or on the pipes which only speak to the internal network, it won't break anything even if everyone on the 'Net filters. For instance, assume you have a FDDI with a MTU of 16KB pointed to your server farm with 10.1.1.1 on it and a bunch of T1s and DS3s to random upstreams. As long as the FDDI is incapable of originating packets that will leave your own network (and as long as you don't filter your own router's address) PMTU will *never* break, no matter who filters. Well, I guess you could add another link with an MTU higher than 16KB, which I find highly unlikely. Another way to look at it, assume you have a PPP link with a MTU of 576. Unless that router has something like dial-up links, the likelihood of PMTU breaking because of an RFC1918 address on that link is nearly nil. But then again, we've already established that the four largest providers on the 'Net, plus several other large providers (Exodus, Above.Net, Concentric, etc., etc.) all do not filter based on source IP address. So the likelihood of a filter breaking PMTU due to RFC1918 space on router links is already pretty small.
Shields, CrossLink.
TTFN, patrick I Am Not An Isp www.ianai.net "Think of it as evolution in action." - Niven & Pournelle