On 3/Mar/19 23:04, Mark Andrews wrote:
There are lots of IDIOTS out there that BLOCK ALL ICMP. That blocks PTB getting back to the TCP servers. There are also IDIOTS that deploy load balancers that DO NOT LOOK INSIDE ICMP messages for redirecting ICMP messages to the correct back end. There are also IDOITS that rate limit PTB generation to ridiculously low rates. One should be able to generate PTB at line rate.
Everyone that has configured mss-fix-up has contributed to misunderstanding that you can block ICMP. It is time we had a flag day to REMOVE mss-fix-up from all the boxes you control. We need to get PTB working and unfortunately that means that we need to stop pandering to admins who don’t know how IP is supposed to work. ICMP is NOT optional.
If you don’t want to do PMTUD then DO NOT SEND packet bigger than the network MTU. For IPv6 set IPV6_USE_MIN_MTU 1 on the socket. On a properly written IP stack this will result in TCP MSS negotiation to the same value. Yes, it is a requirement of TCP to pay attention to this as it becomes the effective MTU of the outgoing interface even if it wasn’t explicitly written into the RFC that defined IPV6_USE_MIN_MTU.
You're most welcome to my choir group, good sir. Mark.