On Thu, 10 Oct 2002 Valdis.Kletnieks@vt.edu wrote:
On Thu, 10 Oct 2002 00:55:24 +0200, Iljitsch van Beijnum said:
You can also get around this by making the first hop the one with the lowest MTU. This is no fun for ethernet-connected stuff, but for dial-up this is easy. Then this box will announce a smaller TCP MSS when the connection is established and there aren't any problems.
Or equivalently, just nail the MSS size for off-site connections down to 512, and accept that you have to send 3 times as many packets as you probably should. As far as I can tell from when pMTU *does* work because all parties concerned actually use reasonable addresses and don't filter 'icmp frag needed', you end up with one of 3 results most of the time:
1) You get a clear 1500 end-to-end. 2) You get an MTU of 1460 because of tunneling. 3) You end up racheted down to 576 because of some ancient IP stack someplace (older versions of end-user SLIP/PPP are famous for this)
Ah but what if the traffic is coming into you ie originating elsewhere coming into you.. seems in that case the originator blocks the necessary icmps and they then fail to send data into you.. my example where I saw this recently was for inbound SMTP traffic. Steve